Data Deletion
Under GDPR, UK GDPR, CCPA, CPRA, and PIPEDA you can ask us to delete the personal data we hold. Here is what we can remove, what we must retain, and how to request it.
What you can delete
You can request deletion of your raw manuscript file (stored in Cloudflare R2), your intake metadata (book title, ASIN, TikTok handle, wallet tier selection, optional profile-questionnaire answers), your customer account record (name, email, pen name), and your SES transactional-email delivery logs. You can also request that we revoke prospective AI-processing consent, which stops any further transmission of your content to Anthropic or Google while leaving the already-generated derivative posts in place per the service record. We do not auto-delete manuscripts on a schedule — they remain with us for the life of your account unless you ask us to remove them.
What we cannot delete
Stripe payment records are retained for approximately seven years under our tax and accounting obligations and cannot be deleted at your request; this is standard across every payment processor. The webhook audit log we keep for fraud investigation and billing reconciliation is retained for approximately twenty-four months and cannot be selectively scrubbed without destroying its evidentiary integrity. Financial records (invoices, receipts, refunds) fall into the same seven-year retention bucket.
How to request deletion
Send an email to support@indieauthormedia.com with the subject line DFY v2 data deletion followed by your email address in square brackets (for example: DFY v2 data deletion [jane@example.com]). Include the Stripe receipt number from your kickoff confirmation email if you have it. If you do not, we will look up your record using the email address you send from. If you want only specific data categories deleted rather than everything, list them in the body of your email so we process only what you have requested.
Response SLA
We process every data-deletion request within thirty calendar days of receipt, consistent with GDPR and CPRA response windows. Once your raw manuscript is removed from Cloudflare R2 and your intake metadata is purged from the mira.app_* schemas, we send a confirmation email from support@indieauthormedia.com detailing what was deleted, what was retained and why (referencing the paragraph above), and the effective deletion timestamp. If the request is ambiguous or scoped to a category that overlaps with the non-deletable records above, we reply inside that same window to clarify before taking irreversible action.
Questions? Email support@indieauthormedia.com. The broader Indie Author Academy policies remain complementary at indieauthormedia.com/terms.html and /privacy.html; this document is the DFY v2 specific layer.