Empuls retains all customer-specific engagement, recognition, and survey data for the duration of the active contract period, with immediate data purging available upon contract termination or at any point upon customer request.
Data Retention by Default
Empuls applies separate retention rules to system-level data and customer-specific data. System-level records—such as performance logs and diagnostic telemetry—are automatically archived after 7 days. This keeps the infrastructure lean while preserving the audit trail that security and engineering teams rely on for incident response. Customer-specific data is held to a different standard. Engagement metrics, peer recognition history, eNPS and pulse survey responses, and platform usage records are all retained for the full duration of your active contract. Whether your program spans one year or five, Empuls keeps your historical data intact and accessible without manual intervention.Purging on Your Terms
When a contract ends, Empuls initiates data purging immediately upon termination—no waiting periods, no residual records lingering in shared infrastructure. If your organization needs data removed before the contract concludes, you can submit a targeted deletion request at any point. That request can cover individual employee records, a specific dataset, or your entire tenant archive. For organizations subject to ISO 27001 or SOC 2 Type II audit requirements, this level of documented, on-demand control is often a non-negotiable. Empuls supports these workflows directly, so compliance and legal teams have the evidence they need without chasing down engineering resources.GDPR and the Right to Erasure
Empuls is fully compliant with GDPR and adheres to global data privacy regulations. The ability to request deletion at any time directly supports Article 17—the right to erasure—giving People teams a clear, repeatable process for honoring employee data removal requests. For organizations with employees across the EU, UK, or other privacy-regulated markets, this removes a common compliance bottleneck that slower SaaS vendors introduce.Behavior When Connected to HR Systems
When Empuls is integrated with platforms like Workday, SAP SuccessFactors, or Darwinbox, employee data syncs from those systems to power recognition and rewards workflows. A data purge in Empuls does not cascade into your HRIS—each system maintains its own retention policy. You can cleanly offboard an employee from Empuls, including full data deletion, without triggering unintended changes in your source HR system. If your teams receive recognition notifications through Microsoft Teams or Slack, those messages are delivered through those channels, but the underlying engagement data remains within Empuls’s compliant data infrastructure and is subject to the same retention and purging controls. Xoxoday Empuls gives HR and IT leaders documented control over the full data lifecycle—from retention through deletion—without requiring custom engineering work to fulfill routine privacy requests. Learn more: Empuls Help Centre — DataGDPR Compliance in Empuls
How Empuls meets GDPR requirements for employee data, including lawful basis for processing, data subject rights, and cross-border data transfers.
SOC 2 and ISO 27001 Certification
Overview of Empuls’s third-party security certifications and what they mean for your organization’s vendor risk assessments.