Sign Up
Sign Up

Data Retention

Effective Date: Dec 21st, 2024

SpendShift is committed to protecting your data and respecting your privacy. This Data Retention and Deletion Policy explains how we manage the information we collect, how long it is retained, and how you can request deletion of your data.

1. Purpose of Data Retention

We retain your data to:

  • Provide and improve our services.

  • Comply with legal, regulatory, and contractual obligations.

  • Resolve disputes, enforce agreements, and prevent fraud.


We store data only as long as necessary for these purposes.

2. Categories of Data and Retention Periods

The retention periods for different types of data are as follows:

  • Account Information

    • What: Name, email, phone number, account settings, and linked bank details.

    • Retention Period: Stored for as long as your account is active. Deleted or anonymized within 90 days of account closure, unless required for legal or regulatory purposes.

  • Transaction Data

    • What: Transaction history, savings goal details, and purchase tracking.

    • Retention Period: Retained for 3 years to comply with financial regulations or until legally required to delete.

  • Communication Data

    • What: Support requests, emails, and chat interactions.

    • Retention Period: Retained for up to [X years] for quality assurance, dispute resolution, and compliance purposes.

  • Technical Data

    • What: IP addresses, device identifiers, and app usage logs.

    • Retention Period: Retained for up to [X months] for analytics, troubleshooting, and fraud detection.

  • Legal and Compliance Data

    • What: Data required for audits, fraud investigations, or regulatory compliance.

    • Retention Period: Retained as long as required by applicable laws, typically [X years].

3. Your Data Deletion Rights

SpendShift provides you with the right to request deletion of your personal data, subject to the following conditions:

  • Immediate Deletion: Data not subject to legal or regulatory requirements will be deleted within 1 day of your request.

  • Data Subject to Retention Laws: Data required for compliance with legal, regulatory, or contractual obligations cannot be deleted until the applicable retention period has expired.


To request data deletion, contact us at contact@spendshift.io with the subject line “Data Deletion Request.”

4. How We Delete Your Data

When data is no longer needed, we ensure it is securely deleted or anonymized:

  • Secure Deletion: Data is permanently erased using methods that prevent recovery.

  • Anonymization: Data is stripped of identifiers, making it impossible to link to an individual.


SpendShift partners with trusted service providers to ensure data stored with third parties is also deleted in accordance with this policy.

5. Exceptions to Deletion

Certain data may be retained beyond your deletion request for the following reasons:

  • Legal and Regulatory Compliance: Retaining data required to meet laws, such as anti-money laundering (AML) or tax regulations.

  • Fraud Prevention: Retaining information necessary to detect or prevent future fraudulent activities.

  • Dispute Resolution: Retaining records needed to resolve disputes or enforce agreements.

6. Access to Data Before Deletion

Before deleting your account or data, you can:

7. Third-Party Data Deletion

SpendShift works with trusted partners to provide our services. When you request data deletion, we ensure:

  • Data stored with third parties is deleted or anonymized.

  • Compliance with their respective data retention policies.

8. Data Backup and Archiving

Data backups are used to ensure service continuity. Backup data:

  • Is stored in encrypted formats.

  • Is retained only for the purpose of disaster recovery.

  • Is securely deleted or overwritten after [X days/months] in line with this policy.

9. Compliance with Regulations

This policy complies with applicable data protection laws and regulations, including:

  • General Data Protection Regulation (GDPR): For users in the European Economic Area.

  • California Consumer Privacy Act (CCPA): For users in California.

  • Financial Regulations: Retention requirements under federal and state financial laws.

10. Policy Updates

We may update this Data Retention and Deletion Policy to reflect changes in regulations or business practices. Significant updates will be communicated via email or app notifications.

11. Contact Us

For questions about this policy or to request deletion of your data, contact us:

SpendShift

Email: contact@spendshift.io

SpendShift

Easily fund your projects while shopping online.

Resrouces

Engage

About

+1 (206) 522 0161

© 2025. All rights reserved.

Contact

contact@spendshift.io

Blog

Security

Privacy Policy

Terms of Use