Draft schedule pending legal and professional-record reviewLast updated 21 May 2026
Retention And Deletion
The draft retention schedule for account records, client records, health data, messages, files, bookings, payment metadata, AI context and logs.
Audience: Practitioners, clinics, clients and launch reviewers
Retention rules must balance client record duties, data minimisation, auditability, security, payment records and user rights. This schedule is a draft and must be approved before production launch.
Draft Schedule
| Record type | Draft retention position |
|---|---|
| Practitioner account and profile | For the account term, then as needed for legal, security, tax or dispute purposes |
| Client relationship and client record | Controller-defined period set by practitioner or clinic obligations, with export and deletion support at account closure |
| Trackers, observations, questionnaires, notes, goals and messages | Aligned to the client record retention period unless the controller requests earlier deletion or restriction where appropriate |
| Files and meal photos | Aligned to the client record retention period, with private or signed storage and deletion support |
| Bookings and sessions | Retained as part of the client record and practitioner scheduling history, subject to controller policy |
| Stripe payment metadata | Retained as needed for accounting, chargeback, dispute, fraud and legal obligations; raw card data is not stored in NutriScope |
| AI prompts and generated drafts | Retained only where needed for product workflow, auditability or reviewed note history; minimise source context and define deletion rules before launch |
| Transactional email events | Retained as needed for delivery, suppression, audit and troubleshooting |
| Security and audit logs | Retained for a security-appropriate period, then deleted or aggregated where possible |
| Backups | Deleted or overwritten according to provider backup cycles and disaster-recovery needs |
Deletion And Export
NutriScope should provide practical export and deletion support for practitioner or clinic controllers and for NutriScope-controller account data. Deletion may be limited by legal obligations, security logs, payment records, disputes, backup windows or another valid basis.
Open Decisions
- Exact retention periods by customer type and record type.
- How practitioner professional-record duties are reflected in customer controls.
- Backup deletion windows and support-process evidence retention.
- Whether AI prompt and draft retention differs when AI output is converted into a practitioner note.