Modules
Retention and compliance
Set visible, editable and auditable retention periods aligned with nLPD and GDPR principles.
Purpose
Retention defines how long Wadyu keeps sessions, audit logs, sync logs, security events, token caches and App Metering signals.
Practical workflow
Expose the current value, Wadyu recommendation, allowed range, reason for change, last editor and timestamp. Changes should be auditable.
Controls and validation
Recommended defaults follow minimisation and purpose limitation: short sessions, operational sync logs, longer audit/security events and limited token cache lifetime.
Security and compliance
App Metering signals can be personal data even when Wadyu does not read documents. Keep detailed data only as long as needed for financial analysis and prefer aggregates for history.
Common mistakes
Do not silently extend retention because it is convenient. Tie every exception to a contract, sector requirement or documented risk.