How long data about deleted goals may persist in backups/database?

Is database and old backups regularly purged from data deleted by users?

Or is goal deleted by user only hidden from user view and staying in database forever, like with anything done on Facebook?

So far it was not an issue for me, but there is potential for beeminding things that are not problematic nowadays but may be considered as deeply problematic in 5, 10 or 20 years. And all data will leak sooner or later from any online service.

So it is kind of weird feature request to actually delete data that users deleted. Maybe it is done already, but I looked and failed to find declaration that it is something that is done.

After all, something gone from database can not become public/stolen.

(triggered by deletion and recreation of my /mustdo goal that refuses to show integer values and has no option to integerify it - even after enabling custom graph. I decided that one of positive effects of recreation would be deletion of potentially private data, and started wondering whatever it will be actually deleted.)

1 Like

For some definition of “regularly”? We don’t have a solid answer at the moment but if you’d be willing to help us clarify exactly what we’re committing to in we’d be grateful!

PS: I realize that’s not really an answer yet. We’re much more careful than average, we think, but totally makes sense to assume everything eventually leaks from everything so one general mitigation strategy is to make everything in your data oblique/esoteric. See footnote #2 of (the “cupcakes/cocaine” thing).

2 Likes has

In any case, your data is yours and we’ll delete it at your request at any time.

Adding something explicit like “It means that old versions of goals and datapoints and goals and datapoints deleted by user are not be stored in our database.” would be nice.

Because “send formal GDPR data deletion request to us if you actually want your deleted data to be deleted” also would fulfill this claim (though I trust you that “at your request” in this case is not interpreted in such way).

Though, as linked “The first truly honest privacy policy” reminds data persists some time in backups. What makes sense, this way it is probably possible to undo various kinds of accidental deletion. For bonus points you may add something along “We are not storing backups older than 2 years of data deleted by users” or something like that.

From “The first truly honest privacy policy”

We store this information an indefinite amount of time for reasons even we don’t fully understand. And when we do eventually get around to deleting it, you can bet it’s still kicking around on some network backup drives in somebody’s closet. So once we have it, there’s really no getting it back.


If you are a citizen of the EU you have the right to demand from Beeminder that a) they send you a copy of all the data the stored about you and b) delete all your data from their systems if you want.
Since they do serve people in the EU they have to comply with this.

The rights are: right to be informed, right of access, right to rectification, right to erasure/to be forgotten, right to restrict processing, right to data portability, right to object and rights in relation to automated decision making and profiling.


If you’re not an EU citizen: Well, technically out of luck I suppose. But in my experience people outside the EU still “benefit” from what the EU dreams up in the internet wonderland. Be it pesky cookie notices for instance.

beeminder_user already brought up EU data data protection and deletion when he said GDPR above…

1 Like

Correct. And I did notice before sending my reply (but – admittedly – not before I started writing up the reply). Anyway, I thought I might as well be a bit more explicit about GDPR and what exactly the rights are and the whole EU citizen or not debate and so on.