Data Retention Policy
Last updated: January 2026
This policy describes how Hilma (operated by Mindtrack AB) retains and manages Customer Data collected through our platform.
1. Retention Periods
Hilma retains Customer Data according to the following schedule:
| Data Type | Retention Period |
|---|---|
| Check-in entries (daily recaps, weekly plans) | Life of subscription* |
| Retrospective sessions and notes | Life of subscription* |
| AI Coach conversation history | Life of subscription* |
| Wellness responses (CMWI) | Life of subscription* |
| Journal entries | Life of subscription* |
| AI-generated summaries | Life of subscription* |
| OAuth tokens (Slack/Teams) | Until workspace disconnection |
| Integration tokens (ClickUp, Linear, etc.) | Until integration disconnection |
* Data is retained for the duration of your active subscription to enable historical trend analysis, AI-powered insights, and long-term wellness tracking. Data is deleted upon workspace removal or user request.
2. Why We Retain Data
Hilma retains your data to provide maximum value from our platform:
- Historical trends: Wellness scores, team health, and check-in patterns are most valuable when viewed over time.
- AI context: The AI Coach uses your history to provide personalized, contextual guidance rather than generic advice.
- Retrospective insights: Long-term patterns help teams identify recurring issues and track improvement over time.
3. User-Initiated Deletion
Users can request deletion of their data at any time:
- Journal entries: Users can delete individual journal entries immediately through the dashboard.
- AI Coach conversations: Users can delete conversation history through the dashboard.
- Full account deletion: Contact [email protected] to request complete deletion of all personal data. Requests are processed within 30 days.
4. Workspace Disconnection
When a workspace disconnects Hilma (uninstalls the Slack/Teams app):
- OAuth tokens are deleted within 24 hours
- Workspace is marked as inactive
- All user data for that workspace is scheduled for deletion within 30 days
- Integration tokens for that workspace are deleted immediately
5. Backup Retention
Database backups are maintained for disaster recovery:
- Daily automated backups with 7-day retention
- Backups are stored in the same region as the primary database
- Backups are encrypted at rest using AES-256
- Deleted data may persist in backups for up to 7 days after deletion
6. Legal Obligations
Hilma may retain certain data beyond standard retention periods when required by law, legal proceedings, or legitimate business interests (such as fraud prevention). In such cases, data will be retained only for the minimum period necessary.
7. Contact
For questions about this policy or to request data deletion, contact us at [email protected].
Mindtrack AB
Organization number: 559383-2859
Sweden