Aside — Data Retention & Deletion Policy

Effective date: [DATE] · Owner: [operating entity] · Reviewed at least annually. Contact: ashuliakousky@gmail.com

Purpose & scope

Defines how long Aside keeps consumer data and how it is deleted, covering data obtained via Plaid and data users provide. Aligns with applicable privacy laws (e.g., CCPA, GDPR).

Data categories & retention

DataWhereRetention
Plaid access token + sync cursorCloudflare Workers KV (encrypted at rest)While the account is linked; deleted on unlink or account deletion
Transaction data (descriptions, amounts, dates, categories)On the user's device; processed transiently on the backendNot persisted server-side beyond a request; on-device until the user deletes/unlinks or uninstalls
Profile & preferencesOn device (and backend if/when accounts exist)While the account/app data is active; removed on deletion
Diagnostics/logsCloudflare (transient)Short-lived operational logs only; no financial contents

Deletion triggers

How to request deletion

Users can request deletion in-app or by emailing ashuliakousky@gmail.com; we respond within the period required by applicable law.

Backups

Aside does not maintain long-term backups of consumer financial data; there are no separate archival copies to purge.

Questions: ashuliakousky@gmail.com