Data Retention and Deletion Policy

Effective Date: March 19, 2026

Balanzify ("we," "our," or "us") maintains this Data Retention and Deletion Policy to define how data is retained, managed, and securely deleted across our accounting, payroll, and financial management platform, in alignment with business needs and applicable data protection regulations.

1. Purpose

This policy establishes guidelines for:

  • Retaining data only as long as necessary to deliver Balanzify services
  • Protecting sensitive financial and operational data throughout its lifecycle
  • Ensuring secure and compliant deletion of data when no longer required

2. Scope

This policy applies to all data processed within Balanzify, including:

  • Customer and organization account data
  • Financial data (bank transactions, reconciliations, reports)
  • Payroll and employee-related data
  • Bank-connected data accessed via Plaid
  • Application logs, audit logs, and system-generated data
  • Internal operational and support data

3. Data Retention Principles

Balanzify follows these principles:

  • Data is retained based on business necessity and service delivery requirements
  • Retention aligns with financial compliance, audit requirements, and regulatory obligations
  • Sensitive data is protected using role-based access controls and restricted access policies
  • Data minimization is enforced wherever possible

4. Retention Periods

Balanzify retains data based on the following guidelines:

Customer Account Data

Retained for the duration of the active subscription. After account closure, data is retained for a limited period to support compliance, audits, and dispute resolution.

Financial and Accounting Data

Includes transactions, ledgers, reports, and reconciliation records. Retained in accordance with financial compliance requirements, typically for multiple years depending on jurisdiction.

Payroll and Employee Data

Retained as required for payroll processing, tax reporting, and legal compliance, in alignment with applicable statutory requirements.

Bank Data (via Plaid)

Only necessary data is stored to support transaction syncing, categorization, and reconciliation. Retention aligns with Plaid's data usage and storage policies.

Logs and Audit Trails

Includes activity logs, system logs, and audit trails. Retained for a limited duration to support monitoring, debugging, fraud detection, and security investigations.

Retention periods are periodically reviewed and adjusted based on evolving compliance requirements.

5. Data Deletion

Balanzify implements structured and secure deletion processes:

  • Data is deleted or anonymized when no longer required for operational or legal purposes
  • Users may request account and data deletion, subject to compliance obligations
  • Deletion workflows apply across primary systems, caches, and associated environments
  • Backup data is purged according to defined retention cycles
  • Sensitive data is permanently removed using secure deletion practices

6. User Rights

Balanzify supports user data rights, including:

  • Access your personal data
  • Update or correct your information
  • Request deletion of your data, subject to regulatory and record-keeping requirements

Requests can be submitted at: support@balanzify.com

7. Security Controls

To protect retained data, Balanzify enforces:

  • Encryption in transit (TLS 1.2 or higher)
  • Encryption at rest for sensitive data
  • Role-based access control (RBAC) and secure authentication mechanisms
  • Monitoring and audit logging of system activities

8. Policy Review

This policy is reviewed periodically and updated as Balanzify's systems, infrastructure, and regulatory obligations evolve.

9. Compliance and Enforcement

Balanzify is committed to maintaining compliance with applicable data protection, financial, and privacy regulations. This policy is continuously refined as part of our broader compliance and governance program.

10. Contact

For any questions regarding this policy:

Email: support@balanzify.com
Website: https://www.balanzify.com