Data Retention and Automatic Cleanup

AutoPhish helps you keep stored data under control by automatically cleaning up older records after a defined retention period.

This supports data minimization and helps keep your workspace tidy without requiring manual cleanup.

Default retention period

By default, company data is retained for 3 years.

If you need a different retention period for your organization, please contact AutoPhish Support.

What is automatically cleaned up

Once the retention period is reached, older data may be removed or reduced for your company.

This includes:

• Completed and inactive phishing campaigns
• Campaign execution data
• Email delivery records
• Training and education progress
• Stored raw phishing-report email content
• DNS scan logs
• Security scan history
• Older inactive domain findings

In some cases, not all metadata is removed. For example, raw email content from phishing reports may be cleared while basic related information is kept for reference.

What is not removed

To avoid disrupting active security programs, some data is preserved:

• Active campaigns are never deleted automatically
• Active domain findings remain available

How cleanup works

Cleanup runs automatically on a regular basis, so no manual action is required from your side.

Need a different retention period?

The default retention period is 3 years.

For any custom retention requirements, please reach out to Support and we’ll help you review the available options.

Updated on: 26/03/2026