Data Retention & Privacy
HeyVisa is privacy-first. Documents are encrypted in transit and at rest, scoped to the report they belong to, never used for model training, and removable on demand. This page explains exactly how long we keep each class of data and how to delete it.
What we store
A submission produces several data classes. Each has its own retention window and is encrypted at rest with per-workspace keys.
| Data class | Default retention | Notes |
|---|---|---|
| Uploaded documents | 30 days | Original files; deletable immediately via the API or dashboard. |
| Extracted text & fields | 30 days | OCR output; purged with the parent report. |
| Generated reports | 12 months | Risk score, signals, recommendations. Configurable per workspace. |
| Webhook event log | 30 days | Delivery attempts and payloads for debugging. |
| Audit & billing metadata | 7 years | Retained for legal and accounting obligations; no document content. |
Deleting data
Deleting a report cascades to its extracted text and any documents not referenced by another report. Deletion is irreversible and propagates to backups within 30 days.
bash
# Delete a report and every document scoped to it.
curl -X DELETE https://api.heyvisa.com/v1/reports/rep_01HXYZ \
-H "Authorization: Bearer sk_live_...redacted"
# 204 No Content — the report, its extracted text,
# and any documents not referenced by another report are purged.- API.
DELETE /v1/reports/:idorDELETE /v1/documents/:id. - Dashboard. Workspace owners can bulk-delete or set a shorter auto-purge window under Settings → Data.
- Account closure. Closing a workspace schedules full deletion of all content within 30 days.
Privacy commitments
- We never sell your data or share it for advertising.
- Customer documents are never used to train models.
- OCR runs in an isolated processing tier with text encrypted at rest and scoped to the workspace.
- Data residency: processing and storage occur within the EU/Türkiye region operated by
HeyVisa.
Retention is a floor, not a ceiling
If your compliance program requires shorter windows, set a custom auto-purge under Settings → Data, or call
DELETE as soon as a report is consumed. We honour the shortest applicable window across workspace policy and per-resource deletes.