Data Retention Policy
Last Updated: 01-11-2025
This Data Retention Policy explains how long Sunnah Marriage Hub (“we”, “us”, “our”) retains personal data, profile information, verification documents, retains safety-related logs, and activity records in accordance with the UK GDPR, Data Protection Act 2018, and platform safety requirements.
We retain only the minimum amount of personal data necessary to:
- Provide and operate our services
- Ensure safety, fraud prevention, and identity authenticity
- Meet legal, regulatory, accounting, and tax obligations
- Resolve disputes and handle evidence requests
- Enforce platform integrity and Terms of Service
1. Retention of Active User Data
Profile Information
Retained while the user maintains an active account.
KYC / ID Verification
ID documents are retained only while the account is active to maintain identity authenticity, prevent impersonation, and support fraud prevention.
Activity Logs
Profile access requests, biodata access events, gallery actions are retained to maintain system fairness and verify quota usage.
User Access Monitoring Logs
Approval-related access logs retained for safety and compliance.
2. Retention After Account Deletion
When a user deletes their account, the following timelines apply:
2.1 Profile Data
- Deleted within 30 days (including photos, gallery items, and bios)
2.2 KYC / Identity Documents
- Deleted within 30–90 days unless retained for an active fraud or abuse investigation
2.3 Payment Records
- Retained for 6 years (required under UK financial and tax regulations)
2.4 Activity Logs (Access requests, biodata access, and gallery actions)
- Retained for 12 months for chargeback evidence, fraud prevention, and dispute resolution
2.5 Safety & Moderation Logs
- Retained for 12 months for safety and compliance purposes
2.6 Support Tickets
- Retained for 24 months to assist in resolving historical disputes and improving service quality
3. Retention of Inactive Accounts
An account is classified as inactive after 12 months of no login activity.
- We notify the user before removal
- After 24 months of inactivity, accounts may be removed automatically
- Data is deleted using the same retention timelines as voluntary account deletion
4. Fraud Prevention & Abuse Monitoring
Certain data may be retained longer for safety and fraud prevention, including:
- IP logs
- Device fingerprints
- Security-related activity indicators
- Chargeback-related evidence
- Information on banned or blocked accounts
Retention period: Up to 3 years (purpose-limited, access-controlled).
5. Payment & Transaction Data
Payment data is handled by trusted third-party processors such as Stripe, Mollie, and Paystack.
We retain the following for compliance and dispute resolution:
- Payment confirmations
- Packages purchased
- Transaction IDs
- Quota usage data linked to the transaction
Retention period: 6 years (UK HMRC requirement).
We never store full card numbers.
6. Legal & Regulatory Obligations
We may retain certain data for longer periods when necessary to:
- Comply with UK law and law enforcement requests
- Respond to legal disputes or claims
- Prevent repeated misuse
- Enforce our Terms of Service
Access to such data is limited and strictly purpose-based.
7. User Rights Regarding Data
Under UK GDPR, users may request:
- Deletion of personal data (“Right to Erasure”)
- Access to their data (“Subject Access Request”)
- Correction of inaccurate information
- Restriction of processing
- Withdrawal of consent
- Filing a complaint with the ICO
To exercise rights, users may contact:
Email: info@sunnahmarriagehub.com
8. Secure Disposal of Data
When data reaches its retention limit:
- It is securely deleted or anonymised
- Backups containing expired data are purged during scheduled cycles
- ID documents are permanently erased using secure destruction methods
9. Policy Updates
We may update this policy for legal, operational, or compliance reasons. Any changes will be posted with a new “Last Updated” date.