DATA RETENTION POLICY

Effective Date: February 20, 2026

1. INTRODUCTION AND PURPOSE

Enzio.ai, Inc. ("Enzio.ai," "Company," "we," "us," or "our") operates an AI-driven legal technology platform (the "Platform") that connects users seeking legal services with U.S. licensed attorneys ("Attorneys"). The Platform facilitates AI-assisted document preparation with mandatory attorney oversight, encrypted attorney-client communications, document delivery and retention systems, and related technology infrastructure services.

This Data Retention and Records Destruction Policy ("Policy") establishes the standards and procedures governing the retention, storage, protection, and destruction of all records and data created, received, processed, or maintained in connection with Platform operations. The Policy applies to all data categories, including client personally identifiable information ("PII"), attorney-client communications, AI-generated content, attorney work product, transaction records, and corporate operational records.

1.1 Objectives

The objectives of this Policy are to:

• Ensure compliance with applicable federal and District of Columbia laws and regulations, including data protection, privacy, consumer protection, and financial services regulations;
• Satisfy the obligations imposed by the Rules of Professional Conduct applicable to Attorneys using the Platform, including duties of confidentiality, competence, and safekeeping of client property;
• Establish clear retention periods for each category of data processed through the Platform;
• Ensure that records are not retained longer than reasonably necessary for legal, regulatory, and business purposes;
• Implement secure destruction methods appropriate to the sensitivity and format of the data;
• Protect attorney-client privilege and the confidentiality of information processed through the Platform;
• Support the commitments made to users in the Terms of Service, Privacy Policy, and AI Disclosure and Consent Agreement; and
• Ensure that data processed by third-party AI service providers is handled consistently with this Policy and applicable confidentiality obligations.

1.2 Regulatory Framework

This Policy is designed with reference to the following legal and regulatory authorities, as applicable to the Company's operations:

• District of Columbia Rules of Professional Conduct (particularly Rules 1.1, 1.6, 1.15, and 1.16);
• ABA Model Rules of Professional Conduct and formal ethics opinions concerning technology use, AI in legal practice, and client file retention;
• Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, to the extent applicable;
• FTC Disposal of Consumer Report Information and Records Rule (16 C.F.R. Part 682);
• Federal and state data breach notification laws;
• California Consumer Privacy Act (“CCPA”) and state-level comprehensive privacy laws, as applicable to Platform users in those jurisdictions;
• Payment Card Industry Data Security Standard (“PCI DSS”);
• NIST SP 800-88 Rev. 1, Guidelines for Media Sanitization; and
• District of Columbia Consumer Protection Procedures Act (“DC-CPPA”).

2. SCOPE

This Policy applies to all employees, contractors, officers, directors, and third-party vendors of Enzio.ai who interact with, create, receive, process, store, or destroy data and records in connection with Platform operations (collectively, "Personnel"). The Policy covers all data and records regardless of format, including electronic data, paper records, AI-generated outputs, communications logs, and data processed by third-party service providers on behalf of Enzio.ai.

This Policy operates in conjunction with the following Company policies and agreements, which are incorporated by reference:

• Terms of Service (https://enzio.ai/terms-of-service);
• Privacy Policy (https://enzio.ai/privacy-policy);
• AI Disclosure and Consent Agreement (https://enzio.ai/ai-disclosure);

To the extent any provision in this Policy conflicts with a provision in the Terms of Service, Privacy Policy, or AI Disclosure and Consent Agreement as it relates to commitments made to Platform users, the user-facing policy provision shall control unless compliance would violate applicable law.

3. DEFINITIONS

• "Active Matter" means any legal matter on the Platform for which a Client has accepted an Engagement Letter and the assigned Attorney has not yet delivered the Completed Documents, or for which the seven-day review period under Terms of Service Section 4.3 has not yet expired.
• "Anonymized Data" means data that has been de-identified in accordance with applicable law such that it cannot reasonably be used to identify an individual, and from which all PII, attorney-client privileged content, and matter-specific details have been permanently removed.
• "Attorney-Client Communication" means any substantive communication between a Client and their assigned Attorney conducted through the Platform's encrypted messaging system, as required by Terms of Service Section 5.5.
• "Client" means any individual or entity that holds a Client Account on the Platform.
• "Client File" means, collectively, the Client's intake information, User Content, AI-generated drafts and summaries, Attorney-Client Communications, Completed Documents, and any other records created in connection with a Client's matter on the Platform.
• "Completed Documents" has the meaning set forth in Terms of Service Section 8.3 and refers to documents prepared for a Client through the Platform that have been reviewed, approved, and delivered by an Attorney.
• "Destruction" means the irreversible elimination of data or records such that recovery or reconstruction is not feasible, including permanent deletion of electronic data using methods consistent with NIST SP 800-88 Rev. 1, and physical destruction of paper or other tangible media.
• "PII" means personally identifiable information, including but not limited to names, addresses, email addresses, phone numbers, Social Security numbers, dates of birth, financial account information, government-issued identification numbers, and any information that can be used to identify, contact, or locate a specific individual.
• "Records" means all documents, communications, data, and other materials, in any format (electronic, paper, or otherwise), created, received, processed, or maintained by or on behalf of Enzio.ai in connection with Platform operations and business activities.
• "Retention Period" means the minimum duration for which a category of Records must be retained before it may be destroyed in accordance with this Policy, as set forth in the Record Retention Schedule (Appendix A).
• "User Content" has the meaning set forth in Terms of Service Section 6.1 and includes documents, messages, images, and other materials uploaded by a Client to the Platform.

4. DATA CLASSIFICATION FRAMEWORK

Enzio.ai maintains a Data Classification Framework that categorizes all Records by sensitivity level. Retention periods, access controls, destruction methods, and handling requirements are determined by classification level. This framework supports the Data Classification Framework referenced in the AI Tools in the Workplace Policy and the security commitments in the AI Disclosure and Consent Agreement.

Highly Sensitive

• Description: Data subject to attorney-client privilege, legal hold, statutory protection, or heightened regulatory obligations. Must not be input into any AI Tool except through approved Platform workflows.
• Examples: Attorney-Client Communications; Engagement Letters; Completed Documents; Client financial records; Social Security numbers and government IDs; Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs) if applicable.

Confidential

• Description: PII and proprietary business information that requires restricted access and secure handling. Access limited to authorized Personnel with a legitimate business need.
• Examples: Client intake data; AI-generated drafts and summaries; payment transaction records; Attorney credentials and verification data; audit logs.

Internal

• Description: Business records that are not publicly available and are intended for internal Company use. Standard access controls apply.
• Examples: Corporate operational records; internal policies and procedures; training materials; vendor contracts; employee records.

Public

• Description: Information intended for or already available to the general public. No access restrictions, but integrity must be maintained.
• Examples: Published Terms of Service, Privacy Policy, and AI Disclosure; marketing materials; public website content.

The classification of specific Records shall be determined by reference to this framework and the Record Retention Schedule in Appendix A. When a Record could reasonably fall under more than one classification level, the higher (more restrictive) classification shall apply.

5. RECORD CATEGORIES AND RETENTION SCHEDULE

The following table summarizes the principal categories of Records maintained by Enzio.ai, together with the applicable Retention Periods. The complete Record Retention Schedule, including record codes, triggering events, storage locations, and format requirements, is set forth in Appendix A.

Where multiple retention requirements apply to the same Record (for example, a requirement under applicable state privacy law and a longer requirement under the Rules of Professional Conduct), the longest applicable Retention Period shall govern unless a shorter period is required by law.

Client Intake Data and User Content

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Completion or termination of Client matter

Completed Documents

• Classification: Highly Sensitive
• Retention Period: 7 years
• Retention Trigger: Delivery to Client
• Record Category: Attorney-Client Communications
• Classification: Highly Sensitive
• Retention Period: 7 years
• Retention Trigger: Completion or termination of Client matter

AI-Generated Drafts and Summaries

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Delivery of Completed Documents

AI Processing Logs

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Date of processing

Client Account Data

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Account closure or termination

Payment and Transaction Records

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Date of transaction

Attorney Account and Credential Data

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Attorney separation from Platform

Platform Audit Logs and Access Records

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Date of log entry

Anonymized and De-Identified Data

• Classification: Internal
• Retention Period: No expiration
• Retention Trigger: N/A

Dispute and Complaint Records

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Resolution of dispute

Corporate Governance Records

• Classification: Internal
• Retention Period: Permanent
• Retention Trigger: N/A

Employment and Personnel Records

• Classification: Confidential
• Retention Period: 7 years
• Retention Trigger: Termination of employment

Vendor and Third-Party Contracts

• Classification: Internal
• Retention Period: 7 years
• Retention Trigger: Expiration or termination of contract

Marketing and Public Content

• Classification: Public
• Retention Period: 7 years
• Retention Trigger: Date content is superseded or removed

Retention Periods may be extended by a litigation hold or other preservation obligation (see Section 12).

6. AI-GENERATED CONTENT AND DATA PROCESSING

6.1 Categories of AI-Generated Data

The Platform generates several categories of AI-processed data in the course of providing services to Clients. Each category is subject to distinct retention and handling requirements:

Initial AI Drafts. Documents generated by the Platform's AI systems based on Client intake information, prior to Attorney review. These are preliminary work product and are classified as Confidential.

Client Profile Summaries. AI-generated summaries of Client information prepared for Attorney review. Classified as Confidential.

Matter Summaries. AI-generated administrative summaries of a Client's legal matter prepared for Attorney review. Classified as Confidential.

Version History. Iterative versions of documents reflecting Attorney edits and revisions. Classified as Confidential until final delivery, at which point Completed Documents are classified as Highly Sensitive.

6.2 Retention of AI-Generated Content

AI-generated drafts and summaries that are superseded by Completed Documents need not be retained beyond the Retention Period specified in Section 5, unless they are: (a) subject to a litigation hold; (b) requested by the Client or assigned Attorney; or (c) required to be retained by applicable law or regulation.

Upon expiration of the applicable Retention Period, AI-generated preliminary content shall be destroyed in accordance with the destruction methods set forth in Section 11.

6.3 Third-Party AI Service Provider Data

As disclosed in the AI Disclosure and Consent Agreement (Section 4.3), Enzio.ai currently uses Anthropic's Claude API for AI-assisted document preparation. With respect to data processed by this third-party AI service:

• The third-party AI service provider is contractually prohibited from using Client data to train its AI models;
• Client data is processed in real time and is not retained by the third-party provider beyond what is necessary to process the immediate request, subject to the provider's published data retention policies;
• Enzio.ai shall maintain a current inventory of all third-party AI service providers, together with copies of their applicable data processing agreements, API terms of service, and published data retention policies; and
• If Enzio.ai changes or adds AI service providers, this Policy and the AI Disclosure and Consent Agreement shall be updated accordingly, and affected users shall be notified as required by the Terms of Service.

6.4 Anonymized Data for Proprietary AI Development

Consistent with the AI Disclosure and Consent Agreement (Section 4.3), Enzio.ai may use Anonymized Data to improve its proprietary AI systems. Such data is not subject to a Retention Period under this Policy because it has been irreversibly de-identified. However, the anonymization process must comply with applicable law, and the following safeguards apply:

• All PII, attorney-client privileged content, and matter-specific identifying details must be permanently removed before any data is classified as Anonymized Data;
• Anonymization shall be performed using techniques consistent with industry best practices and applicable regulatory guidance;
• Clients who have opted out of proprietary AI training (as permitted under AI Disclosure Section 7.2) shall have their data excluded from any anonymization pipeline; and
• The Data Retention Officer (see Section 18.2) shall periodically audit the anonymization process to confirm compliance.

7. ATTORNEY-CLIENT COMMUNICATIONS

Attorney-Client Communications conducted through the Platform's encrypted messaging system are classified as Highly Sensitive and are subject to the following specific provisions:

7.1 Privilege Protection

All Attorney-Client Communications are protected by attorney-client privilege. Enzio.ai's role as a technology agent for purposes of preserving privilege is consistent with the principles established in United States v. Kovel, 296 F.2d 918 (2d Cir. 1961), as described in the AI Disclosure and Consent Agreement (Section 4.1). Retention and destruction of these communications shall be conducted in a manner that preserves the privilege.

7.2 Retention

Attorney-Client Communications shall be retained for the Retention Period specified in Section 5 (7 years from completion or termination of the Client matter). During this period, Clients may access their communication history through their Account dashboard, consistent with the Terms of Service.

7.3 Incidental and Off-Platform Communications

Incidental off-platform communications documented on the Platform pursuant to Terms of Service Section 5.5 are treated as part of the Client File and are subject to the same Retention Period as Attorney-Client Communications. Off-platform communications that are not subsequently documented on the Platform are not within Enzio.ai's custody or control and are not governed by this Policy; however, Attorneys are subject to independent professional obligations regarding client file retention.

8. PROFESSIONAL CONDUCT OBLIGATIONS

Enzio.ai recognizes that Attorneys using the Platform are subject to the Rules of Professional Conduct in their respective jurisdictions of licensure. This Policy is designed to support—and not to conflict with—those obligations. The following provisions address the intersection of this Policy with key professional responsibility requirements:

8.1 Duty of Confidentiality

All Personnel with access to Client data shall treat such data as confidential in accordance with the applicable Rules of Professional Conduct. The retention and destruction procedures set forth in this Policy are designed to protect the confidentiality of Client information throughout its lifecycle, from intake through destruction.

8.2 Safekeeping of Client Property

Completed Documents are the property of the Client upon delivery, as stated in Terms of Service Section 8.3. Enzio.ai shall maintain the Client's Completed Documents in secure, accessible storage for the applicable Retention Period. Clients may download or request copies of their Completed Documents at any time during the Retention Period.

8.3 Return of Client File Upon Termination

Upon termination of a Client's Account, or upon the completion of a Client matter, the Client may request copies of their Client File as stated in Terms of Service Section 2.3. Enzio.ai shall provide the Client with access to download their Completed Documents and, upon request, other components of their Client File (to the extent maintained on the Platform) prior to destruction.

Prior to the destruction of any Client File at the expiration of the applicable Retention Period, Enzio.ai shall make reasonable efforts to notify the Client and provide an opportunity to download or request their records, consistent with the notice procedures described in Section 14.

8.4 Competence in Technology Use

Enzio.ai shall implement and maintain data retention and destruction practices that reflect a reasonable understanding of the technology used to process Client data, including AI systems, encryption, cloud storage, and third-party service providers. Personnel responsible for implementing this Policy shall receive training appropriate to their role, as described in Section 15.

8.5 Multi-Jurisdictional Considerations

Because Attorneys on the Platform may be licensed in multiple jurisdictions, the Retention Periods established in this Policy are set at levels intended to satisfy the most restrictive applicable requirement. Where a specific jurisdiction imposes a longer retention obligation for a particular category of Records, the Attorney and Enzio.ai shall coordinate to ensure compliance. Attorneys are responsible for notifying Enzio.ai of any jurisdiction-specific retention requirements that exceed the periods set forth in this Policy.

9. THIRD-PARTY AI PROCESSING AND VENDOR DATA HANDLING

9.1 AI Service Provider Requirements

Enzio.ai shall require all third-party AI service providers to satisfy the following requirements, which shall be documented in written agreements:

• Contractual prohibition on using Enzio.ai or Client data for model training;
• No retention of Client data beyond what is strictly necessary for immediate processing;
• Confidentiality obligations consistent with the protections described in this Policy and the AI Disclosure and Consent Agreement;
• Data encryption in transit and at rest;
• Compliance with applicable data protection laws; and
• Provision of SOC 2 Type II certification or equivalent independent security attestation.

9.3 Data Processing Inventory

The Data Retention Officer shall maintain a current inventory of all third-party vendors and service providers that process, store, or have access to Client data or PII, including a record of: the categories of data shared with each vendor; the vendor's published data retention and destruction policies; copies of executed data processing agreements; and the date of the most recent vendor security assessment.

10. DATA SECURITY AND STORAGE

10.1 Encryption

Consistent with the commitments made in the AI Disclosure and Consent Agreement (Section 4.2), all Client data stored on or transmitted through the Platform shall be encrypted in transit (using TLS 1.2 or higher) and at rest (using AES-256 or equivalent). Encryption keys shall be managed in accordance with industry best practices and shall be rotated on a schedule determined by the Company's information security program.

10.2 Access Controls

Access to Client data shall be restricted to the assigned Attorney, authorized Platform Personnel with a legitimate business need, and such other persons as may be required by law. The Platform shall maintain comprehensive audit logs of all access to Client data, as described in the AI Disclosure and Consent Agreement (Section 4.2).

10.3 Storage Infrastructure

Records shall be stored on Company-approved systems and infrastructure, which may include cloud-based storage services. All storage providers shall be contractually required to maintain security standards consistent with this Policy. Personnel shall not store Client data on personal devices, unapproved systems, or removable media unless expressly authorized in writing by the Data Retention Officer or the Chief Technology Officer.

11. DESTRUCTION METHODS

All Records that have reached the expiration of their Retention Period and are not subject to a litigation hold or other preservation obligation shall be destroyed using the methods specified in this Section. The destruction method used must be appropriate to the classification level and the medium on which the data is stored.

11.1 Electronic Data

Destruction of electronic data shall comply with NIST SP 800-88 Rev. 1 and shall use methods that render the data unrecoverable, including:

• Cryptographic erasure (where data is encrypted and the encryption key is destroyed);
• Secure overwriting using a method certified under NIST SP 800-88;
• Physical destruction of storage media (degaussing, shredding, or disintegration); and
• For cloud-hosted data, issuance of verified deletion requests to the cloud service provider with written confirmation of deletion.

Simple file deletion or formatting is not an acceptable method of destruction for any data classified as Confidential or Highly Sensitive.

11.2 Paper Records

Paper records classified as Confidential or Highly Sensitive shall be destroyed by cross-cut shredding (minimum DIN Level P-4) or pulping. Standard shredding (strip-cut) is not acceptable for Highly Sensitive records. Burning is permitted only as a last resort and only as permitted by local law.

11.3 Cloud-Based and SaaS Data

For data stored in cloud environments, SaaS platforms, or collaboration tools, destruction shall include: deletion of all primary copies, replicas, and backups; confirmation of deletion from the provider (in writing where available); and verification that no cached, archived, or backup copies remain accessible. The Data Retention Officer shall coordinate destruction with the applicable service provider and document the process in the Destruction Log.

11.4 Destruction Logs

All destruction events shall be documented in a Destruction Log maintained by the Data Retention Officer. The Destruction Log shall record: the category and description of Records destroyed; the date of destruction; the method of destruction; the name of the individual authorizing destruction; and, for records sent to third-party vendors for destruction, a certificate of destruction from the vendor. Destruction Logs are classified as Internal records and shall be retained permanently.

12. LITIGATION HOLD AND PRESERVATION

12.1 Duty to Preserve

If a claim, audit, investigation, subpoena, or litigation has been asserted or filed against or by Enzio.ai, or is reasonably foreseeable, Enzio.ai has an obligation to retain all Records that may be relevant to such matter, including Records that would otherwise be scheduled for destruction under this Policy. This obligation supersedes the Retention Periods set forth in Section 5 and Appendix A.

12.2 Litigation Hold Procedures

Upon becoming aware of an actual or reasonably anticipated legal action, the General Counsel shall issue a written litigation hold notice to all affected Personnel. The notice shall:

• Identify the nature of the matter giving rise to the hold;
• Describe the categories of Records subject to the hold;
• Instruct affected Personnel to immediately suspend any scheduled destruction of relevant Records;
• Suspend any automated deletion processes that could affect relevant Records (including, where applicable, automatic email or message deletion schedules); and
• Identify the contact person for questions regarding the hold.

12.3 Scope of Preservation

No Records—regardless of classification, format, or location—that are subject to alitigation hold shall be altered, disposed of, discarded, or destroyed for any reason. This prohibition applies to all Personnel and extends to Records in the custody of third-party vendors and service providers.

12.4 Release of Hold

A litigation hold shall remain in effect until the General Counsel issues a written notice indicating that the matter has been resolved and that normal retention and destruction procedures may resume for the affected Records.

13. VENDOR MANAGEMENT

Third-party vendors engaged to process, store, or destroy Records on behalf of Enzio.ai shall be subject to the following requirements:

• Execute a written agreement that includes confidentiality obligations, data handling requirements, and destruction standards consistent with this Policy;
• Provide SOC 2 Type II or ISO 27001 certification (or equivalent) to validate data handling and destruction practices;
• Certify destruction of Records in writing, including a notarized certificate of destruction where required by this Policy;
• Permit on-site or remote audit and inspection by Enzio.ai of data handling and destruction procedures; and
• Comply with the Interagency Guidance on Third-Party Relationships: Risk Management, 88 Fed. Reg. 37920 (June 6, 2023), to the extent applicable.

Refer to Section 9 for additional requirements specific to third-party AI service providers.

14. CLIENT RIGHTS AND DATA ACCESS

14.1 Access to Client File

During the applicable Retention Period, Clients may access their Client File—including Completed Documents, Attorney-Client Communications, and intake data—through their Account dashboard. Clients may download or export their Completed Documents at any time, as described in Terms of Service Section 8.3.

14.2 Requests for Copies Upon Account Termination

Upon termination of a Client's Account (whether by the Client or by Enzio.ai), the Client may request copies of their Completed Documents and other Client File materials, as stated in Terms of Service Section 2.3. Enzio.ai shall honor such requests in a commercially reasonable timeframe.

14.3 Data Subject Rights

To the extent required by applicable state or federal privacy laws (including, without limitation, the CCPA), Clients and other individuals whose PII is maintained by Enzio.ai may exercise data subject rights, including the right to access, correct, delete, or port their personal data, by submitting a request to privacy@enzio.ai. Requests will be processed in accordance with applicable law and may be subject to exceptions (for example, where deletion would conflict with a legal retention obligation or a litigation hold). Nothing in this Section requires Enzio.ai to destroy Records before the expiration of the applicable Retention Period where retention is required by law, regulation, or a legal hold.

15. TRAINING

All Personnel shall receive training on this Policy upon onboarding and at least annually thereafter. Training shall cover:

• The data classification framework and handling requirements for each classification level;
• Retention periods and the Record Retention Schedule;
• Destruction methods and the prohibition on unauthorized destruction;
• Litigation hold procedures and the duty to preserve;
• The handling of Client data processed by third-party AI service providers; and
• Reporting procedures for suspected violations of this Policy.

Training records, including attendance and completion documentation, shall be retained for 7 years from the date of training.

16. MONITORING AND AUDIT

16.1 Ongoing Monitoring

The Data Retention Officer shall conduct periodic reviews to ensure compliance with this Policy, including verification that Records are being retained and destroyed in accordance with the Record Retention Schedule and that litigation holds are being properly implemented and maintained.

16.2 Internal Audit

The Company shall conduct an internal audit of data retention and destruction practices no less than annually. The audit shall evaluate compliance with this Policy, the effectiveness of destruction methods, the status of active litigation holds, vendor compliance with data handling requirements, and the accuracy and completeness of Destruction Logs. Audit findings and management responses shall be documented and reported to the Chief Executive Officer and the General Counsel.

16.3 Independent Third-Party Reviews

The Company may engage independent third parties to conduct periodic reviews of its data retention and destruction practices. Such reviews may serve as a defensive compliance measure and provide management with independent assurance regarding the effectiveness of this Policy.

17. POLICY GOVERNANCE AND AMENDMENTS

17.1 Policy Authority

This Policy has been approved by the executive management of Enzio.ai, Inc. Authority to implement this Policy and related procedures is delegated to the Data Retention Officer, subject to oversight by the General Counsel.

17.2 Data Retention Officer

The Company has designated a Data Retention Officer responsible for: administering and enforcing this Policy; maintaining the Record Retention Schedule; overseeing the Destruction Log; coordinating litigation holds; managing vendor compliance; conducting or overseeing training; and reporting to executive management no less than annually on data retention and destruction performance and compliance.

17.3 Periodic Review

This Policy and the Record Retention Schedule shall be reviewed and updated no less than annually, or more frequently as warranted by changes in applicable law, regulatory guidance, industry best practices, Company operations, or the technology environment (including changes to AI service providers or Platform infrastructure).

18.4 Amendments

Material amendments to this Policy shall be approved by executive management. Non-material clarifications or updates to the Record Retention Schedule may be approved by the Data Retention Officer, subject to review by the General Counsel. All amendments shall be documented with an effective date and communicated to affected Personnel.

CONTACT

Questions about this Policy:

Email: contact@enzio.ai 

END OF POLICY