Last modified: 16. 5. 2019
At finker privacy and data security is of first priority. We believe in the right of our users to know the kinds of data is collected, for what purpose and also in the right of our users to control this data and remove it if they wish so. In accordance with our beliefs, we make great effort to ensure the transparency of the methods with which we process information and how we ensure it is kept secure and confidential.
This Privacy Policy describes in greater detail the privacy practices of finker (“us,” “we,” “our”) responsible for collecting and maintaining certain information triggered by you. If you have questions or complaints regarding our Privacy Policy or practices, please contact us at support@finker.co.
When this privacy policy applies
If a Service you’re using links to this Privacy Policy, this Policy applies to you. This Privacy Policy (“Policy”) applies to our sites, products, and services (collectively, “finker”) that link to this Policy.
Accessing our Services
finker does not provide / perform payment services and therefore does not apply verification procedures for user identification. You are free to use finker completely anonymously as long as you provide any valid email during the registration process. We ask for an email address when registering as the only way to identify the account necessary to reset your password in the case it is forgotten, to avoid automatic false registrations but also to let you know about our services.
The kinds of data we collect and what it is used for
finker addresses privacy by design; a technological veto of data collection connected to your identity.
By using appropriate anonymization tools and practices, gathering information about you and your activities by our services without explicit consent is impossible. Any data stored or processed involves anonymized data that is stripped of any identifiable information (hence not personal), making it impossible to derive insights on a discreet individual.
Recital 26 of the General Data Protection Regulation (GDPR) defines anonymized data as “data rendered anonymous in such a way that the data subject is not or no longer identifiable.”
In any case, we do not store, process and transmit:
(a) Cardholder data including the primary account number (PAN) along with any of the following data types: cardholder name, expiration date or service code.
(b) Account holder name
Although the processing and collection of such data is out of the GDPR scope, we want to be clear about what information we collect and how we use it to deliver our Services to you, improve your financial life, operate our business, and help make our Services work better for you.
The data that we collect involves identification of the businesses that financial transactions refer to and is used for the provision of merchant information and insights about their retail activities to users. Instead of targeting advertisements based on user behavior we provide you with information about the businesses you transact with. This way you reach them instead of them reaching you. This is called contextual advertising as opposed to behavioral advertising that relies on individual users’ personal data. It is the opposite of the Know Your Customer (KYC) process that businesses identify and verify the identity of their clients and promote their goods accordingly. We refer to our approach as Know Your Merchant.
Our goal is to provide users with statistics and automated functionality that help them in making better financial decisions. Our business model relies on highlighting products and services of the businesses you transact (or similar to these) with, in a not intrusive to the user manner. If you select a product based on this information, finker may receive a fee from the product provider.
Syncing, Linking, Connecting Bank Accounts or Other Third-Party Services
finker uses API (application programming interface) technology to create the experience of a centralized hub. APIs allow for the safe and secure passing of data between two systems. Where not applicable, “direct access” is used for the automation of user internet browsing interaction with online banking. Not applicable means that the financial institution / service you connect does not provide any alternative method yet, as required by law under the EU PSD2. The second Payment Services Directive (PSD2), designed by the countries of the European Union discourages banks’ monopoly on users’ data and allows third parties to retrieve your account data from your bank – with your permission.
To view your bank and credit card balances on finker you will need to log into your accounts. You will need your username and password for this service as registered in the financial institution you connect to. Once you select your account, there are two ways to link your bank and credit card accounts to finker: ‘automatic’ and ‘manual’. Linking manually means you will need to enter your username and password to each account every time you want to refresh your balance. By selecting to refresh your balances automatically finker splits your details into pieces and stores them separately.
This is the process of pseudonymization as defined in Article 4(5) of the GDPR that defines pseudonymization as “the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” By holding the de-identified data separately from the “additional information,” the GDPR permits data handlers to use personal data without fear of infringing the rights of data subjects. This is because the data only becomes identifiable when both elements are held together.
Information sharing
finker does not share information with third parties unless you explicitly consent so.
Nobody, by no means, is legally entitled or entitled, on behalf of or on behalf of the finker, to ask the User (by telephone, e-mail, etc.) to disclose any identity information, including her/his username and password, to enter the application. Any attempt, by any means (telephone, e-mail, etc.) for any reason and by anyone in doing so should be considered with suspect and treated accordingly.
The use of the software is based on the choice of the User to automate the transmission of the necessary data from his e-banking to the account running the software. The process of transmitting and analyzing data requires a connection to the Internet and is done in secure, anonymous, automated and encrypted way. As with most online applications, users should not share their credentials with third parties.
Applicable law
The protection of your personal data is important to us. This privacy statement explains what kind of data finker collects from you through its interaction with you and through its services and how it uses this data.
All matters relating to the Privacy Policy and any dispute or claim arising therefrom or related thereto (in each case, including non-contractual disputes or claims), shall be governed by and construed in accordance with the internal laws of the United Kingdom without giving effect to any choice or conflict of law provision or rule (whether of the United Kingdom or another jurisdiction).
Any legal suit, action or proceeding arising out of, or related to, our Privacy Policy or practices shall be instituted exclusively in the European Union courts or the courts of the United Kingdom in each case located in the City of Bristol Shirehampton, although we retain the right to bring any suit, action or proceeding against you for breach of the Privacy Policy in your country of residence or any other relevant country. You waive any and all objections to the exercise of jurisdiction over you by such courts and to venue in such courts.
Any attempt to breach security, privacy and fraud is prosecuted.
finker is provided by ITBS – IT & BUSINESS SYSTEMS Ltd., 24 Station Road Bristol, BS11 9TX, United Kingdom, www.itbs-bpm.com. The Provider may modify the terms of use, add or remove services and functionality from the software with the aim of adapting it to upcoming changes and the improvement of the services provided to Users.