Last Revised: Nov 6, 2023
The purpose of this Data Retention Policy and Procedures (the “Policy”) is to detail the procedures for the retention and handling of information received, maintained, and created by Censo Inc (“Censo” or “the Company”)
For purposes of this Policy, a “record” includes paper documents as well as information stored electronically or digitally, unless otherwise specified this Policy refers to both hard and soft copy documents. Electronic documents may be located on the hard drives of desktop and laptop computers, voice mail message systems, e-mail systems, servers, magnetic tapes (including archival and back-up tapes), audio tapes, video tapes, and any other electronic storage medium.
Records should be kept for as long as they are needed to meet the operational needs of the Company, together with legal and regulatory requirements. We have assessed our records to:
- Determine their value as a source of information about the Company, its operations, history, relationships and environment;
- Assess their importance as evidence of business activities and decisions;
- Assign, where applicable, the legal and / or regulatory retention requirements.
A disposal schedule is a key document in the management of records and information. The disposal schedule provides a time frame for when a record can be disposed or destroyed and remove from the Company’s database, back up tapes and / or physical storage.
Records on disposal schedules will fall into two main categories:
- Destroy after an agreed period – where the useful life of a series or collection of records can be easily predetermined (for example, destroy after 6 years; destroy 5 years after the end of the financial year).
- Under Review – in this context, review is defined as the examination of records that reach the end of their retention period to determine whether they should be destroyed or retained for a further period.
Company records that are not otherwise subject to retention for business reasons may need to be retained for purposes of potential or pending litigation or a government investigation (referred to as a “Legal Hold”). Circumstances where Company records that are not usually retained may be required to be kept in Legal Hold, include but are not limited to, service of a lawsuit, receipt of a subpoena, or a request for production of documents. If these circumstances arise, the Compliance Officer must be notified. Records on Legal Hold cannot be disposed of until released from legal hold even if this is years past the retention period.
Records can be disposed (destroyed) in the following ways:
- Non-sensitive information – can be placed in a normal trash bin
- Confidential information – can be crosscut shredded and pulped or burnt
- Electronically stored information should be permanently deleted from the system rendering them non-recoverable even using forensic data recovery techniques.
- Electronic equipment containing information (e.g., Hard drives) - destroyed using mechanisms that are implementing industry best practices.
See Appendix 1 for the Company’s detailed Retention and Disposal Schedule.
Responsibility for monitoring the disposal policy rests with the Chief Financial Officer (“CFO”). The policy will be reviewed annually or more often as required.
Federal Recordkeeping Requirements
The Company may be subject to federal record keeping requirements established by the laws, statutes, and regulations of the United States.
It is of the utmost importance that the Company meet these obligations. These obligations may include but are not limited to the following:
Electronic Fund Transfer Act (EFTA), Regulation E. Pursuant to 12 C.F.R. I005.13
The Company shall maintain records evidencing compliance with the Electronic Funds Transfer Act for two (2) years after the date disclosures are required to be made or action to be taken under the Electronic Fund Transfer Act.
Bank Secrecy Act (BSA). Pursuant to 31 C.F.R. I010.430
The Company shall maintain records evidencing compliance with the Bank Secrecy Act for five (5) years.
Roles and Responsibilities
The Company’s CFO will supervise the implementation and administration of the Data Retention and Policy and Procedure. Administration of the program shall include:
- assigning specific responsibility for the program’s implementation; and
- testing to ensure compliance.
It is the responsibility of all Company employees to follow this Policy and any accompanying procedures.
Appendix 1—Retention and Disposal Schedule
Customer Personal Identification Data – Including biometric identifiers
An encrypted facial scan (“Facial Scan”) of each customer is taken when setting up the Censo Owner App, and used for customer authentication. Censo stores, but cannot access this Facial Scan.
No other Personal Identifiable Information (“PII”) is collected within the App.
Censo will retain the Facial Scan for as long as reasonably necessary for purposes of authentication, or until ninety (90) days after the customer terminates their subscription to the Censo App, whichever occurs first.
Communications with Customers
All correspondence with customers including but not limited to chats, emails, ticket information, call recordings, etc.
Until a request for deletion of information by the customer is made, but no less than ninety (90) days from the date the user closes the account.
All financial documents including but not limited to send /receive funds, bank statements, payments, ledgers, journals, accounting reports, assets, tax records, generic financial records, etc.
A minimum of 7 years with exceptions of up to 13 years.
All employee information including but not limited to, personal information, resumes or CVs, employee reviews, position change, compensation, and benefits, etc.
A minimum of 7 years
Policies and Procedures
All company policies and procedures not relating to AML/BSA/OFAC.
Until superseded and then 5 years for previous versions
AML/BSA/OFAC Compliance and Related Documents as required
All company AML/BSA/OFAC compliance and related documents including KYC, CIP, ongoing CDD, training, customers’ account activity, and reporting, including, but not limited to monitoring logs and alert triggers.
A minimum of 5 years