Tag: data privacy

5 Smart Data Retention Policies and 3 Data Saving Pitfalls Costing Your Business Money
In today’s digital business landscape, how you manage your data is just as important as how you collect or store it. For small businesses, having a smart data retention policy isn’t just about staying organized, it’s about staying compliant, secure, and efficient.

Whether you’re holding on to customer records, invoices, employee files, or emails, you need a clear plan for how long that data stays on your systems and what happens when it reaches the end of its lifecycle. Retaining everything “just in case” or deleting too soon can create legal headaches, security risks, or operational confusion.

Let’s explore five data retention policies small businesses should implement, and three common mistakes you should absolutely avoid.

✅ 5 Smart Data Retention Policies to Implement
1. Retention by Data Type
Not all data is created equal. Treat it that way.

Set different retention periods based on the type of data you’re storing:
- - Financial records may need to be kept for 7+ years (IRS rules).
  - Customer data may have different lifespans depending on usage and consent.
  - HR and employee records often follow labor law guidelines.
  - Emails may only need to be stored for 1–3 years unless tied to legal or financial records.
Classifying data by type ensures your business is both legally compliant and operationally efficient.
1. Automatic Archiving
Out of sight, but not out of reach.

Instead of deleting data prematurely, implement archiving policies that automatically move older, inactive data to secure long-term storage. This keeps your active systems clean and performing well, while still giving you access to historical data when needed.

Modern cloud services and document management platforms often offer built-in archiving features, use them to your advantage.
1. End-of-Life Deletion Protocols
When data has outlived its purpose or retention period, it’s time to say goodbye — securely. Have a documented process for data deletion:
- Use secure wipe methods to prevent recovery.
- Maintain deletion logs for compliance.
- Be especially cautious with personally identifiable information (PII) and health data.
Deleting outdated data reduces your risk surface in the event of a data breach and helps you stay on the right side of data privacy regulations.
1. Regular Audits
Your business isn’t static, and your data policy shouldn’t be either. Review your retention practices annually to:
- Stay aligned with evolving regulations.
- Remove outdated systems or redundant storage.
- Confirm your team is following protocols.
Audits help identify gaps and keep your policy relevant.
1. Employee Training
Even the best policies can fall apart without employee buy-in. Train your staff on:
- - What data to retain or delete.
  - How to handle sensitive information.
  - Recognizing phishing or security threats that target stored data.
Make data management part of your onboarding and annual training. It’s easier to maintain compliance when everyone’s on the same page.

❌ 3 Common Data Retention Practices to Avoid
1. Keeping Everything “Just in Case”
This is one of the most common — and risky — habits. Over-retaining data can:
- - Expose your business in a breach.
  - Increase legal discovery risks.
  - Cost more in storage and management.
If you don’t need it and aren’t required to keep it then securely dispose of it.
1. One-Size-Fits-All Retention Periods
What works for one type of data might be a liability for another.

Using a blanket policy for all files or records could lead to unintentional violations of compliance laws or operational inefficiencies. Customize your retention schedules by category and jurisdiction.
1. No Defined Ownership of Data Management
When no one is responsible, no one is accountable.

Every small business should assign someone (or a team) to oversee data retention. This ensures policies are applied consistently and gives your staff a go-to resource when questions arise.

Small businesses face growing data responsibilities, but they don’t have to face them alone. With the right retention policies in place, you can protect your business, reduce clutter, and maintain compliance without wasting valuable time or resources.

At Valley Techlogic, we help small businesses build smart, secure, and scalable data strategies, including customized retention policies that align with your industry’s regulations and your company’s workflow. Need help building your retention roadmap? Contact us today to schedule a consultation with our team.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.
July 25, 2025
On average, your information is shared 747 times a day according to a new study
We touched on data brokers and how they buy and sell your data in a previous article, but in an eye opening new study from the Irish Council for Civil Liberties (ICCL) they found that for US-based users their information is shared online with for marketing purposes on average 747 times per day.

That means about 31 times an hour or once every two minutes your information is being sold or traded for marketing purposes so corporations can make an educated guess as to your buying habits when serving you advertising.

The study used data from a 30-day feed from Google which can be accessed by industry specific entities but is not made available to the public. While the study was aimed at European internet users, who on average have their information shared 376 times per day, the figures they discovered are startling no matter where you happen to reside.

The ICCL is pursuing legal action against online ad agencies, describing the real-time bidding (RTB) that’s occurring as a massive data breach and a violation of European data protection laws.

There are a mishmash of laws aimed at protecting US consumers from having their information sold for online marketing purposes, however with no single comprehensive federal law in place any consumer looking to find recourse if they feel their data has been used illicitly will discover they have an uphill battle ahead of them.

We all skim the lengthy TOS found when signing up for a service, while putting it out of mind that the cost of many “free” services in our data, but what if the data that’s being sold goes beyond what you’re posting on social media or what you purchased from an online retailer recently?

With data breaches being a regular occurrence, you may not even be voluntarily opting-in to sharing the information that’s currently being traded about you on the internet and it may go beyond what you would want to have shared.

Even your private medical data can be up for grabs and being sold by data brokers, for example every year Pfizer spends $12 million buying anonymized data for marketing purposes.

So as with our article on data brokers we want to give you some tools to protect yourself and protect your data while using the internet. This time we want to give you 3 helpful ideas that will help you discover what’s out there already and how to close the gaps:
1. Google Alerts : Create alerts with things like your name or social media handle, that way if you’re being mentioned on the internet, you’re instantly alerted to it.
2. HaveIBeenPwned : You can use this site to see if your email or phone number have been involved in a breach and whether it would be a good idea to update or change that information.
3. Credit Monitoring: While we don’t want to recommend a specific site as this choice can be somewhat personal, we think credit monitoring is a good idea for everyone these days. It’s so ubiquitous now that even your bank or credit card companies you already use probably have it built into their website.
You also can “opt out” of personalized marketing with your Google account, while that won’t stop your information from being shared and used to try and market it to you with, it will at least make it so those ads aren’t reaching you as often. You may also be shocked to learn what they’ve already compiled about your interests.

The lists that are compiled on your interests can be quite comprehensive.

Google Isn’t the only one who offers this option, iPhone users can also opt out as well as users of social media sites such as Facebook and Instagram.

Concerns over data protection aren’t limited to just consumers, businesses should also take steps to protect their data and that of their employees. If you’d like to learn how Valley Techlogic can help you secure your data learn more with a quick consultation.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
May 19, 2022
When the business is you, how data brokers create and sell detailed information based on your browsing history
This week, John Oliver of “Last Week Tonight with John Oliver” aired an eye-opening segment on the world of data brokers and how easy it is to create a very detailed profile about an individual simply from their online browsing history. We suggest watching that segment (which can be found on YouTube) but we also wanted to touch base on this topic ourselves and explain what happens, why this happens, and what you can do to browse safely (and privately) online.

There are really five clear ways data brokers capture your information online. The first is browser cookies. A cookie is a piece of information that a website stores on your device that it can than retrieve at a later time. Most websites you visit now ask you to give them permission to store cookies and most of us do so without thinking about it because the process of declining can be complicated (or perhaps you won’t be allowed on the site without doing so).

Data brokers both buy these cookies and also place cookies on your devices themselves, which allows them to offer you highly targeted advertising. We have two solutions to this once, Chrome and Firefox both have “Do Not Track” options which will not allow the cookies to track you from site to site. There’s also a browser extension called Ghostery which gives you the option of blocking trackers.

The second way data brokers are able to obtain information about you is through mobile applications. Many mobile applications that are “free” are not really free, you’re paying for them through the wealth of information that’s gained about you, such as your GPS data or even your private pictures and videos on your device (as many of these applications ask for “permission” for every service on your phone).

The solution to this one is to always research the applications you download on your phone, and never give them more permissions than they need. That “white noise” application you downloaded does not need permission to your location data for instance.

The third way may seem obvious if you stop to think about it, social media. Data brokers will scrape social media sites for information about you to “complete” their profiles on you. The easiest way to combat this is to think twice about what you’re sharing online, information such as your birthdate or where you work not only put you at risk for receiving very targeted spam – it’s also a cyber security hazard.

The fourth way is just public records. Court documents, census data, property records, vehicle registration records, marriage and divorce records are all public and all available to data brokers at their leisure. The best way to combat this one is to address the other ones we’ve mentioned so they cannot use this information combined with the above to create a highly detailed information package on you (a singular piece of data is less useful than a full picture). You can also sign up for alerts from Google so if your name is mentioned on the web you’ll be notified.

The fifth way may surprise you, but it’s your credit card company. Data brokers are able to buy your “anonymized” credit card data directly from your credit card company. They can then combine this data with receipts they may have accessed in other ways and your social media posts “Look at what I just bought!” and voila, data brokers now know how you’re spending your money (and what they should try to sell you next).

There Isn’t a good way to combat the last one and it illustrates the point the best, we need more restrictions on how our data is used and who is allowed to collect it. Some states are leading the way with this, such as the California Consumer Privacy Act (CCPA) which gives consumers more control over their online data (and the ability to remove it).

We’ve created this chart to give you five things you can do RIGHT NOW to protect your privacy online.

Click to grab the full size version.

While there are steps we can take to protect ourselves, more needs to be done to protect our privacy as we browse online. Privacy is also a concern for business owners and the businesses they run, if you would like to learn more about how Valley Techlogic can help schedule a consultation today.

Looking for more to read? We suggest these other articles from our site.
This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.
April 14, 2022
The Threat You Might Not Have Heard of – Stalkerware.
We’ve all heard of ransomware and malware at this point, but there’s one that may be flying under the radar. I’m talking about stalkerware.

Stalkerware is a type of software or application designed to monitor or secretly record you on your devices. The phrase was coined because it was often used by spouses or other intimate partners who want to secretly spy on their partners.

While in some cases it may be deliberately installed, there are variations of this now that are more insidious. Applications that can detect your GPS location even in the background, as well as applications aimed at parents looking to track their children’s devices that collect more data than they’re supposed to are two notable examples.

In either variation they’re definitely a violation of the user’s privacy. The Google Play Store (for Android phones) and Apple App Store (for iOS phones) both prohibit applications aimed at tracking your loved ones use without their knowledge or consent, but so many things are added daily it’s inevitable some will slip through.

On the other end, applications you install on purpose that collect data they shouldn’t is also a major problem. The data they’re collecting is often sold to third parties who then use it to market to you on websites you frequent.

Most of us are aware the free websites and applications we use on the internet are not really “free”. The cost is being inundated with sales ads, but ads specifically targeted to you by data you didn’t know was being extracted by your computer or phone is a violation none of us would willingly sign up for.

We’re left questioning how much privacy we can really expect on the internet, and what is needed to protect that privacy. Much more is required of our governments and legislatures to ensure that the private details of our lives aren’t sold to the highest bidder.

One high profile example going on right now is over the popular phone application TikTok. TikTok was recently banned in India due to privacy concerns, which the company vehemently denies.

It’s our recommendation that you vet the software, websites and applications you download or visit thoroughly, as well as uninstalling any not currently in use. While this won’t completely mitigate the risk of stalkerware, it may help minimize the damage.

Looking for more to read? We suggest these tech articles from the last week.
This article was powered by Valley TechLogic, an IT provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

Looking for IT Services in Fresno, Modesto, Stockton, Ceres, Atwater, Merced, Visalia or Lodi? We cover all these areas and more!
July 1, 2020