Trust & compliance
Privacy & compliance
How Dive honours the promise on every account: read-only inbox access, no banking login, raw email and PDF discarded after processing. Consent, access, erasure, retention and the audit trail in one place.
NDPR readiness
An honest read of what's in place and what's still being worked on, with no green-washing.
- Consent is versionedEvery user agrees to a numbered consent version (current v2.1).
- Retention policy definedHot / warm / cold tiers; raw source discarded after processing.
- Deletion workflowRequested → queued → confirmed; irreversible, audited erasure job.
- Export (access) workflowMachine-readable package assembled and delivered via secure download.
- Append-only audit logSensitive admin actions recorded with actor, before → after, and reason.
- OAuth verificationIn progressGoogle restricted-scope (email read-only) verification in progress.
- DPIA refreshIn progressData protection impact assessment being refreshed for the pilot.
Retention policy
The data lifecycle, in plain language. The raw source is never kept.
- Raw email / PDFSource
Discarded after processing
The original email body and statement PDF are parsed in memory and discarded. We never store the raw source.
- Live derived dataHot
While account is active
Parsed transactions, reports and alerts the user sees in the app. Encrypted at rest.
- Recent processed dataWarm
12 months
Recently processed, de-duplicated transactions kept warm for fast report regeneration.
- Aggregates & auditCold
Up to 24 months
Anonymised aggregates and the audit trail, retained for compliance and accuracy investigations.
| Exportdr_001 | Seun Farinre | In progress | Due in 12 days | |
| Exportdr_002 | Amaka Obi | Requested | Due in 6 days | |
| Exportdr_003 | Elizabeth Nnadi | Requested | Due in 1 day | |
| Deletiondr_004 | Desola Bankole | Requested | Due in 3 days | |
| Deletiondr_005 | Chidi Eze | In progress | Overdue by 1 day | |
| Exportdr_006 | Samson Adeyemi | Completed | 19 Jun 2026 | |
| Inbox disconnectdr_007 | Tega Okonkwo | Completed | 9 Jun 2026 | |
| Account disabledr_008 | Iye Alawode | Paused | Due in 7 days |
- User
- Seun Farinre
- Type
- Export
- Created
- 17 Jun 2026
- Status
- In progress
- Due
- Due in 12 days
- User
- Amaka Obi
- Type
- Export
- Created
- 18 Jun 2026
- Status
- Requested
- Due
- Due in 6 days
- User
- Elizabeth Nnadi
- Type
- Export
- Created
- 9 Jun 2026
- Status
- Requested
- Due
- Due in 1 day
- User
- Desola Bankole
- Type
- Deletion
- Created
- 13 Jun 2026
- Status
- Requested
- Due
- Due in 3 days
- User
- Chidi Eze
- Type
- Deletion
- Created
- 10 Jun 2026
- Status
- In progress
- Due
- Overdue by 1 day
- User
- Samson Adeyemi
- Type
- Export
- Created
- 20 May 2026
- Status
- Completed
- Due
- 19 Jun 2026
- User
- Tega Okonkwo
- Type
- Inbox disconnect
- Created
- 8 Jun 2026
- Status
- Completed
- Due
- 9 Jun 2026
- User
- Iye Alawode
- Type
- Account disable
- Created
- 11 Jun 2026
- Status
- Paused
- Due
- Due in 7 days
Pending (requested + in progress) totals match the platform counts and the sidebar badge: 5 = 3 export + 2 deletion. Open a request to handle it. Nothing destructive happens here. TODO(api): GET /admin/privacy/requests.
Sensitive admin actions
Every deletion, export, access and role change: who, what changed, when and why.
Funmi Bakare queued data export
User u_seun · Seun Farinre
Export request: requested → in-progress
User-initiated NDPR access request.
4h ago · 19 Jun 2026, 07:05
Grace Okafor acknowledged deletion request
User u_desola · Desola Bankole
Deletion request: none → requested
Confirmation pending; nothing deleted yet.
6d ago · 13 Jun 2026, 09:02
Funmi Bakare changed admin role
Admin ad_kemi · Kemi Adeleke
Role: - → Data Quality Reviewer (invited)
Invite sent; awaiting acceptance + 2FA.
3d ago · 16 Jun 2026, 08:15
Everything here is local mock data. No real data is exported or deleted. TODO(backend): real, irreversible, audited export & erasure jobs and an append-only audit service.