From reading the documentation and forums I've been able to gather the following:
- When a User authorises an App a Refresh Token is created which lasts indefinitely [1, 2, 3]
- When a User de-authorises an App all of their Refresh Tokens associated with that App are invalidated [3, 4]
- When you create an App a Client ID/Secret pair is created 
But I still have the following questions for which I have not been able to find any online information. I would be most grateful for any answers, or further information that could clear them up:
- Can the Client Secret for an App be re-generated? Or does an entirely new App, with new Client ID/Secret have to be generated?
- If it is possible to generate a new Client Secret, do all previously generated Refresh Tokens stay valid?
- When you delete an App does this invalidate all Refresh Tokens?
- Is there any mechanism to revoke a single known Refresh Token? Is this even technically possible?