Costello/Docs
Dashboard
← All docs

GDPR and data deletion

How Costello handles personal data, your rights as a controller, and how to delete customer data.

GDPR and data deletion

Costello processes customer messages on your behalf. Under GDPR, your clinic is the data controller and Costello is a data processor. This page covers what data is stored, how long it's kept, and how to delete it.

What data Costello stores

When Costello handles a conversation, it stores:

  • The text of each message (inbound and outbound).
  • The customer's Instagram or Messenger username and any profile information Meta provides (typically display name and profile picture URL).
  • The timestamp of each message.
  • Which channel the conversation came from.

Costello does not store:

  • Payment card details (handled by Stripe directly).
  • Email addresses or phone numbers unless the customer types them in a message.
  • Any data from outside the connected messaging channels.

Retention policy

By default, conversation data is retained for 12 months from the date of the last message in a conversation. After 12 months, the conversation and all associated message data is automatically deleted.

You can request a shorter retention window for your workspace — submit a support case → with your preferred retention period.

Deleting a single conversation

To delete an individual conversation and all its messages:

  1. Open the conversation in your Activity feed.
  2. Click the menu in the top-right of the conversation.
  3. Select Delete conversation.
  4. Confirm.

Deletion is immediate and permanent. The customer's name, messages, and metadata are removed from Costello's database.

Responding to a customer data subject access request (DSAR)

If a customer requests a copy of their data under GDPR Article 15:

  1. Find their conversations in Activity (search by username or channel).
  2. Export the conversation using ⋯ → Export as CSV (available on Growth and Unlimited plans).
  3. Provide the CSV to the customer.

Responding to a customer erasure request

If a customer requests deletion of their data under GDPR Article 17:

  1. Find and delete each conversation with that customer using the steps above.
  2. If you're unsure whether all conversations have been found, submit a support case → — the Costello team can run a full purge by channel username.

Deletions propagate immediately. We do not maintain deleted data in backups beyond 30 days.

Data processing agreement (DPA)

A signed Data Processing Agreement is available on request for any paid plan. Submit a support case → to request one.

Deleting your workspace

If you delete your workspace, all data (conversations, knowledge base, settings) is deleted within 30 days. See workspace settings → for how to delete a workspace.

Next steps

Still stuck? Submit a case →

Was this helpful?
Still stuck? Submit a case →