.svg)
Oddr Customer Data Retention Policy
This policy describes how Oddr retains customer data during the term of the service agreement and how data is handled upon contract termination. Oddr is committed to responsible data stewardship and to ensuring that customer data is retained only for as long as it is needed and disposed of securely when it is no longer required without compromising on performance or ease of use.
Data Retention During Active Service
During the term of a customer’s service agreement, Oddr retains all customer data within the Oddr Secure Cloud as necessary to deliver the contracted platform services. This includes:
.svg){kind=icon}
Client records, matter records, invoice data, payment records, collections activity, notes, attachments, and any other data ingested through the firm’s integration or entered directly into the platform.
.png){kind=icon}
Audit logs, user activity logs, system event logs, and platform usage data generated during the course of normal platform operations.
Invoice PDFs, statement files, and any other documents uploaded to the platform by the firm’s integration processes or users.
Data is stored in the Azure region selected by the customer during onboarding and is subject to the encryption and access controls described in Oddr’s Data Protection and Infrastructure & Security documentation.
Backups
Production databases are backed up daily, and all backups are encrypted using Azure-managed keys. Backups support recovery to a daily restore point. For disaster recovery, backups are also copied to a secondary Azure region within the same geography, which keeps your data inside its original data residency boundary. Backup retention periods are configured to support disaster recovery and are maintained in accordance with Oddr's business continuity plan.
Data Retention Upon Contract Termination
When a customer’s service agreement with Oddr ends — whether through expiration, non-renewal, or termination — Oddr follows a structured data deletion process:
.png){kind=icon}
Following the effective date of contract termination, Oddr retains customer data for a period of 30 days to allow the customer to request a data export or address any final operational needs. During this period, the customer may request a copy of their data in a standard machine-readable format.
.png){kind=icon}
After the post-termination retention period, all customer data — including application data, uploaded documents, and backups — is securely deleted from Oddr systems. Deletion is performed using methods appropriate to the storage medium and consistent with Oddr’s Data Retention and Disposal Policy.
.png){kind=icon}
Upon request, Oddr will provide written confirmation that the customer’s data has been securely deleted.
.png){kind=icon}
If retention beyond the standard period is required by law, regulation, or valid legal process, Oddr will retain only the specific data required and will notify the customer to the extent permitted by law.
Data Export
Customers may request an export of their data at any time during the active service term. Exports are provided in standard formats and coordinated through the Oddr account team. Oddr will work with the customer to define the scope and format of the export.
Platform-Generated Logs
Platform-generated logs (such as audit trails and system event logs) are retained for a period appropriate to support security monitoring, incident investigation, and compliance needs. Log retention periods are reviewed periodically and may be adjusted based on regulatory requirements or customer contractual terms.
Data is retained for 30 days post-termination unless the contract specifies otherwise.
After 30 days, all application data, documents, and backups are securely deleted.
Oddr sends confirmation to your designated contacts once deletion is complete.