Legal

Data deletion instructions

Last updated: 25 April 2026

Anyone whose data has been processed by Chiefpa can request deletion. There are two paths depending on who you are. Both end with the same outcome: your data is removed from our active systems and from our backups within the timelines below.

If you are an end customer

You messaged a service business and discovered they use Chiefpa to handle replies. You have two routes:

• Contact the business directly. They can delete your record from their dashboard. This is usually the fastest path.
• Email us at privacy@chiefpa.com. Include the channel you used (WhatsApp, Messenger, Instagram, Telegram, email, or web), the identifier (phone number, email, or username), and the name of the business if you remember it. We will confirm with the business and complete the deletion within 7 business days.

If you are a tenant (a business using Chiefpa)

Email privacy@chiefpa.com from the email address associated with your account, asking to cancel and delete. We will:

• Acknowledge within 1 business day.
• Offer a 30-day grace period during which you can request a full export of your wiki and database.
• At the end of the grace period, perform full deletion as described below.

If you want immediate deletion (skipping the grace period and forfeiting the export), say so explicitly. We will process within 7 business days.

What gets deleted

For an end-customer deletion request, we delete:

• All inbound and outbound messages associated with your channel identifier.
• Any contact record the business kept about you in their wiki.
• Calendar events linked to your identifier.
• Cached AI drafts, edits, and approvals associated with your conversations.
• Your channel identifier (phone number, PSID, IGSID, email, IP) from our event logs.

For a tenant deletion request, we delete:

• The full per-tenant SQLite database (messages, contacts, calendar, approvals, audit log).
• The private GitHub backup repository for the tenant (markdown wiki and SQL snapshots).
• All encrypted channel credentials (Meta Page tokens, etc.).
• Account access tokens.

What is retained

We retain a minimal anonymised audit log of the deletion event itself for 90 days — enough to demonstrate that deletion happened and answer accountability questions. This log records the date, the channel/tenant scope, and the requestor's confirmation. It does not contain message content, customer names, or personal identifiers.

Backups that pre-date the deletion request are rotated out within 30 days of the deletion. Beyond that, none of your data exists on our systems.

Sub-processor data

Some data necessarily passed through external services to deliver the original message — Meta (for Messenger / Instagram / WhatsApp), Anthropic (for AI inference), Telegram, and GitHub (for backup). When you delete from Chiefpa, we delete the data we hold; data held by these sub-processors is governed by their own retention and deletion policies. For Meta channels specifically, Meta retains conversation history independently and you can manage that through their privacy controls.

Turnaround commitment

• End-customer requests: 7 business days from receipt.
• Tenant cancellation with grace period: deletion completes 30 days + up to 7 business days after request.
• Tenant immediate deletion: 7 business days from receipt.

How we confirm

Once deletion is complete, we send a confirmation email to the requesting address. If you don't receive a confirmation within the timeline above, please follow up — emails sometimes fail.

Questions

Email privacy@chiefpa.com with anything we haven't covered.