Appendix G: Data Retention Policy

Introduction

The Data Retention Policy describes how long Avanan stores emails from Microsoft 365 or Gmail in its database. You can search and view emails stored in the database using Mail Explorer and Custom Queries.

Default Retention Period of Emails

By default, Avanan retains the emails as follows:

Verdict and Enforcement

Raw Email

(Original email with attachments)

Email Meta Data

(Attributes and data detected from the security scan)

Clean emails

(Includes emails with re-written links in the email body)

14 days

14 days

Emails with modified attachments and emails that have cleaned (sanitized) attachments, removed as password-protected attachments, and re-written links

14 days

180 days

Emails containing threats but not quarantined

(includes emails with phishing /spam / malware / DLP detection that are not quarantined)

14 days

180 days

Quarantined emails

(includes manually quarantined emails)

180 days

180 days

Emails quarantined by Microsoft

180 days

180 days

Avanan retains security events for 12 months. For more information, see Retention of Security Events.

For information about the procedure to customize the retention period, see Customizing Retention Period of Emails.

Note:

Avanan keeps backend logs on emails for seven days after the email is delivered.