Skip to main content
NxtStps
← HomeTermsPrivacy

Legal

User Data Deletion Policy

Version 2.0 · Effective April 5, 2026

NXTSTPS, LLC — USER DATA DELETION POLICY

Effective Date: April 5, 2026 · Last Updated: April 5, 2026 · Version: 2.0

1 — PURPOSE

NxtStps is committed to protecting the privacy, dignity, and autonomy of every person who uses the platform — particularly victims of crime accessing sensitive support services at a difficult time in their lives.

This User Data Deletion Policy explains:

  • what data NxtStps holds about you
  • how you can request deletion of your account and data
  • how deletion is executed and confirmed
  • what data may be retained and why
  • what happens to retained data after a deletion request

This Policy applies to all registered NxtStps users. It is published on the platform so that every user can understand their rights before, during, and after using the platform. It is part of a broader set of privacy commitments described in the NxtStps Privacy Policy, which governs how data is collected, used, and protected. This Policy and the Privacy Policy should be read together.

2 — SCOPE

This Policy covers all personal data collected and stored by NxtStps, including:

  • Conversational intake responses and application form data
  • Uploaded documents and attachments — police reports, medical records, financial records, and supporting evidence
  • Account profile information — name, contact details, login credentials
  • Application drafts, completed applications, and submission records
  • Communication logs between the user and the platform
  • AI interaction logs and completeness assessment records
  • Consent and compliance records
  • Technical session metadata

This Policy applies to all systems operated by NxtStps, including production databases, backup systems, AI processing environments, and third-party service providers acting as data subprocessors.

3 — WHO CAN REQUEST DELETION

3.1 Applicants

Applicants — victims or survivors who access the platform directly — may request deletion of their personal account and all associated data at any time. No justification is required. Deletion is a right, not a privilege.

Deletion requests may be submitted through:

  • The in-platform account settings — "Delete My Account" — available from any screen
  • Written request to NxtStps at legal@nxtstps.org from the email address registered to the account
  • Assisted deletion facilitated by an authorized advocate who has documented written consent from the Applicant

3.2 Provider users

Provider users — advocates, case managers, and administrative staff — may request deletion of their own individual staff account and credentials at any time. A Provider user's account deletion does not delete the Applicant case data associated with their caseload. That data belongs to the Applicants they served and can only be deleted by those Applicants or by the Organization's designated administrator acting with documented Applicant consent.

An Organization's designated administrator may submit bulk deletion requests on behalf of the Organization in the event the Organization terminates its licensing agreement with NxtStps. Bulk organizational deletion requests are governed by the Organization's licensing agreement and are processed under the same timelines as individual requests.

3.3 Authorized Representatives

A parent, legal guardian, executor, or other authorized representative may submit a deletion request on behalf of an Applicant who is a minor, incapacitated, or deceased. Authorized representatives must provide documentation of their authority — such as guardianship papers, power of attorney, or letters testamentary — before NxtStps will process a deletion request on another person's behalf.

NxtStps recognizes that many Applicants on this platform are trauma survivors who may not have standard forms of identification. NxtStps will make reasonable accommodations for identity verification and will not automatically deny deletion requests because a user cannot provide standard documentation. If you are unable to complete standard verification, contact NxtStps at legal@nxtstps.org to discuss alternative verification methods.

4 — TYPES OF DELETION

4.1 Standard Account Deletion

Upon confirmation of identity and absence of any legal hold, NxtStps will permanently delete:

  • User profile information including name, contact details, and demographic data
  • All conversational intake responses and form data
  • All uploaded documents and associated derived artifacts — OCR extractions, previews, and metadata
  • Application drafts and incomplete submissions
  • Completed application records, subject to the retention exceptions in Section 5
  • Communication logs between the user and the platform
  • AI interaction logs, subject to the minimum audit retention requirement in Section 5

NxtStps will also revoke all authentication credentials, invalidate all active sessions, and permanently disable access to the account.

Deletion is irreversible once completed. Accounts cannot be restored. Data cannot be recovered after deletion is finalized. If you return to the platform after deleting your account, you must create a new account.

4.2 Immediate Safety Deletion

If a user expresses fear, distress, or safety concerns — including concern that an abusive partner or other unauthorized person may attempt to access their account or data — NxtStps will process deletion immediately without requiring standard verification procedures or waiting periods, subject only to the minimum technical requirements of the deletion process.

Immediate Safety Deletion includes:

  • No retention of data beyond the minimum technically required to complete the deletion process
  • No follow-up contact from NxtStps after deletion unless explicitly requested by the user
  • No attempt by NxtStps to persuade the user to retain their account or reconsider
  • Immediate session invalidation and authentication revocation

The Exit Safely button available on every platform screen initiates session clearing and immediate navigation away from the platform. For complete account and data deletion, submit a deletion request through account settings or by email as described in Section 3.1.

4.3 Partial Deletion

Where a legal hold prevents full deletion of all data, NxtStps will execute maximum deletion — deleting everything that can legally be deleted — and anonymize or restrict access to the minimum data that must be retained. The legal hold decision process is described in Appendix A.

5 — DATA THAT MAY BE RETAINED AFTER A DELETION REQUEST

NxtStps retains only the minimum data required by law or operational necessity. The following table defines what may be retained, why, and for how long. All retention periods are consistent with the NxtStps Privacy Policy retention schedule.

Retention after deletion request by data category
Data CategoryStandard Retention After Deletion RequestLegal Basis
Account credentials and profile information90 days post-deletion (for technical deactivation confirmation), then permanently destroyedOperational necessity
Application and case data — submitted applications7 years from submission dateState CVC recordkeeping requirements and federal records standards
Application and case data — active, unsubmittedDeleted immediately upon requestNo legal hold applies to unsubmitted drafts
Uploaded documents7 years from upload date, or as required by specific program rulesState and federal records retention
Consent and compliance records — ToU, Privacy Policy, Waiver acceptances7 years from acceptance dateLegal enforceability of consent records
Technical and device logs12 months maximum, then purgedSecurity monitoring and incident investigation
AI interaction logs24 months maximum, then purgedBias auditing and compliance requirements
Security and audit logs — access records, deletion events7 yearsSOC 2 compliance and legal defense
Aggregated, fully anonymized analytics dataIndefinite — not subject to deletion because no individual can be identifiedPlatform improvement

Key principle: Retained data is held in restricted, access-logged storage and is never used for secondary purposes — no analytics, no AI training, no commercial use of any kind. NxtStps will notify the user in plain language of exactly what was retained and why at the time of deletion confirmation.

6 — ANONYMIZATION STANDARDS

Where deletion of specific data is not legally permissible, NxtStps will anonymize that data to the maximum extent permitted by applicable law. Anonymization means:

  • Removal of all direct identifiers — name, address, phone number, email, government-issued identifiers
  • Replacement of all unique identifiers with non-reversible cryptographic hashes
  • Removal of all uploaded documents and narrative content
  • Stripping of all metadata from remaining records — timestamps, file names, EXIF data
  • Verification that remaining data cannot be re-linked to the individual through any reasonable means

Anonymized data is used solely for:

  • Platform performance evaluation and system reliability monitoring
  • Aggregate, non-individualized compliance reporting
  • Statistical analysis to improve the accuracy of the rules engine and completeness validation

Anonymization is not a substitute for deletion. NxtStps treats anonymization as the last resort when deletion is legally prohibited and applies it as aggressively as the law permits.

7 — PROCESSING TIMELINE

Deletion processing timeline
StepTimeline
Deletion request received and loggedImmediate — automated confirmation
Acknowledgment sent to userWithin 5 business days
Identity verification completed (if required)Within 10 business days of receiving verification information
Legal hold assessment completedWithin 15 business days
Full deletion executed across primary systemsWithin 30 days of confirmed request
Subprocessor deletion propagationWithin 30 days
Backup system purgeNext scheduled rotation, maximum 90 days
Final deletion confirmation sent to userWithin 30 days of completion

The 30-day standard satisfies NxtStps's 45-day data rights response commitment stated in the Privacy Policy. NxtStps will notify the user within the initial 30-day period if additional time is required and will provide a plain-language explanation of the reason for any delay.

8 — THIRD-PARTY SUBPROCESSORS

NxtStps requires all subprocessors — cloud hosting providers, document processing services, AI service providers, security monitoring services, and communication providers — to:

  • Adhere to deletion standards equivalent to or more stringent than those described in this Policy
  • Receive and process deletion propagation requests within the 30-day timeline
  • Provide written confirmation to NxtStps that deletion has been completed
  • Be contractually prohibited from retaining deleted user data for any purpose after receiving a deletion request

If a subprocessor fails to confirm deletion within the required timeline, NxtStps will treat this as a security incident, escalate within 24 hours, and notify the user of the delay and the steps being taken to resolve it.

9 — ACCOUNT RECOVERY AFTER DELETION

Once deletion is completed and confirmed:

  • The account cannot be restored under any circumstances
  • Deleted data cannot be recovered by NxtStps, the user, or any third party
  • The email address associated with the deleted account may be reused to create a new account if the user returns to the platform
  • Prior application data, case history, and document uploads will not be available in a new account

If you need access to documents you previously uploaded — for example, to share them with another service provider — please download and save copies before requesting deletion. NxtStps cannot provide access to deleted data after deletion is confirmed.

10 — ORGANIZATIONAL ACCOUNT CLOSURE

When an Organization terminates its licensing agreement with NxtStps, the following process applies:

10.1 Staff Account Deletion

All Provider user accounts — advocate logins, administrator access, staff credentials — are deactivated immediately upon agreement termination and permanently deleted within 30 days.

10.2 Applicant Case Data

Applicant case data held within an Organization's account is not automatically deleted when the Organization terminates. Applicants retain their data rights regardless of the Organization's status. NxtStps will:

  • (a) notify affected Applicants that the Organization has ended its relationship with NxtStps;
  • (b) provide Applicants with a 90-day window to download their data or transfer it;
  • (c) process deletion requests from Applicants received during that window under the standard timeline; and
  • (d) retain or delete remaining data in accordance with the retention schedule in Section 5 after the 90-day window closes.

10.3 Organizational Data

Organizational-level data — billing records, licensing agreements, administrator contact information, and compliance records — is retained for 7 years after agreement termination for legal and audit purposes, then permanently destroyed.

11 — CHANGES TO THIS POLICY

NxtStps may update this Policy to reflect changes in applicable law, platform architecture, or data governance best practices. We will notify users of material changes by posting a notice through the platform and by email to registered addresses at least 15 days before changes take effect. This notification standard is consistent with the amendment mechanism described in the NxtStps Terms of Use and Privacy Policy.

12 — CONTACT INFORMATION

For deletion requests, questions about this Policy, or to check the status of a pending deletion request:

NxtStps, LLC
Attention: Privacy
Correspondence address available upon request via the privacy email below.
Chicago, Illinois
Email: legal@nxtstps.org
Website: nxtstps.com

NxtStps will acknowledge all deletion requests within 5 business days of receipt.

APPENDIX A — LEGAL HOLD DECISION TREE

This decision tree explains the process NxtStps uses to determine whether a deletion request can be fully executed, must be partially limited, or must be temporarily delayed due to legal obligations. NxtStps publishes this decision tree so that users understand exactly how deletion decisions are made — there are no hidden criteria.

A.1 What Triggers the Decision Tree

The decision tree runs automatically whenever a deletion request is received from:

  • A user through in-platform account settings
  • A verified written request by email
  • An authorized representative with documented authority

A.2 The Decision Process

STEP 1 — Identity Verification
Can the requester's identity be reasonably verified?
NO → Deletion is paused. NxtStps contacts the requester to request verification. No data is processed until verification is completed or waived under the Immediate Safety Deletion provision. NxtStps will work with users who cannot provide standard identification to find an alternative verification method.
YES → Proceed to Step 2.

STEP 2 — Legal Hold Assessment
Is any portion of the user's data subject to a mandatory retention requirement?
Legal hold examples include: a crime victim compensation application already submitted where state recordkeeping requires retention; an open state or county audit window; a lawful subpoena, court order, or formal agency records request; an active fraud or misuse investigation.
NO — Proceed to Step 5 (Full Deletion).
YES — Proceed to Step 3.

STEP 3 — Anonymization Assessment
Does the governing statute or regulation permit anonymization in place of retention of identifiable data?
YES → Step 4 (Partial Deletion with Anonymization).
NO → Step 4A (Restricted Retention).

STEP 4 — Partial Deletion with Anonymization
NxtStps deletes everything that can be legally deleted and anonymizes the minimum data that must be retained. What gets deleted: user-controlled data, uploaded documents, narrative content, conversational transcripts, contact information, and any data not subject to the legal hold. What may be anonymized and retained (examples): submission timestamp; program identifier; application status outcome code. What is explicitly removed from anonymized records: names, addresses, contact information, narrative descriptions, uploaded documents, conversational transcripts, and all direct identifiers. Proceed to Step 6.

STEP 4A — Restricted Retention (Anonymization Not Permitted)
Where the governing statute requires retention of identifiable data without permitting anonymization, NxtStps retains legally required data in a restricted, access-logged vault; deletes all data not subject to the specific legal hold; locks retained records against secondary use; applies role-based access controls and immutable audit logging. Proceed to Step 6.

STEP 5 — Full Deletion
No legal hold applies. NxtStps executes complete deletion across all systems, propagates deletion to subprocessors, and schedules backup purge on the next rotation within 90 days. Proceed to Step 6.

STEP 6 — User Notification
NxtStps sends written confirmation including: deletion executed or scheduled; plain-language description of any retained data, why, and how long; legal basis in non-lawyer language; contact information for questions.

STEP 7 — Legal Hold Expiry Monitoring
Where data was retained under a legal hold, NxtStps monitors for expiration and executes final deletion when the hold ends without requiring additional user action.

A.3 Governing Principle

Where there is any ambiguity about whether data must be retained or may be deleted, NxtStps defaults to user protection and data minimization. We delete more, not less, when the law is unclear.

NxtStps, LLC · Chicago, Illinois · nxtstps.com · Confidential and Proprietary

This policy is informational and does not require acceptance to use the platform. To request deletion, use Account settings (signed in) or email the privacy contact listed in the policy.