What you'll do
- Export your links, click events, and invoices before deletion — they are not recoverable afterwards.
- Choose to delete or transfer ownership of any workspace where you are the sole Owner.
- Understand the 14-day grace period during which you can cancel the request before it becomes permanent.
You have the right to erase your account and personal data under GDPR Article 17. This article explains exactly what we delete, what we retain (and why), and how to request deletion.
How to delete
Self-service. Open Settings → Profile → Account → Delete account. Type your email to confirm. We start the 14-day grace period immediately and email you a confirmation.
Email request. If you've lost dashboard access, write to [email protected] from the email on your account. We process email requests within 5 business days; a self-service request starts immediately.
What gets deleted
After the 14-day grace period ends, we hard-delete:
- Your user record (name, email, password hash, profile photo).
- All API keys you issued personally.
- All TOTP / passkey enrolments.
- All sessions and refresh tokens.
- Audit log entries are anonymised — the action is preserved, but your user ID becomes
deleted-user-<random>so we can keep workspace audit history readable.
What you decide about: workspaces
If you're the sole Owner of a workspace, you choose during the deletion flow what happens to it:
- Delete the workspace too. All links, custom domains, click analytics, and bio pages are deleted. Custom-domain DNS records remain in your registrar — only the Elido side is removed.
- Transfer ownership. Pick an existing member to promote to Owner. The workspace continues running; you exit cleanly.
If you're not the sole Owner, the workspace continues without you and the other Owners keep full control.
What is retained — and why
A short list of things we keep for legal reasons after deletion:
- Invoices and billing records — retained for 10 years per EU accounting law (Directive 2006/112/EC). Stored under a pseudonymised customer ID, with personal data redacted.
- Anti-abuse history — if your account was flagged for hosting malicious URLs, we retain a hash of the email and the redacted abuse report for 7 years to prevent re-registration.
- DPA / contractual records — if you signed a Data Processing Agreement, the executed copy is retained for 7 years after the contract end date.
Everything else is gone. We do not keep "soft-deleted" copies of your data once the 14-day grace period ends.
Grace period
For 14 days after you submit a deletion request, you can sign back in to cancel. Click Cancel deletion on the banner that appears at the top of the dashboard. After 14 days, the deletion runs and cannot be reversed.
During the grace period your account is read-only: redirects continue, API calls return data, but no creates / updates are accepted. This prevents leaving incomplete data behind during the wait.
Export before deletion
Most users want a copy of their data before deleting:
- Links. Tools → Bulk export → All links — CSV with every link in the workspace.
- Click events. Analytics → Export — CSV or Parquet of every click event. See click data export for the format.
- QR codes. No bulk export — download from each link individually, or use the API.
- Invoices. Settings → Billing → Download all invoices — bundled ZIP of every invoice.
Run these exports first; once deletion completes there is no way to retrieve them.
Restoring after deletion
You can sign up again with the same email after deletion — but it's a fresh account, not a restoration. Old links, slugs, workspace, and click history are not recoverable.
If you held a custom slug that someone else has since claimed, we don't auto-restore it; the new owner keeps it.
Troubleshooting
Deletion request hasn't started after 24 hours. Check the email we sent for a verification link. We won't start the grace period until you confirm via that link.
Workspace transfer step shows no candidates. You're the only member. Add at least one other Owner-eligible member first, or pick "delete workspace too".
My data subject access request needs more than CSV exports. Email [email protected] — we run a full data-export tool that bundles every field we hold on a single user into a JSON archive within 30 days, per GDPR Article 15.
Account was deleted but I'm still getting emails. Marketing emails are sent via Resend with a separate suppression list — unsubscribe via the email footer. Transactional emails for shared workspaces continue while you're still on those workspaces; remove yourself first if you don't want them.