Personal Information Deletion and Retention Policy

Information about data retention periods and your deletion rights

1. Overview

Mahila Shakti ("we," "our," or "the App") is a credit card management platform committed to user privacy and data protection. This policy outlines our practices for retaining, managing, and deleting personal information collected from users. All processing activities adhere to applicable privacy laws and our comprehensive Privacy Policy. We only retain data essential for providing credit card services and ensuring regulatory compliance.

1.1 Purpose of Data Retention

Personal information is retained solely to:

  • Ensure the continuous provision of credit card management services.
  • Fulfill legal, accounting, and regulatory obligations.
  • Support transaction tracking, dispute resolution, and fraud prevention.
  • Maintain service logs critical for operational integrity.

1.2 Retention Durations

We retain different types of information for varying periods based on their purpose and legal requirements:

Account Information: (e.g., name, phone number, email, password, linked credit card identifiers like last four digits). Retained during your account's active period and for three (3) years after account closure, primarily to meet compliance and audit requirements.

Credit Card Transaction Records: (e.g., payment history, credit limit updates, transaction logs). Retained for five (5) years from the transaction date to comply with financial regulations and facilitate dispute resolution.

App Usage Data: (e.g., feature interactions, session duration). Retained for two (2) years to improve service functionality and enhance user experience through statistical analysis.

Technical & Diagnostic Data: (e.g., crash reports, device performance data, analytics logs). Retained for up to two (2) years or until the troubleshooting purpose is achieved.

1.3 Data Security During Retention

All retained personal and transactional information is protected through:

  • AES-256 encryption for both data transmission and storage.
  • Strict access controls limiting access to authorized personnel only.
  • Secure backup and audit logging mechanisms to prevent loss, misuse, or unauthorized modification.
  • Periodic security reviews to verify data integrity and compliance.

2. Information Deletion

You may request the deletion of your data, or it may occur automatically under specific circumstances. Mahila Shakti ensures that deletion requests are processed securely, and data required by law is retained only for the legally mandated duration.

2.1 Voluntary Deletion Requests

Users can submit a deletion request by emailing service@mahilashakti.com with the following details:

  • Registered username or account phone number.
  • A clear statement requesting data deletion.
  • Confirmation if transaction records should be included or excluded from the deletion request.

Upon verification of your request:

  • Your account and associated data will be flagged as "Pending Deletion."
  • Non-mandatory data will be removed within seven (7) working days.
  • You will receive a confirmation email upon completion of the deletion process. Our customer support team will assist with any issues via the same email channel.

2.2 Automatic Deletion Process

If an account remains inactive for twelve (12) consecutive months (i.e., no login, transaction, or synchronization activity):

  • We will send a deletion notice to your registered email address 15 days prior to the scheduled deletion, explaining what data will be erased and how to retain the account.
  • If no response is received within that period, your account data will be permanently deleted or anonymized according to legal standards.
  • Only data legally required for compliance (e.g., financial recordkeeping) will be retained for the specified duration.

2.3 Data Shared with Third Parties

When personal information (e.g., transaction summaries, verification data) has been shared with approved third-party partners (e.g., payment gateways, analytics providers), we will:

  • Notify those partners of your deletion request.
  • Require them through contractual obligations to delete or anonymize corresponding data.
  • Provide confirmation of their action within five (5) business days after receiving their response.

You may inquire about the progress of third-party data deletion by emailing service@mahilashakti.com, and we will promptly provide status updates.

3. Exceptions to Deletion

Certain information cannot be deleted immediately if:

  • Retention is explicitly required by law, regulation, or government directive.
  • The data is necessary for an active legal investigation, dispute, or compliance review.
  • The data has been anonymized and can no longer identify an individual.

Once these exceptions no longer apply, the information will be securely deleted or permanently anonymized.

4. Policy Updates

We may revise this Deletion and Retention Policy as regulations or business processes change. The latest version will always be available at https://www.mahilashakti.com/privacy-policy. If changes substantially affect your rights, we will provide notice at least 30 days in advance via in-app message or email.

5. Contact Us

For any questions, concerns, or requests regarding the retention or deletion of your personal data, please contact us at:

Email: service@mahilashakti.com

Response Time: We will respond within 10 working days of receiving your verified inquiry.