Luggage Marketplace · SCR-35 — Profile Settings (All Roles)

Account Settings

Manage your personal information, security, and data privacy preferences

🎒 Guest Account

🔄 Also registered as Host

👤 Personal Information

📷

Rahul Sharma Member since Jan 5, 2026 · ✅ Verified

Full Name *

Email Address (read-only — Google OAuth)

Phone Number *

🇮🇳 +91

Alternate Phone (optional)

Date of Birth *

Profile Photo

📷 Change photo

⚠️ Changing your email or phone number will require re-authentication. Maps to FR-80 User entity: id / role / name / email / phone / status / createdAt SRS §7.1 FR-3; §9.1 FR-80

🔐 Security Settings

Change Password (email/password accounts only · disabled for Google OAuth)

Signed in with Google — password change not applicable

Active Sessions SRS §7.1 FR-4

Device	OS / Browser	Location	Last Active
💻 MacBook Pro 14"	macOS 14 · Chrome 124	New Delhi, IN	Now	Current
📱 iPhone 15 Pro	iOS 17 · Safari	New Delhi, IN	Jun 1, 9:42 AM
🖥️ Windows Desktop	Windows 11 · Firefox	Mumbai, IN	May 28, 3:15 PM

🛡️ Privacy & Data Controls

Your data is retained per our Privacy Policy. You have the right to export or delete your personal data at any time under DPDP / GDPR. SRS §8.5 FR-71; §8.5 FR-72

📥 Download My Data

Export all your personal data (FR-80 entity fields, booking history, reviews, chat logs) as JSON/CSV. Right to data portability under DPDP/GDPR.

🗑️ Delete My Account

Permanently delete your account. 30-day grace period applies. This action cannot be undone after the recovery window.

Delete Account → SCR-40

🔔 Notification Preferences

Currently active: 8 of 10 notification types across Email + Push channels

Manage Preferences → SCR-38

☠️

Danger Zone

Deleting your account is permanent and cannot be undone after the 30-day recovery period.

All upcoming and active bookings will be cancelled and refunded per policy
Your listings will be removed (if Host role)
Your reviews will be anonymised
Your personal data will be permanently deleted after 30 days
You will not be able to recover your account after the grace period

🗑️ Delete My Account → SCR-40 This launches a multi-step confirmation flow in SCR-40 before any data is deleted · SRS §8.5 FR-72

Wireframe Annotations — SCR-35 · Profile Settings (Shared — All Roles)

Persona: All Roles (Account Management) — Any logged-in user (Guest / Host / Admin) managing their account. The Danger Zone section is visually isolated and red-bordered to prevent accidental triggering of the irreversible delete flow. SRS §7.1; §8.5

Personal Information Section — All FR-3 fields: Full Name / Email (read-only if Google OAuth) / Phone (country code selector) / Alternate Phone / DOB / Profile Photo. Save Changes button triggers re-authentication if email or phone number is changed. Maps to FR-80 User entity. SRS §7.1 FR-3; §9.1 FR-80

Security Settings — Change password section (disabled for Google OAuth accounts — shows explanation). Active Sessions table: device / OS / location / last active / individual Revoke button. Log Out All Devices global CTA. SRS §7.1 FR-4

Privacy & Data Controls — DPDP/GDPR-required: "Download My Data" (right to portability — exports FR-80 entity + booking history + reviews + chat logs as JSON/CSV). "Delete My Account" routes to SCR-40 multi-step deletion flow. Privacy Policy link. SRS §8.5 FR-71; §8.5 FR-72

Notification Preferences Link — "Manage Preferences → SCR-38" link shows current count of active notification types and channels. Routes to SCR-38 for per-type, per-channel toggle management. SRS §7.9 FR-37

Danger Zone — Delete My Account — Red-bordered section visually isolated at the very bottom. Lists all consequences before the CTA. "Delete My Account → SCR-40" routes to the multi-step confirmation flow. This CTA does NOT immediately delete — it launches SCR-40 which has further safeguards. SRS §8.5 FR-72; SCR-40