What can I do about this clause?

{'method': 'EMAIL', 'recipient': 'privacy@palantir.com', 'difficulty': 'EASY', 'action_type': 'DELETE_DATA', 'instructions': 'Email privacy@palantir.com to request deletion of your personal data and ask Palantir to confirm the retention period applicable to your data before deletion.', 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'FTC has authority over unfair data retention practices and deceptive retention disclosures under Section 5 of the FTC Act.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Data Retention clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Data Retention clauses across approximately 39 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Data Retention — Palantir

Share 𝕏 Share in Share 🔒 PDF

What it is

Palantir keeps your personal data for as long as needed for the purposes described in this policy, or longer if the law requires it.

Consumer impact (what this means for users)

Palantir does not specify exact data retention periods for most categories of personal data, which means your information could be retained indefinitely 'as long as necessary' — a formulation that gives Palantir broad discretion.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Email privacy@palantir.com to request deletion of your personal data and ask Palantir to confirm the retention period applicable to your data before deletion.

Cross-platform context

See how other platforms handle Data Retention and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Vague retention language without specific timeframes makes it difficult for individuals to know when their data will be deleted and may conflict with GDPR data minimization requirements.

View original clause language

We retain your personal data for as long as necessary to fulfill the purposes outlined in this privacy statement, unless a longer retention period is required or permitted by law.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: This provision engages GDPR Art. 5(1)(e) (storage limitation principle), which requires personal data to be kept 'no longer than is necessary for the purposes for which the personal data are processed.' CCPA/CPRA does not impose specific retention limits but requires disclosure of retention periods in the privacy policy. UK GDPR imposes identical storage limitation obligations. EU DPAs, including the CNIL and ICO, have issued guidance requiring specific, documented retention schedules.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

FTC has authority over unfair data retention practices and deceptive retention disclosures under Section 5 of the FTC Act.
File a complaint →

Provision details

Document information

Document

Palantir Privacy Statement

Entity

Palantir

Document last updated

April 29, 2026

Tracking information

First tracked

April 30, 2026

Last verified

April 30, 2026

Record ID

CA-P-004244

Document ID

CA-D-00496

Evidence Provenance

Source URL

https://www.palantir.com/privacy-and-security/

Wayback Machine

View archived versions →

SHA-256

eb927d9bd1bc02713391ebd4577b404a2136eba1e135746456110bc968e6e635

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Palantir | Document: Palantir Privacy Statement | Record: CA-P-004244
Captured: 2026-04-30 07:23:49 UTC | SHA-256: eb927d9bd1bc0271…
URL: https://conductatlas.com/platform/palantir/palantir-privacy-statement/data-retention/
Accessed: May 2, 2026

Classification

Severity

Medium

Data Retention