[{"data":1,"prerenderedAt":367},["ShallowReactive",2],{"\u002Fdata-retention":3},{"id":4,"title":5,"body":6,"description":359,"extension":360,"meta":361,"navigation":362,"path":363,"seo":364,"stem":365,"__hash__":366},"content\u002Fdata-retention.md","Data Retention & Deletion Policy",{"type":7,"value":8,"toc":348},"minimark",[9,13,32,51,54,59,70,72,76,206,212,214,218,221,254,256,260,263,274,277,279,283,303,305,309,324,326,330,337,339],[10,11,5],"h1",{"id":12},"data-retention-deletion-policy",[14,15,16,20,21,20,24,27,28,31],"p",{},[17,18,19],"strong",{},"Effective date:"," 12 June 2026\n",[17,22,23],{},"Last updated:",[17,25,26],{},"Owner:"," Founder & Security Lead, BMRTECKBUSINESS LLC\n",[17,29,30],{},"Review cadence:"," at least annually.",[14,33,34,35,38,39,42,43,46,47,50],{},"This policy explains what data ",[17,36,37],{},"BMRTECKBUSINESS LLC"," (\"we\") retains for the ",[17,40,41],{},"Piggy"," application (\"the App\"), how long we keep it, and how it is deleted. It is designed to comply with applicable data-protection laws (including ",[17,44,45],{},"GDPR"," and ",[17,48,49],{},"CCPA\u002FCPRA",") and the principle of data minimization.",[52,53],"hr",{},[55,56,58],"h2",{"id":57},"_1-core-principle-we-retain-as-little-as-possible","1. Core principle: we retain as little as possible",[14,60,61,62,65,66,69],{},"We ",[17,63,64],{},"do not store"," users' bank transactions, balances, incomes, or expenses on our servers. That financial data is retrieved from our providers ",[17,67,68],{},"on demand"," and delivered to the user's device; it is not persisted in our database. As a result, there is very little sensitive financial data to retain or delete.",[52,71],{},[55,73,75],{"id":74},"_2-what-we-retain-and-for-how-long","2. What we retain and for how long",[77,78,79,95],"table",{},[80,81,82],"thead",{},[83,84,85,89,92],"tr",{},[86,87,88],"th",{},"Data category",[86,90,91],{},"Stored?",[86,93,94],{},"Retention period",[96,97,98,116,131,145,157,170,182,194],"tbody",{},[83,99,100,107,113],{},[101,102,103,104],"td",{},"Bank ",[17,105,106],{},"transactions \u002F balances \u002F income \u002F expenses",[101,108,109,112],{},[17,110,111],{},"No"," — never persisted server-side",[101,114,115],{},"N\u002FA",[83,117,118,124,129],{},[101,119,120,121],{},"Online banking ",[17,122,123],{},"username \u002F password",[101,125,126,128],{},[17,127,111],{}," — never seen by us",[101,130,115],{},[83,132,133,139,142],{},[101,134,135,138],{},[17,136,137],{},"Bank access token \u002F item ID"," (encrypted, AES-256-GCM)",[101,140,141],{},"Yes",[101,143,144],{},"Until the user disconnects the bank, deletes their account, or the subscription lapses — then deleted\u002Frevoked (see §3)",[83,146,147,152,154],{},[101,148,149],{},[17,150,151],{},"Institution name\u002FID & connection status",[101,153,141],{},[101,155,156],{},"Same lifecycle as the connection; soft-deleted on disconnect",[83,158,159,165,167],{},[101,160,161,164],{},[17,162,163],{},"Account identifier"," (e.g. email \u002F sign-in ID)",[101,166,141],{},[101,168,169],{},"For the life of the account; deleted on account deletion (subject to §4)",[83,171,172,177,179],{},[101,173,174],{},[17,175,176],{},"Subscription \u002F purchase events",[101,178,141],{},[101,180,181],{},"For the life of the account plus the period required for financial\u002Ftax and dispute records",[83,183,184,189,191],{},[101,185,186],{},[17,187,188],{},"Device push tokens",[101,190,141],{},[101,192,193],{},"Until the token becomes invalid or the user disables notifications \u002F deletes the account",[83,195,196,201,203],{},[101,197,198],{},[17,199,200],{},"Server & access logs",[101,202,141],{},[101,204,205],{},"Short operational window (e.g. up to 90 days), then deleted or rotated",[207,208,209],"blockquote",{},[14,210,211],{},"Specific timeframes may be adjusted to meet legal, tax, fraud-prevention, or accounting obligations.",[52,213],{},[55,215,217],{"id":216},"_3-deletion-triggers","3. Deletion triggers",[14,219,220],{},"User data is removed when any of the following occurs:",[222,223,224,236,242,248],"ul",{},[225,226,227,230,231,235],"li",{},[17,228,229],{},"User disconnects a bank"," — we call the provider's item-removal endpoint (e.g. Plaid ",[232,233,234],"code",{},"\u002Fitem\u002Fremove",") to revoke access at the source, then soft-delete the connection record and its encrypted token locally.",[225,237,238,241],{},[17,239,240],{},"Subscription lapses or is cancelled\u002Frefunded"," — connections that require an active subscription are disconnected and removed via the same cascade.",[225,243,244,247],{},[17,245,246],{},"User deletes their account"," — we revoke all connections and delete associated personal data (subject to §4).",[225,249,250,253],{},[17,251,252],{},"Inactivity \u002F safety cleanup"," — automated jobs disconnect and clean up stale connections.",[52,255],{},[55,257,259],{"id":258},"_4-legal-and-operational-holds","4. Legal and operational holds",[14,261,262],{},"We may retain certain records for longer where required to:",[222,264,265,268,271],{},[225,266,267],{},"Comply with tax, accounting, and financial-record laws (typically purchase\u002Fsubscription records);",[225,269,270],{},"Resolve disputes, prevent fraud, or enforce our agreements;",[225,272,273],{},"Meet other legal obligations.",[14,275,276],{},"Such retained data is minimized and access-restricted, and is deleted once the obligation ends.",[52,278],{},[55,280,282],{"id":281},"_5-how-deletion-is-performed","5. How deletion is performed",[222,284,285,291,297],{},[225,286,287,290],{},[17,288,289],{},"Credentials:"," the encrypted access token is deleted from the database and access is revoked at the provider, so it can no longer be used to retrieve data.",[225,292,293,296],{},[17,294,295],{},"Records:"," connection records are soft-deleted and then purged in line with this schedule.",[225,298,299,302],{},[17,300,301],{},"Backups:"," deleted data is removed from active systems immediately and ages out of backups according to the backup rotation cycle.",[52,304],{},[55,306,308],{"id":307},"_6-user-rights","6. User rights",[14,310,311,312,319,320,323],{},"Users may request access to, correction of, or deletion of their personal data, and may disconnect any bank connection at any time directly in the App. Requests can also be sent to ",[17,313,314],{},[315,316,318],"a",{"href":317},"mailto:contact@bmrteck.com","contact@bmrteck.com",". See our ",[17,321,322],{},"Privacy Policy"," for the full list of rights.",[52,325],{},[55,327,329],{"id":328},"_7-review","7. Review",[14,331,332,333,336],{},"This policy is reviewed ",[17,334,335],{},"at least annually"," and updated when our data practices, providers, or legal obligations change.",[52,338],{},[14,340,341,344,345,347],{},[17,342,343],{},"Contact:"," ",[315,346,318],{"href":317}," · BMRTECKBUSINESS LLC",{"title":349,"searchDepth":350,"depth":350,"links":351},"",2,[352,353,354,355,356,357,358],{"id":57,"depth":350,"text":58},{"id":74,"depth":350,"text":75},{"id":216,"depth":350,"text":217},{"id":258,"depth":350,"text":259},{"id":281,"depth":350,"text":282},{"id":307,"depth":350,"text":308},{"id":328,"depth":350,"text":329},"Effective date: 12 June 2026\nLast updated: 12 June 2026\nOwner: Founder & Security Lead, BMRTECKBUSINESS LLC\nReview cadence: at least annually.","md",{},true,"\u002Fdata-retention",{"title":5,"description":359},"data-retention","vq3Tsshq6yodVX8-wA3Jdn-EGnSRrDlZ7d34201XfEE",1781736228987]