WebRiskOps
Retention

WebRiskOps Data Retention - Scan artifacts, reports and audit records

Retention exists to keep reports reproducible, support billing and dispute evidence, monitor regressions and let customers audit what happened.

Start with a private scanSee sample report
Data retention and export boundaryRetention explains what account, scan, evidence and billing records exist and when export or deletion applies.AccountIdentityUserTeamEvidenceScan artifactsBillingProvider statePaddleSafeExportCustomer copyrequestRetentionLifecycle
Retention explains what account, scan, evidence and billing records exist and when export or deletion applies.
Trust brief

Understand why records are kept before requesting export or deletion.

Retention questions should start from the record category and product reason: report reproducibility, retest comparison, monitoring, billing, dispute evidence or audit history.

Open reportsOpen settings

Retention and export boundary

Export and deletion handling is not a promise to remove operational, billing, security, audit or legal-retention records immediately.

  • Account-scoped export handling
  • Operational exceptions remain possible
  • Secrets stay out of reports and public artifacts

Artifact retention reasons

Screenshots, HTML snapshots, issue fingerprints and scan metadata support reports, retests and monitoring.

Commercial record reasons

Billing, credit, refund, service-credit and dispute records support eligibility and provider workflows.

Auditability reasons

Request routing, blocked states and quality-gate decisions are retained to explain product actions.

Retention category matrix

Retention categories include public leads, accounts, projects, scan pages, screenshots, HTML snapshots, issue fingerprints, reports, messages, billing records, credits, disputes, monitoring history and audit logs.

  • Leads, accounts, and projects
  • Scan artifacts and reports
  • Billing, monitoring, and audit records

Product reasons for retention

Records are retained to reproduce reports, compare retests, manage monitoring, prove authorization, route customer requests, enforce billing eligibility and inspect blocked workflows.

  • Report reproducibility
  • Retest and monitoring comparison
  • Request routing, billing, and auditability

Scan artifacts and report evidence

Screenshots, HTML snapshots, issue fingerprints, report state, and scan metadata are retained while they support active customer workflows.

  • Screenshots and snapshots
  • Issue fingerprints
  • Report publishing state

Billing, credit, dispute, and monitoring records

Billing eligibility, credits, refund evidence, dispute evidence, and request-routing records are retained for operational traceability.

  • Subscription state
  • Credit ledger
  • Dispute evidence

Export, deletion, and exceptions

Customer-facing export and deletion workflows must respect operational, billing, security, and legal-retention requirements.

  • Account-scoped requests
  • Operational retention exceptions
  • Audit-safe processing

No secret exposure boundary

Secrets, credentials, private keys, payment method details, and provider tokens should not be exposed in public pages, exported reports, screenshots, HTML snapshots, or ordinary support records.

  • No provider secrets in reports
  • No payment method data in product exports
  • Credential handling stays in approved boundaries