Last modified: 29. 5. 2018
At finker privacy and data security is of first priority. We believe in the right of our users to know the kinds of data is collected, for what purpose and also in the right of our users to control this data and remove it if they wish so. In accordance with our beliefs, we make great effort to ensure the transparency of the methods with which we process information and how we ensure it is kept secure and confidential.
Accessing our Services
finker does not provide / perform payment services and therefore does not apply verification procedures for user identification. You are free to use finker completely anonymously as long as you provide any valid email during the registration process. We ask for an email address when registering as the only way to identify the account necessary to reset your password in the case it is forgotten, to avoid automatic false registrations but also to let you know about our services.
The kinds of data we collect and what it is used for
finker addresses privacy by design; a technological veto of data collection connected to your identity.
By using appropriate anonymization tools and practices, gathering information about you and your activities by our services without explicit consent is impossible. Any data stored or processed involves anonymized data that is stripped of any identifiable information (hence not personal), making it impossible to derive insights on a discreet individual.
Recital 26 of the General Data Protection Regulation (GDPR) defines anonymized data as “data rendered anonymous in such a way that the data subject is not or no longer identifiable.”
Although the processing and collection of such data is out of the GDPR scope, we want to be clear about what information we collect and how we use it to deliver our Services to you, improve your financial life, operate our business, and help make our Services work better for you.
The data that we collect involves identification of the businesses that financial transactions refer to and is used for the provision of merchant information and insights about their retail activities to users. Instead of targeting advertisements based on user behavior we provide you with information about the businesses you transact with. This way you reach them instead of them reaching you. This is called contextual advertising as opposed to behavioral advertising that relies on individual users’ personal data. It is the opposite of the Know Your Customer (KYC) process that businesses identify and verify the identity of their clients and promote their goods accordingly. We refer to our approach as Know Your Merchant.
Our goal is to provide users with statistics and automated functionality that help them in making better financial decisions. Our business model relies on highlighting products and services of the businesses you transact with, in a not intrusive to the user manner. If you select a product based on this information, finker may receive a fee from the product provider.
Syncing, Linking, Connecting Bank Accounts or Other Third-Party Services
finker uses API (application programming interface) technology to create the experience of a centralized hub. APIs allow for the safe and secure passing of data between two systems. Where not applicable, “direct access” is used for the automation of user internet browsing interaction with online banking. Not applicable means that the financial institution / service you connect does not provide any alternative method yet, as required by law under the EU PSD2. The second Payment Services Directive (PSD2), designed by the countries of the European Union discourages banks’ monopoly on users’ data and allows third parties to retrieve your account data from your bank – with your permission.
To view your bank and credit card balances on finker you will need to log into your accounts. You will need your username and password for this service as registered in the financial institution you connect to. Once you select your account, there are two ways to link your bank and credit card accounts to finker: ‘automatic’ and ‘manual’. Linking manually means you will need to enter your username and password to each account every time you want to refresh your balance. By selecting to refresh your balances automatically finker splits your details into pieces and stores them separately (eg. one part on your mobile device and one part on our secured cloud servers).
This is the process of pseudonymization as defined in Article 4(5) of the GDPR that defines pseudonymization as “the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” By holding the de-identified data separately from the “additional information,” the GDPR permits data handlers to use personal data without fear of infringing the rights of data subjects. This is because the data only becomes identifiable when both elements are held together.
finker does not share information with third parties.
Nobody, by no means, is legally entitled or entitled, on behalf of or on behalf of the finker, to ask the User (by telephone, e-mail, etc.) to disclose any identity information, including her/his username and password, to enter the application. Any attempt, by any means (telephone, e-mail, etc.) for any reason and by anyone in doing so should be considered with suspect and treated accordingly.
The use of the software is based on the choice of the User to automate the transmission of the necessary data from his e-banking to the device running the software. The process of transmitting and analyzing data requires a connection to the Internet and is done in secure, anonymous, automated and encrypted way. As with most online applications, users should not share their credentials with third parties.
The protection of your personal data is important to us. This privacy statement explains what kind of data finker collects from you through its interaction with you and through its services and how it uses this data.
The terms and the interpretation of this document are subject to its terms and to the relevant provisions of the Greek and European legislation on protection against the processing of personal data, namely Law 2472/1997 on the protection of individuals and the protection of personal data such as this has been amended and is in force today and as supplemented by decisions of the Chairman of the Personal Data Protection Commission, Law 3471/2006 on the protection of personal data and privacy, Law 3917/2011 on the maintenance of personal data processed or processed in the context of electronic communications, DD 207/1998 and 79/2000 and Directives 95/46 / EC on personal data protection and 97/66 / EC on processing of personal data and protection of privacy in the telecommunications sector.
Any attempt to breach security, privacy and fraud is prosecuted.