Contact Support

Manage Data Retention in Guest

Control how long Verkada Guest stores visit and event data

Verkada Guest gives organizations control and flexibility over how long Visit Records are retained. You can manage retention in two ways:

  • Configure organization-wide or site-specific retention settings.

  • Manually delete Visit Records for specific visits as needed.

Personal data in scope

Admins can set a time period after each sign-in, after which Visit Records are automatically deleted. Once deleted, this data cannot be recovered through Command, CSV export, or the Get Guest Visits API.

Visit Records that can be permanently deleted include, but are not limited to:

  • Full name in Guest

  • Contact information in Guest

  • Badge photo in Guest

  • Saved Identification Info*

  • Guest documents**

  • Question responses

  • Questionnaire responses

  • Host selection

  • Student selection(s) (School Guest Types only)

  • Patient selection (Healthcare Integration only)

  • Department selection (Healthcare Integration only)

  • Temporary Guardian Exception status (School Guest Types only)

  • Approved List status

  • Security Screening status

  • Host approval status

  • Access Control status in Guest

  • Wi-Fi integration status in Guest

  • Other visit metadata (e.g. sign-in method, language preference)

* Retention of saved identification info (photo ID, date of birth, address, offender registry details) is managed separately in Command. This retention can be shorter than the general Visit Record period and always defaults to the shorter timeframe.

** To export Guest Documents for independent retention, open the guest’s profile and click Details > Download*.*

Operational impact of visit record deletion

When a Visit Record is deleted:

Guest Events and invited visitors

Visit Records for invited guests and events are retained based on the admin-defined retention period. When an event is deleted, the following records are also deleted from Verkada Guest and the Employee Portal:

  • Event name, date, time, and location

  • Organizer and event notes

  • Invited visitors and related visit data

Pinned sign-in steps

Pins allow returning visitors to skip previously completed sign-in steps.

  • If a visitor’s most recent visit is deleted, all pinned data from that visit is permanently removed.

  • The visitor must complete all sign-in steps again.

  • As long as the most recent visit remains within the retention period, pinned data can still be reused.

Personal data not in scope

The Visit Records retention setting and deletion feature apply only to visit-related records stored in Verkada Guest. They do not cover all types of personal data that may exist in Command or other Verkada products in connection with an individual.

Administrators who need to fulfill data subject requests or ensure comprehensive data deletion across Command should also review and apply other relevant retention and deletion settings as appropriate.

The following examples of Guest-related data are not impacted by the Visit Record retention schedule and not in scope of the ad-hoc Visit Records deletion feature:

  • Face Pass data: Retention of Face Pass data is not affected by visit data retention settings. A visitor’s Face Pass will automatically expire if unused for 1 year. If returning visitors have previously opted in to Face Pass, they can always disable the feature at sign-in which will delete the associated data.

  • Access Control data: Verkada Access Control door events and Verkada Access Control profiles created for visitors are not affected by visit data retention settings in Guest.

  • List entries: Entries on the Previously Dismissed Matches list are not affected by visit data retention settings in Guest. Entries on Guest Deny Lists, Student and Guardian Lists, and Approved Lists are not affected by visit data retention settings.

  • Person of Interest (POI) profiles: POI profiles created for visitors using the Make Person of Interest action are not affected by visit data retention settings in Guest.

  • Calendar events: Events created in calendar applications, using calendar shortcuts or calendar application add-ins, are not affected.

Configuration

Visit Record Retention can be configured at the organization and site levels for organizations that need to implement different policies by location.

Org-level

You need Org Admin permissions to set org-level Visit Record retention.

1

In Verkada Command, go to All Products > Workplace > Guest.

2

On the left navigation, click Guest Settings.

3

Under Organization, select Security & Data.

4

For Org-Level Retention of Guest Visit Records, choose a standard retention period or set a custom value.

Site-level

You need Org Admin permissions to set site-level Visit Record retention.

By default, sites will follow the Org-Level Visit Record Retention setting. An Org Admin can choose to use a different retention period for a site.

1

In Verkada Command, go to All Products > Workplace > Guest.

2

On the left navigation, click Guest Settings.

3

Under Sites, select Data Retention.

4

For Site-Level Retention of Guest Visit Records, choose to use a standard retention period or set a custom value.

Manually delete Visit Records

Admins can manually delete Visit Records for specific guests on an ad hoc basis.

1

In Verkada Command, go to All Products > Workplace > Guest.

2

Select the desired visit

3

Under Actions, select Delete Visit.

4

In the confirmation menu, select Delete Visit.

This permanently deletes all Visit Record data listed in the Data in Scope section.

FAQ

Can I retain some data longer than others?

Yes. You can export or download specific data (like Guest documents or visitor logs) before deletion. We recommend that you set up a regular export schedule for compliance or auditing needs.

What time units can I use for retention?

You can set the retention period in days, with a minimum of 1 day.

What if the Saved Identification Info retention is longer than Visit Record retention?

Saved Identification Info follows its own setting in Command but defaults to the shorter of the two retention periods.

What if the site-level retention is longer than the org-level setting?

When a custom site-level retention period is configured, the site follows its own retention period, regardless of whether it’s longer or shorter than the org-level setting.

What happens to data from visits that haven’t reached their retention period?

Only Visit Records that have exceeded the configured retention period will be deleted. Visit Records still within the active retention period will be retained. See the "Pinned Sign-In Steps" section above for additional information.

Need more help? Contact Verkada Support.

Last updated

Was this helpful?