Xoxoday Loyalife supports data disposal, allowing organisations to request the secure and permanent deletion of their data when required.
Data Disposal in Xoxoday Loyalife
Data lifecycle management does not end at storage — it includes the controlled, verifiable removal of data when it is no longer needed. Xoxoday Loyalife includes a formal data disposal provision that organisations can invoke at defined points in their relationship with the platform. This means that when your organisation decides to offboard, conclude a contract, or exercise its right to erasure under applicable data protection regulations, Xoxoday Loyalife ensures that the relevant data is deleted in a structured and auditable manner. Retention of data beyond its intended use period is treated as a compliance risk, not a default.When Data Disposal Applies
Data disposal requests are typically triggered in one of several scenarios. The most common is contract termination or non-renewal, where an organisation requires that all loyalty programme data — member records, transaction histories, reward redemption logs — be purged from Xoxoday Loyalife’s systems once the business relationship ends. Organisations operating under GDPR, the Personal Data Protection Act, or similar frameworks may also raise disposal requests in response to individual rights requests, such as a right-to-erasure claim from an employee participant. Xoxoday Loyalife’s data disposal capability supports this compliance workflow directly. A third scenario involves internal data governance decisions — for example, an organisation migrating its HRIS from SAP SuccessFactors to Darwinbox may choose to reset its loyalty data layer and start fresh, requiring disposal of legacy participant records before the new integration goes live.How the Process Works
Xoxoday Loyalife handles data disposal through a formal request process rather than self-service deletion, which ensures that removals are intentional, authorised, and logged. Once a disposal request is submitted, the Loyalife team confirms the scope of data to be deleted, the timeline, and the method of confirmation upon completion. This approach is aligned with Xoxoday Loyalife’s security certifications, including ISO 27001 and SOC 2 Type II, both of which require documented procedures for data destruction. Organisations subject to regulatory audits can request confirmation of disposal as part of their compliance evidence package.What Gets Disposed
The scope of disposal covers data held within Xoxoday Loyalife’s environment that belongs to your organisation. This includes participant profile data, programme configuration, earned and redeemed points records, and any identifiable user data ingested via integrations with systems such as Workday, SAP SuccessFactors, or Darwinbox. Disposal does not affect anonymised or aggregated data that cannot be linked back to individuals — such data may be retained for platform analytics in accordance with Xoxoday Loyalife’s data retention policy. If your organisation requires a specific disposal method, timeline, or written confirmation, this can be discussed and formalised through your account agreement or a data processing addendum. Learn more: Xoxoday Loyalife Help Centre — SecurityData Retention Policy
Understand how long Xoxoday Loyalife retains different categories of organisational and participant data.
GDPR and Data Privacy Compliance
Learn how Xoxoday Loyalife supports GDPR rights including access, portability, and erasure requests.