Overview
Requesting the deletion of your MoonPay account does not immediately erase all of your personal information. As a regulated financial services provider, MoonPay is legally required to retain certain information for a limited period, even after an account deletion request. This ensures compliance with anti-money-laundering (AML) laws, financial record-keeping obligations, and similar legal requirements to which MoonPay is subject.
What happens to personal data after I request account deletion?
When you request deletion of your MoonPay account, MoonPay begins the deletion process. However, because MoonPay operates as a regulated financial services provider, any personal information used for customer due diligence (CDD), such as identity verification details, transaction records, and information used to confirm your identity, must be retained for a minimum period of time to meet our legal and regulatory requirements.
During any retention period required by law, this data is securely stored and it is processed only for purposes that are necessary to comply with those legal obligations. Once MoonPay no longer has a legal basis to retain this information, it will be permanently deleted in line with our data retention policies.
Why is data retained after account deletion?
Data retention is mandatory under several legal frameworks, including:
Anti-money laundering (AML) and counter-terrorist financing laws, which require regulated entities to retain records to detect, prevent, and investigate financial crime
Financial-services record-keeping obligations, which may require businesses to preserve transaction and verification data for audit and compliance purposes
Data protection laws, which recognize that the right to deletion does not apply where data must be maintained for compliance with a legal obligation
What information may be retained?
Examples of personal data that may need to be retained include:
Identity verification information (e.g., name, date of birth, address, government-issued ID details)
Transaction records and activity logs required for AML or financial compliance purposes
Account-related operational records necessary to demonstrate regulatory compliance
Where possible, MoonPay deletes or anonymises personal information that is not required to be retained. Any sensitive data is retained only where a specific law requires it.
Additional resources
For further information regarding how MoonPay processes your data or to exercise any of your data protection rights, please review the MoonPay Privacy Policy.
If you have specific questions about your data, you can contact MoonPay’s privacy team at [email protected]
Summary
Certain personal data must be retained after account deletion to comply with financial and legal obligations
Retained data is processed only for legally required purposes and is securely stored
Once there is no remaining legal basis to retain it, MoonPay permanently deletes the data