SikaaHub API Health Check

Developer Documentation

Privacy Data Map

Privacy Data Map

| Module | Data type | Purpose | Storage table | Sensitivity | Retention recommendation | Access controls | Closure/deletion notes |

| --- | --- | --- | --- | --- | --- | --- | --- |

| Customers | full name, phone, email | account identity | users, customers | personal | account lifetime plus legal retention | user/admin roles | soft close, retain financial records |

| Customers | device ID, IP, app version | security and fraud prevention | devices, request_logs | personal/security | 12-24 months | user/admin/risk | anonymize where legally allowed |

| Customers | linked wallet details | payouts/verification | linked_wallets | financial | account lifetime plus legal retention | customer/admin/finance | mask account numbers |

| Customers | transaction history | receipts/audit | transactions, payments, withdrawals | financial | statutory financial retention | customer/admin/finance | do not delete; reverse |

| Customers | KYC details | identity verification | kyc_submissions, kyc_documents | sensitive | compliance retention | compliance/admin | secure deletion after retention |

| Merchants | owner/business/contact/location | merchant onboarding | users, merchants | personal/business | merchant lifetime plus legal retention | merchant/admin/compliance | retain settlement history |

| Merchants | KYC documents | merchant approval | kyc_documents | sensitive | compliance retention | compliance/admin | no public file paths |

| Merchants | QR identity | payment verification | merchant_qr_codes | operational | active plus history | merchant/admin | revoke, do not expose IDs |

| Merchants | settlement details | payouts/reporting | settlements, merchant settings | financial | statutory financial retention | finance/admin/merchant | do not delete paid records |

| Merchants | staff users | access control | merchant_staff | personal | staff tenure plus audit retention | merchant owner/admin | suspend/remove |

| Admins | account/IP/device/activity | internal control | users, audit_logs, request_logs | security | employment plus audit retention | super_admin/compliance | retain admin audit trail |

| Developers | company/app profile | API onboarding | developers, developer_apps | business/personal | account lifetime | developer/admin | suspend/revoke |

| Developers | API usage logs | monitoring/billing/security | api_usage_logs | operational | 12-24 months | developer/admin/technical | aggregate/anonymize later |

| Developers | webhook URLs | event delivery | developer_webhooks | integration secret-adjacent | account lifetime | developer/admin | revoke on closure |