A Real Budget

A REAL BUDGET

Initializing forecast engine

0%

← A Real Budget

Data Retention & Deletion Policy

Version 1.0 · Effective April 12, 2026 · Reviewed annually

1. Purpose

This policy describes how A Real Budget retains, deletes, and reviews consumer financial data. It is designed to comply with applicable data protection laws — including the California Consumer Privacy Act (CCPA/CPRA), the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, and the General Data Protection Regulation (GDPR) — and with the obligations of data recipients under the Plaid End User Services Agreement.

2. Scope

This policy applies to:

  • Account metadata and transaction history retrieved via Plaid
  • User-generated budgeting data (categories, planned expenses, category rules, scenarios)
  • Authentication identifiers (user IDs, email addresses) managed via Clerk
  • Application and security logs generated by hosting infrastructure

3. Retention Periods

Data CategoryRetention
Plaid access tokensUntil the user disconnects the institution or deletes their account. Tokens are revoked via Plaid's /item/remove endpoint on disconnection.
Account & transaction data from PlaidFor the lifetime of the user's account, to support multi-year forecasting. Deleted when the user disconnects the institution or deletes their account.
User-generated data (budgets, rules, scenarios)For the lifetime of the user's account. Deleted on account deletion.
Authentication recordsFor the lifetime of the user's account. Removed from Clerk and our database on account deletion.
Application & security logsRetained up to 30 days by our hosting provider for operational and security purposes, then purged.
Database backupsRolling backups retained up to 7 days by our database provider. Deleted data is removed from backups through normal backup rotation.

4. User-Initiated Deletion

Users can delete their data at any time:

  • Disconnect a bank: From the Accounts page, users can disconnect any connected institution. This immediately revokes the Plaid access token and stops further data retrieval. Associated account and transaction records are removed from our primary database within 24 hours.
  • Delete account: From the Settings page, users can permanently delete their account. All associated data — financial records, budgets, categories, rules, scenarios, and authentication records — is removed from our primary database within 30 days. Any residual copies in rotating backups expire within 7 additional days.

Users may also email joeschwartz0@gmail.com to request deletion. We respond to verified requests within 30 days, consistent with CCPA and GDPR requirements.

5. Automatic Deletion Triggers

  • Disconnection of a Plaid Item deletes all account and transaction rows tied to that Item
  • Account deletion cascades through all user-owned rows (enforced by foreign-key ON DELETE CASCADE in the database schema)
  • Inactive accounts (no sign-in for 24 months) are flagged for review and may be deleted after a 30-day notification email

6. Legal & Compliance Holds

Notwithstanding the periods above, we may retain certain records longer where required to comply with legal obligations, resolve disputes, or enforce our agreements. Where retained, such data continues to be protected by the security controls described in our Privacy Policy.

7. Review & Governance

This policy is reviewed at least annually, and when material changes occur to the Service, our subprocessors, or applicable law. The policy owner is the A Real Budget operator. Updates are versioned and published at this URL.

8. Contact

Questions, deletion requests, or concerns? Email joeschwartz0@gmail.com.