Skip to main content
VoxQuote

Data retention policy

Plain-English mapping of what we hold, how long, and why. Paired with our Privacy Policy and Terms.

Account + tradie data

Profile (business name, ABN, contact details, trade, logo)

How long:
While your account is active. Deleted on account deletion.
Why:
Required to operate your account + brand the quotes we send.

Quotes (customers, line items, totals, status)

How long:
While your account is active. Deleted on account deletion.
Why:
Core business records. Cascade-deleted via ON DELETE CASCADE when you erase.

Voice recording audio files

How long:
Deleted from storage immediately after quote extraction (typically within 30 seconds).
Why:
APP 11 — data minimisation. Raw audio is sensitive; we don't need it once extracted.

Voice transcripts (the text we pulled from audio)

How long:
While your account is active. Deleted on account deletion.
Why:
Audit evidence of what the tradie said, in case of a customer dispute.

Customer data (the people your tradie quotes)

Customer name, phone, email, address + quote history

How long:
While the tradie's account is active. Deleted when the tradie closes their account.
Why:
We process customer data on the tradie's behalf — we never resell, profile, or otherwise use it outside quoting.

Suppression list (customers who replied STOP to messages)

How long:
Permanent — never deleted.
Why:
Spam Act 2003 s.16 — once a customer opts out, we mustn't re-message them. Deleting the record would restart the compliance clock.

Compliance + audit records

audit_log entries (send events, consent basis, admin actions)

How long:
7 years for financial events; 2 years for operational events.
Why:
ATO requires business-record retention for 5 years (we use 7 for safety). Operational events kept long enough to support dispute resolution.

Stripe webhook events (idempotency guard)

How long:
60 days, then pruned by weekly cron.
Why:
Stripe retries webhooks for 3 days. 60-day retention covers that with 20× safety margin.

AI usage ledger (token counts + costs per call, per user)

How long:
90 days, then pruned by weekly cron.
Why:
Supports cost-cap enforcement + per-user attribution. Aggregates older than 90 days are rolled into monthly totals.

Security + breach-readiness records

Rate-limit buckets + IP logs

How long:
In-memory only (per-region); no persistent storage.
Why:
APP 11 — we only hold what we need in the moment to stop abuse.

Sentry error reports (when DSN configured)

How long:
30 days (Sentry's free-tier default).
Why:
Long enough to debug a reported issue; short enough to stay below data-retention risk.

How to request access, correction, or deletion

You can delete your account + associated data yourself at any time from Settings → Account + privacy. For access or correction of data we hold, email support@voxquote.com.au — we reply inside a business day. If we can't resolve it, you can lodge a complaint with the OAIC.

Last updated: 2026-04-20 · VoxQuote (Australia, sole trader) · see all changes

Data retention policy · VoxQuote