Retention Schedule

This schedule summarises the default retention periods used by the application for operational and security-related data.

DataDefault retention
Audit logs365 days
Magic-link tokens30 days after expiry/use
Magic-link send log90 days
Admin 2FA codes14 days after expiry/use
CSV preview tokens7 days after expiry/use
Draft autosaves30 days since last autosave
Captain submissionsRetained for league administration unless later anonymised or deleted under an approved process

Where a data subject request is upheld, relevant captain contact data can be exported or anonymised through the league’s admin processes.