I recently sent a request for data and account deletion per the CCPA. I currently have a deactivated account associated with this email. I've never funded this account or made a transaction.

> I am a California resident and I am exercising my right to deletion under the California Consumer Privacy Act (Cal. Civ. Code Section 1798.105) and the California Privacy Rights Act and request that you delete my account associated with this email, and all personal information you have collected about me, and that you direct any service providers or contractors to delete my personal information as well.
>  • Email: [insert email here]
> Please confirm deletion within 45 days as required by law. If you cannot complete this request, please provide a specific explanation of the legal exemption you are relying on.
>

I received some replies, and the issue was closed, but these replies were not entirely sufficient for me.

> Even after closing your account, you can still log in to meet legal requirements and access essential tax documents. Additionally, you can take advantage of important features to manage your personal data, including deleting non-essential information. Please log in via the web or the app to submit a request for deleting non-essential data. This feature allows you to submit and monitor the status of your requests in whichever Robinhood experience you prefer.
> ... [information on how to submit your non-essential data deletion form]

> When you signed up for this account you supplied your personal information. Due federal laws and financial regulations this information has to be retained.

Can you please inform me of the specific federal laws or regulations that prevent my deletion request from being fulfilled? Since my account was never funded and I never executed any trades, I assume the scope of data subject to FINRA should be pretty narrow.

Additionally, my understanding is that while Robinhood may need to retain certain financial account records for a defined period, any personal information not subject to the GLBA should still be eligible for deletion under the CCPA.  Even if there is financial data you are required to retain, I STILL want to request deletion of my other personal data. I did submit a request for deletion of non-essential data through your other tool, but I believe the data deletion from this tool is not as broad as I would like. I would like to delete as much as possible,  completely disable login access to my account, and delete authentication credentials.

In summary, I'm requesting the following:

1. Please identify the specific federal laws or regulations you are relying on to deny my deletion request, and specify which categories of my data are subject to those retention requirements.

2. For any data that is not subject to a regulatory retention obligation, please proceed with deletion as required under the CCPA.

3. Please disable login access to my account and delete my authentication credentials.

4. Per CCPA Section 1798.105, please confirm that any retained data will not be used for any purpose other than the specific regulatory obligation that requires its retention.

I appreciate your help. Please let me know if you need anything from me to process these requests.

Best,
Benjamin