Data retention and deletion policy

Tailscale must retain and process certain kinds of customer and user data to deliver the Tailscale Solution and to comply with our customer commitments and legal requirements. At the same time, Tailscale wants to avoid retaining data for longer than is necessary.

Scope

This policy applies to the data assets associated with customer accounts that are processed by Tailscale in connection with providing the Tailscale Solution.

Schedule

Tailscale should review the data it retains as part of reviewing its data register at least annually.

Retention period

Data subject to this policy will be retained for a set period of time, depending on the type of data:

Data Assets Retention period
Customer account and tailnet live production data* Duration of contract
Client logs (that is, Usage Data used for security and fraud prevention and analytics purposes) 12 months
Support communications and other customer service records 5 years
Payment and billing information 7 years
Aggregated or anonymized data or reports As long as needed for the business purposes

*Tailscale acts as the data processor for this information pursuant to our DPA. In all other cases, Tailscale acts as the data controller.

Where not specified, customer data will be retained no longer than is needed to provide the service, and anonymized or deleted afterwards.

Privacy Policy

Tailscale will delete personal data pursuant to individual data subject requests in accordance with applicable data privacy laws as set forth in our Privacy Policy.

Suspension

Tailscale may suspend routine deletion of customer data if required for security forensic analysis purposes or a legal hold involving such data. Legal holds may be issued, for example, in connection with an active, imminent, threatened or reasonably anticipated investigation, litigation, arbitration, subpoena, financial transaction, or other legal matter.

Deletion method

Data may be destroyed by overwriting on disk, deleting a cloud resource, encrypting and destroying the key, resetting a device, and/or physical destruction.