Data Retention & Deletion
Data Retention & Deletion
Aetheria Media Holdings S.r.l. · Version 1.0
Data Retention & Deletion
This notice explains how long Aetheria Media Holdings S.r.l. ("we", "us", "our") keeps personal data collected for the "England vs Norway" conditional promotional giveaway (the "Promotion"), and how deletion works. It supplements the Privacy Notice.
1. Principle of Storage Limitation
1.1. We keep personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law.
1.2. When we delete data, we take reasonable steps to ensure that it is not recoverable, subject to the exceptions and technical realities described in this notice.
1.3. We apply the principle of data minimisation: we collect only what we need and delete what we no longer need.
2. Retention Periods
2.1. Entry-administration data: Personal data collected at entry (including name, date of birth, country, email, consent records, and technical signals) is retained for the period necessary to run the Promotion, select and verify winners, and resolve any disputes or complaints, after which it is deleted or anonymised.
2.2. Winner and transaction records: Records relating to confirmed winners (including verification outcomes, payout amount, network, destination address, timestamp, transaction hash, and internal approvals) are retained only where and for as long as required by applicable law, including tax, anti-money-laundering, sanctions, and record-keeping obligations.
2.3. Marketing data: Marketing contact data and consent records are retained until you withdraw consent, after which the data is deleted from active marketing use. We may retain a suppression record to ensure we do not contact you again inappropriately.
2.4. Fraud and security signals: Data relating to suspected fraud, abuse, or security incidents may be retained for a limited period appropriate to detect and prevent further abuse, defend legal claims, and comply with law.
2.5. Correspondence and complaints: Records of communications, complaints, and support requests are retained for the period necessary to resolve the matter and for any related legal or regulatory obligations.
3. Deletion and Anonymisation
3.1. When a retention period ends, personal data is either deleted or anonymised so that it can no longer be linked to an identifiable individual.
3.2. Deletion methods may include secure erasure, cryptographic deletion, or physical destruction of storage media, depending on the system and the data involved.
3.3. Anonymised data may be retained for legitimate purposes such as statistical analysis, audit, and research, provided it is not reasonably capable of being re-identified.
4. Backups
4.1. Personal data may persist temporarily in secure backups after it has been deleted from active systems. Backups are encrypted, access-controlled, and retained only for a defined backup cycle.
4.2. Restoration of deleted data from backup is undertaken only where reasonably necessary (for example, for disaster recovery) and in accordance with our retention schedule. When restored data is no longer needed, it is deleted again.
5. Your Requests
5.1. You may request access, correction, deletion, restriction, portability, or objection via the data-request page on this website. We will honour valid requests subject to legal retention obligations and will explain where an exception applies.
5.2. If you request deletion of your entry data before the draw, we will remove your entry from the Promotion and delete your data to the extent permitted by law. Once the draw has occurred, certain records may need to be retained for legal or audit purposes.
5.3. We may refuse or limit a request where the data is necessary for legal proceedings, regulatory investigations, or the establishment, exercise, or defence of legal claims.
6. Administrator Tools and Audit
6.1. Our administrators use dedicated, access-controlled tools to configure retention periods and to action data-deletion and data-access requests.
6.2. Actions taken under this notice are recorded in an audit log to demonstrate compliance and accountability.
7. Changes to This Notice
7.1. We may update this notice from time to time to reflect changes in legal requirements, our practices, or technology. The version and date at the top of this document indicate the current version.