Data Retention & Deletion Policy
Last updated: December 22, 2025
1. Overview
This policy describes how Finance Self-Hosted retains, manages, and deletes your personal and financial data. We are committed to data minimization and only retain information necessary to provide our services.
2. Data Retention Schedule
| Data Type | Retention Period | Deletion Trigger |
|---|---|---|
| Account credentials | Until account deletion | User request or account deletion |
| User profile | Until account deletion | User request or account deletion |
| Bank connections (Plaid) | Until disconnected | User disconnects bank or account deletion |
| Transaction history | Until account deletion | Account deletion |
| Categories & budgets | Until account deletion | Account deletion |
| Bills & savings goals | Until account deletion | Account deletion |
| Login history | 90 days | Automatic expiration |
| Failed login attempts | 24 hours | Automatic expiration |
| IP ban records | 1 hour | Automatic expiration |
| Refresh tokens | 7 days | Automatic expiration or logout |
| Household invitations | 7 days | Accepted, rejected, or expired |
3. Your Deletion Rights
You have the right to request deletion of your data at any time:
3.1 Delete Individual Data
- Bank connections: Disconnect via Profile → Linked Accounts
- Transactions: Individual transactions can be deleted from the transaction list
- Categories/Tags: Delete via respective management pages
- Bills/Goals: Delete via respective management pages
- Household membership: Leave household via Household settings
3.2 Delete Entire Account
To delete your entire account and all associated data, go to Profile → Delete Account. This action is permanent and irreversible.
Account deletion removes:
- Your user account and credentials
- All linked bank connections
- All transaction history
- All categories, tags, and budgets
- All bills and savings goals
- All household memberships (owned households are transferred or deleted)
- All login history and security logs
4. Plaid Data Handling
4.1 When You Connect a Bank
When you connect a bank account through Plaid, we receive and store an encrypted access token that allows us to retrieve your account and transaction data. We store:
- Encrypted Plaid access token (AES-256-GCM)
- Account information (names, balances, types)
- Transaction history
4.2 When You Disconnect a Bank
When you disconnect a bank connection:
- We immediately delete the Plaid access token
- We revoke access with Plaid's API
- Associated accounts are marked as disconnected
- Historical transaction data is retained unless you specifically request deletion
4.3 Plaid's Data Retention
Plaid maintains their own data retention policies. To manage data Plaid has collected, visit my.plaid.comto view and delete your Plaid data directly.
5. Data Export
Before deleting your account, you may request an export of your data. This includes:
- All transaction history (CSV format)
- Account balances and history
- Categories, tags, and budgets
- Bills and savings goals
To export your data, go to Profile → Export Data.
6. Deletion Process
6.1 Timeline
- Immediate: Account access is revoked
- Within 24 hours: All user data removed from primary database
- Within 30 days: Data removed from all backups
6.2 Exceptions
We may retain certain data beyond deletion requests if required for:
- Legal compliance or regulatory requirements
- Fraud prevention and security
- Resolving disputes or enforcing agreements
7. Automatic Data Cleanup
We automatically purge the following data:
- Login history: Entries older than 90 days are automatically deleted
- IP bans: Automatically expire after 1 hour
- Failed login counters: Reset after 24 hours of no failed attempts
- Expired refresh tokens: Cleaned up daily
- Expired household invitations: Removed after 7 days
8. Contact Us
For data deletion requests or questions about this policy:
Email: privacy@sharkfinenahnce.xyz