...
TPP offers a Personal Finance Manager app that provides insights on spend and predictions and they use the data collected via OF to satisfy part of their proposition. The user User is onboarded and KYCed by the TPP for this service. The user User subscribes to the services offered by the TPP and has given their long-lived OF consent. After a few months, the User ends the monthly subscription and revokes their consent for Data Sharing.
This however should not imply that the TPP has to delete the data acquired so far. The User relationship still exists with the TPP and the user User can still access any free content which could be dependent on the OF data. For e.g. The User could still want to view the historical insights, the TPP could still offer limited services based on User account product information with the LFI and so on.
If an Open Finance (OF) consent is revoked by the User then that must NOT imply that the data obtained from OF must be deleted by the TPP. This data is part of the overall User data with the TPP and the TPP as the Data controller must be able to justify the handling of the OF data as governed by the underlying Data Protection Law. The user User however must have the explicit right to request deletion of the data.
...
On termination of the relationship with the customer-facing TPP, the TPP MUST
confirm to the user User which of the OF data they need to continue holding for legal or operational reasons
confirm the deletion of the remaining OF data
...