AFINCE LogoAFINCE

Data Retention Policy

How long AFINCE keeps data and why.

Last Updated: June 5, 2026

AFINCE retains information only as long as reasonably needed to provide the service, maintain security, comply with law, resolve disputes, and support legitimate operations.

1. Data Categories

  • Account data: name, email address, profile settings, authentication identifiers, and account preferences.
  • Read-only financial data: balances, transactions, account metadata, categories, recurring expense indicators, and Plaid connection metadata.
  • User-generated settings: budgets, categories, labels, notification preferences, and app configuration.
  • Support records: messages, request history, troubleshooting context, and privacy/deletion requests.
  • Security and operational logs: authentication events, administrative events, diagnostics, abuse prevention, and system reliability data.

2. Retention Periods

  • Account data is retained while the account is active.
  • Financial data is retained while needed to provide insights and may be refreshed, replaced, deleted, or de-identified when accounts are disconnected or deleted.
  • Support records are retained as needed to resolve requests, document compliance, prevent abuse, and maintain service quality.
  • Security logs are retained for a reasonable security and investigation period, unless longer retention is required for legal, fraud, or abuse reasons.
  • Backups follow backup lifecycle schedules and may persist for a limited period after deletion from active systems.

3. Inactive Accounts

AFINCE may delete or de-identify data associated with accounts that remain inactive for 12 months, unless retention is required for legal, security, dispute, fraud prevention, or operational reasons.

4. Deletion Requests

Users may request deletion at any time by contacting support@afince.com. AFINCE may verify identity before processing. Verified deletion requests are handled under the Data Disposal Policy.

5. Legal Holds

AFINCE may preserve information when required by law, legal process, investigation, security incident response, tax/accounting obligations, dispute resolution, or enforcement of Terms.

6. Review

This policy is reviewed when major product, provider, legal, or infrastructure changes affect how data is stored or deleted.