Data Retention Policy
1. Scope
This policy applies to all personal and financial data collected by Basar Wealth through basarwealth.com and associated backend services.
2. Retention Periods
| Data Category | Retention Period |
|---|---|
| User account (email, password hash, name) | Retained while account is active; permanently deleted on account deletion |
| Financial profile (income, DOB, risk tolerance) | Retained while account is active; permanently deleted on account deletion |
| Assets, liabilities, holdings, retirement goals | Retained while account is active; permanently deleted on account deletion |
| Plaid access tokens and item IDs | Deleted immediately when item is disconnected or account is deleted |
| Plaid-derived data (balances, institution names) | Retained while account is active; permanently deleted on account deletion |
| Zakat records and calculations | Retained while account is active; permanently deleted on account deletion |
| Net worth scenarios, life events, goals | Retained while account is active; permanently deleted on account deletion |
| Advisory todos and event log | Retained while account is active; permanently deleted on account deletion |
| Purification donations and dividend records | Retained while account is active; permanently deleted on account deletion |
| Redis session tokens | Expire after 24 hours; deleted immediately on logout or account deletion |
| Consent records | Deleted as part of the user record on account deletion |
3. Account Deletion
You may permanently delete your account from the Settings page within the application. Upon deletion:
- All personal and financial data is immediately and permanently deleted from our systems
- All connected bank accounts (via Plaid) are removed from our database
- Your active session is immediately invalidated
- Deletion is irreversible โ no recovery is possible after confirmation
4. Applicable Laws
This policy is designed to comply with the CCPA (California Consumer Privacy Act) and GLBA (Gramm-Leach-Bliley Act).
5. Third-Party Data
Data shared with Plaid, OpenAI, and AWS is governed by their respective retention policies. Basar Wealth does not control retention on the processor side after data is transmitted.
6. Contact
For data-related questions or deletion requests: support@basarwealth.com