Art. 15
Right of access
Request a full export of your data in Settings → Data. Returns CSV/XLSX/PDF with all transactions, accounts, and categories. For additional categories (audit log, bank tokens) — email support@my-fina.com.
Data handling
What MyFina stores — and how it gets deleted
Full per-feature matrix: entity, retention window, encryption method, deletion path. No "and so on" parentheses — every row is verifiable in the code.
Per-feature retention matrix
This page extends the Privacy Policy for readers who want specifics. GDPR requires us to disclose data categories and retention periods; here is more detail than the law demands, because we have nothing to hide.
Per-feature retention matrix
Per-feature retention matrix
| Entity | What's stored | Retention window | Deletion path | Encryption |
|---|---|---|---|---|
| Transactions | Amount, currency, date, account, category, description | Until account hard-delete or manual user removal | CASCADE on user or account hard-delete | At rest (DB), TLS in transit |
| Accounts | Name, type, currency, current balance | Until manual user removal | CASCADE removes linked transactions | At rest, TLS |
| Categories | Name, type, icon, MCC codes | Until manual user removal | CASCADE via user_id | At rest, TLS |
| Bank API tokens | Encrypted token (Monobank Personal API, GoCardless consent) | Until user revocation or PSD2 expiry (90 days) | Disconnect in Settings → Banks = immediate removal | AES-256-GCM (column-level), TLS |
| AI prompts (voice/receipt) | Prompt text + Claude response (for usage log) | 30 days in `ai_usage_log` | Cron cleanup after 30 days or admin manual purge | TLS in transit (Anthropic API); prompt removed from their infra per DPA |
| Audit log | Action, target, IP, user-agent, source (web/mobile/cron) | 180 days (admin) / 30 days (user-level events) | Cron prune after retention window | At rest, TLS |
| Login attempts | Identifier (masked in admin), IP, success/failure, timestamp | 30 days (for login throttling) | Cron prune after 30 days | At rest, TLS |
| Marketing leads | Email, source, intent, IP, consent flag | Until admin processing or GDPR Art. 17 request | Best-effort erase-hook on account hard-delete by same email | At rest, TLS |
| Push device tokens (FCM) | FCM token, platform, locale, last-used timestamp | Until unsubscribe or disabled_at (UNREGISTERED from FCM) | CASCADE on user deletion | At rest, TLS |
| Backups | Full DB snapshot (encrypted) | 30-day rolling | Automatic removal per retention; manual purge available | AES-256 before upload to backup storage |
| Web analytics (site only) | GTM container + GA4: anonymized IP, page, referrer. Clarity: heatmap clicks, masked DOM (no input text) | GA4: 14 months (default). Clarity: 13 months. Reset — via cookie banner "Revoke consent". | Cookie banner → "Essential only" stops collection immediately. On /legal/cookies the same toggle is persistent. | TLS in transit; data processed by Google (GTM/GA4) and Microsoft (Clarity) per their DPAs |
Your GDPR rights
Your GDPR rights
Art. 17
Right to be forgotten
Hard-delete the account in Settings → Account → Delete account. Transactions, accounts, categories, currencies, tokens, push devices are cascade-removed. Marketing leads under the same email are also removed via best-effort hook.
Art. 20
Right to data portability
Export in Settings → Data formats data as CSV/XLSX (machine-readable). Structure is compatible with YNAB, Mint, and other ledger tools via a standard column set (date, account, category, amount, currency, note).
How to use it
- Open Settings → Data (from the main menu).
- Pick an export format: CSV (universal), XLSX (Excel), PDF (print).
- For hard-delete — the «Delete account» section at the bottom, password-confirmed.
- For specific audit-log or bank-token requests — email support@my-fina.com with subject «GDPR Art. 15».
← Back to SecurityLast updated: 3 June 2026