Data Retention and Disposal Policy
Last updated: June 26, 2026 · Next scheduled review: June 2027
This policy describes how long HarmonyBudget (“HarmonyBudget,” “we,” “us”) retains personal and financial information, how we securely dispose of it when it is no longer needed, and how we keep this policy current. It supports and forms part of our Privacy Policy.
1. Guiding principles
We retain personal information only for as long as it is needed for the purposes we collected it, or as required by law. Our retention practices follow these principles:
- Data minimization. We collect and keep only what we need to operate the service.
- Purpose limitation. Data is retained only for the purpose it was collected for.
- Defined timelines. Each category of data has a defined retention period, after which it is deleted or de-identified.
- Secure disposal. When data is no longer needed, it is disposed of securely and irreversibly.
2. Retention schedule
We retain the following categories of data for the periods described below. Where a range is given, the exact period depends on account activity and legal requirements.
| Data type | Retention period | Reason |
|---|---|---|
| Account information (email, profile) | For the life of the account; deleted within 30 days of account deletion | Needed to operate the account |
| Financial account data via Plaid (balances, transactions) | While the account connection is active; deleted within 30 days of disconnection or account deletion | Needed to show insights; not retained once you disconnect |
| Plaid access tokens | Revoked and deleted promptly when you disconnect an account or delete your account | No longer needed once access ends |
| Usage and device logs | Up to 24 months | Security, fraud prevention, and product improvement |
| Marketing/waitlist contacts | Until you unsubscribe or request deletion | Consent-based communications |
| Records required by law (e.g. tax, legal holds) | As required by applicable law | Legal and regulatory compliance |
We do not store your online banking login credentials at any point; those are handled directly by Plaid.
3. Deletion and disposal process
When data reaches the end of its retention period, or when you
- delete your account,
- disconnect a financial account, or
- make a verified deletion request to privacy@harmonybudget.com,
we dispose of it as follows:
- Production systems. Personal and financial data is permanently deleted or de-identified within 30 days of the triggering event.
- Plaid connections. Associated Plaid access tokens are revoked so no further data can be retrieved.
- Backups. Residual copies in encrypted backups are overwritten on the normal backup-rotation cycle (no longer than 90 days), after which they are unrecoverable.
- Method. Disposal uses secure deletion appropriate to the storage medium so that data cannot be reconstructed.
We may retain a limited subset of data longer where we are legally required to, or to resolve disputes and enforce our agreements. Any such data is isolated and deleted once the obligation ends.
4. Enforcement and accountability
This policy is enforced through our internal data-handling practices. Access to personal and financial data is restricted to authorized personnel on a need-to-know basis, and deletion requests are logged and verified before action. A designated owner is responsible for ensuring retention periods are applied and that disposal occurs on schedule.
5. Review of this policy
We review this Data Retention and Disposal Policy at least once a year, and additionally whenever there is a material change to our data practices, our service providers, or applicable privacy laws. Reviews confirm that retention periods remain appropriate, that disposal is occurring as described, and that the policy stays compliant with the Personal Information Protection and Electronic Documents Act (PIPEDA) and other applicable laws. The next scheduled review is June 2027.
6. Contact
For questions about this policy or to make a data deletion request, contact us at privacy@harmonybudget.com.