Data Retention Policy

This policy describes what data ChaiSpend LLC ("ChaiSpend," "we," "us") retains, how long we keep it, and how it is deleted. It supplements our Privacy Policy and Terms of Service.

While your account is active, we retain the following categories of data:

Account information

Email address, hashed password (Argon2id), authentication tokens, and optional two-factor authentication secrets. OAuth credentials for Google sign-in, if used.

Financial preferences

Annual income, budget style, spending plan allocations, category budgets, savings goals, and transaction rules. Income and goal amounts are encrypted at rest.

Transaction data

Transactions synced from linked bank accounts, manually logged expenses, and imported CSV data. Transaction descriptions and counterparty names are encrypted at rest.

Linked account credentials

Access tokens for bank connections and external account providers (PayPal, Coinbase, Kraken, Binance). API keys and OAuth tokens are encrypted with AES-256-GCM envelope encryption. We do not store bank login credentials.

AI chat history

Conversations with the AI financial coach, including messages and any stored context memories. Chat content is encrypted at rest.

Usage and device data

Anonymous analytics events (via PostHog), push notification tokens, and notification preferences. Analytics data is aggregated and not linked to financial records.

You can delete your account at any time in two ways:

• In the app:Go to Profile, then tap "Delete account" at the bottom of the settings screen.
• By email: Send a request to support@chaispend.com from the email address associated with your account.

What happens when you delete

When you confirm deletion, we immediately initiate a cascading removal of all data associated with your account. This includes your profile, all transactions (synced and manual), budgets, goals, spending plans, transaction rules, categories, chat history, AI memories, linked account credentials, notifications, referral records, and household membership.

Deletion completes within 30 days. In most cases, data is removed from our primary database immediately. The 30-day window accounts for propagation through backups and any third-party services.

Subscription cancellation

Deleting your account does not automatically cancel an active subscription billed through the Apple App Store, Google Play Store, or Stripe. You must cancel your subscription separately through the respective platform before deleting your account to avoid continued billing.

Irreversibility

Account deletion is permanent and cannot be reversed. We cannot recover deleted data. If you wish to use ChaiSpend again after deleting your account, you will need to create a new account.

Before deleting your account, you can export your transaction data in CSV format from the app. Go to the Expenses screen and use the export option to download your full transaction history.

If you need a copy of additional data (budgets, goals, or chat history), contact support@chaispend.com and we will provide it within 30 days.

All sensitive data is encrypted at rest using AES-256-GCM with envelope encryption. Each record uses a unique data encryption key, which is itself encrypted by a master key. Encryption covers financial amounts, transaction details, API credentials, chat messages, and personally identifiable information.

Data in transit is protected with TLS 1.2 or higher. Bank connections use mutual TLS (mTLS) with certificate pinning.

When data is deleted, the encrypted records and their encryption keys are both permanently removed, rendering any residual copies in backups unreadable.

We share data with third-party service providers only to operate the app. These providers are contractually obligated to protect your data and use it only for the services they provide to us.

• Bank data provider: Receives your bank authentication to fetch account and transaction data on your behalf. We do not store your bank login credentials.
• AI provider: Processes chat messages to generate financial coaching responses. Messages are not used to train AI models.
• Payment processors: Apple, Google, and Stripe process subscription payments. We do not store credit card numbers.
• Hosting and infrastructure: Cloud hosting provider stores encrypted data. Database access is restricted to application services only.

We do not sell, rent, or trade your personal or financial data to any third party for any purpose.

In limited circumstances, we may be required to retain certain data beyond the standard retention period:

• Legal compliance: Where required by applicable law, regulation, or legal process (such as a valid subpoena or court order).
• Fraud prevention: Where necessary to prevent, investigate, or address fraud, abuse, or violations of our Terms of Service.
• Audit records: Administrative action logs are retained with personally identifiable information removed (email only, no financial data) for security auditing purposes.

Where legal retention is required, we retain only the minimum data necessary and delete it as soon as the obligation expires.

Depending on your jurisdiction, you have the right to access, correct, delete, or export your data. See our Privacy Policy for full details on your privacy rights under CCPA, GDPR, and other applicable laws.

To exercise any of these rights, contact support@chaispend.com. We respond to all requests within 30 days.

We may update this policy as our practices evolve or as required by law. Material changes will be communicated via email or in-app notification at least 30 days before they take effect.

For questions about this policy, data retention, or to request deletion of your data:

support@chaispend.com