Data deletion

Effective April 19, 2026

You have three ways to remove your personal data from Kanegdo. Each option works whether you signed up with email + password, with a magic link, or via Facebook.

Option 1 — Delete from your Kanegdo profile

If you can sign in, the fastest way is the in-app deletion flow:

  1. Sign in at /login.
  2. Open your profile.
  3. Choose Delete my account. We immediately revoke every active session, scrub your name and email, and remove your authentication identities (password hash, Facebook subject, magic-link tokens).

Option 2 — Remove the app from Facebook

If you originally signed in via Facebook, you can trigger deletion from inside Facebook itself. Meta will notify Kanegdo automatically and we will erase the personal data tied to your Facebook account.

  1. Open Facebook → Settings → Apps and Websites.
  2. Find Kanegdo and click Remove.
  3. When Facebook offers to also delete your data on Kanegdo, accept it. Facebook will POST a signed deletion request to our callback at https://kanegdo.leporia.net/auth/facebook/data-deletion.
  4. We immediately delete your Facebook authentication identity and revoke your sessions, then return a confirmation code Facebook displays to you. You can verify the deletion at any time at /data-deletion-status.

Option 3 — Email us

If you can’t sign in, send a deletion request to kanegdo@leporia.net from the email address on file. Include any account identifiers you remember (display name, organization, the Facebook account you used). We will reply within 30 days, usually within one business day.

What we delete

  • Your authentication identities — password hash, Facebook subject, magic-link tokens.
  • Your name and email (replaced with a placeholder so historical foreign keys remain valid).
  • Active and pending sessions (immediately revoked).

What we keep, and why

  • Audit log entries tied to your historical actions are retained for 24 months for security investigations. They reference your (now-anonymized) user id, not your name or email.
  • AI interaction records are retained for 13 months for billing and debugging. Personal content within them is removed on request — just include “please scrub AI logs” in your email request.
  • Connected Facebook Pages belong to the church (organization), not to you personally. Deleting your account does not delete the Pages or remove other team members’ access. The page-level access token minted from your Facebook grant becomes inert; the team can re-link from any other admin’s account.

Questions? Contact kanegdo@leporia.net.