Back

Data Deletion & GDPR Policy

Effective Date: March 23, 2026

Quick Summary

  • You can request deletion of your account and data anytime
  • We delete most personal data within 30 days of your request
  • Some data is retained for legal/tax compliance (max 7 years)
  • Email dpo@exinndigital.com or use your account settings to request deletion
  • See detailed tables below showing what data we collect, why, and how long we keep it

1. Your Right to Data Deletion

Under GDPR, LGPD, and other international data protection laws, you have the right to request erasure of your personal data. This is often referred to as the "Right to be Forgotten."

You can request deletion of your personal data at any time, without providing a reason. However, certain data may be retained for legal obligations or legitimate business purposes.

2. What Data Will Be Deleted & Why It's Used

2.1 Data Deleted Within 30 Days (Personal Data)

When you request account deletion, we will permanently delete the following data within 30 days:

Data TypeCurrent Usage PurposesStatus After Deletion
Account Profile (Name, Email, Phone, Bio)
  • Account management
  • Communications
  • Marketing (with consent)
Permanently deleted
Profile Photos & Verification Docs
  • Fraud prevention
  • Identity verification
  • Account security
Permanently deleted
Property Listings & Images
  • App functionality
  • Property matching
  • Analytics
Permanently deleted
Location History & Coordinates
  • Property search
  • Personalization
  • Fraud prevention
Permanently deleted
Messages & Communications
  • User interactions
  • Support
  • Dispute resolution
Permanently deleted
Saved Searches & Favorites
  • Personalization
  • User preferences
  • Analytics
Permanently deleted
Reviews & Ratings You Provided
  • Community trust
  • Fraud prevention
  • Analytics
Permanently deleted
Account Settings & Preferences
  • Personalization
  • User preferences
  • Communications
Permanently deleted

2.2 Data Retained for Legal Compliance (Why & How Long)

The following data will be retained for the specified periods, even after deletion, to comply with law and legitimate business interests:

Data TypeRetention PeriodWhy It's Retained
Transaction Records7 yearsTax reporting, legal disputes, financial audits
Financial Data7 yearsTax compliance, audit requirements, revenue tracking
Payment Information6 yearsPCI DSS compliance, chargeback protection, payment disputes
Identity Verification3 yearsAnti-fraud, KYC/AML compliance, regulatory requirements
Dispute RecordsUntil resolution + 2 yearsLegal protection, dispute resolution, evidence retention
Security Logs1 yearSecurity incident investigation, fraud detection, access tracking
Backup DataUp to 90 daysSystem recovery, disaster recovery procedures

All retained data will be de-identified, encrypted, and segregated from active systems to prevent unauthorized access.

2.3 Data NOT Deleted

The following data will remain on the platform (not linked to your identity):

  • Reviews/ratings you received from other users (these belong to other users)
  • Feedback about your interactions (if not linked to your account)
  • Aggregated, anonymized analytics data

3. How to Request Account & Data Deletion

3.1 Self-Service Deletion (Recommended)

The easiest way to delete your account is through the App:

  1. Log in to your Aluga Facil App account
  2. Go to Settings → Account → Delete Account
  3. Read the confirmation message
  4. Click "Delete My Account"
  5. Confirm your password or two-factor authentication code
  6. Your account will be marked for deletion
  7. You'll receive a confirmation email
  8. Data deletion will be completed within 30 days

3.2 Manual Deletion Request (Email)

If you cannot access your account or prefer to request deletion via email, contact our Data Protection Officer:

Email: dpo@exinndigital.com

Subject: "Data Deletion Request"

Required Information:

  • Your full name
  • Your registered email address
  • Your account ID (if known)
  • Phone number or other identifying information

3.3 Response Timeline

We will:

  • Acknowledge your deletion request within 3 business days
  • Verify your identity to prevent unauthorized deletions
  • Complete deletion of all applicable data within 30 days
  • Send you confirmation when deletion is complete

4. Identity Verification

To protect against unauthorized account deletion, we may require you to verify your identity by:

  • Providing your password
  • Confirming your email address via a verification link
  • Submitting government-issued ID (for sensitive deletion requests)
  • Answering security questions you set up
  • Providing two-factor authentication codes

If we cannot verify your identity, we may deny the deletion request for your protection.

5. Exceptions to Deletion

Under certain circumstances, we may not delete your data or may delay deletion:

5.1 Legal Obligations

We may retain data if required by law, court order, or government request (tax laws, anti-money laundering, know-your-customer regulations).

5.2 Active Disputes

If there is an ongoing dispute, complaint, or legal claim involving your account, we may retain necessary data until resolution.

5.3 Contractual Obligations

If you have ongoing rental agreements or unresolved transactions, we may retain related data until completion.

5.4 Abuse Prevention

We may retain limited data to prevent account re-creation if your account was terminated for violations.

5.5 Backup & System Recovery

Data in backup systems may take up to 90 days to fully delete due to technical requirements.

6. GDPR & Other Regional Rights

6.1 GDPR (EU/EEA Users)

If you are in the EU or EEA, you have the following rights under GDPR:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate information
  • Right to Erasure: Delete your data (with exceptions noted above)
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive data in portable format
  • Right to Object: Opt out of certain processing activities
  • Right to Withdraw Consent: Withdraw previously given consent anytime

6.2 LGPD (Brazil Users)

If you are in Brazil, you have similar rights under LGPD including right to access, correction, deletion, portability, and opt-out of data sharing.

6.3 CCPA/CPRA (California Users)

If you are in California, you have rights under CCPA/CPRA including right to know, delete, opt-out of sale, and non-discrimination.

6.4 Other Jurisdictions

Similar rights exist in other jurisdictions (Canada, Australia, UK). Contact us for information specific to your location.

7. Right to Data Portability

You have the right to receive your data in a portable, machine-readable format (CSV, JSON) and transfer it to another service. To request data portability:

  1. Email us at dpo@exinndigital.com
  2. Subject: "Data Portability Request"
  3. Include your account email and any identifying information
  4. Specify the data format you prefer (CSV, JSON, XML)
  5. We will provide your data within 30 days

8. Complaint & Appeal Rights

8.1 Challenge Our Decision

If we deny your deletion request or disagree with our decision, you have the right to:

  • Request written explanation of our reasoning
  • Appeal the decision by responding to our notice
  • Escalate the complaint to our Data Protection Officer

8.2 Regulatory Complaint

If you believe we are violating your data rights, you can file a complaint with your regional data protection authority:

  • EU: European Data Protection Board (EDPB)
  • UK: Information Commissioner's Office (ICO)
  • Brazil: National Data Protection Authority (ANPD)
  • California: California Privacy Protection Agency (CPPA)

9. Deletion Confirmation & Verification

After your data is deleted, we will:

  • Send you a confirmation email
  • Confirm the deletion was successful
  • List the data that was deleted
  • Explain any data retained for legal reasons
  • Provide the date deletion was completed

You can verify deletion by attempting to log in to your account—it should no longer exist.

10. Data of Minors

If your child (under 18) has an account, you may request deletion of their data at any time. Contact us with:

  • Proof of parental relationship (birth certificate, passport)
  • The child's account email and ID
  • Your contact information

We will delete the child's account and data (subject to legal exceptions) within 30 days.

11. Frequently Asked Questions

Will my reviews be deleted?

Reviews you posted will be deleted. However, reviews other users posted about you will remain (they own their content). You can request those be removed if they violate our policies.

How long does deletion take?

Most data is deleted within 30 days of your request. However, backups may take up to 90 days to fully clear.

Can I recover my data after deletion?

No. Once deleted, your data cannot be recovered. We recommend exporting your data before requesting deletion.

Do you delete data from other users' devices?

No. We can only delete data from our servers. If another user saved your profile or photos, they are responsible for deleting those.

Will you keep my account name available?

We may retain your username in a reserved list to prevent impersonation or re-registration by bad actors.

Can I delete specific data without deleting my entire account?

Yes. You can delete specific listings, photos, or messages through your account settings. For selective data deletion, email dpo@exinndigital.com.

What if I have an ongoing rental agreement?

We may delay deletion until the agreement is completed or resolved. This protects both you and other parties in the transaction.

12. Contact Us

For data deletion requests, questions about your rights, or to lodge a complaint:

Data Protection Officer:
dpo@exinndigital.com

Privacy Team:
privacy@exinndigital.com

General Support:
support@exinndigital.com

Response time: Within 3 business days

Related Policies:

Privacy PolicyTerms of Service