End Users

End User Privacy Policy

Available languages:

• Française - Politique de confidentialité pour utilisateur final

• Español - Política de privacidad aplicable al usuario final

• Nederlands - Privacybeleid voor eindgebruikers

• Deutsche - Datenschutzerklärung für Endbenutzer

Effective Date: February 28, 2025

Privacy and security are very important to us at Plaid. This End User Privacy Policy (“Policy”) is meant to help you (the “end user”) understand how we at Plaid collect, use, and share your data when you use Plaid products or services - for example, when you use Plaid Portal, or when you use Plaid to connect and share your data to power the applications (“apps”) you use. These apps, which offer many consumer services and products such as helping you save for retirement, manage your spending, streamline credit applications, or transfer money, are built and provided by our business customers (we’ll call them “developers” here), and powered by Plaid.

This Policy applies to Plaid Inc., Plaid Financial Ltd., and Plaid, B.V. (collectively, “Plaid,” “we,” “our,” and “us”). Please see the “Contacting Plaid” section below for which of these entities is responsible for processing your data. This Policy does not cover services offered by Plaid Consumer Reporting Agency, Inc. (“Plaid CRA”); for more information on that policy please see the CRA Privacy Policy.

You should read this Policy carefully, it contains important information about your privacy rights and choices.

Jump to section:

Our Data Practices

• Data We Collect and Categories of Sources

• How We Use Your Data

• Our Lawful Bases for Processing (EEA and UK End Users)

• How We Share Your Data

• Our Retention and Deletion Practices

• Protection of Data

Some Final Details…

• International Data Transfers

• Your Data Protection Rights

• Your Additional Privacy Controls

• Changes To This Policy

• Contacting Plaid

Summaries of Processing Activities

• Summary of Processing Activities by Category of Information

• Summary of Processing Activities by Product

First, Some Background

A quick note about Plaid

Our mission at Plaid is to unlock financial freedom for everyone. Plaid helps consumers like you connect your financial accounts to Plaid or to third-party developers in order to provide you with products and services that you request.

About this Policy

Our goal with this Policy is to provide a simple and straightforward explanation of what data Plaid collects from and about you and how we use and share that information. We value transparency and want to provide you with a clear and concise description of how we treat your data.

This Policy does not cover what developers of the apps you use do with your data. You should review the privacy policies or terms of service for those apps for information about their practices. This Policy also does not cover data we collect through our websites or when you interact with Plaid outside of using our product or services, such as emailing Plaid directly. Please see our All Audience Privacy Statement and Cookie Policy for more information.

Plaid’s services are not directed to individuals under 18 and we do not knowingly collect data relating to children.

Our Data Practices

Plaid is committed to providing end users with meaningful control over their data. This section describes Plaid’s data practices relating to our processing of data about you. We also provide summaries of our practices organized by category of data collected and by product at the end of this Policy in the Summaries of Processing Activities section.

Data We Collect and Categories of Sources

As described in more detail below, the data we collect, use, and share depends on the Plaid products and services that you, and/or the app you have connected to, use. Depending on which of Plaid’s products or services you or your app use, Plaid may collect the following:

• Data you provide to us;

• Data from financial institutions when you connect your financial account;

• Data from the electronic device you use to connect your financial account using Plaid or to otherwise interact with Plaid;

• Data from the developer of the app you have connected to;

• Data from our affiliates to provide support to you or to provide you with a better user experience; and/or

• Data from other sources, including service providers and identity verification and fraud prevention services.

Data you provide to us. When you use Plaid’s products or services (like when you use Plaid to connect your financial accounts to an app), we collect the following data from you as needed to power your particular app or Plaid product or service:

• identifiers like name, email address, date of birth, Social Security number, and phone number;

• login data when required by the provider of your account, like your username and password, account and routing number, or a security token;

• any additional information needed to connect your accounts, including security questions and answers, and one-time password (OTP);

• information from documents or statements that you provide to Plaid, like bank statements or pay stubs; and/or

• information related to your use of our services, including which of our services you use, the dates and times of your use, and which financial institutions and apps you connect using Plaid.

When you provide login data and additional information needed to connect your accounts, you also give Plaid permission and authority to act on your behalf to access and transmit data to and from your financial institution.

Data we collect from financial institutions about and from your accounts. Depending on which Plaid products or services you, or the developer of your app use, as well as what, and how information is made available, we may collect the following data from your financial institutions:

• Account data, including financial institution name, account name, account type, account ownership, branch number, IBAN, BIC, account number, routing number, and sort code;

• Data about an account balance, including current and available balance;

• Data about credit accounts, including due dates, balances owed, payment amounts and dates, transaction history, credit limit, repayment status, and interest rate;

• Data about loan accounts, including due dates, repayment status, balances, payment amounts and dates, interest rate, guarantor, loan type, payment plan, and terms;

• Data about investment accounts, including transaction information, type of asset, identifying details about the asset, quantity, price, fees, and cost basis;

• Identifiers and data about the account owner(s), including name, email address, phone number, date of birth, and address information;

• Data about account transactions, including amount, date, payee, type, quantity, price, location, involved securities, and a description of the transaction; and/or

• Data from your payroll and tax documents, including data about your income and employer, in cases where you’ve connected your payroll accounts or provided us with your pay stub or tax form information.

Depending on the Plaid service you or the developer of your app use, and the manner in which the data is made available, the data collected from your financial accounts may include data from all accounts (e.g., checking, savings, credit card, and joint accounts) accessible through a single set of account credentials. For more specifics about data collected in connection with different products and services, see Summary of Processing Activities by Product.

Data we receive from your devices. When you use a device, like your smartphone, tablet, or computer, to interact with our services (including through a developer’s app), we may collect the following data about that device:

• internet protocol (IP) address;

• timezone setting and location, device location;

• hardware model and operating system;

• features within our services you access;

• browser data;

• network data; and

• other technical data about the device (such as settings and preferences).

Data we receive about you from the developers of apps powered by Plaid. When needed for Plaid to provide a service (like verifying your identity, protecting against fraud or risk, or enabling a bank transfer), the developers of the apps you use may provide us with identifiers and commercial information about you, like your name, Social Security number, email address, phone number, or information about your financial accounts and transactions.

Data from our affiliates to provide support to you or to provide you with a better user experience. We may collect data from our affiliates (these are companies related to us by common ownership or control) to provide support to you or improve your experience. For example, if you elect for Plaid CRA to remember financial accounts associated with your phone number, we may collect the following data from Plaid CRA in order to help you connect to your accounts faster when using our services:

• identifiers like name, email address, and phone number;

• login data when required by the provider of your account, like your username and password, bank name, account and routing number, or a security token;

• when needed, data to help verify your identity and connect your accounts, including your date of birth, security questions and answers, and one-time password (OTP); and/or

• data from your device (as explained in more detail above).

Data we receive about you from other sources. When needed to provide a service, identify your device, or to help prevent fraud, abuse, or security threats, we may also receive data about you directly from third parties, including your wireless carrier, agents and our service providers.

Information we derive from the data we collect. We may derive additional information about you from the data we collect. For example, we may infer your geolocation, your annual income, or the type of account or subaccount you’ve chosen to connect―such as when you connect your loan accounts, so we can let the developer know whether the account is for a mortgage, student loan, or credit card.

How We Use Your Data

We use your data for the following business and commercial purposes:

• Provide Services: To operate, provide, service, process, and maintain our products and services.

• Develop Existing Services: To improve, enhance, modify, add to, and further develop our services.

• Help Prevent Fraud, Verify Your Identity, or Protect Privacy: To verify your identity and help protect you, developers, our partners, Plaid, and others from fraud, malicious activity, and other privacy and security-related concerns.

• Develop New Services: To develop new products and services.

• Develop Insights: To develop insights based on the data we’ve collected about you. This includes your transaction data, other financial data, data about which financial accounts you have connected to which apps, and data from other sources, to help us, your financial institutions, and the developers of your connected apps provide services and/or a better user experience to you, like providing you with a faster connection and onboarding experience, faster access to your funds, to help detect and prevent potentially fraudulent activity, or personalize their services to you.

• Provide Support: To provide support to you or to developers, including to help respond to your inquiries related to our services or developers’ apps.

• Communicate With You: To communicate with you and send you things like technical notices, updates, security alerts, and messages.

• Investigate Misuse and Misconduct: To investigate any misuse of our service or developers’ apps, including violations of our Developer Policy, criminal activity, or other unauthorized access to our services.

• For Legal Purposes: To comply with contractual and legal obligations under applicable law and for other legal purposes such as to establish and defend against claims.

• With Your Consent: For other notified purposes with your consent or at your direction.

We also collect, use, and share data that has been aggregated or anonymized in a manner that does not identify you personally for any purpose permitted under applicable law. This includes creating or using aggregated or anonymized data to develop new products or services, to facilitate research, and for analytics purposes to help assess the speed, accuracy, and/or security of our services.

Our Lawful Bases for Processing (EEA and UK End Users)

For individuals in the European Economic Area (“EEA”) or the United Kingdom (“UK”), Plaid only processes your personal data when we have a valid legal basis to do so. Our legal basis for processing the data we collect will depend on what data we collected and the purpose for processing it. Generally, we will only collect and process your data where:

• we are bound by any contract or agreement with you (for example, to comply with our end user services agreements) and must adhere to various legal requirements when offering regulated services, including our account information and payment services.

• we require your data to comply with our legal obligations under applicable law, to safeguard Plaid's legal rights, and to prevent and identify criminal activities such as money laundering and fraud. For these purposes, Plaid may find it necessary to share your personal data with entities such as courts, law enforcement agencies, and providers of anti-money laundering services;

• processing is necessary for our legitimate interests to effectively maintain the integrity of our services. This includes retrieving account information or providing payment initiation services (as well as verifying the output of this activity), engaging in communication with you, and ensuring that Plaid, as a regulated entity, upholds the expected standards (including those stipulated by the Financial Conduct Authority for Plaid Financial Ltd and De Nederlandsche Bank for Plaid B.V).; or

• you have given your consent to do so.

To the extent we rely on consent to collect and process your data, you have the right to withdraw your consent at any time per the instructions provided in this Policy.

How We Share Your Data

We share your data for the following reasons:

• With the developer of the app you are using and as directed by that developer;

• To enforce any contract with you;

• With our data processors and other service providers, partners, agents or contractors in connection with the services they perform for us or developers;

• With financial institutions to help establish, maintain, or manage a connection you’ve chosen to make between your financial institution accounts and the products or services you use, as well as to help them protect your financial accounts and offer you personalized services such as returning user experiences;

• If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (like a court order or subpoena);

• In connection with a change in ownership or control of all or a part of our business (like a merger, acquisition, reorganization, or bankruptcy);

• Between and among Plaid and our current and future parents, affiliates, subsidiaries and other companies under common control or ownership;

• As we believe reasonably appropriate to protect against and prevent actual or potential fraud, unauthorized transactions, claims, other liabilities, or otherwise protect the rights, privacy, safety, or property of you, developers, our partners, Plaid, and others; or

• For any other notified purpose with your consent or at your direction.

(For US users) We do not share your data with non-affiliated third parties except as permitted by law (as authorized by 12 C.F.R. § 1016.14 and 1016.15).

When you link your financial accounts through Plaid, we typically use Google’s reCAPTCHA service to help detect fraud and abuse. Google reCAPTCHA is integrated into Plaid products and services in order to ensure that entries made in online forms, for example, are actually made by real persons and are not automated by software (or bots).

Google reCAPTCHA analyzes the behavior of users of our products and services using different characteristics. Google reCAPTCHA processes personal data such as your IP address, your length of stay on our website and further information about your use of Plaid products and services. This data will be transmitted and stored by Google on servers in the United States and other countries. Google has certified with the EU-US Data Privacy Framework; the certificate is available here. When reCAPTCHA is used, Google’s Privacy Policy and Terms of Use apply to reCAPTCHA and information Google collects through reCAPTCHA.

We only share your personal financial data with third parties to power the services you requested, when you consent, and/or to protect against fraud.

We may collect and share cookie data with third parties when you visit our website, or we may allow third parties to collect this cookie data from our sites. Please see our Cookie Policy and All Audience Privacy Statement for more details.

Our Retention and Deletion Practices

We retain your data only as long as it is needed. To determine whether the data is needed, we consider the reason your data was collected and used and any legal requirements to hold onto your data. We review your data periodically to ensure it is still needed to fulfill the purpose for which it was collected or any other legal requirements. If a developer removes your connection from their app to your data, Plaid’s systems are designed to automatically delete your personal data, subject to certain exceptions where we may still retain your information.

The exceptions to this may be if: (a) you’ve established a connection with another developer’s app through Plaid that is still active; (b) Plaid needs your data to continue providing you with a Plaid product or service you requested; (c) Plaid is required by law to keep your data; (d) Plaid needs your data to help protect against or prevent fraud or protect privacy, provide support, or investigate misuse and misconduct; (e) Plaid has anonymized your data such that it cannot be reidentified; or (f) we request - and you specifically agree - to allow us to retain your data longer.

Your data will only be processed as required by law or in accordance with this Policy.

Please refer to the “Your Data Protection Rights” section of this Policy for options that may be available to you, including how to request deletion of your data. The “Your Additional Privacy Controls” section of this Policy also provides details about tools available to you to help you view and manage the connections you’ve made using Plaid. You can also contact us about our data retention practices using the contact information in the “Contacting Plaid” section below.

Protection of Data

Plaid’s security policies and practices are designed to protect the confidentiality and integrity of your data. Plaid implements controls designed to limit access to this data to personnel who have a business reason to know it and prohibits its personnel from unlawfully accessing, using or disclosing this data.

Some Final Details

International Data Transfers

We operate internationally, and so we transfer the data we collect about you across international borders for processing and storage (for example, we transfer data from the EEA and UK to the United States and store data in AWS regions located in the United States). When we transfer data to a different country or territory, we follow applicable data protection laws in doing so. In particular, when we transfer data from the EEA or UK across other international borders, we rely on adequacy decisions, data transfer agreements, or other EU Commission- or UK Secretary of State-approved (as applicable) mechanisms for such transfers, including standard contractual clauses. You can ask for a copy of these standard contractual clauses by contacting us as set out below. Prior to transferring data from the EEA or UK, we carry out transfer impact assessments and implement any supplementary measures to ensure any data transferred will be maintained in accordance with EEA and UK requirements.

Your Data Protection Rights

Regardless of where you live, we will honor the following rights related to your personal data, subject to some limitations and exceptions provided by law, and you will not be discriminated against for exercising them:

• Access data collected about you;

• Request access to more details about the categories and specific pieces of personal information we may have collected about you in the last 12 months (including personal information disclosed for business purposes);

• Request, under certain circumstances, that we rectify or update your data that is inaccurate or incomplete;

• Request, under certain circumstances, that we erase or restrict the processing of your data;

• Object to our processing of your data under certain conditions provided by law;

• Where processing of your data is based on consent, withdraw that consent;

• Request that we provide data collected about you in a structured, commonly used and machine-readable format so that you can transfer it to another company, where technically feasible.

  • Please note that for an official record of your financial information you should make that request directly to your financial institution.

Depending on where you live, you may have the right to lodge a complaint. We welcome and appreciate the chance to address any concerns you may have and encourage you to contact us. In addition, and depending on your jurisdiction, you may have the right to make a complaint at any time to your (data protection) supervisory authority. For end users in the EEA, you can find contact information for the European Data Protection Board (EDPB) on the EDPB’s website. For end users in the UK, you can find contact information for the Information Commissioner’s Office (ICO) on the ICO’s website. For end users in Switzerland this is the Federal Data Protection and Information Commissioner.

To exercise any rights you have, you can submit a request using our online form. You can also contact us as described in the “Contacting Plaid” section below to exercise any of your data protection rights. You may be required to provide additional information necessary to confirm your identity before we can respond to your request.

If we receive your request from an authorized agent, we may ask for evidence that the agent has valid written authority, like a power of attorney, to submit requests on your behalf.

We will consider requests and provide our response within a reasonable period of time (and within any time period required by applicable law). Please note, however, that certain data may be exempt from such requests, for example if we need to keep the data to comply with our own legal obligations or to establish, exercise, or defend legal claims.

Your Additional Privacy Controls

Plaid developed the Plaid Portal to provide you with a convenient, centralized way to view and manage the connections you’ve made using Plaid.

If you’re located in the U.S., you can sign up for Plaid Portal by visiting my.plaid.com, verifying your phone number and email address, and creating a password. Once you’ve signed up for Plaid Portal, you’ll be directed to a dashboard that can show you financial accounts you’ve connected to your chosen apps using Plaid, and the types of data shared with those apps. Additionally, the Plaid Portal provides you with controls to terminate the connection between apps and your financial accounts and delete associated data stored in Plaid’s systems.

Changes To This Policy

We update or change this Policy from time to time. If we make any updates or changes, we will post the new policy on Plaid’s website at https://plaid.com/legal and update the effective date at the top of this Policy. We will also notify developers of any material changes in accordance with our developer agreements, as they may be better positioned to notify you about changes to this Policy. If you are an active user of Plaid Portal, we will also send you an email notifying you of the update.

Contacting Plaid

If you have any questions or complaints about this Policy, or about our privacy practices generally, you can contact us at privacy@plaid.com or by mail at:

If you reside outside the EEA or UK:

For both Plaid Financial Ltd. and Plaid, B.V. we have appointed a data protection officer (DPO) who is also responsible for overseeing questions in relation to this Policy and can be contacted via email at privacy@plaid.com .

If you reside in the UK:

If you reside in the EEA:

Summaries of Processing Activities

Summary of Processing Activities by Category of Information

To help provide even greater transparency around our practices, we consolidated the information provided in our Policy above into a table that matches the categories of data Plaid collects about you with the sources of the data, uses of the data, and the categories of recipients with whom Plaid shares the data. For more detailed descriptions of our data collection, use, and sharing practices, please refer back to the sections of the Policy above.

Summary of Processing Activities by Product

As noted above, the data we collect and use depends on the Plaid products and services that you and the developer use. To make it easier to understand what data is collected and used for which product and service, we put together the below summaries of our data collection and use by product. Some of these products are only available to US based users, and others are only available to EEA and UK based users. If you are not sure which Plaid products or services your connected applications use, please contact the developer of the application. (Note that this list reflects Plaid’s product suite as of the effective date of this Policy and may not include products or services in development as of that date.)

Additionally, data protection law in certain jurisdictions, such as the UK and EU, differentiates between the “controller” and “processor” of data. Depending on which product or service you and your developer are using, Plaid may be the controller or the processor of the data collected under the relevant data protection law. Unless otherwise specified in the product description below, Plaid is the controller of the personal data collected.

Assets

Assets enables you to provide access to a point-in-time view of your chosen financial account data—like account balances, transaction histories, and account holder identity information—to Plaid and the apps and services you choose. We collect identifiers, financial information, commercial data, location data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Auth

Auth helps to enable you to authenticate your financial account data and provide access to your account and routing numbers to Plaid and the apps and services you choose. We collect identifiers, financial data, commercial data, location data, and electronic network activity data. We use this information as described in the How We Use Your Data section of this Policy.

Balance

Balance enables you to provide access to your real-time financial account balances and/or inferences derived from your account balances and other account information to Plaid and the apps and services you choose so they can help you do things like avoid overdrawing your account before you make a money transfer. We collect identifiers, financial data, commercial data, location data, and electronic network activity data and in some cases we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Identity and Identity Match

Identity enables you to provide access to the account holder data held by your financial institution—such as your name, email address, phone number, and mailing address—to Plaid and the apps and services you choose to help them do things like verify your identity or prefill your account data within the app. Identity Match helps the apps and services you use verify your identity against account holder data held by your financial institution. We collect identifiers, financial data, commercial data, location data, and electronic network activity data. We use this data as described above in the How We Use Your Data section of this Policy.

Identity Verification and Monitor

Identity Verification and Monitor (“IDV”) facilitate identity verification, fraud detection, and watchlist screening services for developers. When we provide Identity Verification and Monitor services to developers, we only collect and process your data as a service provider to that developer, and so the developers determine the purpose and means by which your data is processed. For more details on how we process end user data for developers and on the developer’s instruction to provide Identity Verification and Monitor services, see IDV's End User Privacy Statement.

Plaid Account

A Plaid Account allows you to save your financial account connections and personal information in an account directly with Plaid to unlock faster onboarding and other services from Plaid and your chosen apps. We collect identifiers, financial data, commercial data, location data, and electronic network activity data. We use this data as described in theHow We Use Your Data section of this Policy.

Income

Income enables you to provide access to data pertaining to your income and employment to Plaid and the apps and services you choose. We collect identifiers, financial data, commercial data, location data, employment, income and other professional data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Investments

Investments enables you to provide access to data from your retirement, brokerage, education savings, and health savings accounts to Plaid and the apps or services you choose so they can do things like provide you with personal financial and wealth management tools. We collect identifiers, financial data, commercial data, location data, professional data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Liabilities

Liabilities enables you to provide access to financial data from your credit card, mortgage, and student loan accounts to Plaid and the apps and services you choose. We collect identifiers, financial data, commercial data, location data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Payment Initiation and Variable Recurring Payments

Payment Initiation enables users of EU and UK services to make one time, recurring, or variable recurring payments into accounts.This is for services like bank transfers, standing orders, and variable recurring payments and one-off or recurring payments out of accounts, like withdrawals and refunds. Variable Recurring Payments enables our EU and UK users to authenticate a bank account one time, and then make future payments without the need for additional authentication. We collect identifiers, financial data, commercial data, location data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Payouts

Payouts enables users of EU and UK services to seamlessly and instantly make withdrawals and refunds from an app or service that you are using, by opening and pre-funding an e-money account from which funds can be sent to users that are requesting a payout. We collect identifiers, financial data, commercial data, location data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Plaid Portal

Plaid Portal is a privacy tool that you can use as a way to control the connections to apps that you have made through Plaid. You can use Plaid Portal to view connections to apps in a single dashboard, disconnect financial accounts from apps, or delete data from Plaid’s systems. You can also use Plaid Portal to view and manage their Plaid Accounts. We collect identifiers, financial data, commercial data, location data, and electronic network activity data. We use this data as described in the How We Use Your Data section of this Policy.

Signal

Signal helps the apps and services you use provide a better user experience to you, like providing you with faster access to your funds and reducing the risk of fraud or a payment not being completed. We collect identifiers, financial data, commercial data, location data, electronic network activity data, and we derive inferences from this data. We use this data as described in the How We Use Your Data section of this Policy.

Statements

Statements allows you to share copies of your financial account statements with Plaid and the apps and services you choose. We may collect identifiers, financial data, commercial data, location data, and electronic network activity data. We use this data as described in the How We Use Your Data section of this Policy.

Transactions

Transactions and its related products enable you to provide access to transaction histories from your financial accounts to Plaid and apps and services you choose so they can provide you with things like personal finance management tools, expense reporting, cash flow modeling, and more. We may collect identifiers, financial data, commercial data, location data, electronic network activity data, and we derive inferences and financial insights from this data. We use this data as specified above in the How We Use Your Data section of this Policy.

Transfer

Transfer enables you to authorize a developer to send payments to you, or collect payments from you, through bank transfers, on either a one time or recurring basis. This includes verifying you own the account to or from which the payment will be sent, assessing the risk that the payment may not be completed or is fraudulent, electronically processing payment instructions, and providing confirmation to the developer that the payment was completed. We may collect identifiers, financial data, location data, and electronic network activity data. We use this data as described in the How We Use Your Data section of this Policy.

Consumer Privacy Notice

Last Updated: February 22, 2024

Politique de confidentialité pour utilisateur final

Langues disponibles:

• English - End User Privacy Policy

• Español - Política de privacidad aplicable al usuario final

• Pays-Bas - Privacybeleid voor eindgebruikers

• Deutsche - Datenschutzerklärung für Endbenutzer

Date d’entrée en vigueur: 22 février 2024

La confidentialité et la sécurité sont très importants pour nous au sein de Plaid. La présente Politique de confidentialité destinée aux utilisateurs finaux (la « Politique ») vise à vous aider (l’« utilisateur final ») à comprendre comment nous, chez Plaid, collectons, utilisons et partageons vos données lorsque vous utilisez des produits ou services Plaid (par exemple, lorsque vous utilisez Plaid Portal ou lorsque vous utilisez Plaid pour vous connecter et partager vos données afin que nous prenions en charge les applications (« applis ») que vous utilisez). Ces applis, qui proposent beaucoup de services et de produits destinés aux consommateurs, par exemple en vous aidant à épargner pour votre retraite, à gérer vos dépenses, à rationaliser vos demandes de crédit ou à effectuer des virements, sont conçues et vous sont fournies par nos clients professionnels (ici, nous les appellerons « développeurs ») et prises en charge par Plaid.

Cette Politique s’applique à Plaid Inc., à Plaid Financial Ltd., et à Plaid B.V. (collectivement, « Plaid », « nous », « nos », « notre »). (Veuillez lire la section « Contacter Plaid » ci-dessous pour savoir laquelle de ces entités est responsable du traitement de vos données.) Cette politique ne couvre pas les services proposés par Plaid Consumer Reporting Agency, Inc. (« Plaid CRA »), pour plus d’informations sur cette politique, veuillez consulter la Politique de confidentialité de CRA.

Vous devez lire attentivement cette Politique. Elle contient des informations importantes sur vos droits et vos choix en matière de vie privée.

Aller à la section:

Tout d’abord, le contexte

Nos pratiques relatives aux données

• Données que nous collectons et catégories de sources de données

• Comment nous utilisons vos données

• Les bases juridiques sur lesquelles nous nous appuyons pour le traitement (Utilisateurs au sein de l’EEE et du Royaume-Uni)

• Comment nous partageons vos données

• Nos pratiques en matière de conservation et de suppression

• Protection des données

Quelques derniers détails

• Transferts internationaux de données

• Vos droits en matière de protection des données

• Les contrôles supplémentaires dont vous disposez en matière de confidentialité

• Modifications apportées à cette Politique

• Contacter Plaid

Synthèses des activités de traitement

• Synthèses des activités de traitement par catégorie de donnée

• Synthèses des activités de traitement par produit

Avis de confidentialité du consommateur

Tout d’abord, le contexte

Un mot sur Plaid

Notre mission à Plaid est de dynamiser les innovateurs en leur donnant accès au système financier et débloquer la liberté financière pour tous. En fournissant un accès à des données de comptes financiers exploitables et de haute qualité que nous avons traduites et normalisées, nous permettons à nos développeurs d’applis et de services financiers de se concentrer sur la création d’expériences à votre bénéfice.

Au sujet de cette Politique

Notre objectif avec cette Politique est de fournir une explication simple et directe sur les données collectées par Plaid sur vous, et sur la façon dont nous utilisons et partageons ces informations. Nous attachons une attention particulière à la transparence et souhaitons vous donner une description claire et concise de la façon dont nous traitons vos données.

Cette Politique ne couvre pas ce que les développeurs des applis que vous utilisez font de vos données. Vous devez lire les politiques de confidentialité ou les conditions de service de ces applis pour en savoir plus sur leurs pratiques. En outre, cette Politique ne couvre pas les données que nous collectons via nos sites Web ou lorsque vous interagissez avec Plaid en dehors de l’utilisation de nos produits ou services, par exemple en envoyant directement un e-mail à Plaid. Veuillez lire notre Déclaration de confidentialité tous publics et notre Politique relative aux cookies pour en savoir plus.

Les services de Plaid ne s’adressent pas aux personnes âgées de moins de 18 ans et nous ne collectons pas délibérément de données sur les enfants.

Nos pratiques relatives aux données

Plaid s’engage à fournir aux utilisateurs finaux un contrôle réel sur leurs données. Cette section décrit les pratiques de Plaid en matière de données, en particulier le traitement de données sur vous par nos soins. Nous fournissons également des synthèses de nos pratiques organisées par catégorie de données collectées et par produit à la fin de cette Politique, dans la section Synthèses des activités de traitement.

Données que nous collectons et catégories de sources de données

Comme décrit plus en détail ci-dessous, les données que nous collectons, utilisons et partageons dépendent des produits et services Plaid utilisés par vous et/ou de l’appli à laquelle vous vous êtes connecté(e). En fonction des produits ou services de Plaid utilisés par vous ou par les développeurs auxquels vous vous connectez, Plaid est susceptible de collecter ce qui suit:

• les données que vous nous fournissez ;

• les données provenant des établissements financiers lorsque vous vous connectez à votre compte financier ;

• Les données provenant de l’appareil électronique que vous utilisez pour connecter à votre compte financier via Plaid, ou pour interagir autrement avec Plaid ;

• les données provenant du développeur de l’appli à laquelle vous vous êtes connecté(e) ;

• les Données provenant de nos sociétés affiliées visant à vous fournir une assistance, ou à vous offrir une meilleure expérience utilisateur ; et/ou

• les données provenant d’autres sources, notamment les prestataires de services et les services de vérification d’identité et de prévention de la fraude.

Les données que vous nous fournissez. Lorsque vous utilisez les produits ou services de Plaid (par exemple lorsque vous utilisez Plaid pour vous connecter à vos comptes financiers à une appli), nous collectons les données suivantes auprès de vous si nécessaire pour alimenter votre appli ou service particulier :

• les éléments d’identification comme le nom, l’adresse e-mail, la date de naissance, le numéro de sécurité sociale et le numéro de téléphone ;

• les données de connexion lorsque cela est exigé par le fournisseur de votre compte, par exemple votre identifiant et votre mot de passe, votre numéro de compte et le code d’acheminement ou un jeton de sécurité ;

• toute information supplémentaire nécessaire pour vous connecter à vos comptes, y compris les questions et réponses de sécurité, et le mot de passe à usage unique (OTP) et/ou

• des informations provenant de documents ou de relevésque vous fournissez à Plaid, comme des relevés bancaires ou des fiches de paie.

Lorsque vous fournissez des données de connexion et des informations supplémentaires nécessaires pour vous connecter à vos comptes, vous donnez également à Plaid la permission et l’autorité d’agir en votre nom pour accéder et transmettre des données à, et provenant de votre établissement financier.

Les données que nous collectons auprès d’établissements financiers à propos et à partir de vos comptes. Suivant les produits ou services Plaid utilisés par vous ou par le développeur de l’appli que vous utilisez, et selon la nature et la façon dont les informations sont mises à disposition, nous sommes susceptibles de collecter les données suivantes auprès de vos établissements financiers :

• les données de comptes, y compris le nom de l’établissement financier, le nom du compte, le type de compte, le titulaire du compte, le numéro de succursale, l’IBAN, le BIC, les numéros de compte, le code d’acheminement, et le code guichet ;

• les données relatives au solde du compte, y compris le solde courant et disponible ;

• les données relatives aux comptes de crédit, y compris les dates d’échéance, soldes dus, montants et dates des paiements, historique des transactions, plafond de crédit, statut des remboursements et taux d’intérêts ;

• les données sur les comptes de prêt, y compris les dates d’échéance, statut des remboursements, soldes, montants et dates de paiement, taux d’intérêts, garants, type de prêt, échéanciers et durée ;

• les données relatives aux comptes d’investissement, y compris les informations sur les transactions, type d’actifs, détails d’identification sur l’actif, quantité, prix, frais et base des coûts ;

• les éléments d’identification et les données sur le(s) titulaire(s) du compte, y compris nom, adresse mail, numéro de téléphone, date de naissance et adresse ;

• les données concernant les transactions du compte, y compris le montant, la date, le bénéficiaire, type, quantité, prix, lieu, titres concernés et une description de la transaction ; et/ou

• les données de vos documents de paie et fiscaux, y compris les données concernant votre revenu et votre employeur, uniquement dans les cas où vous avez connecté vos comptes de paie ou que vous nous avez fourni votre fiche de paie ou fiche d’impôt.

Selon le service Plaid que vous ou le développeur de votre appli utilisez, et la manière dont les données sont mises à disposition, les données collectées à partir de vos comptes financiers peuvent inclure des données provenant de tous les comptes (par exemple, compte chèque, compte d’épargne, carte de crédit et comptes communs) accessibles par un seul ensemble d’identifiants de compte. Pour en savoir plus sur les données collectées en lien avec différents produits et services, consultez la Synthèse des activités de traitement par produit.

Les données que nous recevons à partir de vos appareils. Lorsque vous utilisez un appareil, comme votre smartphone, votre tablette ou votre ordinateur, pour interagir avec nos services (notamment via l’appli d’un développeur), nous sommes susceptible de collecter les données suivantes sur cet appareil :

• l’adresse de protocole Internet (IP) ;

• le réglage et l’emplacement du fuseau horaire, le lieu de l’appareil ;

• le modèle d’appareil et le système d’exploitation ;

• les fonctionnalités de nos services auxquelles vous accédez ;

• les données du navigateur ;

• les données réseau ; et

• d’autres données techniques concernant l’appareil (telles que les paramètres et les préférences).

Les données que nous recevons sur vous auprès des développeurs d’applis prises en charge par Plaid. Lorsque cela est nécessaire à la fourniture d’un service par Plaid (comme la vérification de votre identité, la protection contre la fraude ou le fait de rendre possible un virement), les développeurs des applis que vous utilisez peuvent nous fournir des éléments d’identification et des informations commerciales sur vous, comme votre nom, votre numéro de sécurité sociale, votre adresse e-mail, votre numéro de téléphone ou des informations sur vos comptes financiers et transactions.

Données provenant de nos sociétés affiliées pour vous fournir une assistance, ou pour vous proposer une meilleure expérience utilisateur. Nous pouvons collecter des données auprès de nos sociétés affiliées (il s’agit de sociétés auxquelles nous sommes liés par une propriété ou un contrôle commun) afin de vous fournir un soutien ou d’améliorer votre expérience. Par exemple, si vous choisissez que Plaid CRA se souvienne des comptes financiers associés à votre numéro de téléphone, nous pouvons collecter les données suivantes auprès de Plaid CRA afin de vous aider à vous connecter à vos comptes plus rapidement lorsque vous utilisez nos services :

• les éléments d’identification comme le nom, l’adresse e-mail et le numéro de téléphone ;

• les données de connexion lorsque cela est exigé par le fournisseur de votre compte, par exemple votre identifiant et votre mot de passe, le nom de la banque, votre numéro de compte et le code d’acheminement ou un jeton de sécurité ;

• si nécessaire,les données pour vérifier votre identité et vous connecter à vos comptes, notamment votre date de naissance, les questions et réponses de sécurité et le mot de passe unique (OTP) ; et/ou

• les données de votre appareil (comme expliqué plus en détail ci-dessus).

Les données que nous recevons sur vous provenant d’autres sources. Lorsque cela est nécessaire pour fournir un service, pour identifier votre appareil ou pour empêcher la fraude, les actes malveillants ou les menaces à la sécurité, nous sommes également susceptibles de recevoir des données sur vous directement auprès de tiers, par exemple votre opérateur sans fil, des mandataires et nos prestataires de services.

Les informations que nous déduisons à partir des données que nous collectons. Nous sommes susceptibles de déduire des informations sur vous à partir des données que nous collectons. Par exemple, nous pouvons déduire votre géolocalisation, votre revenu annuel ou le type de compte ou de compte secondaire que vous avez choisi de connecter, par exemple lorsque vous connectez vos comptes de prêt, afin de permettre au développeur de savoir si le compte correspond à un emprunt hypothécaire, à un prêt étudiant ou à une carte de crédit.

Comment nous utilisons vos données

Nous utilisons vos données aux fins professionnelles et commerciales suivantes :

• Fournir des services : our faire fonctionner, fournir et maintenir nos services.

• Développer des services existants : pour améliorer, perfectionner, modifier, ajouter et développer continuellement nos services.

• Aider à lutter contre la fraude, à vérifier votre identité ou à protéger la vie privée : pour vérifier votre identité et vous protéger, protéger nos développeurs, nos partenaires ou Plaid contre la fraude, les activités malveillantes et d’autres menaces liées à la vie privée et à la sécurité.

• Développer de nouveaux services : pour développer de nouveaux produits et services.

• Développer des idées : pour développer des informations basées sur les données que nous avons recueillies à votre sujet. Cela inclut vos données de transaction, d’autres données financières et les données provenant d’autres sources, pour aider les développeurs de vos applis connectées à fournir des services et/ou à vous proposer une meilleure expérience utilisateur, par exemple en vous donnant un accès plus rapide à vos fonds ou pour aider à la détection et à la lutte contre les activités potentiellement frauduleuses, ou à personnaliser leurs services à votre intention.

• Fournir un soutien : pour vous fournir une assistance, à vous ou à nos développeurs, y compris en vue de répondre à vos demandes relatives à nos services ou aux applis de nos développeurs.

• Communiquer avec vous : pour communiquer avec vous et vous envoyer des informations telles que des avis techniques, des mises à jour, des alertes de sécurité et des messages si vous utilisez Plaid Portal ou Remember Me.

• Enquêter sur les utilisations abusives et les manquements : pour enquêter sur les utilisations incorrectes de nos services ou des applis de nos développeurs, y compris les violations de la Politique relative au développeur, activité criminelle ou autre accès non autorisé à nos services.

• Pour des raisons légales : pour nous conformer aux obligations contractuelles et légales en vertu du droit applicable et à d’autres fins légales telles que l’établissement et la défense contre des réclamations.

• Avec votre consentement : pour toute autre finalité ayant obtenu votre consentement sur vos instructions.

Nous collectons, utilisons et partageons des données qui ont été agrégées ou anonymisées de telle sorte qu'elles ne vous identifient pas personnellement, pour toute fin autorisée par la loi applicable. Cela inclut la création ou l’utilisation de données agrégées ou anonymisées pour développer de nouveaux services, ou pour faciliter la recherche, et à des fins d’analyse pour aider à évaluer la vitesse, l’exactitude et/ou la sécurité de nos services.

Les bases juridiques sur lesquelles nous nous appuyons pour le traitement (Utilisateurs au sein de l’EEE et du Royaume-Uni)

Pour les personnes situées dans l’Espace économique européen (« EEE ») ou le Royaume-Uni, Plaid traite uniquement vos données personnelles lorsque nous pouvons nous appuyer sur une base juridique à cette fin. La base juridique sur laquelle nous nous appuyons pour traiter les données que nous recueillons dépendra des données que nous avons recueillies et de la finalité de leur traitement. En règle générale, nous ne recueillerons et ne traiterons des données que lorsque :

• nous sommes liés par tout contrat ou accord avec vous (par exemple, pour nous conformer à nos contrats de services aux utilisateurs finaux) et devons respecter diverses exigences légales lorsque nous proposons des services réglementés, y compris nos services d’informations de compte et de paiement.

• nous exigeons que vos données soient conformes à nos obligations légales en vertu des lois en vigueur, pour protéger les droits légaux de Plaid, et pour prévenir et identifier les activités criminelles telles que le blanchiment de capitaux et la fraude. À ces fins, Plaid peut juger nécessaire de partager vos données à caractère personnel avec des entités telles que des tribunaux, des autorités publiques et des prestataires de services de lutte contre le blanchiment d’argent ;

• le traitement est nécessaire à nos intérêts légitimes pour maintenir efficacement l’intégrité de nos services. Cela inclut la récupération des informations du compte ou la fourniture de services d’initiation de paiement (ainsi que la vérification des résultats de cette activité), la communication avec vous et le fait de veiller à ce que Plaid, en tant qu’entité réglementée, respecte les normes attendues (y compris celles stipulées par l’autorité de conduite financière (Financial Conduct Authority) pour Plaid Financial Ltd et De Nederlandsche Bank pour Plaid B.V). ; ou

• vous nous avez donné votre consentement pour ce faire.

Dans la mesure où nous nous reposons sur ce consentement pour collecter et traiter vos données, vous avez le droit de retirer votre consentement à tout moment selon les instructions prévues dans la présente Politique.

Comment nous partageons vos données

Nous partageons vos données pour les raisons suivantes :

• avec le développeur de l’appli que vous utilisez, et selon les instructions du développeur ;

• pour faire exécuter un contrat avec vous ;

• avec nos sous-traitants intervenant dans le traitement de vos données et autres prestataires de services, partenaires, mandataires ou sous-traitants concernant les services qu’ils réalisent pour nous ou pour nos développeurs ;

• avec les établissements financiers afin d’établir, de maintenir ou de gérer une connexion que vous avez choisi d’établir entre vos comptes auprès de votre établissement financier et une appli ;

• si nous estimons de bonne foi que la divulgation de vos Informations est appropriée pour se conformer à la loi, la réglementation ou les processus légaux applicables (tels qu’une ordonnance du tribunal ou une assignation) ;

• dans le cas d’une modification de propriété ou de contrôle de tout ou partie de notre activité (telle qu’une fusion, acquisition, réorganisation ou faillite) ;

• au sein de Plaid et entre Plaid et nos sociétés mères actuelles et futures, nos affiliés, filiales et autres sociétés sous contrôle et propriété commune ;

• parce que nous estimons que cela est raisonnablement approprié afin d’empêcher les activités malveillantes ou frauduleuses, ou autrement pour protéger vos droits, votre vie privée, votre sécurité ou vos biens ou ceux de développeurs, de nos partenaires, de Plaid et d’autres ; ou

• à toute autre fin déclarée, avec votre consentement ou selon vos instructions.

(Destiné aux utilisateurs situés aux États-Unis) Nous ne partageons pas vos données avec des tiers non affiliés, sauf dans la mesure autorisée par la loi (tel qu’autorisé par 12 C.F.R. § 1016.14 et 1016.15).

Lorsque vous connectez vos comptes financiers via Plaid, nous utilisons généralement le service reCAPTCHA de Google pour nous aider à détecter la fraude et les activités malveillantes. Google reCAPTCHA est intégré aux produits et services Plaid afin de s’assurer que les saisies effectuées dans les formulaires en ligne, par exemple, sont effectivement effectuées par des personnes réelles et ne sont pas automatisées par des logiciels (ou des robots).

Google reCAPTCHA analyse le comportement des utilisateurs de nos produits et services en utilisant différentes caractéristiques. Google reCAPTCHA traite des données à caractère personnel telles que votre adresse IP, votre durée de séjour sur notre site Web et d’autres informations sur votre utilisation des produits et services Plaid. Ces données seront transmises et stockées par Google sur des serveurs aux États-Unis et dans d’autres pays. Google a obtenu la certification UE-États-Unis Data Privacy Framework ; le certificat est disponible ici. Lorsque reCAPTCHA est utilisé, la Politique de confidentialité et les Conditions d'utilisation de Google s'appliquent à reCAPTCHA et aux informations que collecte Google via reCAPTCHA.

Nous ne partageons vos données financières personnelles avec des tiers que pour permettre la fourniture des services que vous avez demandés, lorsque vous y consentez, et/ou pour vous protéger contre la fraude.

Nous sommes susceptibles de collecter et de partager des données de cookies avec des tiers lorsque vous visitez notre site Web. Nous pouvons aussi autoriser des tiers à collecter ces données de cookies sur nos sites. Si vous souhaitez en savoir plus, nous vous renvoyons à notre Politique relative aux cookies et à la Politique de confidentialité tous publics.

Nos pratiques en matière de conservation et de suppression

Nous conservons vos données uniquement le temps nécessaire. Pour déterminer si des données sont nécessaires, nous prenons en compte la raison pour laquelle vos données ont été collectées et utilisées et toute exigence légale de conserver vos données. Nous examinons régulièrement vos données pour veiller à ce qu’elles soient toujours nécessaires pour réaliser la finalité pour laquelle elles ont été collectées, ou pour satisfaire à toute autre exigence légale. Si un développeur supprime votre connexion entre son appli et vos données, les systèmes de Plaid sont conçus pour supprimer automatiquement vos données personnelles, hormis certaines exceptions où nous pourrions conserver vos informations.

Les exceptions peuvent être les suivantes : (a) vous avez établi une connexion avec l’appli d’un autre développeur via Plaid qui est toujours active ; (b) Plaid a besoin de vos données pour continuer à vous fournir un service Plaid que vous avez sollicité ; (c) Plaid est tenu par la loi de conserver vos données ; (d) Plaid a besoin de vos données à des fins de lutte contre la fraude ou de protection de la vie privée, pour fournir une assistance ou enquêter sur des détournements ou des manquements ; ou (e) lorsque Plaid a anonymisé vos données de telle sorte qu'elles ne puissent pas être réidentifiées ou (f) nous vous demandons (et vous acceptez expressément) de nous permettre de conserver vos données plus longtemps.

Vos données ne seront traitées que selon les exigences de la loi ou conformément à la présente Politique.

Veuillez vous référer à la section relative à « Vos droits à la protection de vos données » pour les options qui sont mises à votre disposition, y compris la façon de demander la suppression de vos données. La section « Vos contrôles en matière de vie privée » dans cette Politique contient également des informations sur les outils à votre disposition pour consulter et gérer les connexions que vous avez établies via Plaid. Vous pouvez également nous contacter au sujet de nos pratiques de conservation des données en utilisant les informations de contact ci-dessous.

Protection des données

Les politiques et pratiques de sécurité de Plaid sont conçues pour protéger la confidentialité et l’intégrité de vos données. Plaid met en œuvre des contrôles conçus pour limiter l’accès à ces données au personnel qui a une raison professionnelle de les connaître et interdit à son personnel d’accéder, d’utiliser ou de divulguer ces données lorsque cela est contraire à la loi.

Quelques derniers détails

Transferts internationaux de données

Nous opérons dans le monde entier et de ce fait, nous transférons les données que nous collectons sur vous au-delà des frontières à des fins de traitement et de stockage (par exemple, nous transférons des données l’EEE et du Royaume-Uni vers les États-Unis et stockons des données dans des régions AWS situées aux États-Unis). Lorsque nous transférons des données vers un autre pays ou territoire, nous respectons ce faisant les lois de protection des données en vigueur. En particulier, lorsque nous transférons des données de l’EEE ou du Royaume-Uni vers d’autres pays, nous nous appuyons sur des décisions d’adéquation, des accords de transfert de données ou sur d’autres mécanismes approuvés (le cas échéant) par la Commission européenne ou le Secrétaire d’État du Royaume-Uni, notamment les clauses contractuelles types. Vous pouvez demander un exemplaire de ces clauses contractuelles types en nous contactant comme indiqué ci-dessous. Avant de transférer des données à partir de l’EEE ou du Royaume-Uni, nous procédons à des évaluations d’impact du transfert et mettons en œuvre toute mesure supplémentaire pour nous assurer que les données transférées seront conservées conformément aux exigences de l’EEE et du Royaume-Uni.

Vos droits en matière de protection des données

Indépendamment de l’endroit où vous vivez, nous respecterons les droits suivants liés à vos données personnelles, sous réserve de certaines limites et exceptions prévues par la loi, et vous ne ferez l’objet d’aucune discrimination en exerçant ces droits :

• accéder aux données collectées sur vous ;

• demander à accéder à davantage de détails sur les catégories et certains éléments spécifiques relatifs aux informations personnelles que nous pouvons avoir collectés sur vous dans les 12 derniers mois (y compris les informations personnelles divulguées à des fins commerciales) ;

• demander, dans certaines circonstances, à ce que nous corrigions ou mettions à jour vos données qui sont inexactes ou incomplètes ;

• demander, dans certaines circonstances, que nous effacions ou restreignions le traitement de vos données ;

• vous opposer au traitement de vos données et ce, sous certaines conditions prévues par la loi ;

• lorsque le traitement de vos données est basé sur votre consentement, retirer ce consentement ;

• demander que nous vous communiquions vos données dans un format structuré, couramment utilisé et lisible par machine, afin que vous puissiez les transmettre à une autre société, lorsque cela est techniquement possible.

  • Veuillez noter que pour un relevé officiel de vos informations financières, vous devez faire cette demande directement à votre établissement financier.

Selon votre lieu de résidence, vous pouvez avoir le droit de déposer une plainte. Nous accueillons favorablement et apprécions la possibilité de traiter toute préoccupation que vous pourriez avoir et nous vous encourageons à nous contacter. En outre, et selon votre lieu de résidence, vous pouvez avoir le droit de déposer plainte à tout moment auprès de votre autorité de contrôle (en charge de la protection des données). Pour les utilisateurs qui se trouvent dans l’EEE, vous trouverez les coordonnées du Conseil européen de la protection des données (EDPB), sur le site Web de l’EDPB. Pour les utilisateurs finaux qui se trouvent au Royaume-Uni, vous trouverez les coordonnées de l’Information Commissioner’s Office (ICO) sur le site Web de l’ICO. Pour les utilisateurs finaux en Suisse, il s’agit du Commissaire fédéral à la protection des données et à l’information.

Pour exercer tout droit dont vous pourriez disposer, vous pouvez soumettre une demande via notre formulaire en ligne. Vous pouvez aussi nous contacter comme précisé dans la section « Contacter Plaid » ci-dessous, pour exercer vos droits en matière de protection des données. Il peut vous être demandé de fournir des informations supplémentaires pour confirmer votre identité avant que nous répondions à votre demande.

Si nous recevons votre demande d’un agent autorisé, nous pouvons demander la preuve que cet agent dispose d’une autorisation écrite valable, par exemple une procuration, pour soumettre des demandes en votre nom.

Nous prendrons en compte toutes les demandes et fournirons notre réponse dans une période de temps raisonnable (et dans la période requise par la loi applicable). Veuillez noter, cependant, que certaines données peuvent être exclues de ces demandes, par exemple si nous conservons les données pour nous conformer à nos obligations légales ou pour initier, exercer ou défendre une action légale.

Pour Plaid Financial Ltd. comme pour Plaid, B.V., nous avons désigné un délégué à la protection des données (DPD) qui est également responsable des questions de supervision en lien avec cette Politique. Vous pouvez le contacter par e-mail à l’adresse privacy@plaid.com.

Les contrôles supplémentaires dont vous disposez en matière de confidentialité

Plaid a mis en place le Plaid Portal pour vous proposer une façon pratique et centralisée de consulter et de gérer les connexions que vous avez établies via Plaid.

Si vous êtes situé(e) aux États-Unis, vous pouvez vous inscrire à Plaid Portal en vous rendant sur my.plaid.com, en vérifiant votre numéro de téléphone et votre adresse e-mail, et en créant un mot de passe. Une fois que vous vous serez inscrit à Plaid Portal, vous serez dirigé(e) vers un tableau de bord où s’afficheront vos comptes financiers que vous avez connectés aux applis de votre choix via Plaid, et les types de données partagées avec ces applis. En outre, le Plaid Portal vous fournit des contrôles pour mettre fin à des connexions entre des applis et vos comptes financiers et supprimer les données associées conservées dans les systèmes de Plaid.

Modifications apportées à cette Politique

De temps à autre, nous mettons à jour ou modifions la présente Politique. Si nous réalisons des changements, nous mettrons en ligne la nouvelle politique sur le site web de Plaid à https://plaid.com/legal et indiquerons la date d’entrée en vigueur de cette Politique. Nous informerons également nos développeurs de toute modification importante en lien avec nos accords avec les développeurs, car ces derniers peuvent être mieux positionnés pour vous informer des changements à la présente Politique. Si vous êtes un utilisateur actif de Plaid Portal, nous vous enverrons également un e-mail vous informant de la mise à jour.

Contacter Plaid

Si vous avez des questions ou des réclamations concernant la présente Politique, ou à propos de nos pratiques relatives à la protection de la vie privée de manière générale, vous pouvez nous contacter à privacy@plaid.com ou par courrier à:

Si vous résidez en dehors de l’EEE ou du Royaume Uni:

Pour Plaid Financial Ltd. comme pour Plaid, B.V., nous avons désigné un délégué à la protection des données (DPD) qui est également responsable des questions de supervision en lien avec cette Politique. Vous pouvez le contacter par e-mail à l’adresse privacy@plaid.com.

Si vous résidez au Royaume Uni:

Si vous résidez au sein de l’EEE:

Synthèses des activités de traitement

Synthèses des activités de traitement par catégorie de donnée

Pour nous permettre rendre nos pratiques encore plus transparentes, nous avons consolidé les informations fournies dans notre Politique ci-dessus dans un tableau qui met en correspondance les catégories de données que Paid collecte sur vous avec les sources de données, les utilisations des données et les catégories de destinataires avec lesquels Plaid partage ces données. Pour obtenir des descriptions plus détaillées de nos pratiques en matière de collecte, d’utilisation et de partage de données, veuillez consulter les sections correspondantes de la Politique ci-dessus.

Synthèses des activités de traitement par produit

Comme indiqué ci-dessus, les données que nous collectons et utilisons dépendent des produits et services Plaid que vous et le développeur utilisez. Afin que vous compreniez mieux quelles données sont collectées et utilisées pour tel produit ou tel service, nous avons compilé des synthèses de notre collecte de données et de l’utilisation que nous en faisons par produit. Certains de ces produits sont uniquement disponibles aux États-Unis et accessibles aux utilisateurs basés aux États-Unis, et d’autres produits sont uniquement disponibles pour les utilisateurs situés dans l’EEE et au Royaume-Uni. Si vous ne connaissez pas les produits ou services Plaid qu’utilisent vos applications connectées, veuillez contacter le développeur de l’application. (À noter que cette liste reprend l’ensemble de produits de Plaid à la date d’entrée en vigueur de cette Politique et peut ne pas inclure des produits ou services en cours de développement à cette date.)

En outre, la loi sur la protection des données dans certaines juridictions, telles que le Royaume-Uni et l’UE, fait la distinction entre le « responsable du traitement » et le « sous-traitant » des données. En fonction du produit ou service que vous et votre développeur utilisez, Plaid peut être le responsable du traitement ou le sous-traitant des données collectées, en vertu des lois en vigueur en matière de protection des données. Sauf indication contraire dans la description du produit ci-dessous, Plaid est le responsable du traitement des données à caractère personnel collectées.

Assets

Assets vous permet de fournir un accès à une vue à un instant t de vos données de comptes financiers choisies (par exemple les soldes de compte, les historiques de transaction et les informations sur l’identité du titulaire du compte) à Plaid et aux applis et services de votre choix. Nous collectons les éléments d’identification, les informations financières, les données commerciales, les données de localisation, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Auth

Auth vous permet d’authentifier les données de vos comptes financiers et donne accès à votre compte et à vos codes d’acheminement à Plaid et aux applis et services de votre choix. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation et les données d’activité de réseau électronique. Nous utilisons ces informations tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Balance

Balance et ses fonctionnalités en option vous permettent de fournir un accès à vos soldes de comptes financiers en temps réel et/ou aux déductions dérivées des soldes de vos comptes et à d’autres informations de compte à Plaid et aux applis et services de votre choix, afin de leur permettre de vous aider à intervenir, par exemple en évitant de mettre votre compte à découvert avant d’effectuer un virement. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, et les données d’activité de réseau électronique et dans certains cas, nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Identité et correspondance d’identité

Identity vous permet de fournir un accès aux donnés du titulaire du Identity vous permet de fournir un accès aux donnés du titulaire du compte détenues par votre établissement financier (par exemple, votre nom, votre adresse e-mail, votre numéro de téléphone, et votre adresse e-mail) à Plaid et aux applis et services de votre choix pour leur permettre, entre autres, de vérifier votre identité ou de pré-remplir vos données de compte au sein de l’appli. Identity Match aide les applications et services que vous utilisez à vérifier votre identité par rapport aux données du titulaire du compte détenues par votre établissement financier. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation et les données d’activité de réseau électronique. Nous utilisons ces données tel que décrit ci-dessus dans la section Comment nous utilisons vos données dans cette Politique.

Vérification de la carte de débit

La vérification de la carte de débit vous permet de fournir un accès aux données du titulaire de votre compte, au solde du compte financier en temps réel et aux données de l’historique des transactions, afin de confirmer que la carte de débit que vous utilisez est liée à un compte bancaire que vous possédez. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, et les données d’activité de réseau électronique et dans certains cas, nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données de notre société affiliée.

Vérification et surveillance de l’identité

Identity Verification and Monitor (« IDV ») facilite la vérification d’identité, la détection de la fraude et les services de détection des développeurs sur les listes de surveillance. Lorsque nous fournissons les services Identity Verification and Monitor aux développeurs, nous collectons et traitons uniquement vos données en tant que prestataire de services pour ce développeur. Ainsi, les développeurs déterminent la finalité et les moyens par lesquels vos données sont traitées. Pour en savoir plus sur la façon dont nous traitons les données d’utilisateurs finaux pour les développeurs et sur instruction de ces derniers, afin de fournir les services Identity Verification and Monitor, veuillez lire la Déclaration de confidentialité de l’utilisateur final d’IDV.

Le compte Plaid

vous permet de vous inscrire à une expérience utilisateur plus rapide en permettant à Plaid d’enregistrer vos connexions de compte financier et vos informations d’identité pour une intégration et une utilisation plus rapides des applications que vous avez choisies. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation et les données d’activité de réseau électronique. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Income

Income vous permet de fournir un accès à vos données de revenu et d’emploi à Plaid et aux applis et services de votre choix. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données de revenu et d’autres données professionnelles, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Investments

Investments vous permet de fournir un accès aux données à partir de vos comptes de retraite, de courtage, d’épargne d’études et d’épargne de santé à Plaid et aux applis ou services de votre choix, afin qu’ils puissent vous fournir des outils de gestion des finances personnelles et de patrimoine. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données professionnelles, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Liabilities

Liabilities vous permet de fournir à Plaid et aux applis et services de votre choix un accès aux données financières de vos comptes de carte de crédit, de prêt hypothécaire et de prêt étudiant. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Payment Initiation et Variable Recurring Payments

Payment Initiation permet aux utilisateurs de services dans l’UE et au Royaume-Uni d’effectuer des paiements ponctuels, récurrents ou variables récurrents sur des comptes. Il s’agit de services tels que les virements bancaires, les ordres permanents, les paiements récurrents variables et les paiements ponctuels ou récurrents à partir de comptes, comme les retraits et les remboursements. Variable Recurring Payments permet à nos utilisateurs situés dans l’UE et au Royaume-Uni d’authentifier un compte bancaire une fois, puis d’effectuer des paiements futurs sans avoir besoin d’authentification supplémentaire. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Payouts

Payouts permet aux utilisateurs de services dans l’UE et le Royaume-Uni d’effectuer facilement et instantanément des retraits et des remboursements à partir d’une appli ou d’un service que vous utilisez, en ouvrant et en alimentant au préalable un compte de monnaie électronique à partir duquel les fonds peuvent être envoyés aux utilisateurs qui demandent un paiement. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Plaid Portal

Plaid Portal est un outil de protection de la vie privée que vous pouvez utiliser pour contrôler les connexions avec les applis que vous avez établies via Plaid. Vous pouvez utiliser Plaid Portal pour afficher les connexions aux applis dans un tableau de bord unique, déconnecter des comptes financiers de certaines applis ou supprimer des données sur les systèmes de Plaid. Vous pouvez également utiliser Plaid Portal pour afficher et gérer leurs comptes Plaid. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation et les données d’activité de réseau électronique. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Signal

Pour les clients situés aux Etats-Unis, Signal permet aux applis et aux services que vous utilisez de vous proposer une meilleure expérience utilisateur, par exemple en vous donnant un accès plus rapide à vos fonds et en réduisant le risque de fraude ou d’échec de paiement. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation, les données d’activité de réseau électronique et nous en déduisons des informations. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Statements

Statements permet de partager des copies de vos relevés de comptes financiers avec Plaid et les applis et services que vous choisissez. Nous collectons les éléments d’identification, les données financières, les données commerciales, les données de localisation et les données d’activité de réseau électronique. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Transactions

Transactions et ses produits associés vous permet de fournir à Plaid et aux applis et services de votre choix un accès aux historiques de transactions sur vos comptes financiers. Ainsi, ils peuvent vous fournir des outils de gestion de vos finances personnelles, de gestion des notes de frais, de modélisation des flux de trésorerie et davantage. Nous sommes susceptibles de collecter des éléments d’identification, des données financières, des données commerciales, des données de localisation, des données d’activité de réseau électronique et nous tirons des conclusions et des informations financières de ces données. Nous utilisons ces données tel que décrit ci-dessus dans la section Comment nous utilisons vos données dans cette Politique.

Transfer

Transfer vous permet d’autoriser un développeur à vous envoyer des paiements ou à percevoir des paiements de votre part, par le biais de virements bancaires, de façon ponctuelle ou récurrente. Cela inclut le fait de vérifier le compte vers lequel ou à partir duquel le paiement sera envoyé, en évaluant le risque que le paiement échoue ou soit frauduleux, en traitant les instructions de paiement de façon électronique et en fournissant une confirmation au développeur que le paiement a été effectué. Nous sommes susceptibles de collecter des éléments d’identification, des données financières, de localisation et les données d’activité de réseau électronique. Nous utilisons ces données tel que décrit dans la section Comment nous utilisons vos données dans cette Politique.

Avis de confidentialité du consommateur

Dernière mise à jour : 22 février 2024

Política de privacidad aplicable al usuario final

Available languages:

• English - End User Privacy Policy

• Française - Politique de confidentialité pour utilisateur final

• Nederlands - Privacybeleid voor eindgebruikers

• Deutsche - Datenschutzerklärung für Endbenutzer

Fecha de entrada en vigencia: 22 de febrero de 2024

La privacidad y la seguridad son muy importantes para nosotros en Plaid. La finalidad de esta Política de privacidad aplicable al usuario final (la “Política”) es ayudarlo a usted (el “usuario final”) a comprender de qué manera nosotros, en Plaid, recabamos, usamos y compartimos sus datos cuando usted usa los productos o servicios de Plaid; por ejemplo, cuando usa Plaid Portal o cuando utiliza a Plaid para conectarse y compartir sus datos para accionar las aplicaciones (“aplicaciones”) que usa. Estas aplicaciones, que ofrecen muchos servicios y productos al consumidor, como, por ejemplo, ayudarlo a ahorrar para su jubilación, administrar sus gastos, agilizar las solicitudes de crédito o transferir dinero, son creadas y proporcionadas por nuestros clientes comerciales (en lo sucesivo, “desarrolladores”), y son proporcionadas por Plaid.

Esta Política se aplica a Plaid Inc., Plaid Financial Ltd. y a Plaid, B. V. (en forma conjunta, “Plaid”, “nosotros”, “nuestro” y “nos”). (Le solicitamos que consulte la sección “Cómo ponerse en contacto con Plaid” más adelante para conocer cuáles de estas entidades es responsable del tratamiento de sus datos). Esta Política no contempla los servicios que ofrece Plaid Consumer Reporting Agency, Inc. (“Plaid CRA”); para obtener más información sobre dicha política, consulte la Política de privacidad de CRA.

Debe leer esta Política detenidamente, dado que contiene información importante sobre sus derechos y opciones de privacidad.

Ir a la sección:

Nuestras prácticas relativas a datos

• Datos que recabamos y categorías de fuentes

• Cómo usamos sus datos

• Nuestras bases legitimadoras para el tratamiento (usuarios finales del EEE y del Reino Unido)

• Cómo compartimos sus datos

• Nuestras prácticas de conservación y eliminación

• Protección de datos

Algunos detalles finales...

• Transferencias internacionales de datos

• Sus derechos en materia de protección de datos

• Sus controles de privacidad adicionales

• Cambios en esta Política

• Cómo ponerse en contacto con Plaid

Resúmenes de actividades de tratamiento

• Resúmen de actividades de tratamiento por categoría de datos

• Resumen de las actividades de tratamiento por producto

Aviso de privacidad para el consumidor

Primero, un poco de contexto

Breve comentario sobre Plaid

Nuestra misión en Plaid es desbloquear la libertad financiera para todo el mundo. Al proporcionar acceso a datos útiles y de gran calidad sobre cuentas financieras, los cuales hemos traducido y estandarizado, permitimos que los desarrolladores de aplicaciones y servicios financieros puedan centrarse en crear experiencias que lo beneficien a usted.

Sobre esta Política

Nuestro objetivo con esta Política es ofrecer una explicación simple y sencilla de los datos que Plaid recaba de usted y sobre usted, y acerca de cómo usamos y compartimos esa información. Valoramos la transparencia y queremos ofrecerle una descripción clara y concisa de cómo tratamos sus datos.

Esta Política no abarca lo que los desarrolladores de las aplicaciones que usted utiliza hacen con sus datos. Deberá revisar las políticas de privacidad o los términos de servicio para esas aplicaciones si desea obtener información sobre sus prácticas. Esta Política tampoco cubre los datos que recabamos mediante nuestros sitios web ni cuando usted interactúa con Plaid fuera del uso de nuestros productos o servicios, como, por ejemplo cuando envía correos electrónicos a Plaid directamente. Le recomendamos que consulte nuestra Declaración de privacidad para todos los públicos y la Política de cookies si desea obtener más información.

Los servicios de Plaid no están previstos para personas menores de 18 años y no recabamos deliberadamente datos relacionados con menores de edad.

Nuestras prácticas relativas a datos

Plaid ha asumido el compromiso de proporcionar a los usuarios finales un control significativo sobre sus datos. En esta sección, se describen las prácticas de Plaid en relación con el tratamiento de los datos relativos a usted. También brindamos resúmenes de nuestras prácticas, organizadas en función de la categoría de los datos recabados y por producto, al final de esta Política en la sección denominada Resúmenes de actividades de tratamiento.

Datos que recabamos y categorías de fuentes

Tal como lo explicamos con más detalle más adelante, los datos que recabamos, usamos y compartimos dependen de los productos y servicios de Plaid que usted usa o que usa la aplicación a la que está conectado. En función de los productos o servicios de Plaid que usted use o que use el desarrollador al que está conectado, Plaid podrá recabar lo siguiente:

• datos que usted nos proporciona;

• datos provenientes de las instituciones financieras cuando usted se conecta a su cuenta financiera;

• datos provenientes del dispositivo electrónico que utiliza para conectarse a su cuenta financiera a través de Plaid o para interactuar de otro modo con Plaid;

• datos del desarrollador de la aplicación a la que está conectado;

• datos provenientes de nuestras empresas afiliadas, para brindarle soporte o para brindarle una mejor experiencia de usuario; o

• datos de otras fuentes, incluidos los proveedores de servicios y los servicios de verificación de identidad y de prevención de fraude.

Datos que usted nos proporciona. Cuando usa los productos o servicios de Plaid (por ejemplo, cuando utiliza Plaid para conectar sus cuentas financieras a una aplicación), recabamos los siguientes datos provenientes de usted, según sean necesarios para potenciar su aplicación o servicio en particular:

• identificadores, como nombre, dirección de correo electrónico, fecha de nacimiento, número de Seguro Social y número de teléfono;

• datos de acceso solicitados por el proveedor de su cuenta, como su nombre de usuario y contraseña y número de ruta (routing number), o un token de seguridad;

• cualquier información adicional necesaria para conectar sus cuentas, incluidas preguntas y respuestas de seguridad, y contraseña de un solo uso (One-Time Password, OTP) o

• información a partir de documentos o resúmenes de cuenta que proporcione a Plaid, como resúmenes bancarios o recibos de sueldo.

Al facilitar datos de inicio de sesión e información adicional necesaria para conectar sus cuentas, usted también autoriza a Plaid a actuar en su nombre para acceder y transmitir datos desde la institución financiera correspondiente y hacia esta.

Datos que recabamos de las instituciones financieras sobre sus cuentas y desde dichas cuentas. En función de los productos o servicios de Plaid que usted o el desarrollador de su aplicación utilicen, como también de la información que se facilite y de la forma en que se haga, podremos recabar los siguientes datos a partir de sus instituciones financieras:

• datos sobre la cuenta, como nombre de la institución financiera; nombre, tipo y titularidad de la cuenta; número de sucursal, IBAN, BIC; número de cuenta, número de ruta (routing number) y código de entidad (sort code);

• datos sobre el saldo de la cuenta, como saldo actual y disponible;

• datos sobre cuentas de crédito, como fechas de vencimiento, saldos adeudados, cantidades y fechas de pago, historial de transacciones, límite de crédito, estado de reembolso y tasa de interés;

• datos sobre cuentas de préstamo, como fechas de vencimiento, estado de reembolsos, saldos, cantidades y fechas de pago, tasa de interés, garante, tipo de préstamo, plan de pagos y plazos;

• datos sobre cuentas de inversión, como información sobre transacciones, tipo de activo, detalles identificativos acerca del activo, cantidad, precio, comisiones y costo base;

• identificadores y datos sobre el titular o titulares de la cuenta, como nombre, dirección de correo electrónico, número de teléfono, fecha de nacimiento e información del domicilio;

• datos sobre transacciones de cuentas, como importe, fecha, beneficiario, tipo, cantidad, precio, ubicación, valores comprendidos y una descripción de la transacción; y/o

• datos sobre su nómina de empleados y documentos fiscales, como datos acerca de su como datos acerca de sus ingresos y su empleador, en casos en los que usted haya conectado sus cuentas de nómina o nos haya proporcionado información sobre su recibo de sueldo o formulario de impuestos.

En función del servicio de Plaid que usted o el desarrollador de su aplicación utilicen y la manera en que los datos estén disponibles, los datos recabados de sus cuentas financieras pueden incluir información de todas las cuentas (por ejemplo, cuenta corriente, caja de ahorro, tarjeta de crédito y cuentas conjuntas) accesible a través de un único conjunto de credenciales de cuenta. Para obtener más detalles acerca de los datos recabados en relación con los diferentes productos y servicios, consulte el Resumen de las actividades de tratamiento por producto

Datos que recibimos desde sus dispositivos. Cuando usa un dispositivo, como su teléfono celular, tableta o computadora, para conectarse a nuestros servicios por medio de una aplicación del desarrollador, recibimos datos sobre ese dispositivo, que incluyen lo siguiente:

• dirección de protocolo de Internet (IP);

• configuración de zona horaria y ubicación, ubicación del dispositivo;

• modelo de hardware y sistema operativo;

• funciones dentro de nuestros servicios a las que accede;

• datos sobre el navegador;

• datos sobre la red; y

• otros datos técnicos sobre el dispositivo (como configuración y preferencias).

Datos que recibimos sobre usted desde los desarrolladores de aplicaciones proporcionadas por Plaid. Cuando Plaid deba brindar un servicio (por ejemplo, verificar su identidad, brindarle protección contra fraudes o riesgos, o permitirle realizar una transferencia bancaria), los desarrolladores de las aplicaciones que usted usa podrán proporcionarnos identificadores e información comercial sobre usted, como, su nombre, número de Seguro Social, dirección de correo electrónico, número de teléfono o información sobre sus cuentas y transacciones financieras.

Datos provenientes de nuestras empresas afiliadas, para brindarle soporte o para brindarle una mejor experiencia de usuario. Podremos recabar datos provenientes de nuestras empresas afiliadas (empresas que se relacionan con nosotros por tener titularidad o control compartidos) para brindarle soporte o para mejorar su experiencia. Por ejemplo, si elige que Plaid CRA recuerde las cuentas financieras asociadas a su número de teléfono, podremos recabar los siguientes datos provenientes de Plaid CRA, para permitir que pueda conectarse a sus cuentas más rápido cuando utilice nuestros servicios:

• identificadores, como nombre, dirección de correo electrónico y número de teléfono;

• datos de acceso solicitados por el proveedor de su cuenta, como su nombre de usuario y contraseña, nombre del banco, número de cuenta y de ruta (routing number) o un token de seguridad;

• cuando fuera necesario, datos que ayuden a verificar su identidad y a conectar sus cuentas, incluida su fecha de nacimiento, preguntas y respuestas de seguridad, y una OTP; o

• datos provenientes de su dispositivo (como se explicó con más detalle anteriormente).

Datos que recibimos sobre usted de otras fuentes. Cuando debamos prestar un servicio, identificar su dispositivo o ayudar a prevenir un fraude, abuso o amenazas contra la seguridad, también podremos recibir datos sobre usted directamente de terceros, incluidos nuestro operador de servicios inalámbricos, agentes o nuestros proveedores de servicios.

Información que extraemos de los datos que recabamos. Podremos extraer información adicional sobre usted a partir de los datos que recabamos. Por ejemplo, podemos deducir su ubicación geográfica, sus ingresos anuales o el tipo de cuenta o subcuenta que ha elegido conectar; como cuando conecta sus cuentas de préstamos, para que podamos informar al desarrollador si la cuenta es para una hipoteca, un préstamo estudiantil o una tarjeta de crédito.

Cómo usamos sus datos

Usamos sus datos con los siguientes fines empresariales y comerciales:

• Prestar servicios: para poner en funcionamiento, prestar y mantener nuestros servicios.

• Desarrollar servicios existentes: para mejorar, perfeccionar, modificar, ampliar y desarrollar en mayor profundidad nuestros servicios.

• Ayudar a prevenir fraudes, verificar su identidad o proteger su privacidad: para protegerlo a usted, a los desarrolladores, a nuestros socios, a Plaid y a otros contra el fraude, actividades maliciosas y otros riesgos relacionados con la privacidad y la seguridad.

• Desarrollar nuevos servicios: para desarrollar nuevos productos y servicios.

• Desarrollar conocimientos: para desarrollar conocimientos basados en los datos que hayamos recabado sobre usted. Esto incluye los datos de sus transacciones, otros datos financieros y datos provenientes de otras fuentes, para ayudar a que los desarrolladores de sus aplicaciones conectadas presten servicios o que usted tenga una mejor experiencia como usuario, como, por ejemplo, brindar un acceso más rápido a sus fondos, ayudarlo a detectar y prevenir posibles actividades fraudulentas, o personalizar los servicios que le brindan.

• Brindar soporte: para brindarles soporte a usted o a los desarrolladores, incluso para ayudar a responder las consultas que usted tenga relacionadas con nuestros servicios o las aplicaciones de los desarrolladores.

• Comunicarnos con usted: para comunicarnos con usted y enviarle, por ejemplo, avisos técnicos, actualizaciones, alertas de seguridad y mensajes si utiliza Plaid Portal o la función Remember Me.

• Investigar el uso indebido y la conducta indebida: para investigar el uso indebido de nuestro servicio o de las aplicaciones de los desarrolladores, incluida cualquier violación de nuestra Política de desarrolladores, actividades delictivas u otro acceso no autorizado a nuestros servicios.

• Con fines legales: para cumplir con las obligaciones contractuales y legales conforme a las leyes aplicables, y con otros fines legales, tales como interponer demandas y defenderse contra ellas.

• Con su consentimiento: para otros fines notificados con su consentimiento o según sus instrucciones.

Recabamos, utilizamos y compartimos datos globales o anonimizados de manera que no lo identifiquen personalmente, para cualquier fin permitido conforme a la ley aplicable. Esto incluye la creación o el uso de datos globales o anonimizados, a fin de desarrollar nuevos servicios, o para facilitar investigaciones, y con fines analíticos para ayudar a evaluar la velocidad, la precisión o la seguridad de nuestros servicios.

Nuestras bases legitimadoras para el tratamiento (usuarios finales del EEE y del Reino Unido)

En el caso de las personas que se encuentran en el Espacio Económico Europeo (“EEE”) o en el Reino Unido (“RU”), Plaid únicamente trata sus datos personales cuando tenemos una base legitimadora válida para hacerlo. Nuestra base legitimadora para tratar los datos que recabamos dependerá del tipo de datos que recabemos y del fin para el que los tratamos. En general, solamente recabaremos y trataremos sus datos cuando:

• estemos obligados por cualquier contrato o acuerdo con usted (por ejemplo, para cumplir con nuestros acuerdos de servicios del usuario final) y debamos cumplir con diversos requisitos legales al ofrecer servicios regulados, incluidos nuestros servicios de información de cuentas y pagos;

• necesitemos sus datos a fin de cumplir con nuestras obligaciones legales en virtud de la ley aplicable, para proteger los derechos legales de Plaid, y para prevenir e identificar actividades delictivas, como el lavado de dinero y el fraude. A tales efectos, Plaid puede considerar que es necesario compartir sus datos personales con entidades como tribunales, fuerzas de seguridad y proveedores de servicios que luchan contra el lavado de dinero;

• el tratamiento sea necesario para nuestros intereses legítimos, a fin de mantener la integridad de nuestros servicios de manera efectiva. Esto incluye recuperar información de la cuenta o prestar servicios de iniciación de pagos (así como verificar el resultado de esta actividad), interactuar con usted y garantizar que Plaid, en calidad de entidad regulada, cumpla con las normas previstas (incluidas las estipuladas por la autoridad de conductas financieras [Financial Conduct Authority] con respecto a Plaid Financial Ltd y por De Nederlandsche Bank con respecto a Plaid B. V.); o

• usted haya dado su consentimiento para hacerlo.

En la medida en que nos basemos en el consentimiento para recabar y tratar sus datos, usted tiene derecho a retirar su consentimiento en cualquier momento, conforme a las instrucciones proporcionadas en esta Política.

Cómo compartimos sus datos

Compartimos sus datos por las siguientes razones:

• con el desarrollador de la aplicación que usted está utilizando y según las indicaciones de dicho desarrollador;

• para el cumplimiento de cualquier contrato con usted;

• con nuestros encargados del tratamiento de datos y otros proveedores de servicios, socios o contratistas en relación con los servicios que nos prestan a nosotros o a los desarrolladores;

• con instituciones financieras, para ayudar a establecer, mantener y administrar una conexión que usted haya elegido hacer entre las cuentas de su institución financiera y una aplicación;

• cuando consideremos de buena fe que la divulgación es apropiada para cumplir con la normativa y legislación aplicables o con un proceso legal (por ejemplo, una orden o citación judicial);

• en relación con un cambio de titularidad o control de la totalidad o parte de nuestra empresa (por ejemplo, una fusión, adquisición, reestructuración o quiebra);

• entre Plaid y nuestras matrices, empresas afiliadas y otras empresas con titularidad o control compartidos presentes y futuras;

• en la medida en que lo consideremos razonablemente apropiado, para evitar actividades maliciosas o fraudulentas, proteger los derechos, la privacidad, la seguridad o los bienes suyos, de los desarrolladores, de nuestros socios, de Plaid y de otros; o

• para cualquier otro fin notificado, con su consentimiento o según sus instrucciones.

(Para usuarios de los EE. UU.) No compartimos sus datos con terceros no afiliados, salvo en casos permitidos por ley (según se autoriza en el Código de Regulaciones Federales [Code of Federal Regulations, CFR], título 12, arts. 1016.14 y 1016.15).

Cuando vincula sus cuentas financieras a través de Plaid, normalmente usamos el servicio reCAPTCHA de Google para ayudar a detectar fraudes y abusos. reCAPTCHA de Google está integrado en los productos y servicios de Plaid para garantizar que los datos ingresados en formularios en línea, por ejemplo, sean realmente realizados por personas reales y no de manera automatizada por software (o bots).

reCAPTCHA de Google analiza el comportamiento de los usuarios de nuestros productos y servicios mediante diferentes características. reCAPTCHA de Google trata datos personales, como su dirección IP, el tiempo que permanece en nuestro sitio web y demás información sobre el uso que usted hace de los productos y servicios de Plaid. Google transmitirá y almacenará dichos datos en servidores que se encuentran en los Estados Unidos y en otros países. Google ha obtenido la certificación del Marco de Privacidad de Datos entre la UE y los EE. UU. (EU-US Data Privacy Framework); el certificado se encuentra disponible aquí. Cuando usamos reCAPTCHA, se aplican la Política de privacidad y las Condiciones de uso de Google a reCAPTCHA y a la información que Google recaba mediante reCAPTCHA.

Únicamente compartimos sus datos financieros personales con terceros para potenciar los servicios que solicitó, cuando usted brinda su consentimiento o a fin de protegerlo contra fraudes.

Podemos recabar y compartir datos de cookies con terceros cuando usted visita nuestro sitio web, o podemos permitir que terceros recaben estos datos de cookies a partir de nuestros sitios. Le recomendamos que consulte la Política de cookies y la Política de privacidad para todos los públicos si desea conocer más detalles.

Nuestras prácticas de conservación y eliminación

Conservamos sus datos solamente mientras sea necesario. Para determinar si los datos son necesarios, consideramos la razón por la cual se recabaron y utilizaron sus datos, y los requisitos legales para conservarlos. Revisamos sus datos de forma periódica para asegurarnos de que siguen siendo necesarios para cumplir con el fin para el que fueron recabados o para cualquier otro requisito legal. Si un desarrollador elimina la conexión que usted tiene desde la aplicación de este a sus datos, los sistemas de Plaid están diseñados para eliminar sus datos personales de forma automática, salvo determinadas excepciones en las que podremos conservar su información.

Las excepciones pueden ser: (a) si usted estableció una conexión con la aplicación de otro desarrollador a través de Plaid que sigue activa; (b) si Plaid necesita sus datos para seguir brindándole un servicio de Plaid que usted solicitó; (c) si por ley Plaid debe conservar sus datos; (d) si Plaid necesita sus datos para ayudar a prevenir el fraude o proteger la privacidad, brindar soporte o investigar el uso o la conducta indebidos; (e) cuando Plaid haya anonimizado sus datos, de modo que no puedan volver a permitir la identificación; o (f) si le solicitamos que nos permita conservar sus datos por más tiempo y usted específicamente lo acepta.

Sus datos únicamente serán tratados según lo exija la ley o de conformidad con esta Política.

Le recomendamos que consulte la sección “Sus derechos en materia de protección de datos” de esta Política para conocer las opciones que puedan estar disponibles para usted, lo que incluye cómo solicitar la eliminación de sus datos. En la sección “Sus controles de su privacidad” de esta Política también se brindan detalles sobre las herramientas que tiene a su disposición, para ayudarlo a visualizar y administrar las conexiones que ha realizado a través de Plaid. También puede contactarnos en relación con nuestras prácticas de conservación de datos, usando la información de contacto en la sección “Cómo ponerse en contacto con Plaid”, más adelante.

Protección de datos

Las políticas y prácticas de seguridad de Plaid están diseñadas para proteger la confidencialidad e integridad de sus datos. Plaid implementa controles creados para limitar el acceso a estos datos al personal que tiene un motivo comercial para conocerlos, y prohíbe al personal acceder a estos datos, divulgarlos o utilizarlos ilícitamente.

Algunos detalles finales

Transferencias internacionales de datos

Operamos a nivel internacional y, por consiguiente, transferimos los datos que recabamos acerca de usted a través de fronteras internacionales para el tratamiento y almacenamiento (por ejemplo, transferimos datos desde el EEE y el RU a los Estados Unidos, y almacenamos datos en regiones de AWS ubicadas en los Estados Unidos). Al transferir datos a un país o territorio diferente, respetamos las leyes aplicables sobre protección de datos. En particular, cuando transferimos datos desde el EEE o el RU a través de otras fronteras internacionales, nos basamos en las decisiones de adecuación, acuerdos sobre transferencia de datos u otros mecanismos aprobados por la Comisión Europea o la Secretaría de Estado del Reino Unido (según corresponda) para dichas transferencias, incluidas las cláusulas contractuales tipo. Puede solicitar una copia de esas cláusulas contractuales tipo contactándonos según se indica debajo. Antes de transferir datos desde el EEE o el RU, realizamos evaluaciones del impacto de las transferencias e implementamos las medidas complementarias necesarias para garantizar que los datos transferidos sean conservados de conformidad con los requisitos impuestos por el EEE y el RU.

Sus derechos en materia de protección de datos

Independientemente de su lugar de residencia, respetaremos los siguientes derechos relacionados con sus datos personales, sujeto a algunas limitaciones y excepciones establecidas por ley, y no será discriminado por ejercerlos:

• acceder a los datos recabados sobre usted;

• solicitar el acceso a más detalles acerca de las categorías e información personal específica que podamos haber recabado acerca de usted en los últimos 12 meses (incluida la información personal comunicada para fines comerciales);

• solicitar, en determinadas circunstancias, que rectifiquemos o actualicemos sus datos porque son inexactos o están incompletos;

• solicitar, en determinadas circunstancias, que eliminemos sus datos o limitemos el tratamiento de sus datos;

• oponerse a nuestro tratamiento de sus datos en determinadas condiciones dispuestas por ley;

• retirar ese consentimiento cuando el tratamiento de sus datos se base en su consentimiento;

• solicitar que suministremos los datos recabados acerca de usted en un formato estructurado, de uso común y de lectura mecánica, para que usted pueda transferirlos a otra empresa, cuando sea técnicamente factible.

  • Recuerde que para obtener un registro oficial de su información financiera, debe realizar dicha solicitud directamente a su institución financiera.

Según dónde viva, es posible que tenga derecho a presentar una queja. Agradecemos y apreciamos la oportunidad de abordar sus inquietudes, y lo alentamos a que se comunique con nosotros. Asimismo, y según sea su jurisdicción, podrá tener derecho a presentar una denuncia en cualquier momento ante la autoridad de control (de protección de datos). Para los usuarios finales en el EEE, puede encontrar la información de contacto en el Comité Europeo de Protección de Datos (CEPD) en el sitio web del CEPD. En el caso de los usuarios finales en el RU, se puede encontrar la información de contacto de la Oficina del Comisionado de Información (Information Commissioner’s Office, ICO) en el sitio web del ICO. En el caso de los usuarios finales en Suiza, pueden encontrar la información del Comisionado Federal de Protección de Datos e Información.

Para ejercer sus derechos, puede presentar una solicitud, a través de nuestro formulario en línea . También puede contactarnos como se describe en la sección “Cómo ponerse en contacto con Plaid” más adelante, para ejercer cualquiera de sus derechos de protección de datos. Es posible que se le pida que proporcione información adicional necesaria para confirmar su identidad antes de que podamos responder a su solicitud.

Si recibimos su solicitud de un agente autorizado, podremos solicitar constancia de que el agente tiene autoridad válida por escrito, como un poder notarial, para presentar solicitudes en nombre de usted.

Consideraremos las solicitudes y proporcionaremos nuestra respuesta dentro de un periodo de tiempo razonable (y dentro de los plazos exigidos en virtud de la ley aplicable). No obstante, por favor tenga en cuenta que determinados datos podrían estar exentos de esas solicitudes, por ejemplo, si debemos conservarlos para cumplir con nuestras propias obligaciones legales o para interponer, ejercer o defender demandas legales.

Tanto para Plaid Financial Ltd. como para Plaid, B.V. hemos designado a un delegado de protección de datos (Data Protection Officer, DPO) que también es responsable de supervisar las preguntas relacionadas con esta Política y con quien usted podrá comunicarse por correo electrónico a privacy@plaid.com.

Sus controles de privacidad adicionales

Plaid desarrollado Portal Plaid para brindarle una manera práctica y centralizada de visualizar y administrar las conexiones que usted haya hecho a través de Plaid.

Si se encuentra en los EE. UU., puede registrarse en Plaid Portal. Para ello, visite my.plaid.com, verifique su número de teléfono y dirección de correo electrónico, y establezca una contraseña. Una vez que se haya registrado en Plaid Portal, será dirigido a un panel de control que podrá mostrar sus cuentas financieras conectadas a las aplicaciones que usted haya elegido al usar Plaid, y el tipo de datos que se comparten con esas aplicaciones. Además, Plaid Portal le proporciona controles para cancelar la conexión entre las aplicaciones y sus cuentas financieras, y eliminar los datos relacionados que se han almacenado en los sistemas de Plaid.

Cambios en esta Política

Actualizamos o cambiamos esta Política de forma periódica. Si efectuamos actualizaciones o cambios, publicaremos la nueva política en el sitio web de Plaid, en https://plaid.com/legal, y actualizaremos la fecha de entrada en vigencia en el encabezamiento de esta Política. También les notificaremos los cambios sustanciales a los desarrolladores, de conformidad con nuestros acuerdos de desarrolladores, ya que pueden estar en mejor posición para informarle los cambios en esta Política. Si usted es un usuario activo de Plaid Portal, también le enviaremos un mensaje de correo electrónico para informarle sobre la actualización.

Cómo ponerse en contacto con Plaid

Si usted tiene cualquier pregunta o queja sobre esta Política o sobre nuestras prácticas en materia de privacidad en general, puede contactarnos por correo electrónico a privacy@plaid.com, o por correo postal a:

Si reside fuera del EEE o del RU:

Tanto para Plaid Financial Ltd. como para Plaid, B.V. hemos designado a un delegado de protección de datos (Data Protection Officer, DPO) que también es responsable de supervisar las preguntas relacionadas con esta Política y con quien usted podrá comunicarse por correo electrónico a privacy@plaid.com .

Si usted reside en el RU:

Si usted reside en el EEE:

Resúmenes de actividades de tratamiento

Resúmen de actividades de tratamiento por categoría de datos

Para ayudar a brindar aún mayor transparencia en torno a nuestras prácticas, hemos consolidado la información proporcionada en nuestra Política como se muestra anteriormente, en una tabla que concuerda con las categorías de los datos que Plaid recaba sobre usted con las fuentes de los datos, usos de los datos y categorías de receptores con los que Plaid comparte los datos. Para obtener descripciones más detalladas de nuestra recopilación, uso y prácticas de intercambio de información, le solicitamos que consulte las secciones anteriores de la Política.

Resumen de las actividades de tratamiento por producto

Como se mencionó anteriormente, los datos que recabamos y usamos dependen de los productos y servicios de Plaid que usted y el desarrollador usan. Para facilitar la comprensión de qué datos se recaban y usan para cada producto y servicio, hemos elaborado los siguientes resúmenes sobre nuestra recopilación y uso de datos por producto. Algunos de estos productos únicamente están disponibles para los usuarios que se encuentran en los EE. UU. y otros solamente para usuarios que se encuentran en el EEE y el RU. Si no está seguro de cuáles productos o servicios de Plaid usan las aplicaciones a las que está conectado, le solicitamos que se comunique con el desarrollador de la aplicación. (Tenga en cuenta que esta lista refleja el conjunto de productos de Plaid a partir de la fecha de entrada en vigencia de esta Política y podría no incluir productos o servicios en desarrollo a partir de esa fecha).

Además, la ley de protección de datos de algunas jurisdicciones, como el Reino Unido y la UE, diferencia entre el “responsable de controlar el tratamiento” y el “encargado del tratamiento” de los datos. En función del producto o servicio que usted y su desarrollador utilicen, Plaid puede ser el responsable de controlar el tratamiento o el encargado del tratamiento de los datos recabados en virtud de la ley de protección de datos pertinente. A menos que se especifique lo contrario en la descripción del producto a continuación, Plaid es el responsable de controlar el tratamiento de los datos personales recabados.

Assets (Activos)

Le permite brindar acceso a una visualización puntual de los datos de su cuenta financiera elegida (como saldos de cuenta, historial de transacciones e información sobre la identidad del titular de la cuenta) a Plaid y a las aplicaciones y servicios que usted elija. Recabamos identificadores, información financiera, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Utilizamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Auth (Autenticación)

Le permite autenticar los datos de su cuenta financiera y brindar acceso a su cuenta y números de ruta (routing number) a Plaid y a las aplicaciones y servicios que usted elija. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas. Utilizamos esta información tal como se describe en la sección Cómo usamos sus datos de esta Política.

Balance (Saldo)

Balance y las funciones opcionales le permiten brindar acceso a los saldos de su cuenta financiera en tiempo real y extraer conclusiones a partir de los saldos de sus cuentas y demás información de las cuentas a Plaid, y a las aplicaciones y servicios que usted elija, para que puedan ayudarlo a tomar medidas, como evitar sobregiros en su cuenta antes de hacer una transferencia de dinero. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas y, en algunos casos, extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Identity (Identidad) y Identity Match (Coincidencia de identidad)

La función de identidad le permite brindar acceso a los datos del titular de la cuenta que obran en poder de su entidad financiera (como su nombre, dirección de correo electrónico, número de teléfono y domicilio postal) a Plaid y a las aplicaciones y servicios que usted elija, para que estos puedan, por ejemplo, verificar su identidad o rellenar automáticamente los datos de su cuenta en la aplicación. La coincidencia de identidad ayuda a las aplicaciones y servicios que usted utiliza a verificar su identidad con los datos del titular de la cuenta que obran en poder de su institución financiera. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas. Usamos estos datos tal como se describe anteriormente en la sección Cómo usamos sus datos de esta Política.

Debit Card Verification (Verificación de tarjetas de débito)

La verificación de tarjetas de débito le permite proporcionar acceso a los datos del titular de la cuenta, al saldo de la cuenta financiera en tiempo real y a los datos del historial de transacciones, a fin de confirmar que la tarjeta de débito que está utilizando está vinculada a una cuenta bancaria de la que usted es titular. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas y, en algunos casos, extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Identity Verification and Monitor (Verificación y control de identidad)

Esta función (Identity Verification and Monitor, “IDV”) permite que los desarrolladores puedan llevar a cabo la verificación de identidad, la detección de fraudes y los servicios de verificación de listas de vigilancia. Cuando brindamos servicios de verificación y control de identidad a los desarrolladores, solamente recabamos y tratamos sus datos en calidad de proveedor de servicios para dicho desarrollador, por lo que son los desarrolladores quienes determinan el propósito y los medios por los cuales se tratan sus datos. Si desea conocer más detalles sobre cómo tratamos los datos del usuario final para los desarrolladores y, conforme a las instrucciones del desarrollador, para brindar servicios de verificación y control de identidad, consulte la Declaración de privacidad aplicable al usuario final de nuestra empresa afiliada.

Plaid Account (Cuenta Plaid)

Le permite inscribirse en una experiencia de usuario recurrente más rápida al permitir que Plaid guarde las conexiones de su cuenta financiera y la información de identidad para una incorporación y uso más rápidos de las aplicaciones elegidas. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Income (Ingresos)

Le permite brindar acceso a sus datos relativos a sus ingresos y empleo a Plaid y a las aplicaciones y servicios que usted elija. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre empleo, ingresos y otros datos profesionales, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Investment (Inversiones)

Le permite brindar acceso a los datos de sus cuentas de jubilación, corretaje, ahorros para educación y ahorros para la salud a Plaid y a las aplicaciones o servicios que usted elija, para que ellos puedan hacer cosas, como proporcionarle herramientas personales de gestión financiera y patrimonial. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos profesionales, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Liabilities (Pasivos)

Le permite brindar acceso a los datos financieros de sus cuentas de tarjetas de crédito, hipotecas y préstamos estudiantiles a Plaid y a las aplicaciones y servicios que usted elija. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Payment Initiation (Iniciación de pagos) y Variable Recurring Payments (Pagos periódicos variables)

La iniciación de pagos les permite a los usuarios de los servicios en la UE y el RU efectuar pagos en sus cuentas por única vez, pagos periódicos o periódicos variables. Es para servicios como transferencias bancarias, órdenes permanentes, pagos periódicos variables, y pagos por única vez o periódicos de las cuentas, como retiros y reembolsos. Los pagos periódicos variables permiten que nuestros usuarios de la UE y el RU autentiquen una cuenta bancaria una vez, y luego puedan efectuar pagos futuros sin necesidad de autenticación adicional. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Payouts (Pagos)

Les permite a los usuarios de los servicios en la UE y el RU efectuar retiros y reembolsos de manera fluida e instantánea desde una aplicación o servicio que esté usando, mediante la apertura y prefinanciación de una cuenta de dinero electrónico desde la que se pueden enviar fondos a los usuarios que soliciten un pago. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Plaid Portal

Plaid Portal es una herramienta de privacidad que usted puede usar como método para controlar las conexiones con las aplicaciones que ha realizado a través de Plaid. Puede usar Plaid Portal para visualizar las conexiones con las aplicaciones en un único panel de control, desconectar las cuentas financieras de las aplicaciones o eliminar datos de los sistemas de Plaid. También puede usar Plaid Portal para ver y administrar sus cuentas de Plaid. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Signal (Señal)

En el caso de los usuarios de los EE. UU., permite que las aplicaciones y los servicios que utilizan les proporcionen una mejor experiencia de usuario, como brindarles un acceso más rápido a sus fondos y reducir el riesgo de fraude o de que un pago no se complete. Recabamos identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Statements (Resúmenes de cuenta)

Le permite compartir copias de sus resúmenes de cuentas financieras con Plaid y las aplicaciones y servicios que elija. Podemos recabar identificadores, datos financieros, datos comerciales, datos de ubicación y datos sobre la actividad en las redes electrónicas. Utilizamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Transactions (Transacciones)

Las transacciones y los productos relacionados le permiten brindar acceso al historial de transacciones desde sus cuentas financieras a Plaid y a las aplicaciones y servicios que usted elija, para que le puedan proporcionar, por ejemplo, herramientas personales de gestión financiera, informes de gastos y modelos de flujos de caja, entre otras cosas. Podemos recabar identificadores, datos financieros, datos comerciales, datos de ubicación, datos sobre la actividad en las redes electrónicas, y extraemos conclusiones y conocimientos financieros a partir de estos datos. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Transfer (Transferencia)

Le permite autorizar a un desarrollador a enviarle pagos a usted o cobrarle pagos, mediante transferencias bancarias, ya sea por única vez o de manera periódica. Esto incluye verificar que usted sea el titular de la cuenta a la cual o desde la cual se enviará el pago, evaluar el riesgo de que el pago no pueda completarse o sea fraudulento, procesar electrónicamente las instrucciones de pago y confirmar al desarrollador que el pago se ha realizado. Podemos recabar identificadores, datos financieros, datos de ubicación y datos sobre la actividad en las redes electrónicas. Usamos estos datos tal como se describe en la sección Cómo usamos sus datos de esta Política.

Aviso de privacidad para el consumidor

Última actualización: 22 de febrero de 2024

Privacybeleid voor eindgebruikers

Beschikbare talen:

• English - End User Privacy Policy

• Française - Politique de confidentialité pour utilisateur final

• Español - Política de privacidad aplicable al usuario final

• Deutsche - Datenschutzerklärung für Endbenutzer

Ingangsdatum: 22 februari 2024

Privacy en beveiliging zijn erg belangrijk voor ons bij Plaid. Dit Privacybeleid voor eindgebruikers ("Beleid") is bedoeld om u (de "eindgebruiker") te helpen begrijpen hoe wij bij Plaid uw gegevens verzamelen, gebruiken en delen wanneer u de producten of diensten van Plaid gebruikt – bijvoorbeeld wanneer u het Plaid Portal gebruikt, of wanneer u Plaid gebruikt om uw gegevens te koppelen en te delen om de toepassingen ("apps") die u gebruikt aan te sturen. Deze apps, die veel consumentendiensten en -producten bieden, zoals het helpen sparen voor uw pensioen, het beheren van uw uitgaven, het stroomlijnen van kredietaanvragen of het overboeken van geld, worden gebouwd en geleverd door onze zakelijke klanten (we noemen ze hier “ontwikkelaars”) en aangedreven door Plaid.

Dit Beleid is van toepassing op Plaid Inc., Plaid Financial Ltd. en Plaid, B.V. (gezamenlijk “Plaid”, “wij”, “onze” en “ons”). (Zie de sectie “Contact opnemen met Plaid” hieronder voor welke van deze entiteiten verantwoordelijk is voor de verwerking van uw gegevens.) Dit Beleid heeft geen betrekking op diensten die worden aangeboden door Plaid Consumer Reporting Agency, Inc. (“Plaid CRA”). Ga voor meer informatie over dat beleid naar PolicyCRA Privacy.

U moet dit Beleid zorgvuldig lezen, het bevat belangrijke informatie over uw privacyrechten en -keuzes.

Spring naar onderdeel:

Hoe wij omgaan met gegevens

• Gegevens die wij verzamelen en broncategorieën

• Hoe we uw gegevens gebruiken

• Onze rechtsgronden voor verwerking (uitsluitend eindgebruikers in de EER en het Verenigd Koninkrijk)

• Hoe we uw gegevens delen

• Onze bewaar- en verwijderingspraktijken

• Bescherming van gegevens

Enkele laatste details

• Internationale gegevensoverdrachten

• Uw rechten voor gegevensbescherming

• Uw extra privacycontroles

• Wijzigingen in dit Beleid

• Contact opnemen met Plaid

Samenvattingen van Verwerkingsactiviteiten

• Samenvatting van verwerkingsactiviteiten per informatiecategorie

• Samenvatting van verwerkingsactiviteiten per product

Privacyverklaring voor consumenten

Ten eerste, wat achtergrond

Een korte opmerking over Plaid

Onze missie bij Plaid is het verwezenlijken van financiële vrijheid voor iedereen. Door toegang te bieden tot hoogwaardige, bruikbare financiële rekeninggegevens die wij vertaald en gestandaardiseerd hebben, stellen wij ontwikkelaars van financiële apps en diensten in staat om zich te richten op het bouwen van ervaringen waar u van profiteert.

Over dit Beleid

Ons doel met dit Beleid is om een eenvoudige en duidelijke uitleg te geven over welke gegevens Plaid van en over u verzamelt en hoe we die informatie gebruiken en delen. We waarderen transparantie en willen u een duidelijke en beknopte beschrijving geven van hoe we met uw gegevens omgaan.

Dit Beleid dekt niet wat ontwikkelaars van de apps die u gebruikt doen met uw gegevens. Raadpleeg de privacybeleidslijnen of de servicevoorwaarden voor die apps voor informatie over hun praktijken. Dit Beleid heeft ook geen betrekking op gegevens die we verzamelen via onze websites of wanneer u met Plaid communiceert buiten het gebruik van onze producten of diensten, zoals het rechtstreeks e-mailen naar Plaid. Raadpleeg onze Privacyverklaring voor alle doelgroepen en ons Cookiebeleid voor meer informatie.

De diensten van Plaid zijn niet gericht op personen jonger dan 18 jaar en we verzamelen niet bewust gegevens over kinderen.

Hoe wij omgaan met gegevens

Plaid zet zich in om eindgebruikers zinvolle controle over hun gegevens te bieden. Dit gedeelte beschrijft de gegevenspraktijken van Plaid met betrekking tot onze verwerking van data over u. We bieden ook samenvattingen van onze praktijken georganiseerd per categorie van verzamelde gegevens en per product aan het einde van dit Beleid in het gedeelte Samenvattingen van Verwerkingsactiviteiten.

Gegevens die wij verzamelen en broncategorieën

Zoals hieronder in meer detail wordt uitgelegd, hangen de gegevens die we verzamelen, gebruiken en delen af van de producten en diensten van Plaid die u, en/of de app waarmee u verbonden bent, gebruikt. Afhankelijk van de producten of diensten van Plaid die u of de ontwikkelaar waarmee u verbinding maakt, gebruikt, kan Plaid de volgende gegevens verzamelen:

• Gegevens die u aan ons verstrekt;

• Gegevens van financiële instellingen wanneer u uw financiële rekening koppelt;

• Gegevens van het elektronische apparaat dat u gebruikt om uw financiële rekening via Plaid te koppelen of om op een andere manier met Plaid te communiceren;

• Gegevens van de ontwikkelaar van de app waarmee u verbinding hebt gemaakt; en

• Gegevens van onze gelieerde ondernemingen om u ondersteuning te bieden of om u een betere gebruikerservaring te bieden; en/of

• Gegevens van andere bronnen, waaronder dienstverleners en diensten voor identiteitscontrole en fraudepreventie.

Gegevens die u aan ons verstrekt. Wanneer u de producten of diensten van Plaid gebruikt (zoals wanneer u Plaid gebruikt om uw financiële rekeningen met een app te koppelen), verzamelen we de volgende gegevens van u die nodig zijn om uw specifieke app of dienst aan te sturen:

• identificatiegegevens zoals naam, e-mailadres, en telefoonnummer;

• aanmeldingsgegevens indien dit door de aanbieder van uw rekening wordt voorgeschreven, zoals uw gebruikersnaam en wachtwoord, rekening- en routeringsnummer, of een beveiligingstoken;

• alle aanvullende informatie die nodig is om uw rekeningen te koppelen, waaronder beveiligingsvragen en -antwoorden en een eenmalig wachtwoord (OTP); en/of

• informatie uit documenten of afschriftendie u aan Plaid verstrekt, zoals bankafschriften of salarisafschriften.

Wanneer u inloggegevens en aanvullende informatie verstrekt die nodig zijn om uw rekeningen te koppelen, geeft u Plaid ook toestemming en autoriteit om namens u te handelen om toegang te krijgen tot gegevens en deze te verzenden van en naar uw financiële instelling.

Gegevens die we verzamelen van financiële instellingen over en van uw rekeningen. Afhankelijk van welke producten of diensten van Plaid u, of de ontwikkelaar van uw app gebruikt, en welke, en hoe informatie beschikbaar wordt gesteld, kunnen wij de volgende gegevens van uw financiële instellingen verzamelen:

• Rekeninggegevens,waaronder de naam van de financiële instelling, de naam van de rekening, het type rekening, de eigenaar van de rekening, het filiaalnummer, de IBAN, de BIC, het rekeningnummer, het routeringsnummer en de sorteercode;

• Gegevens over een rekeningsaldo, inclusief huidig en beschikbaar saldo;

• Gegevens over kredietrekeningen, waaronder vervaldata, verschuldigde saldi, betalingsbedragen en -data, transactiegeschiedenis, kredietlimiet, aflossingsstatus en rentevoet;

• Gegevens over leningrekeningen, waaronder vervaldata, aflossingsstatus, saldi, betalingsbedragen en -data, rentevoet, borg, type lening, betalingsregeling en voorwaarden;

• Gegevens over beleggingsrekeningen,waaronder transactiegegevens, het type activum, identificatiegegevens over het activum, hoeveelheid, prijs, vergoedingen en kostenbasis;

• Identificatiegegevens en gegevens over de rekeninghouder(s), waaronder naam, e-mailadres, telefoonnummer, geboortedatum en adresgegevens;

• Gegevens over rekeningtransacties, met inbegrip van bedrag, datum, begunstigde, type, hoeveelheid, prijs, locatie, betrokken effecten en een beschrijving van de transactie; en/of

• Gegevens uit uw loon- en belastingdocumenten, inclusief gegevens over uw inkomen en werkgever, in gevallen waarin u uw salarisrekeningen hebt aangesloten of ons uw salarisafschriften of gegevens van uw belastingformulier hebt verstrekt.

Afhankelijk van de dienst van Plaid die u of de ontwikkelaar van uw app gebruikt, en de manier waarop de gegevens beschikbaar worden gesteld, kunnen de verzamelde gegevens van uw financiële rekeningen gegevens bevatten van alle rekeningen (bijv. betaalrekeningen, spaarrekeningen, creditcardrekeningen en gezamenlijke rekeningen) die toegankelijk zijn via één set rekeninggegevens. Voor meer bijzonderheden over gegevens die worden verzameld in verband met verschillende producten en diensten, verwijzen wij u naar Samenvatting van verwerkingsactiviteiten per product

Gegevens we ontvangen vanaf uw apparaten.Wanneer u een apparaat gebruikt, zoals uw smartphone, tablet of computer, voor interactie met onze diensten (inclusief via een app van een ontwikkelaar), kunnen wij de volgende gegevens over dat apparaat verzamelen:

• internetprotocol (IP)-adres;

• tijdzone-instelling en locatie van het apparaat;

• hardwaremodel en besturingssysteem;

• functies binnen onze diensten waartoe u toegang hebt;

• browsergegevens;

• netwerkgegevens; en

• andere technische gegevens over het apparaat (zoals instellingen en voorkeuren).

Gegevens die we ontvangen over u van de ontwikkelaars van apps aangedreven door Plaid. Wanneer het nodig is voor Plaid om een dienst te verlenen (zoals het verifiëren van uw identiteit, het beschermen tegen fraude of risico's, of het mogelijk maken van een bankoverschrijving), kunnen de ontwikkelaars van de apps die u gebruikt ons identificatoren en commerciële informatie over u verstrekken, zoals uw naam, Burgerservicenummer, e-mailadres, telefoonnummer, of informatie over uw financiële rekeningen en transacties.

Gegevens van onze gelieerde ondernemingen om u ondersteuning te bieden of om u een betere gebruikerservaring te bieden. We kunnen gegevens verzamelen van onze gelieerde ondernemingen (dit zijn bedrijven die met ons verbonden zijn door gemeenschappelijk eigendom of zeggenschap) om u ondersteuning te bieden of uw ervaring te verbeteren. Als u er bijvoorbeeld voor kiest dat Plaid CRA financiële rekeningen in verband met uw telefoonnummer onthoudt, kunnen wij de volgende gegevens van Plaid CRA verzamelen om u te helpen sneller verbinding te maken met uw rekeningen wanneer u onze diensten gebruikt:

• identificatiegegevens zoals naam, e-mailadres en telefoonnummer;

• aanmeldingsgegevens indien dit door de aanbieder van uw rekening wordt voorgeschreven, zoals uw gebruikersnaam en wachtwoord, banknaam, rekening- en routeringsnummer, of een beveiligingstoken;

• indien nodig, gegevens om uw identiteit te helpen verifiëren en uw rekeningen te koppelen, waaronder uw geboortedatum, beveiligingsvragen en -antwoorden en een eenmalig wachtwoord (OTP); en/of gegevens van uw apparaat (zoals hierboven in meer detail uitgelegd).

• gegevens van uw apparaat (zoals hierboven in meer detail uitgelegd).

Gegevens die we over u ontvangen uit andere bronnen. Wanneer dit nodig is om een dienst te verlenen, uw apparaat te identificeren of fraude, misbruik of veiligheidsrisico's te helpen voorkomen, kunnen wij ook rechtstreeks gegevens over u ontvangen van derden, waaronder uw draadloze provider, agenten en onze dienstverleners.

Informatie we afleiden van de gegevens die we verzamelen. We kunnen aanvullende informatie over u afleiden uit de gegevens die we verzamelen. Wij kunnen bijvoorbeeld uw geolocatie, jaarinkomen of het type rekening of subrekening dat u hebt gekozen om te koppelen afleiden – bijvoorbeeld wanneer u uw leningsrekeningen koppelt, zodat wij de ontwikkelaar kunnen laten weten of de rekening voor een hypotheek, studentenlening of creditcard is.

Hoe wij uw gegevens gebruiken

Wij gebruiken uw gegevens voor de volgende zakelijke en commerciële doeleinden:

• Diensten verlenen: Om onze diensten uit te voeren, te leveren en te onderhouden.

• Bestaande diensten te ontwikkelen: Om onze diensten te verbeteren, wijzigen, aan te vullen en verder te ontwikkelen.

• Helpen om fraude te voorkomen, uw identiteit te verifiëren of uw privacy te beschermen: Om uw identiteit te verifiëren en u, ontwikkelaars, onze partners, Plaid en anderen te helpen beschermen tegen fraude, kwaadaardige activiteiten en andere aan privacy- en veiligheid gerelateerde problemen.

• Nieuwe diensten te ontwikkelen: Om nieuwe producten en diensten te ontwikkelen.

• Inzichten te ontwikkelen: Om inzichten te ontwikkelen op basis van de gegevens die we over u hebben verzameld. Dit omvat uw transactiegegevens, andere financiële gegevens en gegevens uit andere bronnen, om ontwikkelaars van uw verbonden apps te helpen diensten en/of een betere gebruikerservaring aan u te leveren, zoals u sneller toegang tot uw geld geven, om mogelijk frauduleuze activiteiten te helpen opsporen en voorkomen, of om hun diensten aan u te personaliseren.

• Ondersteuning te bieden: Om aan u of aan ontwikkelaars ondersteuning te bieden, waaronder om te helpen reageren op uw vragen met betrekking tot onze diensten of apps van ontwikkelaars.

• Met u communiceren: Om met u te communiceren en u dingen te sturen zoals technische kennisgevingen, updates, beveiligingswaarschuwingen en berichten als u het Plaid Portal of Remember Me gebruikt.

• Misbruik en wangedrag te onderzoeken: Om misbruik van onze service of apps van ontwikkelaars te onderzoeken, met inbegrip van schendingen van ons Beleid voor ontwikkelaars, criminele activiteiten of andere ongeoorloofde toegang tot onze services.

• Voor juridische doeleinden: Om te voldoen aan contractuele en wettelijke verplichtingen onder de toepasselijke wetgeving en voor andere juridische doeleinden, zoals het vaststellen van en verdedigen tegen claims.

• Met uw toestemming: Voor andere aangemelde doeleinden met uw toestemming of op uw aanwijzing.

Wij verzamelen, gebruiken en delen gegevens die zijn samengevoegd of geanonimiseerd op een manier die u niet persoonlijk identificeert voor elk doel dat is toegestaan onder de toepasselijke wetgeving. Dit omvat het creëren of gebruiken van samengevoegde of geanonimiseerde gegevens om nieuwe diensten te ontwikkelen of onderzoek te faciliteren, en voor analysedoeleinden om de snelheid, nauwkeurigheid en/of veiligheid van onze diensten te helpen beoordelen.

Onze rechtsgronden voor verwerking (uitsluitend eindgebruikers in de EER en het Verenigd Koninkrijk)

Voor personen in de Europese Economische Ruimte (“EER”) of het Verenigd Koninkrijk (“VK”), verwerkt Plaid uw persoonsgegevens alleen wanneer we een geldige rechtsgrond hebben om dit te doen. Onze rechtsgrondslag voor het verwerken van de gegevens die we verzamelen, is afhankelijk van welke gegevens we hebben verzameld en het doel van de verwerking. In het algemeen zullen wij uw gegevens alleen verzamelen en verwerken wanneer:

• wij moeten voldoen aan een contract of overeenkomst met u (bijvoorbeeld om te voldoen aan onze overeenkomsten voor eindgebruikersdiensten) en moeten ons houden aan verschillende wettelijke voorschriften bij het aanbieden van gereguleerde diensten, waaronder onze rekeninginformatie en betalingsdiensten.

• we uw gegevens nodig hebben om te voldoen aan onze wettelijke verplichtingen onder de toepasselijke wetgeving, om de wettelijke rechten van Plaid te waarborgen en om criminele activiteiten zoals het witwassen van geld en fraude te voorkomen en te identificeren. Voor deze doeleinden kan Plaid het noodzakelijk vinden om uw persoonsgegevens te delen met entiteiten zoals rechtbanken, wetshandhavingsinstanties en aanbieders van antiwitwasdiensten;

• verwerking is noodzakelijk voor onze legitieme belangen om de integriteit van onze diensten effectief te handhaven. Dit omvat het ophalen van rekeninginformatie of het verlenen van betalingsinitiatiediensten (evenals het verifiëren van de output van deze activiteit), het aangaan van communicatie met u en het ervoor zorgen dat Plaid, als een gereglementeerde entiteit, de verwachte normen naleeft (waaronder die zijn vastgelegd door de Financial Conduct Authority voor Plaid Financial Ltd en De Nederlandsche Bank voor Plaid B.V); of

• u hiervoor uw toestemming hebt gegeven.

Voor zover wij vertrouwen op toestemming om uw gegevens te verzamelen en te verwerken, hebt u het recht om uw toestemming op elk gewenst moment in te trekken volgens de instructies in dit Beleid.

Hoe we uw gegevens delen

We delen uw gegevens om de volgende redenen:

• Met de ontwikkelaar van de app die u gebruikt en zoals aangegeven door die ontwikkelaar;

• Om een contract met u uit te voeren;

• Met onze gegevensverwerkers en andere dienstverleners, partners, agenten of contractanten in verband met de diensten die zij voor ons of voor ontwikkelaars uitvoeren;

• Met financiële instellingen om een koppeling die u hebt gekozen tussen uw rekeningen bij een financiële instelling en een app tot stand te brengen, te onderhouden of te beheren;

• Als wij in goed vertrouwen geloven dat openbaarmaking gepast is om te voldoen aan de toepasselijke wet- en regelgeving of een juridisch proces (zoals een gerechtelijk bevel of dagvaarding);

• In verband met een verandering in eigenaarschap of controle van ons bedrijf of een deel ervan (zoals een fusie, overname, reorganisatie of faillissement);

• Tussen en binnen Plaid en onze huidige en toekomstige moedermaatschappijen, gelieerde bedrijven, dochterondernemingen en andere bedrijven onder gemeenschappelijke controle of eigenaarschap;

• Zoals wij redelijkerwijs passend achten om kwaadwillige of frauduleuze activiteiten te voorkomen, of op andere wijze de rechten, privacy, veiligheid of eigendommen van u, ontwikkelaars, onze partners, Plaid en anderen te beschermen; of

• Voor elk ander aangemeld doel met uw toestemming of op uw aanwijzing.

(Voor gebruikers in de VS) Wij delen uw gegevens niet met niet-gelieerde derden, tenzij dit wettelijk is toegestaan (zoals toegestaan door 12 C.F.R. § 1016.14 en 1016.15).

Wanneer u uw financiële rekeningen koppelt via Plaid, gebruiken we doorgaans de reCaptcha-dienst van Google om fraude en misbruik te helpen detecteren. Google reCAPTCHA is geïntegreerd in de producten en diensten van Plaid om ervoor te zorgen dat invoer in bijvoorbeeld online formulieren daadwerkelijk door echte personen wordt gedaan en niet door geautomatiseerde software (of bots).

Google reCAPTCHA analyseert het gedrag van gebruikers van onze producten en services aan de hand van verschillende kenmerken. Google reCAPTCHA verwerkt persoonsgegevens zoals uw IP-adres, uw verblijfsduur op onze website en verdere informatie over uw gebruik van de producten en diensten van Plaid. Deze gegevens worden door Google verzonden en opgeslagen op servers in de Verenigde Staten en andere landen. Google heeft zich gecertificeerd voor het EU-VS Data Privacy Framework; het certificaat is here beschikbaar. Wanneer reCAPTCHA wordt gebruikt, zijn het Privacybeleid en de Gebruiksvoorwaarden van Google van toepassing op reCAPTCHA en informatie die Google verzamelt via reCAPTCHA.

We delen uw persoonlijke financiële gegevens alleen met derden om de door u gevraagde diensten te ondersteunen, wanneer u toestemming geeft en/of ter bescherming tegen fraude.

We kunnen cookiegegevens verzamelen en delen met derden wanneer u onze website bezoekt, of we kunnen derden toestaan om deze cookiegegevens van onze websites te verzamelen. Raadpleeg ons Cookiebeleid en het Privacybeleid voor alle doelgroepen voor meer informatie.

Onze bewaar- en verwijderingspraktijken

Wij bewaren uw gegevens alleen zo lang als nodig is. Om te bepalen of de gegevens nodig zijn, houden we rekening met de reden waarom uw gegevens zijn verzameld en gebruikt en eventuele wettelijke voorschriften om uw gegevens te bewaren. We beoordelen uw gegevens periodiek om ervoor te zorgen dat ze nog steeds nodig zijn om te voldoen aan het doel waarvoor ze zijn verzameld of aan andere wettelijke verplichtingen. Als een ontwikkelaar uw verbinding van hun app met uw gegevens verwijdert, zijn de systemen van Plaid ontworpen om uw persoonsgegevens automatisch te verwijderen, behoudens bepaalde uitzonderingen waar we uw informatie nog steeds kunnen bewaren.

Uitzonderingen hierop kunnen zijn als: (a) u via Plaid een verbinding met de app van een andere ontwikkelaar tot stand hebt gebracht die nog steeds actief is; (b) Plaid uw gegevens nodig heeft om u te blijven voorzien van een dienst van Plaid die u hebt aangevraagd; (c) Plaid wettelijk verplicht is om uw gegevens te bewaren; (d) Plaid uw gegevens nodig heeft om fraude te helpen voorkomen of de privacy te beschermen, ondersteuning te bieden of misbruik en wangedrag te onderzoeken; (e) Plaid uw gegevens zodanig heeft geanonimiseerd dat ze niet opnieuw geïdentificeerd kunnen worden of (f) wij vragen – en u gaat er specifiek mee akkoord – om ons toe te staan uw gegevens langer te bewaren.

Uw gegevens worden alleen verwerkt zoals voorgeschreven door de wet of in overeenstemming met dit Beleid.

Raadpleeg het gedeelte "Uw rechten voor gegevensbescherming" van dit Beleid voor de opties die voor u beschikbaar kunnen zijn, waaronder hoe u kunt verzoeken om uw gegevens te verwijderen. Het gedeelte "Uw privacybeheer" van dit Beleid bevat ook details over hulpmiddelen die voor u beschikbaar zijn om u te helpen bij het bekijken en beheren van de verbindingen die u met Plaid hebt gemaakt. U kunt ook contact met ons opnemen over onze praktijken voor het bewaren van gegevens met behulp van de contactgegevens in het gedeelte “Contact opnemen met Plaid” hieronder.

Bescherming van gegevens

Het beveiligingsbeleid en de beveiligingspraktijken van Plaid zijn ontworpen om de vertrouwelijkheid en integriteit van uw gegevens te beschermen. Plaid implementeert controles die ontworpen zijn om de toegang tot deze gegevens te beperken tot personeel dat een zakelijke reden heeft om deze gegevens te kennen en verbiedt zijn personeel om deze gegevens op onwettige wijze te openen, te gebruiken of openbaar te maken.

Enkele laatste details

Internationale gegevensoverdrachten

Wij opereren internationaal en daarom geven wij de gegevens die wij over u verzamelen over internationale grenzen door voor verwerking en opslag (wij geven bijvoorbeeld gegevens door van de EER en het VK naar de Verenigde Staten en slaan gegevens op in AWS-regio's in de Verenigde Staten). Wanneer we gegevens doorgeven naar een ander land of gebied volgen we daarbij de toepasselijke wetgeving voor gegevensbescherming. In het bijzonder wanneer we gegevens vanuit de EER of het VK over andere internationale grenzen heen doorgeven, vertrouwen we op adequaatheidsbesluiten, overeenkomsten voor gegevensdoorgifte of andere door de EU-Commissie of de Britse staatssecretaris goedgekeurde (indien van toepassing) mechanismen voor dergelijke doorgiften, waaronder standaard contractuele clausules. U kunt een kopie van genoemde standaardcontractbepalingen aanvragen door contact met ons op te nemen zoals aangegeven onderaan deze Verklaring. Voorafgaand aan de doorgifte van gegevens vanuit de EER of het Verenigd Koninkrijk voeren we effectbeoordelingen uit en implementeren we eventuele aanvullende maatregelen om ervoor te zorgen dat alle overgedragen gegevens worden bewaard in overeenstemming met de voorschriften van de EER en het Verenigd Koninkrijk.

Uw rechten voor gegevensbescherming

Ongeacht waar u woont, zullen we de volgende rechten met betrekking tot uw persoonsgegevens respecteren, met inachtneming van enkele beperkingen en uitzonderingen die door de wet worden voorzien, en u wordt niet gediscrimineerd voor het uitoefenen ervan:

• toegang te krijgen tot gegevens die over u zijn verzameld;

• toegang vragen tot meer details over de categorieën en specifieke persoonsgegevens die wij in de afgelopen 12 maanden over u hebben verzameld (inclusief persoonsgegevens die voor zakelijke doeleinden zijn vrijgegeven);

• onder bepaalde omstandigheden verzoeken dat wij uw gegevens die onnauwkeurig of onvolledig zijn, corrigeren of bijwerken;

• onder bepaalde omstandigheden verzoeken dat wij uw gegevens te wissen of de verwerking ervan beperken;

• bezwaar te maken tegen onze verwerking van uw gegevens onder bepaalde voorwaarden die door de wet worden bepaald;

• wanneer de verwerking van uw gegevens is gebaseerd op toestemming, dient u die toestemming in te trekken;

• verzoeken dat wij de over u verzamelde gegevens verstrekken in een gestructureerd, algemeen gebruikt en machinaal leesbaar formaat, zodat u deze kunt overdragen aan een ander bedrijf, indien dit technisch haalbaar is.

  • Houd er rekening mee dat u voor een officiële registratie van uw financiële informatie dat verzoek rechtstreeks bij uw financiële instelling moet indienen.

Afhankelijk van waar u woont, hebt u mogelijk het recht om een klacht in te dienen. We verwelkomen en waarderen de kans om eventuele zorgen die u hebt aan te pakken en moedigen u aan om contact met ons op te nemen. Bovendien, en afhankelijk van uw rechtsgebied, kunt u het recht hebben om op elk moment een klacht in te dienen bij uw (gegevensbeschermings-)toezichthoudende autoriteit. Voor eindgebruikers in de EER vindt u de contactgegevens van het Europees Comité voor gegevensbescherming (EDPB) op de website van het EDPB. Voor eindgebruikers in het Verenigd Koninkrijk vindt u de contactgegevens van het Information Commissioner’s Office (ICO) op de website van het ICO. Voor eindgebruikers in Zwitserland is dit de Federal Data Protection and Information Commissioner die u kunt vinden.

Om rechten uit te oefenen, kunt u een verzoek indienen via ons online formulier. U kunt ook contact met ons opnemen zoals beschreven in het gedeelte "Contact opnemen met Plaid" hieronder om uw rechten op het gebied van gegevensbescherming uit te oefenen. Het kan zijn dat u aanvullende gegevens moet verstrekken om uw identiteit te bevestigen voordat wij op uw verzoek kunnen reageren.

Wanneer wij uw verzoek ontvangen van een gevolmachtigde agent, kunnen wij om bewijs vragen dat de agent een geldige schriftelijke machtiging heeft, zoals een volmacht, om namens u verzoeken in te dienen.

We zullen verzoeken in overweging nemen en ons antwoord geven binnen een redelijke termijn (en binnen een door de toepasselijke wetgeving voorgeschreven termijn). Wij wijzen u er echter op dat bepaalde gegevens van dergelijke verzoeken kunnen worden vrijgesteld, bijvoorbeeld als wij de gegevens moeten bewaren om aan onze eigen wettelijke verplichtingen te voldoen of om rechtsvorderingen in te stellen, uit te oefenen of te verdedigen.

Voor zowel Plaid Financial Ltd. als Plaid B.V. hebben wij een functionaris voor gegevensbescherming (DPO) aangesteld, die ook verantwoordelijk is voor het toezicht op vragen met betrekking tot dit Beleid en waarmee contact kan worden opgenomen via e-mail op privacy@plaid.com.

Uw extra privacycontroles

Plaid heeft het Plaid Portal ontwikkeld om u een handige, gecentraliseerde manier te bieden om de verbindingen die u met Plaid hebt gemaakt te bekijken en te beheren.

Als u in de VS gevestigd bent, dan kunt u een Plaid Portal-account aanmaken door naar my.plaid.com te gaan, uw telefoonnummer en e-mailadres te verifiëren en een wachtwoord aan te maken. Zodra u zich hebt aangemeld voor het Plaid Portal, wordt u naar een dashboard geleid dat u financiële rekeningen kan laten zien die u via Plaid met de door u gekozen apps hebt verbonden, en de soorten gegevens die met die apps worden gedeeld. Bovendien biedt het Plaid Portal u controles om de verbinding tussen apps en uw financiële rekeningen te beëindigen en bijbehorende gegevens die zijn opgeslagen in de systemen van Plaid te verwijderen.

Wijzigingen in dit Beleid

We kunnen dit Beleid van tijd tot tijd bijwerken of wijzigen. Als we updates of wijzigingen aanbrengen, plaatsen we het nieuwe beleid op de website van Plaid op https://plaid.com/legal en werken we de ingangsdatum bovenaan dit Beleid bij. Wij zullen ontwikkelaars ook op de hoogte stellen van materiële wijzigingen in overeenstemming met onze overeenkomsten met ontwikkelaars, aangezien zij beter in staat kunnen zijn om u op de hoogte te stellen van wijzigingen in dit Beleid. Als u een actieve gebruiker van Plaid Portal bent, sturen wij u ook een e-mail om u op de hoogte te stellen van de update.

Contact opnemen met Plaid

Als u vragen of klachten hebt over dit Beleid, of over ons privacypraktijken in het algemeen, kunt u contact met ons opnemen via privacy@plaid.com of een brief sturen naar:

Indien u woonachtig bent buiten de EER of het Verenigd Koninkrijk:

Voor zowel Plaid Financial Ltd. als Plaid, B.V. hebben wij een functionaris voor gegevensbescherming (DPO) aangesteld, die ook verantwoordelijk is voor het toezicht op vragen met betrekking tot dit Beleid en waarmee contact kan worden opgenomen via e-mail op privacy@plaid.com.

Als u in het Verenigd Koninkrijk woont:

Als u in de EER woont:

Samenvattingen van Verwerkingsactiviteiten

Samenvatting van verwerkingsactiviteiten per informatiecategorie

Om nog meer transparantie over onze praktijken te bieden, hebben we de informatie in ons Beleid hierboven samengevoegd in een tabel die de categorieën gegevens die Plaid over u verzamelt koppelt aan de bronnen van de gegevens, het gebruik van de gegevens en de categorieën ontvangers met wie Plaid de gegevens deelt. Voor meer gedetailleerde beschrijvingen van onze praktijken met betrekking tot het verzamelen, gebruiken en delen van gegevens, verwijzen wij u naar de bovenstaande secties van het Beleid.

Samenvatting van verwerkingsactiviteiten per product

Zoals hierboven vermeld, zijn de gegevens die we verzamelen en gebruiken afhankelijk van de producten en diensten van Plaid die u en de ontwikkelaar gebruiken. Om het makkelijker te maken om te begrijpen welke gegevens voor welk(e) product en service worden verzameld en gebruikt, hebben we de onderstaande samenvattingen van onze gegevensverzameling en -gebruik per product samengesteld. Sommige van deze producten zijn alleen beschikbaar voor gebruikers in de VS en andere zijn alleen beschikbaar voor gebruikers in de EER en het Verenigd Koninkrijk. Als u niet zeker weet welke Plaid-producten of -diensten uw verbonden toepassingen gebruiken, neem dan contact op met de ontwikkelaar van de toepassing. (Let erop dat deze lijst de productsuite van Plaid weergeeft vanaf de ingangsdatum van dit Beleid en mogelijk geen producten of diensten bevat die op die datum in ontwikkeling zijn.)

Daarnaast maakt de wetgeving voor gegevensbescherming in bepaalde rechtsgebieden, zoals het VK en de EU, onderscheid tussen de “verwerkingsverantwoordelijke” en “verwerker” van gegevens. Afhankelijk van welk(e) product of dienst u en uw ontwikkelaar gebruiken, kan Plaid de verwerkingsverantwoordelijke of de verwerker zijn van de gegevens die zijn verzameld onder de relevante wetgeving voor gegevensbescherming. Tenzij anders vermeld in de onderstaande productbeschrijving, is Plaid de verwerkingsverantwoordelijke van de verzamelde persoonsgegevens.

Assets

Met Assets kunt u toegang verlenen tot een point-in-time weergave van de gegevens van uw gekozen financiële rekeningen, zoals rekeningsaldi, transactiegeschiedenis en identiteitsgegevens van de rekeninghouder, aan Plaid en de apps en diensten die u kiest. We verzamelen identificatoren, financiële informatie, commerciële gegevens, locatiegegevens en gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe we uw gegevens gebruiken van dit Beleid.

Auth

Auth helpt om u in staat te stellen uw financiële rekeninggegevens te verifiëren en Plaid en de apps en diensten die u kiest toegang te verlenen tot uw rekening- en routeringsnummers. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en elektronische netwerkactiviteiten. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Balance

Met Balance en de optionele functies ervan kunt u Plaid en de apps en diensten die u kiest toegang verlenen tot uw financiële rekeningsaldi in realtime en/of afgeleide conclusies uit uw rekeningsaldi en andere rekeninginformatie, zodat ze u kunnen helpen om bijvoorbeeld te voorkomen dat er te veel op uw rekening staat voordat u een overboeking maakt. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en gegevens over elektronische netwerkactiviteiten en wij leiden hieruit in sommige gevallen conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Identiteit en identiteitsmatch

Met Identity kunt u Plaid en de apps en diensten die u kiest toegang verlenen tot de rekeninghoudergegevens die in het bezit zijn van uw financiële instelling, zoals uw naam, e-mailadres, telefoonnummer en postadres, om hen te helpen bij zaken als het verifiëren van uw identiteit of het vooraf invullen van uw rekeninggegevens binnen de app. Identity Match helpt de apps en diensten die u gebruikt om uw identiteit te verifiëren aan de hand van gegevens van rekeninghouders die in het bezit zijn van uw financiële instelling. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en elektronische netwerkactiviteiten. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Verificatie betaalkaart

Betaalkaartverificatie geeft u toegang tot de gegevens van uw rekeninghouder, het saldo van uw financiële rekening in realtime en de transactiegeschiedenis om te bevestigen dat de betaalkaart die u gebruikt, gekoppeld is aan een bankrekening waarvan u de eigenaar bent. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en gegevens over elektronische netwerkactiviteiten en wij leiden hieruit in sommige gevallen conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Verificatie en controle van identiteit

Identiteitsverificatie en -controle (IDV) maken identiteitsverificatie, fraudedetectie en controlediensten voor ontwikkelaars mogelijk. Wanneer we diensten voor identiteitsverificatie en -controle leveren aan ontwikkelaars, verzamelen en verwerken we alleen uw gegevens als dienstverlener aan die ontwikkelaar, zodat de ontwikkelaars het doel en de middelen bepalen waarmee uw gegevens worden verwerkt. Ga voor meer informatie over hoe we eindgebruikersgegevens verwerken voor ontwikkelaars en over de instructie van de ontwikkelaar om identiteitsverificatie- en monitoringsdiensten te leveren naar de Privacyverklaring voor eindgebruikers van IDV.

Plaid Account

Met Plaid Account kunt u zich inschrijven voor een snellere terugkerende gebruikerservaring door Plaid toe te staan uw financiële rekeningverbindingen en identiteitsgegevens op te slaan voor een snellere onboarding en gebruik van de door u gekozen apps. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en elektronische netwerkactiviteiten. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Income

Income stelt u in staat om Plaid en de apps en diensten die u kiest toegang te verlenen tot gegevens met betrekking tot uw inkomen en werk. Wij verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, gegevens over werk, inkomen en andere professionele gegevens en gegevens over elektronische netwerkactiviteiten en wij leiden conclusies af uit deze gegevens. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Investments

Met Investments kunt u Plaid en de apps of diensten die u kiest toegang verlenen tot gegevens van uw pensioen-, makelaars-, studie- en gezondheidsspaarrekeningen, zodat zij u bijvoorbeeld persoonlijke financiële en tools voor vermogensbeheer kunnen bieden. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, professionele gegevens, gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Liabilities

Met Liabilities kunt u Plaid en de apps en diensten die u kiest toegang geven tot financiële gegevens van uw creditcard-, hypotheek- en studierekeningen. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Payment Initiation en Variable Recurring Payments

Met Payment Initiation kunnen gebruikers van diensten in de EU en het VK eenmalige, terugkerende of variabel terugkerende betalingen doen op rekeningen. Dit geldt voor diensten zoals bankoverschrijvingen, doorlopende opdrachten en variabele terugkerende betalingen en eenmalige of terugkerende betalingen van rekeningen, zoals opnames en terugbetalingen. Met Variable Recurring Payments kunnen onze EU- en Britse gebruikers eenmalig een bankrekening verifiëren, en vervolgens toekomstige betalingen uitvoeren zonder extra verificatie. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Payouts

Met Payouts kunnen gebruikers van diensten in de EU en het VK naadloos en direct opnames en terugbetalingen doen vanaf een app of service die u gebruikt, door een e-geldrekening te openen en vooraf te financieren van waaruit geld kan worden verzonden naar gebruikers die een uitbetaling aanvragen. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Plaid Portal

Plaid Portal is een privacytool die u kunt gebruiken om de verbindingen met apps die u via Plaid hebt gemaakt te beheren. U kunt Plaid Portal gebruiken om verbindingen met apps in één dashboard te bekijken, financiële rekeningen los te koppelen van apps of gegevens uit de systemen van Plaid te verwijderen. U kunt het Plaid Portal ook gebruiken om uw Plaid rekeningen te bekijken en te beheren. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en elektronische netwerkactiviteiten. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Signal

Voor klanten in de VS helpt Signal de apps en diensten die u gebruikt om u een betere gebruikerservaring te bieden, zoals snellere toegang tot uw geld en vermindering van het risico op fraude of een betaling die niet wordt voltooid. We verzamelen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens, gegevens over elektronische netwerkactiviteiten en wij leiden hieruit conclusies af. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Statements

Met Afschriften kunt u kopieën van uw financiële rekeningafschriften delen met Plaid en de apps en diensten die u kiest. Wij kunnen identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en gegevens over elektronische netwerkactiviteiten verzamelen. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Transactions

Met Transactions en aanverwante producten kunt u Plaid en door u gekozen apps en diensten toegang verlenen tot transactiegeschiedenissen van uw financiële rekeningen, zodat zij u dingen kunnen bieden zoals tools voor persoonlijk financieel beheer, onkostendeclaraties, cashflowmodellering en meer. Wij verzamelen mogelijk identificatoren, financiële gegevens, commerciële gegevens, locatiegegevens en gegevens over elektronische netwerkactiviteiten, en wij leiden uit deze gegevens conclusies en financiële inzichten af. Wij gebruiken dit zoals hierboven gespecificeerd in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Transfer

Met Transfer kunt u een ontwikkelaar machtigen om op eenmalige of terugkerende basis betalingen naar u te sturen of van u te innen via bankoverschrijvingen. Dit omvat het controleren of u de eigenaar bent van de rekening waarnaar of van waaruit de betaling wordt verzonden, het inschatten van het risico dat de betaling niet wordt voltooid of frauduleus is, het elektronisch verwerken van betalingsinstructies en het leveren van een bevestiging aan de ontwikkelaar dat de betaling is voltooid. We kunnen identificatoren, financiële, commerciële en locatiegegevens en elektronische netwerkactiviteiten verzamelen. Wij gebruiken deze gegevens zoals beschreven in het gedeelte Hoe wij uw gegevens gebruiken van dit Beleid.

Privacyverklaring voor consumenten

Laatst bijgewerkt: 22 februari 2024

Datenschutzerklärung für Endbenutzer

Verfügbare Sprachen:

• English - End User Privacy Policy

• Française - Politique de confidentialité pour utilisateur final

• Español - Política de privacidad aplicable al usuario final

• Nederland - Privacybeleid voor eindgebruikers

Datum des Inkrafttretens: 22. Februar 2024

Datenschutz und Sicherheit sind für uns bei Plaid sehr wichtig. Diese Datenschutzerklärung für Endbenutzer („Datenschutzerklärung“) soll Sie (den „Endbenutzer“) darüber informieren, wie wir bei Plaid Ihre Daten erheben, verwenden und weitergeben, wenn Sie Produkte oder Dienstleistungen von Plaid verwenden. Das ist zum Beispiel der Fall, wenn Sie Plaid Portal nutzen oder wenn Sie Plaid zur Herstellung einer Verbindung nutzen und dabei Ihre Daten für den Betrieb der von Ihnen verwendeten Anwendungen („Apps“) weitergeben. Diese Apps, die zahlreiche Dienste und Produkte für Verbraucher anbieten, die Ihnen z. B. dabei helfen, für die Altersvorsorge zu sparen, Ihre Ausgaben zu verwalten, Kreditanträge zu optimieren oder Geld zu überweisen, werden von unseren Geschäftskunden (die wir hier „Entwickler“ nennen) erstellt und bereitgestellt und von Plaid unterstützt.

Diese Datenschutzerklärung gilt für die Plaid Inc., die Plaid Financial Ltd., und die Plaid, B.V. (zusammen „Plaid“, „wir“, „unser“ und „uns“). (Welche dieser Gesellschaften für die Verarbeitung Ihrer Daten verantwortlich ist, entnehmen Sie bitte dem Abschnitt „Kontaktaufnahme“ unten.) Diese Datenschutzerklärung betrifft keine Dienstleistungen, die durch die Plaid Consumer Reporting Agency, Inc. < („Plaid CRA“) angeboten werden. Für weitere Informationen zu jener Datenschutzerklärung lesen Sie bitte die CRA-Datenschutzerklärung.

Sie sollten sich diese Datenschutzerklärung aufmerksam durchlesen, da sie wichtige Informationen über Ihre Datenschutzrechte und entsprechende Entscheidungsmöglichkeiten enthält.

Zum Abschnitt springen:

Zunächst einige Hintergrundinformationen

Unsere Datenpraxis

• Daten, die wir erheben und Kategorien etwaiger Datenquellen

• Wie wir Ihre Daten verwenden

• Unsere Rechtsgrundlagen für die Verarbeitung (nur für Endbenutzer aus dem EWR und Großbritannien)

• Wie wir Ihre Daten weitergeben

• Unsere Aufbewahrungs- und Löschpraktiken

• Schutz der Daten

Einige abschließende Hinweise

• Internationale Datenübermittlung

• Ihre Datenschutzrechte

• Ihre zusätzlichen Datenschutzkontrollen

• Änderungen an dieser Datenschutzerklärung

• Contacter Plaid

Kontaktaufnahme mit Plaid

• Übersicht über die Verarbeitungstätigkeiten nach Datenkategorie

• Übersicht über die Verarbeitungstätigkeiten nach Produkt

Datenschutzhinweis für Verbraucher

Zunächst einige Hintergrundinformationen

Eine kurze Erläuterung zu Plaid

Unser Leitmotiv bei Plaid ist es, finanzielle Freiheit für alle zu ermöglichen. Indem wir den Zugang zu qualitativ hochwertigen, nutzbaren Finanzkontodaten eröffnen, die wir strukturiert und standardisiert haben, können sich die Entwickler von Finanz-Apps und Finanzdienstleistungen auf die Entwicklung von Anwendungen konzentrieren, die Ihnen zugutekommen.

Über diese Datenschutzerklärung

Das Ziel dieser Datenschutzerklärung ist, einfach und unkompliziert zu erklären, welche Daten Plaid von und über Endbenutzer von Ihnen erhebt und wie wir diese Daten verwenden und weitergeben. Wir legen Wert auf Transparenz und möchten Ihnen klar und deutlich darlegen, wie wir mit Ihren Daten umgehen.

In dieser Datenschutzerklärung wird nicht erklärt, wie Entwickler der von Ihnen verwendeten Apps mit Ihren Daten umgehen. Bitte sehen Sie sich in diesem Zusammenhang die Datenschutzerklärungen und Nutzungsbedingungen dieser Apps an, um einen Überblick über deren Praktiken zu gewinnen. Darüber hinaus erstreckt sich diese Datenschutzerklärung nicht auf Daten, die wir über unsere Websites erheben oder wenn Sie abseits der Nutzung unserer Produkte oder Dienste mit Plaid interagieren, z. B. wenn Sie Plaid direkt per E-Mail kontaktieren. Weitere Informationen finden Sie in unserer Datenschutzerklärung für alle Zielgruppen und der Cookie-Richtlinie.

Die Dienste von Plaid richten sich nicht an Personen unter 18 Jahren, das heißt, dass wir wissentlich keine Daten von Kindern erheben.

Unsere Datenpraxis

Plaid ist bestrebt, den Endbenutzern eine sinnvolle Kontrolle über ihre Daten zu ermöglichen. In diesem Abschnitt werden die Datenpraktiken von Plaid im Zusammenhang mit unserer Verarbeitung Sie betreffender Daten beschrieben. Außerdem finden Sie am Ende dieser Datenschutzerklärung im Abschnitt Übersicht über die Verarbeitungstätigkeiten eine Übersicht über unsere Praktiken, geordnet nach den Kategorien der erhobenen Daten und nach Produkt.

Daten, die wir erheben und Kategorien etwaiger Datenquellen

Wie unten ausführlicher beschrieben, hängen die von uns erhobenen, verwendeten und weitergegebenen Daten von den Produkten und Diensten von Plaid ab, die Sie und/oder die App, mit der Sie sich verbunden haben, nutzen. Je nachdem, welchen Plaid-Dienst Sie oder der Entwickler, mit dem Sie eine Verbindung herstellen, nutzen, kann Plaid die folgenden Daten speichern:

• Daten, die Sie uns zur Verfügung stellen;

• Daten von Finanzinstituten, wenn Sie Ihr Finanzkonto verknüpfen;

• Daten von dem elektronischen Gerät, mit dessen Hilfe Sie Ihr Finanzkonto über Plaid verbinden oder anderweitig mit Plaid interagieren;

• Daten vom Entwickler der App, mit der Sie sich verbunden haben;

• Daten von unseren verbundenen Konzernunternehmen, sodass Ihnen Unterstützung gegeben oder Ihnen eine bessere Benutzererfahrung geboten werden kann; und/oder

• Daten aus anderen Quellen, einschließlich Dienstleistern sowie Diensten zur Identitätsprüfung und Betrugsprävention.

Daten, die Sie uns zur Verfügung stellen.Wenn Sie die Produkte oder Dienstleistungen von Plaid nutzen (z. B. wenn Sie mithilfe von Plaid Ihre Finanzkonten mit einer App verbinden), erheben wir die folgenden Daten von Ihnen, soweit dies für die Leistung der jeweiligen App oder des jeweiligen Dienstes erforderlich ist:

• Identifikatoren, wie Name, E-Mail-Adresse, Geburtsdatum, Sozialversicherungsnummer und Telefonnummer;

• Anmeldedaten, soweit diese vom Anbieter Ihres Kontos verlangt werden, wie etwa Ihr Benutzername und Kennwort sowie die Konto- oder Routingnummer bzw. BLZ oder ein Sicherheits-Token;

• alle zusätzlichen Informationen, die zur Verbindung Ihrer Konten erforderlich sind, wie u. a. Sicherheitsfragen und -antworten, und einmalige Passwörter (OTP) und/oder

• Informationen aus Dokumenten oder Bescheinigungen, die Sie Plaid zur Verfügung stellen, wie z. B. Kontoauszüge oder Gehaltsabrechnungen.

Wenn Sie Anmeldedaten und zusätzliche Informationen vorlegen, die für die Verbindung Ihrer Konten erforderlich sind, erteilen Sie Plaid auch die Erlaubnis und Befugnis, in Ihrem Namen zu handeln, um auf Daten zuzugreifen und diese an Ihr bzw. von Ihrem Finanzinstitut zu übermitteln.

Daten, die wir von Finanzinstituten über Ihre bzw. von Ihren Konten erheben.Je nachdem, welche Produkte oder Dienstleistungen von Plaid Sie oder der Entwickler Ihrer App nutzen, sowie welche und wie Informationen zur Verfügung gestellt werden, können wir die folgenden Daten von Ihren Finanzinstituten erheben:

• Kontodaten, darunter Name des Finanzinstituts, Kontobezeichnung, Kontotyp, Kontoinhaber, Filialnummer, IBAN, BIC, Kontonummer, Routingnummer und Bankleitzahl;

• Daten über den Kontostand, z. B. aktueller und verfügbarer Saldo;

• Daten über Kreditkonten, z. B. Fälligkeitsdaten, geschuldete Beträge, Zahlungsbeträge und -termine, Transaktionsverlauf, Kreditlimit, Rückzahlungsstatus und Zinssatz;

• Daten über Darlehenskonten, z. B. Fälligkeitstermine, Rückzahlungsstatus, Guthaben, Zahlungsbeträge und -termine, Zinssatz, Bürgen, Darlehensart, Zahlungsplan und Bedingungen;

• Daten über Anlagekonten, z. B. Transaktionsinformationen, Art des Vermögenswerts, identifizierende Angaben über den Vermögenswert, Menge, Preis, Gebühren und Kostenbasis;

• Identifikatorenund Daten über den/die Kontoinhaber, z. B. Name, E-Mail-Adresse, Telefonnummer, Geburtsdatum und Anschrift;

• Informationen über Kontotransaktionen, z. B. Betrag, Datum, Zahlungsempfänger, Art, Menge, Preis, Ort, beteiligte Wertpapiere und Beschreibung der Transaktion und/oder

• Daten über Kontotransaktionen, z. B. Betrag, Datum, Zahlungsempfänger, Art, Menge, Preis, Ort, beteiligte Wertpapiere und Beschreibung der Transaktion; und

• Daten zu Ihrer Lohn- und Gehaltsabrechnung sowie Steuerunterlagen, einschließlich von Daten über Ihr Einkommen und Ihren Arbeitgeber, wenn Sie Ihre Gehaltsabrechnungen verknüpft oder uns Ihre Lohnabrechnungen oder Steuerbescheide vorgelegt haben.

Je nach Plaid-Dienst, den ein Sie oder der Entwickler verwenden, und der Art und Weise, in der die Daten zur Verfügung gestellt werden, können die von Ihren Finanzkonten erhobenen Daten Informationen von allen Konten (z. B. Giro-, Spar-, Kreditkarten- und Verbundkonten) enthalten, die über einen einzigen Satz von Kontoanmeldeinformationen abrufbar sind. Weitere Einzelheiten zu Daten, die im Zusammenhang mit verschiedenen Produkten und Diensten erhoben werden, finden Sie unter Übersicht über die Verarbeitungstätigkeiten nach Produkt.

Daten, die wir von Ihren Geräten erhalten. Wenn Sie ein Gerät wie Ihr Smartphone, Tablet oder Ihren Computer für die Interaktion mit unseren Diensten verwenden (einschließlich über die App eines Entwicklers), können wir die folgenden Daten über dieses Gerät erheben:

• Internetprotokoll-Adresse (IP-Adresse);

• Zeitzoneneinstellung und Standort, Gerätestandort;

• Hardwaremodell und Betriebssystem;

• Funktionen in unseren Diensten, auf die Sie zugreifen;

• Browserdaten;

• Netzwerkdaten; und

• andere technische Daten über das Gerät (wie Einstellungen und bevorzugte Einstellungen).

Daten über Sie, die wir von den Entwicklern der über Plaid betriebenen Apps erhalten. Wenn es erforderlich ist, dass Plaid eine Leistung erbringt (wie die Überprüfung Ihrer Identität, den Schutz vor Betrug oder Risiken oder die Aktivierung einer Banküberweisung), können die Entwickler der von Ihnen verwendeten Apps uns Kennungen und kommerzielle Informationen über Sie überlassen, wie Ihren Namen, Ihre Sozialversicherungsnummer, E-Mail-Adresse, Telefonnummer oder Informationen über Ihre Finanzkonten und Transaktionen.

Daten von unseren verbundenen Konzernunternehmen, sodass Ihnen Unterstützung gegeben oder Ihnen eine bessere Benutzererfahrung geboten werden kann. Wir können Daten von unseren verbundenen Unternehmen erheben (also von Unternehmen, die mit uns durch gemeinsames Eigentum oder Kontrolle verbunden sind), um Kundendienstleistungen für Sie zu erbringen oder um Ihre Erfahrung zu verbessern. Wenn Sie sich zum Beispiel dafür entscheiden, dass Plaid CRA sich Finanzkonten merkt, die mit Ihrer Telefonnummer verbunden sind, können wir die folgenden Daten von Plaid CRA erheben, damit Sie sich bei der Nutzung unserer Dienste schneller mit Ihren Konten verbinden können:

• Identifikatoren wie Name, E-Mail-Adresse und Telefonnummer;

• Anmeldedaten soweit diese vom Anbieter Ihres Kontos verlangt werden, wie etwa Ihr Benutzername und Kennwort, Bankname, die Konto- und Routingnummer bzw. BLZ oder ein Sicherheits-Token;

• bei Bedarf Daten zur Überprüfung Ihrer Identität und Verbindung Ihrer Konten, wie etwa Ihr Geburtsdatum, Sicherheitsfragen und Sicherheitsantworten und Einmalpasswort (OTP); und/oder

• Daten, die von Ihrem Gerät stammen (wie oben näher erläutert).

Daten, die wir aus anderen Quellen über Sie erhalten. Wenn es für die Erbringung einer Leistung, die Identifizierung Ihres Geräts oder zur Verhinderung von Betrug, Missbrauch oder Sicherheitsbedrohungen erforderlich ist, können wir auch Daten über Sie direkt von Dritten erhalten, wie etwa von Ihrem Mobilfunkanbieter oder von unseren Dienstleistern.

Informationen, die wir aus den von uns erhobenen Daten ableiten. Wenn es für die Erbringung einer Leistung, die Identifizierung Ihres Wir können aus den von uns erhobenen Daten zusätzliche Rückschlüsse über Sie ableiten. Zum Beispiel können wir Rückschlüsse über Ihren Geostandort, Ihre Jahreseinkommen, über die Art des Kontos oder Unterkontos ziehen, das Sie verknüpfen möchten – wenn Sie zum Beispiel Ihre Darlehenskonten verknüpfen, können wir dem Entwickler mitteilen, ob das Konto für eine Hypothek, ein Studentendarlehen oder eine Kreditkarte bestimmt ist.

Wie wir Ihre Daten verwenden

Wir verwenden Ihre Daten für die folgenden geschäftlichen und kommerziellen Zwecke.

• Bereitstellung von Diensten: Um unsere Dienste zu betreiben, bereitzustellen und zu warten.

• Entwicklung bestehender Dienste: Um unsere Dienste zu verbessern, zu erweitern, zu ändern, zu ergänzen und weiterzuentwickeln.

• Als Hilfsmittel zur Betrugsvermeidung, Verifizierung Ihrer Identität und für den Datenschutz: Um Ihre Identität zu verifizieren und um Sie, Entwickler, unsere Partner, Plaid und andere vor Betrug, böswilligen Aktivitäten und anderen datenschutz- und sicherheitsrelevanten Problemen zu schützen.

• Entwicklung neuer Dienste: Entwicklung neuer Produkte und Dienste.

• Entwicklung von Erkenntnissen: Um Erkenntnisse zu gewinnen, die auf den zu Ihnen erhobenen Daten beruhen. Dazu gehören Ihre Transaktionsdaten, sonstige Finanzdaten und Daten aus anderen Quellen, um den Entwicklern Ihrer verbundenen Apps zu helfen, Ihnen Dienste und/oder ein besseres Benutzererlebnis zu bieten, wie z. B. einen schnelleren Zugriff auf Ihr Geld oder die Aufdeckung und Verhinderung potenziell betrügerischer Aktivitäten sowie für die Personalisierung ihrer Leistungen für Sie.

• Bereitstellung von Support: Um Ihnen oder Entwicklern Unterstützung zu bieten, darunter die Beantwortung Ihrer Anfragen im Zusammenhang mit unseren Diensten oder den Apps der Entwickler.

• Kommunikation mit Ihnen: Für die Kommunikation mit Ihnen sowie um Ihnen Dinge wie technische Hinweise, Updates, Sicherheitswarnungen und Nachrichten zuzusenden, wenn Sie Plaid Portal oder Remember Me verwenden.

• Ermittlung von Missbrauch und Verstößen:Um einen eventuellen Missbrauch unserer Dienste oder der Apps von Entwicklern zu untersuchen, einschließlich Verstößen gegen unsere Richtlinie für Entwickler, kriminelle Aktivitäten oder andere nicht autorisierte Zugriffe auf unsere Dienste.

• Rechtliche Zwecke: Um vertragliche und gesetzliche Verpflichtungen nach dem anwendbaren Recht zu erfüllen und für andere rechtliche Zwecke, wie z. B. zur Feststellung und Abwehr von Ansprüchen.

• Mit Ihrer Zustimmung Zu anderen vorab mitgeteilten Zwecken auf Basis Ihrer Einwilligung oder auf Ihre Veranlassung.

Wir können Daten, die zusammengefasst oder anonymisiert worden sind, anhand derer Sie nicht persönlich identifiziert werden können, für jeden nach geltendem Recht zulässigen Zweck erheben, verwenden und weitergeben. Dies umfasst die Erstellung oder Verwendung aggregierter oder anonymisierter Daten zur Entwicklung neuer Dienstleistungen oder zur Erleichterung der Forschung und für Analysezwecke, etwa zur Bewertung von Geschwindigkeit, Genauigkeit und/oder Sicherheit unserer Dienste und Leistungen.

Unsere Rechtsgrundlagen für die Verarbeitung (nur für Endbenutzer aus dem EWR und Großbritannien)

Für Personen im Europäischen Wirtschaftsraum („EWR“) oder in Großbritannien („UK“): Plaid verarbeitet Ihre personenbezogenen Daten nur dann, wenn wir eine gültige Rechtsgrundlage dafür haben. Unsere Rechtsgrundlage für die Verarbeitung der von uns erhobenen Daten hängt davon ab, welche Daten wir erhoben haben und welcher Verarbeitungszweck besteht. Grundsätzlich gilt jedoch, dass wir Ihre Daten nur dann erheben und verarbeiten werden, wenn:

• Wir sind an jeden Vertrag oder jede Vereinbarung mit Ihnen gebunden (z. B. zur Einhaltung unserer Dienstleistungsvereinbarungen für Endbenutzer) und müssen beim Angebot regulierter Dienstleistungen, einschließlich unserer Kontoinformationen und Zahlungsdienste, verschiedene gesetzliche Vorgaben einhalten.

• Wir benötigen Ihre Daten für die Einhaltung unserer gesetzlichen Verpflichtungen nach geltendem Recht, für den Schutz der gesetzlichen Rechte von Plaid und zur Verhinderung und Erkennung von kriminellen Aktivitäten, wie Geldwäsche und Betrug. Für diese Zwecke muss Plaid gegebenenfalls Ihre personenbezogenen Daten an Institutionen wie Gerichte, Strafverfolgungsbehörden und an Anbieter von Dienstleistungen zur Bekämpfung von Geldwäsche weitergeben;

• Die Verarbeitung ist für unsere berechtigten Interessen erforderlich, um die Integrität unserer Dienste und Leistungen wirksam zu bewahren. Dies betrifft auch das Abrufen von Kontoinformationen oder die Bereitstellung von Zahlungsinitiierungsdiensten (sowie die Überprüfung der Ergebnisse dieser Aktivität), die Kommunikation mit Ihnen und die Maßnahmen, die sicherstellen sollen, dass Plaid als regulierte Körperschaft die erwarteten Standards einhält (einschließlich der von der Financial Conduct Authority (britische Finanzaufsichtsbehörde, FCA) für Plaid Financial Ltd und der De Nederlandsche Bank für Plaid B.V. festgelegten Standards); oder

• Sie Ihre Einwilligung erteilt haben.

Soweit wir uns bei der Verarbeitung Ihrer Daten auf Ihre Einwilligung stützen, haben Sie das Recht, diese jederzeit gemäß den in dieser Datenschutzerklärung enthaltenen Prozessen mit Wirkung für die Zukunft zu widerrufen.

Wie wir Ihre Daten weitergeben

Wir geben Ihre Daten aus den folgenden Gründen weiter:

• an den Entwickler der von Ihnen genutzten App und gemäß den Anweisungen dieses Entwicklers;

• um einen Vertrag mit Ihnen durchzusetzen;

• an unsere Datenverarbeiter und andere Dienstleister, Partner oder Auftragnehmer in Verbindung mit Diensten, die sie für uns oder Entwickler erbringen;

• mit Finanzinstituten, um eine Verbindung herzustellen, aufrechtzuerhalten oder zu kontrollieren, die Sie zwischen Ihren Finanzinstitutskonten und einer App hergestellt haben;

• wenn wir in gutem Glauben überzeugt sind, dass die Offenlegung angemessen ist, um geltendem Recht, Vorschriften oder Verpflichtungen in rechtlichen Verfahren (wie etwa Gerichtsbeschlüsse oder Vorladungen) nachzukommen;

• im Zusammenhang mit einer Änderung der Eigentums- oder Beherrschungsverhältnisse in Bezug auf unser gesamtes oder einen Teil unseres Unternehmens (wie etwa Fusion, Übernahme, Umstrukturierung oder Insolvenz);

• innerhalb von Plaid sowie an unsere derzeitigen und zukünftigen Muttergesellschaften, verbundenen Unternehmen, Tochtergesellschaften und andere Unternehmen, die unter gemeinsamer Kontrolle oder in gemeinsamem Eigentum stehen;

• soweit wir es für angemessen halten, um böswillige bzw. betrügerische Handlungen zu verhindern oder um anderweitig die Rechte, die Privatsphäre, die Sicherheit oder das Eigentum von Ihnen, Entwicklern, unseren Partnern, Plaid und anderen zu schützen; oder

• zu anderen vorab mitgeteilten Zwecken auf Basis Ihrer Einwilligung oder auf Ihre Veranlassung.

(Für Benutzer in den USA) Wir geben Ihre Daten nicht an nicht angeschlossene Dritte weiter, es sei denn, dies ist gesetzlich zulässig (wie in 12 C.F.R. § 1016.14 und 1016.15 erlaubt).

Wenn Sie Ihre Finanzkonten über Plaid verknüpfen, verwenden wir normalerweise den reCAPTCHA-Dienst von Google, um Betrug und Missbrauch zu erkennen. Google reCAPTCHA ist in Produkte und Dienstleistungen von Plaid integriert. So soll sichergestellt werden, dass beispielsweise in Online-Formularen vorgenommene Eingaben tatsächlich von realen Personen vorgenommen werden und nicht automatisiert durch Software (oder Bots) erfolgen.

Google reCAPTCHA analysiert anhand verschiedener Merkmale das Verhalten der Benutzer unserer Produkte und Dienstleistungen. Google reCAPTCHA verarbeitet personenbezogene Daten wie Ihre IP-Adresse, Ihre Verweildauer auf unserer Website und weitere Informationen über Ihre Nutzung von Produkten und Dienstleistungen von Plaid. Diese Daten werden von Google an Server in den USA und anderen Ländern übermittelt und auf jenen gespeichert. Google hat sich gemäß dem EU-US Data Privacy Framework zertifizieren lassen; das Zertifikat ist hier verfügbar. Bei der Verwendung von reCAPTCHA gelten die Datenschutzbestimmungen und Nutzungsbedingungen von Google für reCAPTCHA und die Informationen, die Google mithilfe von reCAPTCHA erhebt.

Wir geben Ihre personenbezogenen Finanzdaten an Dritte nur für den Betrieb der von Ihnen gewünschten Dienste und Leistungen, wenn Sie zustimmen und/oder um uns und Sie vor Betrug zu schützen, weiter.

Wir können Daten von Cookies erheben und an Dritte weitergeben, wenn Sie unsere Website besuchen, oder wir können Dritten erlauben, diese Daten über unsere Websites zu erheben. Weitere Einzelheiten finden Sie in unserer Cookie-Richtlinie und der Datenschutzerklärung für alle Zielgruppen.

Unsere Aufbewahrungs- und Löschpraktiken

Wir bewahren Ihre Daten nur so lange auf, wie diese benötigt werden. Um festzustellen, ob die Daten benötigt werden, prüfen wir den Grund, aus dem Ihre Daten erhoben und verwendet wurden, sowie etwaige gesetzliche Bestimmungen zur Aufbewahrung Ihrer Daten. Wir überprüfen Ihre Daten regelmäßig in Hinblick darauf, ob jene noch für Zweck, für den sie erhoben wurden, oder für andere gesetzliche Erfordernisse benötigt werden. Wenn ein Entwickler Ihre Verbindung in seiner App zu Ihren Daten unterbricht, sind die Systeme von Plaid so konzipiert, dass sie Ihre personenbezogenen Daten automatisch löschen. Das geschieht vorbehaltlich bestimmter Ausnahmen, in denen wir Ihre Daten weiterhin aufbewahren können.

Ausgenommen hiervon sind unter Umständen Fälle, in denen: (a) Sie eine Verbindung zu der App eines anderen Entwicklers über Plaid hergestellt haben, die noch aktiv ist; (b) Plaid Ihre Daten zur weiteren Bereitstellung eines von Ihnen angeforderten Plaid-Dienstes benötigt; (c) Plaid gesetzlich verpflichtet ist, Ihre Daten zu speichern; (d) Plaid Ihre Daten zur Verhinderung von Betrug oder zum Schutz der Privatsphäre, zur Leistung von Support oder zur Untersuchung von Missbrauch und Fehlverhalten benötigt, (e) sofern Plaid Ihre Daten anonymisiert hat, sodass eine Re-Identifizierung damit nicht möglich ist, oder (e) wir Sie bitten, uns zu erlauben – und Sie dem ausdrücklich zustimmen –, Ihre Daten länger aufzubewahren.

Ihre Daten werden nur so verarbeitet, wie es gesetzlich vorgeschrieben oder in dieser Erklärung vorgesehen ist.

Bitte lesen Sie den Abschnitt „Ihre Datenschutzrechte“ in dieser Datenschutzerklärung, um sich über die Ihnen zur Verfügung stehenden Möglichkeiten zu informieren, einschließlich zu der Frage, wie die Löschung Ihrer Daten verlangt werden kann. Der Abschnitt „Ihre Datenschutzeinstellungen“ dieser Datenschutzerklärung enthält auch Einzelheiten zu Tools, die Ihnen zur Verfügung stehen, um Verbindungen, die Sie mit Plaid hergestellt haben, anzuzeigen und zu verwalten. Mittels der Kontaktdaten im Abschnitt „Kontaktaufnahme mit Plaid“ können Sie sich auch bezüglich unserer Aufbewahrungs- und Löschpraktiken mit uns in Verbindung setzen.

Schutz der Daten

Die Sicherheitsrichtlinien und -praktiken von Plaid sollen dem Schutz der Vertraulichkeit und Integrität Ihrer Daten dienen. Plaid implementiert Kontrollen, um den Zugang zu diesen Daten auf Mitarbeiter zu beschränken, die einen geschäftlichen Grund zur Kenntnisnahme haben, und untersagt seinen Mitarbeitern jedwede rechtswidrige Zugriffe, Verwendungen oder Weitergaben dieser Daten.

Einige abschließende Hinweise

Internationale Datenübermittlung

Wir sind international tätig, und daher übermitteln wir die Daten, die wir über Sie erheben, über internationale Grenzen hinweg zur Verarbeitung und Speicherung (z. B. übermitteln wir Daten aus dem EWR und Großbritannien in die Vereinigten Staaten und speichern Daten in AWS-Regionen in den Vereinigten Staaten). Wenn wir Daten in ein anderes Land oder Gebiet übermitteln, erfolgt dies stets unter Einhaltung der für uns geltenden Datenschutzgesetze. Insbesondere wenn wir Daten aus dem EWR oder Großbritannien über andere internationale Grenzen übermitteln, stützen wir uns für solche Übermittlungen auf Angemessenheitsentscheidungen, Datenübertragungsvereinbarungen oder andere durch die EU-Kommission oder den britischen Secretary of State (falls zutreffend) genehmigte Mechanismen, einschließlich von Standardvertragsklauseln. Sie können uns über die unten genannten Kanäle kontaktieren, um eine Kopie dieser Standarddatenschutzklauseln zu erhalten. Vor der Übermittlung von Daten aus dem EWR oder auf Großbritannien führen wir Folgenabschätzungen für die Übermittlung durch und ergreifen zusätzliche Maßnahmen, um sicherzustellen, dass alle übermittelten Daten in Übereinstimmung mit den Anforderungen des EWR und des Vereinigten Königreichs aufbewahrt werden.

Ihre Datenschutzrechte

Unabhängig davon, wo Sie wohnen, werden wir die folgenden Rechte in Bezug auf Ihre personenbezogenen Daten vorbehaltlich einiger gesetzlich vorgesehener Einschränkungen und Ausnahmen respektieren, und Sie werden wegen Ihrer Ausübung jener Rechte nicht diskriminiert:

• Auskunft zu/Zugriff auf die über Sie erhobenen Daten;

• Zugang zu weiteren Informationen über die Kategorien und spezifischen Teile der personenbezogenen Daten, die wir in den letzten 12 Monaten über Sie gespeichert haben (einschließlich personenbezogener Daten, die zu Geschäftszwecken weitergegeben wurden);

• unter bestimmten Umständen zu verlangen, dass wir ungenaue oder unvollständige Daten berichtigen oder aktualisieren;

• unter bestimmten Umständen zu verlangen, dass wir die Verarbeitung Ihrer Endbenutzerdaten unter bestimmten Umständen einschränken;

• unter bestimmten, gesetzlich festgelegten Bedingungen Widerspruch gegen die Verarbeitung Ihrer Endbenutzerdaten einzulegen;

• wenn die Verarbeitung Ihrer Daten auf einer Einwilligung beruht, diese Einwilligung zu widerrufen;

• zu verlangen, dass wir Ihnen die über Sie erhobenen Daten in einem strukturierten, gängigen und maschinenlesbaren Format zur Verfügung stellen, damit Sie diese Daten an ein anderes Unternehmen übermitteln können, sofern dies technisch möglich ist, und

  • bitte beachten Sie, dass Sie den Antrag für Zugang zur offiziellen Akte mit Ihren Finanzinformationen direkt an Ihr Finanzinstitut richten müssen.

Je nachdem, wo Sie leben, haben Sie möglicherweise das Recht, eine Beschwerde einzureichen. Wir stehen Ihnen gerne zur Verfügung und freuen uns, wenn Sie sich mit uns in Verbindung setzen. Darüber hinaus haben Sie abhängig von Ihrem Heimatland das Recht, jederzeit eine Beschwerde bei Ihrer (Datenschutz-)Aufsichtsbehörde einzureichen. Für Endbenutzer im EWR finden Sie die Kontaktinformationen des Europäischen Datenschutzausschusses (European Data Protection Board, EDPB) auf der Website des EDPB. Endbenutzer in Großbritannien finden die Kontaktinformationen des Information Commissioner's Office (ICO) auf der ICO-Website. Für Endbenutzer in der Schweiz ist dies der Bundesbeauftragte für Datenschutz und Information, dessen Kontaktdaten Sie dort finden.

Für die Ausübung etwaiger Rechte können Sie uns über unser Online-Formular kontaktieren. Zur Ausübung Ihrer Datenschutzrechte können Sie uns auch, wie unten im Abschnitt „Kontaktaufnahme mit Plaid“ beschrieben, kontaktieren. Es kann sein, dass Sie uns zusätzliche Informationen geben müssen, die zur Bestätigung Ihrer Identität notwendig sind, bevor wir auf Ihren Antrag antworten können.

Wenn wir Ihre Anfrage von einem Bevollmächtigten erhalten, können wir einen Nachweis verlangen, dass der Bevollmächtigte über eine gültige schriftliche Ermächtigung, wie etwa eine Vollmacht verfügt, um in Ihrem Namen Anfragen zu stellen.

Wir werden alle diesbezüglichen Anfragen prüfen und innerhalb eines angemessenen Zeitraums (sowie innerhalb aller gesetzlich vorgeschriebenen Fristen) darauf antworten. Bitte beachten Sie jedoch, dass bestimmte Daten von solchen Anfragen ausgenommen sein können, z. B. wenn wir die Daten aufbewahren müssen, um unseren eigenen rechtlichen Verpflichtungen nachzukommen oder um Rechtsansprüche geltend zu machen, auszuüben oder zu verteidigen.

Sowohl für die Plaid Financial Ltd. als auch für die Plaid, B.V. haben wir einen Datenschutzbeauftragten (DSB) ernannt, der auch für die Beantwortung von Fragen im Zusammenhang mit dieser Datenschutzerklärung zuständig ist und per E-Mail unter privacy@plaid.com kontaktiert werden kann.

Ihre zusätzlichen Datenschutzkontrollen

Plaid hat das Plaid-Portal entwickelt, um Ihnen eine bequeme, zentrale Möglichkeit für die Anzeige und Verwaltung der von Ihnen mithilfe von Plaid erstellten Verbindungen zu bieten.

In den USA können Sie sich für Plaid Portal registrieren, indem Sie my.plaid.com besuchen, Ihre Telefonnummer und E-Mail-Adresse verifizieren und ein Passwort erstellen. Nachdem Sie sich für ein Plaid-Portal-Konto registriert haben, werden Sie zu einem Dashboard geführt, das Ihnen zeigt, welche Finanzkonten Sie mithilfe von Plaid mit den von Ihnen gewählten Apps verbunden haben und welche Arten von Daten mit diesen Apps geteilt werden. Zusätzlich bietet Ihnen Plaid Portal die Möglichkeit, die Verbindung zwischen Apps und Ihren Finanzkonten zu beenden und die entsprechenden, in den Systemen von Plaid gespeicherte Daten zu löschen.

Änderungen an dieser Datenschutzerklärung

Wir werden diese Datenschutzerklärung von Zeit zu Zeit aktualisieren oder ändern. Im Falle von Aktualisierungen oder Änderungen werden wir die neue Datenschutzerklärung auf der Website von Plaid unter https://plaid.com/legal veröffentlichen und das Datum des Inkrafttretens oben in dieser Datenschutzerklärung aktualisieren. Wir werden auch Entwickler über alle wesentlichen Änderungen in Übereinstimmung mit unseren Entwicklervereinbarungen informieren, da diese besser in der Lage sind, Sie über Änderungen dieser Datenschutzerklärung zu informieren. Wenn Sie ein aktiver Benutzer von Plaid Portal sind, senden wir Ihnen außerdem eine E-Mail, die Sie über die Aktualisierung informiert.

Kontaktaufnahme mit Plaid

Wenn Sie Fragen oder Beschwerden zu dieser Datenschutzerklärung oder zu unseren Datenschutzpraktiken im Allgemeinen haben, schicken Sie uns bitte eine E-Mail an privacy@plaid.com oder einen Brief an:

Wenn Sie Ihren Wohnsitz außerhalb des EWR oder Großbritanniens haben:

Plaid Inc.
Attn: Legal
PO Box 7775 #35278
San Francisco, California 94120-7775
USA

Sowohl für die Plaid Financial Ltd. als auch für die Plaid, B.V. haben wir einen Datenschutzbeauftragten (DSB) ernannt, der auch für die Beantwortung von Fragen im Zusammenhang mit dieser Datenschutzerklärung zuständig ist und per E-Mail unter privacy@plaid.com kontaktiert werden kann.

Wenn Sie Ihren Wohnsitz in Großbritannien haben:

Plaid Financial Ltd.
Attn: Legal
New Penderel House, 4th Floor
283-288 High Holborn
London, Großbritannien, WC1V 7HP

Wenn Sie Ihren Wohnsitz im EWR haben:

Plaid, B.V.
Attn: Legal
Muiderstraat 1
1011PZ Amsterdam
Niederlande

Übersicht über die Verarbeitungstätigkeiten

Übersicht über die Verarbeitungstätigkeiten nach Datenkategorie

Um die Transparenz unserer Praktiken noch weiter zu erhöhen, haben wir die Informationen aus unserer obigen Datenschutzerklärung in einer Tabelle zusammengefasst, in der die Kategorien von Daten, die Plaid über Sie erhebt, den Datenquellen, den Nutzungszwecken von Plaid und den Kategorien von Empfängern, an die Plaid die Daten weitergibt, zugeordnet sind. Ausführlichere Beschreibungen unserer Praktiken zur Erhebung, Verwendung und Weitergabe der Daten finden Sie in den entsprechenden Abschnitten der obigen Datenschutzerklärung.

Übersicht über die Verarbeitungstätigkeiten nach Produkt

Wie oben erwähnt, hängt der Umstand, welche Daten wir erheben und verwenden, von den Plaid-Produkten und -Dienstleistungen ab, die Sie und der Entwickler nutzen. Für den besseren Überblick dazu, welche Daten für welches Produkt und welche Dienstleistung erhoben und verwendet werden, haben wir die folgenden Zusammenfassungen unserer Datenerhebung und Datennutzung nach Produkten zusammengestellt. Einige dieser Produkte sind nur für Benutzer aus den USA verfügbar, andere nur für Benutzer aus dem EWR und aus Großbritannien. Wenn Sie nicht sicher sind, welche Produkte oder Dienstleistungen von Plaid Ihre verbundenen Anwendungen verwenden, kontaktieren Sie bitte den Entwickler der Anwendung. (Wir weisen darauf hin, dass diese Liste die Produktpalette von Plaid zum Zeitpunkt des Inkrafttretens dieser Datenschutzerklärung wiedergibt und möglicherweise keine Produkte oder Dienstleistungen enthält, die zu diesem Zeitpunkt in der Entwicklung sind.)

Darüber hinaus unterscheidet das Datenschutzrecht in bestimmten Regionen, wie etwa in Großbritannien und der EU, zwischen dem „Verantwortlichen“ und dem „Auftragsverarbeiter“ von Daten. Je nachdem, welches Produkt oder welche Dienstleistung Sie und Ihr Entwickler verwenden, kann Plaid Verantwortlicher oder Auftragsverarbeiter der nach dem relevanten Datenschutzgesetz erhobenen Daten sein. Sofern in der nachfolgenden Produktbeschreibung nicht anders angegeben, ist Plaid der Verantwortliche für die erhobenen personenbezogenen Daten.

Assets

Assets ermöglicht es Ihnen, den Zugriff auf eine zeitpunktbezogene Ansicht Ihrer ausgewählten Finanzkontodaten – wie Kontostände, Transaktionshistorie und Informationen zur Identität des Kontoinhabers – für Plaid und für von Ihnen gewählte Apps und Dienste zu gewähren. Wir erheben Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Auth

Auth hilft Ihnen bei der Authentifizierung Ihrer Finanzkontodaten und ermöglicht Plaid und den von Ihnen gewählten Apps und Diensten den Zugriff auf Ihre Konto- und Routingnummern/BLZ. Wir erheben gegebenenfalls Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Balance

Mit Balance und dessen optionalen Funktionen können Sie Plaid sowie den von Ihnen ausgewählten Apps und Diensten Zugriff auf Ihre Kontostände in Echtzeit und/oder auf Rückschlüsse, die aus Ihren Kontoständen ermittelt werden, sowie auf weitere Kontoinformationen gewähren, damit jene Ihnen helfen können, z. B. die Überziehung Ihres Kontos zu vermeiden, bevor Sie eine Überweisung tätigen. Wir erheben Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten und ziehen in manchen Fällen Rückschlüsse aus diesen Informationen Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Identity und Identity Match

Mit Hilfe von Identity können Sie Plaid und den von Ihnen gewählten Apps und Diensten Zugriff auf die Kontoinhaber Ihres Finanzinstituts gewähren, z. B. Ihren Namen, Ihre E-Mail-Adresse, Ihre Telefonnummer und Ihre Postanschrift, damit diese beispielsweise Ihre Identität überprüfen oder Ihre Kontodaten innerhalb der App vorausfüllen können. Identity Match hilft den Apps und Diensten dabei, die Sie verwenden, Ihre Identität anhand der Kontoinhaberdaten zu überprüfen, die von Ihrem Finanzinstitut gespeichert werden. Wir erheben gegebenenfalls Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten. Wir verwenden diese Daten wie oben im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Verifizierung der Debitkarte

Mit der Debitkartenverifizierung können Sie Zugriff auf Ihre Kontoinhaberdaten, Ihren Echtzeit-Kontostand und Ihre Transaktionsverlaufsdaten gewähren, um zu bestätigen, dass die von Ihnen verwendete Debitkarte mit einem Bankkonto verknüpft ist, das Sie besitzen. Wir erheben Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten und ziehen in manchen Fällen Rückschlüsse aus diesen Informationen Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Identity Verification and Monitor

Identity Verification und Monitor (Identitätsüberprüfung und -überwachung, „IDV“) erleichtert die Identitätsprüfung, Betrugserkennung und Watchlist-Screening-Services für Entwickler. Wenn wir Entwicklern Dienstleistungen von Identity Verification and Monitor anbieten, erheben und verarbeiten wir Ihre Daten nur als Dienstleister für diesen Entwickler, sodass die Entwickler den Zweck und die Mittel bestimmen, mit denen Ihre Daten verarbeitet werden. Weitere Informationen darüber, wie wir Endbenutzerdaten für Entwickler verarbeiten, und auf Anweisung des Entwicklers, mit Identity Verification and Monitor Dienstleistungen erbringen, finden Sie in der Datenschutzerklärung für Endbenutzer von IDV.

Plaid Account

Plaid Account vereinfacht und beschleunigt Ihnen die Benutzung, indem es Plaid ermöglicht, Ihre Finanzkontoverbindungen und Identitätsinformationen zu speichern, um das Onboarding und die Nutzung Ihrer ausgewählten Apps zu beschleunigen. Wir erheben gegebenenfalls Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Income

Mit Income können Sie Plaid und den von Ihnen ausgewählten Apps und Diensten Zugang zu Daten über Ihr Einkommen und Ihre Beschäftigung geben. Wir erheben Identifikatoren, Finanzinformationen, kommerzielle, Beschäftigungs-. Einkommens- und andere Daten zu Ihrer Berufstätigkeit, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Investments

Investments gibt Ihnen die Möglichkeit, Plaid und den von Ihnen gewählten Apps oder Diensten Zugriff auf die Ihre Renten-, Makler-, Bildungsspar- und Gesundheitssparkonten zu gewähren, damit diese Ihnen beispielsweise persönliche Finanz- und Vermögensverwaltungstools an die Hand geben können. Wir erheben Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten, Daten zu Ihrer Berufstätigkeit und Daten über elektronische Netzwerkaktivitäten und ziehen Schlussfolgerungen aus diesen Informationen Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Liabilities

Über Liabilities können Sie Plaid und den von Ihnen gewählten Apps und Diensten Zugriff auf die Finanzdaten Ihrer Kreditkarten-, Hypotheken- und Studienkreditkonten gewähren. Wir erheben Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Zahlungsauslösung und variable wiederkehrende Zahlungen

Mit der Zahlungsauslösung können Benutzer von in der EU und Großbritannien ansässigen Diensten einmalige, wiederkehrende oder variabel wiederkehrende Zahlungen auf Konten vornehmen. Dies gilt für Dienste wie Überweisungen, Daueraufträge, variable wiederkehrende Zahlungen und einmalige oder wiederkehrende Zahlungen von Konten, wie Abhebungen und Erstattungen. Variable wiederkehrende Zahlungen ermöglichen es unseren Benutzern in der EU und in Großbritannien, ein Bankkonto einmalig zu authentifizieren und dann zukünftige Zahlungen ohne zusätzliche Authentifizierung vorzunehmen. Wir erheben Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Payouts

Mit Payouts können Benutzer von in der EU und Großbritannien ansässigen Diensten nahtlos und sofort Auszahlungen und Erstattungen von einer App oder einem Dienst, den Sie nutzen, vornehmen, indem Sie ein E-Geld-Konto eröffnen und im Voraus auffüllen, von dem aus Gelder an Benutzer gesendet werden können, die eine Auszahlung anfordern. Wir erheben Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Plaid-Portal

Plaid Portal ist ein Datenschutz-Tool, mit dem Sie die Verbindungen zu Apps, die Sie über Plaid hergestellt haben, steuern können. Sie können mithilfe von Plaid Portal Verbindungen zu Apps in einem einzigen Dashboard anzeigen, Finanzkonten von Apps trennen oder Daten aus Plaid-Systemen löschen. Sie können Plaid Portal auch verwenden, um ihre Plaid-Konten anzeigen zu lassen und um jene zu verwalten. Wir erheben gegebenenfalls Identifikatoren, Finanzdaten, kommerzielle Daten, Standortdaten und Daten über elektronische Netzwerkaktivitäten. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Signal

Signal hilft den von Ihnen genutzten Apps und Diensten, Ihnen ein besseres Nutzererlebnis zu ermöglichen, z. B. einen schnelleren Zugriff auf Ihr Geld, und reduziert das Betrugsrisiko oder das Fehlschlagen einer Überweisung. Wir erheben Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Schlussfolgerungen aus diesen Informationen. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Statements

Mit Statements können Sie Kopien Ihrer Kontoauszüge mit Plaid und den von Ihnen gewählten Apps und Diensten teilen. Wir können Identifikatoren, Finanzinformationen, Standortinformationen und Daten über elektronische Netzwerkaktivitäten erheben. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Transactions

Mit Hilfe von Transactions und dessen dazugehörigen Produkten können Sie Plaid und den von Ihnen ausgewählten Apps und Diensten Zugriff auf die Transaktionshistorie Ihrer Finanzkonten gewähren, so dass diese Ihnen z. B. Tools zur Verwaltung Ihrer persönlichen Finanzen, Ausgabenberichte, Cashflow-Modelle und vieles mehr anbieten können. Wir erheben gegebenenfalls Identifikatoren, Finanzinformationen, wirtschaftliche Informationen, Standortinformationen, Informationen über elektronische Netzwerkaktivität und ziehen Rückschlüsse und Erkenntnisse aus diesen Daten. Wir verwenden diese Daten wie oben im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Transfer

Mit Transfer können Sie einen Entwickler ermächtigen, Zahlungen an Sie zu senden oder Zahlungen von Ihnen einzuziehen über Banküberweisungen, und zwar entweder einmalig oder in regelmäßigen Abständen. Dazu gehört die Überprüfung, ob Sie Inhaber des Kontos sind, auf das oder von dem die Zahlung überwiesen werden soll, die Bewertung des Risikos, dass die Zahlung nicht ausgeführt werden kann oder betrügerisch ist, die elektronische Verarbeitung der Überweisungsanweisungen und die Bestätigung, dass das Geld überwiesen wurde. Wir können Identifikatoren, Finanzinformationen, Standortinformationen und Informationen über elektronische Netzaktivitäten erheben. Wir verwenden diese Daten wie im Abschnitt Wie wir Ihre Daten verwenden in dieser Datenschutzerklärung beschrieben.

Datenschutzhinweis für Verbraucher

Letzte Aktualisierung: 22. Februar 2024

End User Services Agreement (US)

Effective Date: July 1, 2019

Thanks for using Plaid! Plaid provides a platform (“Platform”) that allows you and other end users to connect your bank accounts and other financial accounts (“Accounts”) with applications that can help you do things like save for retirement, manage your spending, streamline credit applications or transfer money (“Apps”).

This End User Services Agreement (US) (“Agreement”) is an agreement between you and Plaid Inc. (“Plaid”, “we” or “us”). By accepting this Agreement or accessing my.plaid.com or your Plaid profile, you agree to this Agreement and certify that you have all necessary rights to do so. If you are accepting on behalf of your employer or another entity, you represent and warrant that: (i) you have full legal authority to bind your employer or such entity to this Agreement; (ii) you have read and understand this Agreement; and (iii) you agree to this Agreement on behalf of the party that you represent. If you do not have the legal authority to bind your employer or the applicable entity, please do not accept this Agreement or access the features covered by this Agreement.

Please note that this Agreement does not apply to the services we provide to the developers of Apps. Those services are covered by our Developer Terms of Use and other terms.

my.plaid.com.

You can use my.plaid.com to manage connections between your Accounts and Apps. my.plaid.com is designed to empower you with greater control over your financial data, but the decision to use any App remains yours. Your use of any App and Account, and the App and Account providers’ use of your data, is governed by separate terms between you and the applicable providers. Plaid is not responsible for any Apps or Accounts provided by third parties or the acts or omissions of any third-party providers, and does not guarantee that any Apps or Accounts will remain available or compatible with the Platform.

Plaid Profile Creation.

You need to create an profile with Plaid in order to use certain features of the Platform, including certain features of my.plaid.com. You also need to ensure that your information is accurate, complete and up-to-date. You must notify us if you learn of any unauthorized access to or use of your Plaid Profile.

Control and Responsibilities.

You represent and warrant that you have all necessary rights to use your Accounts and Apps with the Platform, and you agree to comply with all laws and regulations applicable to your use, as well as any rules and guidelines that we post. You must not (1) use or access anyone else’s Accounts or related data, (2) submit information about anyone else’s identity or Accounts or that violates any third-party rights or (3) use the Platform for any fraudulent, illegal or misleading purpose. You also agree not to (a) modify, reverse engineer or seek to gain unauthorized access to the Platform or related systems, data or source code, (b) bypass or circumvent measures designed to prevent or limit access to any part of the Platform, (c) rent, lease, provide access to or sublicense any elements of the Platform to a third party or use the Platform on behalf of or to provide services to third parties, (d) copy, modify or create derivative works of the Platform or remove any of Plaid’s proprietary notices, (e) access the Platform for competitive purposes or publish any benchmark or performance information about the Platform, or (f) use the Platform in any manner that could damage, disable, overburden, or impair the functioning of the Platform or interfere with, disrupt or negatively affect other users.

How Plaid Uses Your Data.

Please review our End User Privacy Policy to learn how Plaid uses data related to your Accounts (e.g., your Account login information and balance information). You should also refer to our Privacy Statement and Cookie Policy for information about what we collect from the use of our websites. If you have questions, contact us at privacy@plaid.com.

Rights to the Platform.

Note that Plaid owns all right, title and interest (including intellectual property rights) in and to the Platform (including my.plaid.com and Plaid Profile features) and our related websites and technology. If you choose to give us feedback, suggestions or other inputs about the Platform, we may use them without restriction.

Our Disclaimers.

TO THE EXTENT PERMITTED BY LAW, THE PLATFORM (INCLUDING MY.PLAID.COM AND PLAID PROFILES) IS PROVIDED “AS IS” AND “AS AVAILABLE,” AND ANY USE IS AT YOUR DISCRETION AND RISK. PLAID, ITS AFFILIATES AND ITS AND THEIR SUPPLIERS MAKE NO WARRANTIES, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY, TITLE, FITNESS FOR A PARTICULAR PURPOSE OR NONINFRINGEMENT. PLAID DOES NOT WARRANT THAT USE WILL BE UNINTERRUPTED OR ERROR-FREE, THAT ANY OF YOUR DATA WILL BE ACCURATE OR COMPLETE OR THAT PLAID WILL MAINTAIN ANY DATA WITHOUT LOSS.

Liabilities for our Platform. TO THE EXTENT PERMITTED BY LAW, PLAID, ITS AFFILIATES AND ITS AND THEIR SUPPLIERS WILL NOT BE RESPONSIBLE FOR: (A) ANY LOST PROFITS, LOSS OF USE, LOST OR INACCURATE DATA, FAILURE OF SECURITY MECHANISMS, FINANCIAL LOSSES, OR ANY INDIRECT, SPECIAL, INCIDENTAL, RELIANCE OR CONSEQUENTIAL DAMAGES OF ANY KIND OR (B) ANY DAMAGES OR AMOUNTS EXCEEDING, IN THE AGGREGATE, THE GREATER OF (1) THE AMOUNT YOU PAID US TO USE THE PLATFORM AND (2) ONE HUNDRED U.S. DOLLARS (US $100).

Dispute Resolution.

We hope you will have a positive experience using our Platform, but should a dispute between us arise out of or relating to these Terms, we agree to resolve the dispute by following these steps:

1. Send us a notice, according to the Notices section below, describing the dispute and including all relevant facts so we know how to help you.
2. Within 5 business days after our receipt of your notice, we will reach out to discuss your dispute with you.
3. If we’re not able to resolve your dispute during our discussion, you will send us a written proposal for resolving your dispute.
4. Within 15 business days after our receipt of your written proposal, we will let you know whether we agree to your proposal, or we will provide you with a counter-proposal.

After Step 4, it’s up to you to decide whether you’d like to continue to negotiate with us to resolve your dispute, or whether you’d like to pursue a resolution through some other means.

Throughout this process, both you and Plaid agree to negotiate in good faith and according to the terms of this section to resolve the dispute before resorting to litigation or some other form of dispute resolution procedure. All negotiations (including your notice, our discussions, and your and our proposals) pursuant to this section are confidential and treated as compromise and settlement negotiations for the purposes of federal and state rules of evidence and procedure.

Notices.

Plaid may provide notices or communications to you through the email associated with your Plaid profile, through my.plaid.com or through other reasonable methods. All notices, requests and other communications to Plaid under this Agreement must be in writing to Plaid Inc., Attention: Legal, P.O. Box 7777 #35278, San Francisco, CA 94120-7775 (with a courtesy copy to legalnotices@plaid.com ) and will be deemed given when delivered.

Ending This Agreement.

At any time in its discretion, Plaid may terminate or suspend this Agreement (or your use of the Platform) with or without notice and for any or no reason, including if Plaid suspects that you have violated this Agreement. Plaid will have no liability to you for any termination or suspension, nor will such action limit any other rights or remedies Plaid may have. Except for your right to use the Platform, this Agreement will survive any termination.

About This Agreement.

This Agreement may not be transferred or assigned by you without Plaid’s prior written consent. Plaid may assign or transfer this Agreement to its affiliates or in connection with a merger, sale, reorganization or other change of control. In addition, Plaid’s affiliates, contractors and service providers may exercise Plaid’s rights or fulfill its obligations under this Agreement. Waivers must be in writing and no waivers will be implied. If any provision of this Agreement is held by a court of competent jurisdiction to be unenforceable for any reason, the remaining provisions will remain unaffected and in full force and effect. This Agreement is the final, complete and exclusive agreement between you and us relating the subject matter of this Agreement and supersedes all prior or contemporaneous understandings and agreements relating to such subject matter, whether oral or written. In this Agreement, headings are for convenience only and the term “including” (and similar terms) will be construed without limitation.

Plaid may modify this Agreement from time to time. Unless we specify otherwise, modifications take effect (and govern future use of the Platform, including my.plaid.com and your Plaid Profile) when we post the modified version. Plaid will use reasonable efforts to notify you of the modifications, and you may be required to agree to the modified version. If you do not agree to the modifications, your sole remedy is to cease using the Platform.

End User Services Agreement (UK)

Last Updated: 04 August 2022

Thank you for using Plaid!

This End User Services Agreement ("Agreement") is a legal agreement between Plaid Financial Ltd. ("Plaid", "we" or "us") and the end user of our Services ("you", "your"). This Agreement only applies when we provide account information services and payment initiation services to you with respect to a UK payment account, and when we transmit retrieved data and/or the payment status related to such services to third parties on your behalf ("Services"). Such third parties include the owner or provider of the website, desktop and/or mobile application through which you have accessed our Services ("Application").

This Agreement describes the terms and conditions that apply to your use of the Services. You may not access or use the Services unless you agree to comply with all of the terms and conditions in this Agreement. You should therefore read this Agreement carefully and make sure you understand it. If you do not understand any of the terms and conditions of this Agreement, please contact us before using the Services by emailing us at regulatory@plaid.com.

You may view an up-to-date copy of this Agreement at any time at https://plaid.com/legal/#end-user-services-agreement-uk.

Jump to section:

Plaid

Plaid Services

Eligibility and Availability

Communication

Incorrect or Unauthorised Payments

Data

Liability

Complaints

Changes to this Agreement

Termination

Governing law and language

1. Plaid

1.1. Plaid Financial Ltd. (company registration number 11103959) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017 for the provision of payment initiation and account information services (firm reference number 804718).

1.2. Plaid's registered office address is New Penderel House, 4th Floor, 283-288 High Holborn, London WC1V 7HP. Plaid's trading address is 35-41 Folgate Street, London, E1 6BX.

2. Plaid Services

2.1. You have accessed our Services through an Application or within the Plaid dashboard (available at https://my.plaid.com/ ). The products and services provided to you by the Application are governed by a separate agreement between you and the provider of the Application ("Application Terms"). We have no responsibility for the products and services provided to you by or through the Application and will not be liable to you for any harm, damage or loss arising from your use of the products and services provided by or through the Application.

2.2. Our Services will allow you to obtain financial information from your online bank or payment account ("Payment Account") (account information services) and to make online payments directly from your Payment Account (payment initiation services).

2.3. The terms and conditions that apply to the Payment Accounts that you access through our Services (the "Account Terms") will remain in effect and this Agreement does not change your Account Terms.

2.4. We will not charge you for the use of our Services. Applications or other third parties may, however, charge you for products and services provided to you that make use of the Services provided by Plaid under this Agreement. Application providers and other third parties may pay us fees and other amounts in connection with the services we provide to them.

Account information services

2.5. Plaid's account information services allow you to access and view information relating to your selected Payment Account within the Plaid dashboard (available at https://my.plaid.com/ ) and the Application through which you have accessed our Services.

2.6. To access the Plaid dashboard, you need to create an account with Plaid. You also need to ensure that your information is accurate, complete and up-to-date. You must follow best practices to help secure your Plaid account and notify us if you learn of any unauthorised access to or use of your Plaid account.

2.7. With your explicit consent, we access and display information relating to your selected Payment Account(s) ("Account Information") within the Plaid dashboard and transmit such information to the Application through which you have accessed our Services. Such information may include: a. financial transaction history, for example, transaction amount, data, description and currency; b. financial account details, for example, account number, type, currency and balance; and c. financial account holder information, for example, name, address, phone number, and email address.

2.8. Before receiving Plaid's account information service, you will have instructed the Application through which you have accessed our Services to retrieve your Account Information using Plaid. Upon such an instruction, you will generally be redirected to us.

2.9. Once you are redirected to us, we will ask you to select which Payment Account provider ("Account Provider") you would like us to access Account Information from. You will give your explicit consent to us: (i) accessing your Account Information from the Account Provider you have selected; and (ii) taking the steps outlined in clause paragraph 2.12. once we have accessed your Account Information. Plaid will request your Account Information from your Account Provider on a periodic basis in accordance with your consent until the consent expires or is withdrawn.

2.10. Please note, you may be redirected to your Account Provider's website or mobile application in order to authenticate yourself so that your Account Provider knows that you consent to us accessing your Account Information.

2.11. Alternatively, in some circumstances, we may ask you to provide us with the login details for your Payment Account. By providing us with your Payment Account login details, you confirm that you have all the necessary rights, permissions and authority to share your login details and Account Information with us, and you grant us explicit consent to use your login details to access your Payment Account to obtain the necessary Account Information on your behalf and at your direction in order to provide you with the Services.

2.12. Once we have accessed your Account Information we may: a. share your Account Information with the Application through which you have accessed our Services; b. share your Account Information with third parties as directed by the Application through which you have accessed our Services provided, however, that you have explicitly consent to such sharing; or c. display your Account Information on the Plaid dashboard.

2.13. You agree to us sharing the Account Information we have accessed from your Account Provider with the Application through which you have accessed our Services, and with third parties as directed by that Application provided that in both cases you have explicitly consented to such sharing. Such sharing allows the Application to provide you with products and services in accordance with the Application Terms.

2.14. We do not check the accuracy of the Account Information retrieved from your Account Provider and we rely on your Account Provider to ensure that your Account Information is up to date and accurate.

2.15. We may standardize, categorize, merge, aggregate, and otherwise process your Account Information before displaying your Account Information on the Plaid dashboard, sharing it with the Application through which you have accessed our Services, or sharing it with third parties as directed by that Application with your explicit consent.

2.16. You may withdraw or vary your consent for Plaid to provide account information services at any time.

Payment initiation services

2.17. Plaid's payment initiation service allows you to make online payments from your Payment Account(s). Plaid can initiate the following types of online payments from your Payment Account(s): (i) single payments; (ii) standing orders; and (iii) variable recurring payments.

Single Payments

2.18. Before receiving our payment initiation service in respect of a single online payment order, you will have instructed the Application through which you have accessed our Services to make a single online payment using Plaid. You will be asked to review and confirm your payment order details for the single online payment, including: (i) the payment amount and (ii) the recipient details. It is your responsibility to ensure that all of the payment order details are correct before you confirm the payment order. You may not be able to recover a payment to an incorrect account or recipient.

2.19. These details will be pre-populated for you to review and confirm. For example, where you use Plaid payment initiation services to purchase goods or services online you must ensure that the merchant recipient details are correct.

2.20. You will confirm the payment order and provide explicit consent for Plaid to send the payment order to your Account Provider for execution, to receive information from your Account Provider on the initiation and execution of the payment order and to pass this information on to the Application through which you accessed our Services.

2.21. When you use Plaid's payment initiation service you will be asked to select the Payment Account from which you will fund the payment and you may be redirected to your Account Provider's website or mobile application in order to authenticate yourself so that your Account Provider knows that you consent to the transaction.

2.22. If the payment order relates to a transaction that is to be executed by your Account Provider immediately, you will not be able to cancel the payment order once you have provided your confirmation and explicit consent in accordance with paragraph 2.20.

2.23. If the Application through which you accessed our Services supports refunds, the following provisions apply: At the time we submit the payment order to your Account Provider for execution, we shall ask the Account Provider to share your name, Payment Account sort code and account number or IBAN ("Account Details") with us. If you require a refund for the payment made using Plaid's payment initiation services, you must request the refund from the Application through which you accessed our Services. The Application will in turn notify us that you have requested a refund and we will share your Account Details with the Application in order for them to make the refund to your Payment Account (i.e. the Payment Account used to fund the original payment). The Application (and not Plaid) is responsible for making the refund. Plaid accepts no liability for the accuracy of your Account Details provided to us by your Account Provider.

Standing Orders

2.24. You can use Plaid's payment initiation service to submit a standing order to your Account Provider. A standing order is an instruction to your Account Provider to make regular, recurring payments of the same amount to the same recipient over a specified or indefinite period of time.

2.25. If you use Plaid's payment initiation service to submit a standing order you will be asked to confirm: (i) the amount of the periodic payment, (ii) the recipient of the payments, (iii) the payment start date, (iv) the interval of the payment (e.g. every week or every month) (v) the day on which the payment should be made (e.g. the day of the week or month) and (vi) the end date or that the payments will continue unless cancelled.

2.26. Once you have confirmed the standing order details, you will be redirected to your bank to authenticate yourself and Plaid will submit the standing order instruction to your Account Provider.

2.27. Once the standing order has been confirmed as received by your Account Provider, Plaid no longer has control over the execution of the standing order payments; this is the responsibility of your Account Provider.

2.28. You will be able to view your standing order via your Account Provider's online banking facility (where supported). If you wish to change or cancel a standing order, you must do so directly with your Account Provider before the deadline provided by your Account Provider and before the next payment is due. If you miss the deadline for cancelling or amending your standing order, your Account Provider may not be able to stop the next payment in time.

2.29. For further information on how you can cancel and amend standing orders you should refer to your Account Provider terms and conditions.

Variable Recurring Payments

2.30. Before receiving our payment initiation service to make variable recurring payments, you will have instructed the Application through which you have accessed our Services to make a payment order for a series of payment transactions to the same payee using Plaid (Variable Recurring Payments).

2.31. You will be asked to set up a mandate for the Variable Recurring Payments. This is your consent to Plaid to initiate a series of payments which fall within agreed consent parameters which are set by you, which may include: (i) the maximum amount per payment (ii) the frequency of the payments (iii) the maximum amount per frequency (e.g. no more than £50 per day/week/month/year) and (iv) the expiry date of the payment order (VRP Mandate). These details will either be pre-populated for you to review and confirm or you will be able to manually select your limits within the consent parameters. It is your responsibility to ensure that all of the details in the VRP Mandate are correct. You may not be able to recover a payment made pursuant to a VRP Mandate if any details are not correct to an incorrect account or recipient.

2.32. You will confirm any details required in setting up the VRP Mandate and provide explicit consent for Plaid to: (i) send those details to your Account Provider; (ii) access your Payment Account; (iii) initiate payment transactions in accordance with the VRP Mandate; (iv) receive information from your Account Provider on the initiation and execution of your instructions; and (v) to pass this information on to the Application through which you accessed our Services.

2.33. When you set up a VRP Mandate you will be asked to select the Payment Account from which you will fund the Variable Recurring Payments and you will be redirected to your Account Provider's website or mobile application in order to authenticate yourself so that your Account Provider knows that you consent to the VRP Mandate and to Variable Recurring Payments being made under the VRP Mandate.

2.34. Once your Account Provider has confirmed authentication, either Plaid or the Application through which you accessed our Services will confirm to you that the VRP Mandate has been successfully set up. Plaid will then initiate payments under the VRP Mandate in accordance with payment requests made by the Application through which you have accessed our Services. Plaid will only initiate a payment under a VRP Mandate where the payment is within the parameters set by you in the VRP Mandate.

2.35. You will be able to view and manage your VRP Mandate through your Account Provider, the Application and Plaid. If you wish to withdraw your VRP Mandate then you can do so with your Account Provider, the Application or Plaid directly. For further information on how you can withdraw your VRP Mandate through your Account Provider, you should refer to your Account Provider terms and conditions.

3. Eligibility and Availability

3.1. You can only use the Services if:

• (a) you are 18 or over;
• (b) your Payment Account and Account Provider are located in the UK;
• (c) you provide us with accurate, complete, and up-to-date information, and do not misrepresent your identity or any other information about you;
• (d) you agree to this Agreement, and to using our Services in accordance with this Agreement; and
• (e) you agree to comply with all laws and regulations applicable to your use of the Services.

3.2. The Services that are available and the manner in which the Services are delivered may vary depending on the type of device you are using, the type of Payment Account(s) you have, the Account Terms and the Application Terms.

4. Communication

4.1. Where relevant, Plaid may send you information and notifications to your email address or mobile number via SMS where Plaid considers this appropriate.

4.2. If your contact details (including your mobile phone number or email address) change, you should tell us as soon as you can. You are responsible for maintaining and regularly checking your device or email inbox for information and notifications from Plaid.

4.3. You can contact Plaid by emailing us at regulatory@plaid.com.

5. Incorrect or Unauthorised Payments

5.1. If you suspect that an incorrect or unauthorised payment has been made using Plaid's payment initiation services you must contact us as soon as possible by emailing security@plaid.com.

5.2. You may be entitled to a refund of the incorrect or unauthorised payment from your Account Provider provided that you notify them of the incorrect or unauthorised payment without delay and in any event no later than 13 months after the date of the relevant payment. You must contact your Account Provider in the manner set out in the applicable Account Terms.

5.3. You should be aware that your Account Provider may contact you directly (and not through Plaid or the Application through which you have accessed our Services) if there is an issue with a payment order submitted through Plaid for whatever reason (for example, if there are insufficient funds or an issue with your authorisation). You may need to resolve such matters directly with your Account Provider.

6. Data

6.1. We use your information in line with our End User Privacy Policy (“Privacy Policy”) which can be found on our website at https://plaid.com/legal/#end-user-privacy-policy. If you are not comfortable with how we handle your information as explained in the Privacy Policy, you should not use our Service.

7. Liability

7.1. Plaid will not be liable to refund you for any losses caused by circumstances beyond our control, for example, due to extreme weather, terrorist activity or industrial action.

7.2. Plaid is not liable for any contravention of a requirement imposed on it by or under Part 7 of the Payment Services Regulations 2017 where the contravention is due to: a. abnormal or unforeseeable circumstances beyond Plaid's control, the consequences of which would have been unavoidable despite all efforts to the contrary; or b. the obligations of Plaid under other provisions of EU or national law.

7.3. Nothing excludes or limits our liability for: a. death or personal injury caused by our negligence; b. our fraud or fraudulent misrepresentation; or c. a deliberate breach of this Agreement in a major way that is designed to harm you.

7.4. We are not liable to you for any harm, damage or loss to you arising from the acts or omissions of any third parties, in particular your Account Provider(s) and the Application through which you have accessed our Services.

8. Complaints

8.1. If you have a complaint about our Services, please email us at regulatory@plaid.com so that Plaid can investigate the circumstances for you. We will aim to deal quickly and fairly with any complaints you have about our Services in accordance with our obligations under applicable law. Plaid may, however, direct you to: a. your Account Provider, if your complaint relates to the services provided under the Account Terms or involves an incorrect or unauthorised payment in accordance with paragraph 5 above; or b. the Application through which you accessed our Services, if your complaint relates to the products and/or services provided by the Application under the Application Terms.

8.2. If your complaint relates to our Services and we do not resolve it, you may be able to refer it to the UK Financial Ombudsman Service. You can contact the UK Financial Ombudsman by telephone on: from inside the UK: 0300 123 9123 or 0800 023 4567; from other countries: +44 20 7964 0500 on Monday to Friday, 8am to 8pm and on Saturday 9am to 1pm; by post at The Financial Ombudsman Service, Exchange Tower, London E14 9SR; or by email: complaint.info@financial-ombudsman.org.uk. The UK Financial Ombudsman Service is also available in a number of different languages and if you need it you will be put in touch with a translator when you contact the UK Financial Ombudsman Service.

8.3. Plaid is not responsible for any complaints or disputes about purchases made using our payment initiation services. You should settle these with the person from whom you bought the goods or services. We are not responsible for the quality, safety, legality or any other aspect of any goods or services purchased using our payment initiation services. Remember that once you have used our payment initiation service to make a purchase, Plaid cannot cancel or stop that payment transaction.

8.4. Plaid is also not responsible for any complaints or disputes about products and/or services provided by the Application through which you accessed our Services, other third parties, or your Account Provider. You should settle these with the Application, third party, or Account Provider directly.

9. Changes to this Agreement

9.1. The contract between you and Plaid which is set out in this Agreement and which governs your use of the Services will continue until cancelled in accordance with this paragraph 9.

9.2. We will give you at least two months' prior written notice via, at a minimum, the contact details you have supplied to us of any intended material change to this Agreement along with the new version of the Agreement.

9.3. If you do not agree with the proposed change(s) you must tell us using the Plaid contact details set out in paragraph 4.3. before that change takes effect and you will have the right to terminate this Agreement at any time before the proposed date of their entry into force. If you do not contact us in order to tell us that you do not accept the changes and request to terminate this Agreement you will be deemed to have accepted the change(s) to the Agreement.

10. Termination

10.1. You have the right to cancel the contract between us, which is set out in this Agreement, at any time without notice by contacting Plaid using the Plaid contact details set out at paragraph 4.3.

10.2. We may cancel the contract with you, with immediate effect, by giving written notice: a. if you repeatedly break this Agreement and fail to resolve the matter to Plaid's satisfaction in a timely manner; or b. in the event of your death or incapacity.

10.3. We may cancel this Agreement with you for any reason by giving you at least 2 months' written notice.

11. Governing law and language

11.1. This Agreement is governed by English law and is subject to the non-exclusive jurisdiction of the English Courts.

11.2. This Agreement is in English and all communications with you will be in English.

End User Services Agreement (EEA)

Last Updated: 04 April 2022

Thank you for using Plaid!

This End User Services Agreement ("Agreement") is a legal agreement between Plaid, BV ("Plaid", "we" or "us") and the end user of our Services ("you", "your"). This Agreement only applies when we provide account information services and payment initiation services (within the meaning of the European revised payment service directive (EU) 2015/2366) to you with respect to a Netherlands or European Economic Area (EEA) payment account, and when we transmit retrieved data and/or the payment status related to such services to third parties on your behalf ("Services"). Such third parties include the owner or provider of the website, desktop and/or mobile application through which you have accessed our Services ("Application").

This Agreement describes the terms and conditions that apply to your use of the Services. You may not access or use the Services unless you agree to comply with all of the terms and conditions in this Agreement. You should therefore read this Agreement carefully and make sure you understand it. If you do not understand any of the terms and conditions of this Agreement, please contact us before using the Services by emailing us at regulatory@plaid.com.

You may view an up-to-date copy of this Agreement at any time at https://plaid.com/legal/#end-user-services-agreement-eea.

Jump to section:

Plaid

Plaid Services

Eligibility and Availability

Communication

Data

Liability

Complaints

Changes to this Agreement

Termination

Governing law and language

1. Plaid

1.1. Plaid, BV (RSIN 860002652) is licensed by De Nederlandsche Bank N.V. for the provision of account information services (AIS) and registered with De Nederlandsche Bank N.V. under number R179714.

1.2. Plaid's registered office address is Muiderstraat 1, 1011PZ Amsterdam, The Netherlands. Plaid's trading address is Suite 3A03, Singel 542, 1017AZ, Amsterdam, Nederland.

2. Plaid Services

2.1 You have accessed our Services through an Application or within the Plaid dashboard (available at https://my.plaid.com/). The products and services provided to you by the Application are governed by a separate agreement between you and the provider of the Application ("Application Terms"). We have no responsibility for the products and services provided to you by or through the Application and will not be liable to you for any harm, damage or loss arising from your use of the products and services provided by or through the Application.

2.2. Our Services will allow you to obtain financial information from your online bank or payment account ("Payment Account") (account information services).

2.3. The terms and conditions that apply to the Payment Accounts that you access through our Services (the "Account Terms") will remain in effect and this Agreement does not change your Account Terms.

2.4. We will not charge you for the use of our Services. Applications or other third parties may, however, charge you for products and services provided to you that make use of the Services provided by Plaid under this Agreement. Application providers and other third parties may pay us fees and other amounts in connection with the services we provide to them.

Account information services

2.5. Plaid's account information services allow you to access and view information relating to your selected Payment Account within the Plaid dashboard (available at https://my.plaid.com/) and the Application through which you have accessed our Services.

2.6. To access the Plaid dashboard, you need to create an account with Plaid. You also need to ensure that your information is accurate, complete and up-to-date. You must follow best practices to help secure your Plaid account and notify us if you learn of any unauthorised access to or use of your Plaid account.

2.7. With your explicit consent, we access and display information relating to your selected Payment Account(s) ("Account Information") within the Plaid dashboard and transmit such information to the Application through which you have accessed our Services. Such information may include:

(a) financial transaction history, for example, transaction amount, data, description and currency;

(b) financial account details, for example, account number, type, currency and balance; and

(c) financial account holder information, for example, name, address, phone number, and email address.

2.8. Before receiving Plaid's account information service, you will have instructed the Application through which you have accessed our Services to retrieve your Account Information using Plaid. Upon such an instruction, you will generally be redirected to us.

2.9. Once you are redirected to us, we will ask you to select which Payment Account provider ("Account Provider") you would like us to access Account Information from. You will give your explicit consent to us: (i) accessing your Account Information from the Account Provider you have selected; and (ii) taking the steps outlined in clause 2.12 of this Agreement once we have accessed your Account Information. Plaid will request your Account Information from your Account Provider on a periodic basis in accordance with your consent until the consent expires or is withdrawn.

2.10. Please note, you may be redirected to your Account Provider's website or mobile application in order to authenticate yourself so that your Account Provider knows that you consent to us accessing your Account Information.

2.11. Alternatively, in some circumstances, we may ask you to provide us with the login details for your Payment Account. By providing us with your Payment Account login details, you confirm that you have all the necessary rights, permissions and authority to share your login details and Account Information with us, and you grant us explicit consent to use your login details to access your Payment Account to obtain the necessary Account Information on your behalf and at your direction in order to provide you with the Services.

2.12. Once we have accessed your Account Information we may:

(a) share your Account Information with the Application through which you have accessed our Services;

(b) share your Account Information with third parties as directed by the Application through which you have accessed our Services provided, however, that you have explicitly consent to such sharing; or

(c) display your Account Information on the Plaid dashboard.

2.13. You agree to us sharing the Account Information we have accessed from your Account Provider with the Application through which you have accessed our Services, and with third parties as directed by that Application provided that in both cases you have explicitly consented to such sharing. Such sharing allows the Application to provide you with products and services in accordance with the Application Terms.

2.14. We do not check the accuracy of the Account Information retrieved from your Account Provider and we rely on your Account Provider to ensure that your Account Information is up to date and accurate.

2.15. We may standardize, categorize, merge, aggregate, and otherwise process your Account Information before displaying your Account Information on the Plaid dashboard, sharing it with the Application through which you have accessed our Services, or sharing it with third parties as directed by that Application with your explicit consent.

2.16. You may withdraw or vary your consent for Plaid to provide account information services at any time.

3. Eligibility and Availability

3.1. You can only use the Services if:

(a) you are 18 or over;

(b) your Payment Account and Account Provider are located in the Netherlands or any other country in the EEA;

(c) you provide us with accurate, complete, and up-to-date information, and do not misrepresent your identity or any other information about you;

(d) you agree to this Agreement, and to using our Services in accordance with this Agreement; and

(e) you agree to comply with all laws and regulations applicable to your use of the Services.

3.2. The Services that are available and the manner in which the Services are delivered may vary depending on the type of device you are using, the type of Payment Account(s) you have, the Account Terms and the Application Terms.

4. Communication

4.1. Where relevant, Plaid may send you information and notifications to your email address or mobile number via SMS where Plaid considers this appropriate.

4.2. If your contact details (including your mobile phone number or email address) change, you should tell us as soon as you can. You are responsible for maintaining and regularly checking your device or email inbox for information and notifications from Plaid.

4.3. You can contact Plaid by emailing us at regulatory@plaid.com.

5. Data

5.1. We use your information in line with our End User Privacy Policy ("Privacy Policy") which can be found on our website athttps://plaid.com/legal/#end-user-privacy-policy. If you are not comfortable with how we handle your information as explained in the Privacy Policy, you should not use our Service.

6. Liability

6.1. Plaid will not be liable to refund you for any losses caused by circumstances beyond our control, for example, due to extreme weather, terrorist activity or industrial action.

6.2. Plaid is not liable for any contravention of a requirement imposed on it by or under any applicable Dutch financial laws and regulation, where the contravention is due to:

(a) abnormal or unforeseeable circumstances beyond Plaid's control, the consequences of which would have been unavoidable despite all efforts to the contrary; or

(b) the obligations of Plaid under other provisions of EU or national law.

6.3. Nothing excludes or limits our liability for:

(a) death or personal injury caused by our negligence;

(b) our fraud or fraudulent misrepresentation; or

(c) a deliberate breach of this Agreement in a major way that is designed to harm you.

6.4. We are not liable to you for any harm, damage or loss to you arising from the acts or omissions of any third parties, in particular your Account Provider(s) and the Application through which you have accessed our Services.

7. Complaints

7.1. If you have a complaint about our Services, please email us atregulatory@plaid.com so that Plaid can investigate the circumstances for you. We will aim to deal quickly and fairly with any complaints you have about our Services in accordance with our obligations under applicable law. Plaid may, however, direct you to:

(a) your Account Provider, if your complaint relates to the services provided under the Account Terms; or

(b) the Application through which you accessed our Services, if your complaint relates to the products and/or services provided by the Application under the Application Terms.

7.2. If your complaint relates to our Services and we do not resolve it, you may be able to refer it to the Financial Services Complaints Board (Klachteninstituut financiële dienstverlening – KiFiD), within three months of receiving our final response regarding the complaint, or within one year after you have submitted your complaint with us. You can contact the Financial Services Complaints Board by telephone on: +3170 333 89 99 on Monday to Friday, 9am to 7pm and on Saturday 9am to 1pm; by post at KiFiD, Postbus 93257, 2509 AG Den Haag, The Netherlands; or by email: consumenten@kifid.nl. Plaid is registered with the Financial Services Complaints Board under number R179714. You also have the right to directly bring your complaint before the competent civil courts of the Netherlands.

7.3. Plaid is also not responsible for any complaints or disputes about products and/or services provided by the Application through which you accessed our Services, other third parties, or your Account Provider. You should settle these with the Application, third party, or Account Provider directly.

8. Changes to this Agreement

8.1. Plaid reserves the right to change this Agreement at any time. Plaid will take into account your interests affected by the intended changes and will only make changes that we consider to be reasonable.

8.2. We will give you at least two months' prior written notice via, at a minimum, the contact details you have supplied to us of any intended material change to this Agreement along with the new version of the Agreement.

8.3. If you do not agree with the proposed change(s) you must tell us using the Plaid contact details set out in clause 4.3 before that change takes effect and you will have the right to terminate this Agreement at any time before the proposed date of their entry into force. If you do not contact us in order to tell us that you do not accept the changes and request to terminate this Agreement you will be deemed to have accepted the change(s) to the Agreement.

9. Termination

9.1. The contract between you and Plaid which is set out in this Agreement and which governs your use of the Services will continue until cancelled in accordance with this clause 9.

9.2. You have the right to cancel the contract between us, which is set out in this Agreement, at any time without notice by contacting Plaid using the Plaid contact details set out at clause 4.3.

9.3. We may cancel the contract with you, with immediate effect, by giving written notice:

(a) if you repeatedly break this Agreement and fail to resolve the matter to Plaid's satisfaction in a timely manner; or

(b) in the event of your death or incapacity.

9.4. We may cancel this Agreement with you for any reason by giving you at least 2 months' written notice.

10. Governing law and language

10.1. This Agreement and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation shall be exclusively governed by and construed in accordance with the laws of the Netherlands.

10.2. This Agreement is available in the English and Dutch language. All communications with you will be in English.

Dienstenovereenkomst voor eindgebruikers (EEA)

Laatst bijgewerkt: 22 Februari 2021

Hartelijk dank dat u Plaid gebruikt!

Deze Dienstenovereenkomst voor eindgebruikers (‘Overeenkomst’) is een juridische overeenkomst tussen Plaid, BV (‘Plaid’, ‘we/wij’ of ‘ons/onze’) en de eindgebruiker van onze Diensten ‘u’, ‘uw’).Deze Overeenkomst is uitsluitend van toepassing als wij u rekeninginformatiediensten en betalingsinitiatiediensten (in de zin van de herziene Europese Richtlijn (EU) 2015/2366 betreffende betalingsdiensten in de interne markt) leveren met betrekking tot een betaalrekening in Nederland of de Europese Economische Ruimte (EER) en als we opgehaalde gegevens en/of de betalingsstatus die aan dergelijke diensten zijn gerelateerd, namens u doorgeven aan derden (‘Diensten’). Dergelijke derden zijn onder meer de eigenaar of verstrekker van de web-, desktop- en/of mobiele applicatie waarmee u onze Diensten heeft geopend (‘Applicable’).

Deze Overeenkomst beschrijft de algemene voorwaarden die van toepassing zijn op uw gebruik van de Diensten. U mag de Diensten alleen openen of gebruiken als u toezegt alle voorwaarden in deze Overeenkomst te zullen naleven. U dient deze Overeenkomst dan ook nauwkeurig te lezen en te zorgen dat u deze begrijpt. Als u een of meer voorwaarden in deze Overeenkomst niet begrijpt, neem dan alvorens de Diensten te gebruiken contact met ons op door een e-mail te sturen naar regulatory@plaid.com

Een bijgewerkte versie van de Overeenkomst kunt u op elk moment inzien op https://plaid.com/legal/.

Spring naar onderdeel:

Plaid

Diensten van Plaid

Communicatie

Gegevens

Aansprakelijkheid

Klachten

Wijzigingen in deze Overeenkomst

Beëindiging

Toepasselijk recht en taal

1. Plaid

1.1. Plaid, BV (RSIN 860002652) heeft ingevolge de Payment Services Regulations 2017 van De Nederlandsche Bank N.V. een vergunning gekregen voor het verlenen van rekeninginformatiediensten (RID) en is geregistreerd bij De Nederlandsche Bank N.V. onder nummer R179714.

1.2. Plaid is statutair gevestigd te Muiderstraat 1, 1011 PZ Amsterdam, Nederland. Het kantooradres van Plaid is Suite 3A03, Singel 542, 1017 AZ Amsterdam, Nederland.

2. Diensten van Plaid

2.1. U heeft onze Diensten geopend via een Applicatie of in het dashboard van Plaid (beschikbaar via https://my.plaid.com/ ). De producten en diensten die u worden verstrekt door de Applicatie worden beheerst door een afzonderlijke overeenkomst tussen u en de leverancier van de Applicatie (‘Applicatievoorwaarden’). Wij zijn niet verantwoordelijk voor de producten en diensten die u worden geleverd door of via de Applicatie en aanvaarden geen enkele aansprakelijkheid voor nadeel, verlies of schade voortvloeiend uit uw gebruik van de producten en diensten geleverd door of via de Applicatie.

2.2. Onze Diensten stellen u in staat financiële informatie te verkrijgen van uw online bank- of betaalrekening (‘Betaalrekening’) (rekeninginformatiediensten).

2.3. De algemene voorwaarden die van toepassing zijn op de Betaalrekeningen die u via onze Diensten kunt openen (de ‘Rekeningvoorwaarden’) blijven van kracht en deze Overeenkomst wijzigt niets aan uw Rekeningvoorwaarden.

2.4. Wij brengen u geen kosten in rekening voor het gebruik van onze Diensten. Applicaties of andere derden kunnen echter wel kosten in rekening brengen voor aan u geleverde producten en diensten die gebruikmaken van de door Plaid uit hoofde van deze Overeenkomst verleende Diensten. In bepaalde gevallen betalen leveranciers van applicaties en andere derden ons een vergoeding in verband met de diensten die wij aan hen leveren.

Rekeninginformatiediensten

2.5. De rekeninginformatiediensten van Plaid stellen u in staat informatie betreffende de door u geselecteerde Betaalrekening te openen en te bekijken in het Plaid-dashboard (beschikbaar op https://my.plaid.com/ ) en de Applicatie waarmee u onze Diensten heeft geopend.

2.6. Om het Plaid-dashboard te openen, dient u bij Plaid een account aan te maken. U dient daarnaast te zorgen dat uw gegevens juist, volledig en actueel zijn. U dient ‘best practices’ te volgen om uw Plaid-account te helpen beveiligen en moet ons op de hoogte brengen van onbevoegde toegang tot of onbevoegd gebruik van uw Plaid-account zodra dit u ter kennis komt.

2.7. Met uw expliciete toestemming openen en tonen wij informatie betreffende uw geselecteerde Betaalrekening(en) (‘Rekeninginformatie’) in het Plaid-dashboard en geven dergelijke informatie door aan de Applicatie waarmee u onze Diensten heeft geopend. Dergelijke informatie betreft onder meer:

(a) financiële transactiehistorie, zoals transactiebedrag, -data, -beschrijving en -valuta;

(b) financiële details betreffende de Betaalrekening, zoals rekeningnummer, -type, -valuta en -saldo; en

(c) informatie betreffende de rekeninghouder, zoals naam, adres, telefoonnummer en e-mailadres.

2.8. Alvorens de rekeninginformatiediensten van Plaid te ontvangen, heeft u de Applicatie waarmee u onze Diensten heeft geopend opdracht gegeven uw rekeninginformatie op te halen met gebruik van Plaid. Na een dergelijke opdracht wordt u in het algemeen naar ons doorgeleid.

2.9. Nadat u naar ons bent doorgeleid, vragen wij u de aanbieder van de Betaalrekening (‘Rekeningaanbieder’) te selecteren die wij moeten gebruiken om uw Rekeninginformatie te openen. U geeft ons uw expliciete toestemming: (i) om uw Rekeninginformatie te openen bij de door u geselecteerde Rekeningaanbieder; en (ii) de in artikel 2.12 van deze Overeenkomst vermelde stappen te nemen nadat wij uw Rekeninginformatie hebben geopend. Plaid vraagt overeenkomstig uw toestemming periodiek uw Rekeninginformatie aan uw Rekeningaanbieder en wel tot het moment waarop de toestemming vervalt of wordt ingetrokken.

2.10. Wij wijzen u erop dat het kan gebeuren dat u wordt doorgeleid naar de website of mobiele applicatie van uw Rekeningaanbieder om uw identiteit te verifiëren, zodat uw Rekeningaanbieder weet dat wij uw Rekeninginformatie openen met uw toestemming.

2.11. Het kan onder omstandigheden ook gebeuren dat wij u vragen ons de inloggegevens van uw Betaalrekening te verstrekken. Door ons de inloggegevens van uw Betaalrekening te verstrekken, bevestigt u dat u alle benodigde rechten, toestemmingen en bevoegdheden heeft om uw inloggegevens en Rekeninginformatie met ons te delen en geeft u ons expliciet toestemming om uw inloggegevens te gebruiken om uw Betaalrekening in te zien om namens en in opdracht van u de nodige Rekeninginformatie te verkrijgen teneinde u de Diensten te kunnen verlenen.

2.12. Nadat wij uw Rekeninginformatie hebben geopend, kunnen wij:

(a) uw Rekeninginformatie delen met de Applicatie waarmee u onze Diensten heeft geopend;

(b) uw Rekeninginformatie delen met derden volgens de aanwijzingen van de Applicatie waarmee u onze Diensten heeft geopend, echter op voorwaarde dat u daartoe expliciet toestemming heeft gegeven; of

(c) uw Rekeninginformatie weergeven in het Plaid-dashboard.

2.13. U stemt ermee in dat wij de Rekeninginformatie die wij bij uw Rekeningaanbieder hebben geopend, delen met de Applicatie waarmee u onze Diensten heeft geopend en op aanwijzing van die Applicatie ook met derden, in beide gevallen op voorwaarde dat u daartoe expliciet toestemming heeft gegeven. Het delen van de informatie stelt de Applicatie in staat u producten en diensten te leveren in overeenstemming met de Applicatievoorwaarden.

2.14. Wij controleren de Rekeninginformatie opgehaald van uw Rekeningaanbieder niet op juistheid en vertrouwen erop dat uw Rekeningaanbieder zorgt dat uw Rekeninginformatie actueel en juist is.

2.15. Wij kunnen uw Rekeninginformatie standaardiseren, categoriseren, samenvoegen, aggregeren en anderszins verwerken alvorens deze te tonen in het Plaid-dashboard, te delen met de Applicatie waarmee u onze Diensten heeft geopend of te delen met derden op aanwijzing van die Applicatie en met uw expliciete toestemming.

2.16. U kunt uw toestemming aan Plaid om rekeninginformatiediensten te verlenen op elk gewenst moment intrekken of wijzigen.

Voorwaarden voor gebruik en beschikbaarheid

2.17. U kunt de Diensten uitsluitend gebruiken indien:

(a) u 18 jaar of ouder bent;

(b) uw Betaalrekening en Rekeningaanbieder zijn gevestigd in Nederland of een ander land in de EER;

(c) u ons juiste, volledige en actuele informatie verstrekt en geen verkeerde voorstelling geeft omtrent uw identiteit of andere informatie betreffende uzelf;

(d) u instemt met deze Overeenkomst en met het gebruik van onze Diensten in overeenstemming met deze Overeenkomst; en

(e) u toezegt alle wet- en regelgeving die van toepassing is op uw gebruik van de Diensten te zullen naleven.

2.18. Welke Diensten beschikbaar zijn en hoe deze worden geleverd kan variëren afhankelijk van het type apparaat dat u gebruikt, het type Betaalrekening(en) dat u heeft, de Rekeningvoorwaarden en de Applicatievoorwaarden.

3. Communicatie

3.1. Waar relevant kan Plaid u informatie en berichten sturen naar uw e-mailadres of via SMS naar uw mobiele telefoonnummer als Plaid dat nodig acht.

3.2. In geval van wijziging van uw contactgegevens (zoals uw mobiele telefoonnummer of e-mailadres) dient u ons daar zo snel mogelijk van op de hoogte te brengen. U bent zelf verantwoordelijk voor het onderhouden en regelmatig controleren van uw apparaat of e-mailbox op informatie en berichten van Plaid.

3.3. U kunt per e-mail contact opnemen met Plaid via regulatory@plaid.com

4. Gegevens

4.1. Wij gebruiken uw informatie overeenkomstig ons Privacybeleid voor eindgebruikers (‘Privacybeleid’), dat u kunt vinden op onze website via https://plaid.com/legal/#privacybeleid-voor-eindgebruikers . Als u zich niet kunt vinden in de manier waarop we uw informatie hanteren zoals uiteengezet in het Privacybeleid, moet u onze diensten niet gebruiken.

5. Aansprakelijkheid

5.1. Plaid is niet aansprakelijk en niet verplicht u te vergoeden voor verliezen als gevolg van omstandigheden waarover wij geen controle hebben, zoals extreme weersomstandigheden, terroristische activiteiten of industriële acties.

5.2. Plaid is niet aansprakelijk voor overtreding van een vereiste opgelegd door of krachtens toepasselijke Nederlandse financiële wet- en regelgeving, indien de overtreding het gevolg is van:

(a) abnormale of onvoorziene omstandigheden waarover Plaid geen controle heeft en waarvan de gevolgen onvermijdbaar zouden zijn geweest ondanks pogingen om ze te voorkomen; of

(b) de verplichtingen van Plaid op grond van andere bepalingen van EU- of nationaal recht.

5.3. Niets strekt echter tot uitsluiting of beperking van onze aansprakelijkheid voor:

(a) door onze nalatigheid veroorzaakt(e) dood of persoonlijk letsel;

(b) fraude of frauduleuze voorstelling van zaken onzerzijds; of

(c) een opzettelijke, ernstige schending van deze Overeenkomst met de bedoeling u schade te berokkenen.

5.4. Wij zijn jegens u niet aansprakelijk voor nadeel, schade of verlies voortvloeiend uit het handelen of nalaten van derden, in het bijzonder van uw Rekeningaanbieder(s) of de Applicatie waarmee u onze Diensten heeft geopend.

6. Klachten

6.1. Als u een klacht heeft over onze Diensten, verzoeken wij u een e-mail te sturen naar regulatory@plaid.com zodat Plaid de omstandigheden kan onderzoeken. Wij streven ernaar klachten over onze Diensten snel en eerlijk te behandelen, in overeenstemming met onze verplichtingen ingevolge toepasselijk recht. Plaid kan u echter eventueel doorverwijzen naar:

(a) uw Rekeningaanbieder, als uw klacht betrekking heeft op de diensten uit hoofde van de Rekeningvoorwaarden; of

(b) de Applicatie waarmee u onze Diensten heeft geopend, als uw klacht betrekking heeft op de door de Applicatie ingevolge de Applicatievoorwaarden geleverde producten en/of diensten.

6.2. Als uw klacht betrekking heeft op onze Diensten en wij de klacht niet afhandelen, kunt u deze neerleggen bij het Klachteninstituut Financiële Dienstverlening, Kifid. U kunt als volgt contact opnemen met het Klachteninstituut Financiële Dienstverlening: telefonisch via nummer +3170 333 89 99, van maandag t/m vrijdag van 09.00 uur tot 17.00 uur en zaterdag van 09.00 uur tot 13.00 uur; per post door te schrijven aan adres Kifid, Postbus 93257, 2509 AG Den Haag, of per e-mail door een bericht te sturen naar consumenten@kifid.nl.

6.3. Plaid is evenmin verantwoordelijk voor klachten of geschillen over producten en/of diensten geleverd door de Applicatie waarmee u onze Diensten heeft geopend, over andere derden of over uw Rekeningaanbieder. Dergelijke klachten moet u rechtstreeks richten aan de Applicatie, de derde of de Rekeningaanbieder.

7. Wijzigingen in deze Overeenkomst

7.1. Plaid behoudt zich het recht voor deze Overeenkomst op elk gewenst moment te wijzigen. Bij voorgenomen wijzigingen neemt Plaid uw belangen in beschouwing en voeren wij uitsluitend wijzigingen door die door ons redelijk worden geacht.

7.2. Van elke voorgenomen wijziging in deze Overeenkomst stellen wij u ten minste twee maanden van tevoren schriftelijk op de hoogte via (in elk geval) de contactgegevens die u ons heeft verstrekt, onder bijvoeging van de nieuwe versie van de Overeenkomst.

7.3. Indien u niet kunt instemmen met de voorgestelde wijziging(en), dient u ons daar voorafgaand aan de inwerkingtreding van de wijziging van in kennis te stellen met gebruikmaking van de in artikel 3.3 vermelde contactgegevens van Plaid. U heeft steeds het recht om deze Overeenkomst voor de voorgestelde datum van inwerkingtreding te beëindigen. Als u ons niet laat weten dat u de wijzigingen niet aanvaardt en niet verzoekt om beëindiging van deze Overeenkomst, wordt u geacht de wijziging(en) in de Overeenkomst te hebben aanvaard.

8. Beëindiging

8.1. Het contract tussen u en Plaid dat wordt uiteengezet in deze Overeenkomst en dat ziet op uw gebruik van de Diensten, duurt voort totdat het overeenkomstig dit artikel 8 wordt beëindigd.

8.2. U heeft het recht het contract tussen ons dat in deze Overeenkomst wordt uiteengezet, op elk moment en zonder opzegtermijn te beëindigen door contact op te nemen met Plaid via de in artikel 3.3 vermelde contactgegevens van Plaid.

8.3. Wij kunnen het contract met u met onmiddellijke ingang schriftelijk beëindigen:

(a) indien u deze Overeenkomst herhaaldelijk schendt en de betreffende aangelegenheid niet tijdig naar tevredenheid van Plaid oplost, en

(b) in geval van uw overlijden of onbekwaamheid.

8.4. Wij kunnen deze Overeenkomst met u om welke reden dan ook schriftelijk beëindigen met inachtneming van een opzegtermijn van ten minste twee maanden.

9. Toepasselijk recht en taal

9.1. Deze Overeenkomst en alle geschillen of vorderingen (met inbegrip van niet-contractuele geschillen of vorderingen) die ontstaan uit of in verband met deze Overeenkomst of het onderwerp of de totstandkoming ervan, worden bij uitsluiting beheerst door Nederlands recht.

9.2. Deze Overeenkomst is beschikbaar in het Engels en in het Nederlands. Alle communicatie met u geschiedt in het Engels.

Vereinbarung über Endnutzerdienste (EWR)

Letzte Aktualisierung: 04. April 2022

Vielen Dank, dass Sie Plaid nutzen!

Diese Vereinbarung über Endnutzerdienste (die „Vereinbarung“) ist eine rechtliche Vereinbarung zwischen Plaid, BV („Plaid“, „wir“ oder „uns“) und dem Endnutzer unserer Dienste („Sie“, „Ihr“). Diese Vereinbarung gilt nur, wenn wir Ihnen Kontoinformationsdienste und Zahlungsauslösedienste (im Sinne der überarbeiteten europäischen Zahlungsdiensterichtlinie (EU) 2015/2366) in Bezug auf ein niederländisches Zahlungskonto oder ein Zahlungskonto im Europäischen Wirtschaftsraum (EWR) erbringen und wenn wir die abgerufenen Daten und/oder den Zahlungsstatus im Zusammenhang mit diesen Diensten in Ihrem Namen an Dritte übermitteln (die „Dienste“). Diese Dritten umfassen den Eigentümer oder Anbieter der Website, Desktop- und/oder mobilen Anwendung, über die Sie auf unsere Dienste zugegriffen haben (die „Anwendung“).

Diese Vereinbarung beschreibt die Bedingungen, die für Ihre Nutzung der Dienste gelten. Der Zugriff auf die Dienste und deren Nutzung ist nur dann gestattet, wenn Sie sich mit allen Bestimmungen und Bedingungen dieser Vereinbarung einverstanden erklären. Aus diesem Grund sollten Sie diese Vereinbarung sorgfältig lesen und sich davon überzeugen, dass Sie sie verstehen. Wenn Sie eine der Bedingungen dieser Vereinbarung nicht verstehen, nehmen Sie bitte Kontakt mit uns auf, bevor Sie die Dienste nutzen, indem Sie uns eine E-Mail an regulatory@plaid.com senden.

Eine aktuelle Kopie dieser Vereinbarung können Sie jederzeit unter https://plaid.com/legal/ aufrufen.

Zum Abschnitt springen:

Plaid

Plaid-Dienste

Anspruchsberechtigung und Verfügbarkeit

Kommunikation

Daten

Haftung

Beschwerden

Änderungen an dieser Vereinbarung

Kündigung

Anwendbares Recht und Sprache

1. Plaid

1.1. Plaid, BV (RSIN 860002652) ist von der De Nederlandsche Bank N.V. für die Bereitstellung von Kontoinformationsdiensten (AIS) lizenziert und bei der De Nederlandsche Bank N.V. unter der Nummer R179714 registriert.

1.2. Der eingetragene Sitz von Plaid ist Muiderstraat 1, 1011PZ Amsterdam, Niederlande. Die Handelsadresse von Plaid lautet Suite 3A03, Singel 542, 1017AZ, Amsterdam, Niederlande.

2. Plaid-Dienste

2.1. Sie haben über eine Anwendung oder über das Plaid-Dashboard (verfügbar unter https://my.plaid.com/) auf unsere Dienste zugegriffen. Die Ihnen über die Anwendung zur Verfügung gestellten Produkte und Dienstleistungen werden durch einen separaten Vertrag zwischen Ihnen und dem Anbieter der Anwendung (die „Anwendungsbedingungen“) geregelt. Wir tragen keine Verantwortung für die Produkte und Dienstleistungen, die Ihnen durch oder über die Anwendung zur Verfügung gestellt werden, und haften Ihnen gegenüber nicht für Schäden oder Verluste, die sich aus Ihrer Nutzung dieser Produkte und Dienstleistungen ergeben

2.2. Mit unseren Diensten können Sie Finanzinformationen von Ihrem Online-Bank- oder Zahlungskonto (das „Zahlungskonto“) abrufen (Kontoinformationsdienste).

2.3. Die Geschäftsbedingungen, die für die Zahlungskonten gelten, auf die Sie über unsere Dienste zugreifen (die „Kontobedingungen“), bleiben in Kraft und die vorliegenden Vertragsbedingungen ändern Ihre Kontobedingungen nicht.

2.4. Wir stellen Ihnen keine Gebühren für die Nutzung unserer Dienste in Rechnung. Es ist jedoch möglich, dass Anwendungen oder andere Dritte Ihnen Produkte und Dienste berechnen, die Ihnen unter Nutzung der von Plaid im Rahmen dieses Vertrags bereitgestellten Dienste zur Verfügung gestellt werden. Die Anbieter von Anwendungen und andere Dritte können uns Gebühren und andere Beträge im Zusammenhang mit den von uns für sie erbrachten Diensten zahlen.

Kontoinformationsdienste

2.5. Die Kontoinformationsdienste von Plaid ermöglichen Ihnen den Zugriff und die Anzeige von Informationen zu Ihrem ausgewählten Zahlungskonto innerhalb des Plaid-Dashboards (verfügbar unter https://my.plaid.com/) und der Anwendung, über die Sie auf unsere Dienste zugegriffen haben.

2.6. Um auf das Plaid-Dashboard zugreifen zu können, müssen Sie ein Konto bei Plaid erstellen. Darüber hinaus müssen Sie sich davon überzeugen, dass Ihre Angaben richtig, vollständig und aktuell sind. Befolgen Sie die bewährten Verfahren zur Sicherung Ihres Plaid-Kontos und informieren Sie uns, wenn Sie von einem unbefugten Zugriff auf Ihr Plaid-Konto oder dessen Nutzung erfahren.

2.7. Sofern Sie ausdrücklich zugestimmt haben, greifen wir auf Informationen zu Ihrem ausgewählten Zahlungskonto oder -konten (die „Kontoinformationen“) innerhalb des Plaid-Dashboards zu, zeigen diese an und übermitteln diese Informationen an die Anwendung, über die Sie auf unsere Dienste zugegriffen haben. Dazu können folgende Informationen gehören:

(a) Verlauf der Finanztransaktionen, z. B. Transaktionsbetrag, Daten, Beschreibung und Währung

(b) Finanzkontodaten, z. B. Kontonummer, Kontotyp, Währung und Saldo und

(c) Informationen über den Inhaber eines Finanzkontos, z. B. Name, Adresse, Telefonnummer und E-Mail-Adresse

2.8. Vor Erhalt des Kontoinformationsdienstes von Plaid werden Sie die Anwendung, über die Sie auf unsere Dienste zugegriffen haben, angewiesen haben, Ihre Kontoinformationen über Plaid abzurufen. Nach dieser Anweisung werden Sie in der Regel zu uns weitergeleitet.

2.9. Nach der Weiterleitung zu uns werden wir Sie bitten, den Anbieter des Zahlungskontos auszuwählen (der „Kontoanbieter“), von dem wir die Kontoinformationen abrufen sollen. Sie erklären sich ausdrücklich damit einverstanden, dass wir: (i) Ihre Kontoinformationen von dem von Ihnen ausgewählten Kontoanbieter abrufen; und (ii) die in Ziffer 2.12 dieser Vereinbarung beschriebenen Schritte unternehmen, sobald wir Ihre Kontoinformationen abgerufen haben. Plaid wird Ihre Kontodaten in regelmäßigen Abständen entsprechend Ihrer Zustimmung von Ihrem Kontoanbieter anfordern, bis die Zustimmung abläuft oder zurückgenommen wird.

2.10. Wir weisen Sie darauf hin, dass Sie unter Umständen auf die Website oder die mobile Anwendung Ihres Kontoanbieters weitergeleitet werden, um sich zu authentifizieren, damit Ihr Kontoanbieter weiß, dass Sie dem Zugriff auf Ihre Kontodaten zustimmen.

2.11. Alternativ dazu können wir Sie unter bestimmten Umständen bitten, uns die Anmeldedaten für Ihr Zahlungskonto anzugeben. Wenn Sie uns die Anmeldedaten für Ihr Zahlungskonto mitteilen, bestätigen Sie, dass Sie über alle erforderlichen Rechte, Berechtigungen und Befugnisse verfügen, um uns Ihre Anmeldedaten und Kontoinformationen mitzuteilen, und Sie geben uns die ausdrückliche Erlaubnis, Ihre Anmeldedaten für den Zugriff auf Ihr Zahlungskonto zu verwenden, um in Ihrem Namen und auf Ihre Anweisung die erforderlichen Kontoinformationen einzuholen, damit wir Ihnen die Dienste zur Verfügung stellen können.

2.12. Nachdem wir auf Ihre Kontoinformationen zugegriffen haben, können wir:

(a) Ihre Kontoinformationen an die Anwendung weitergeben, über die Sie auf unsere Dienste zugegriffen haben

(b) Ihre Kontoinformationen auf Anweisung der Anwendung, über die Sie auf unsere Dienste zugegriffen haben, an Dritte weitergeben, vorausgesetzt, Sie haben der Weitergabe ausdrücklich zugestimmt oder

(c) Ihre Kontoinformationen auf dem Dashboard von Plaid anzeigen.

2.13. Sie erklären sich damit einverstanden, dass wir die Kontoinformationen, auf die wir von Ihrem Kontoanbieter zugegriffen haben, an die Anwendung, über die Sie auf unsere Dienste zugegriffen haben, und an Dritte weitergeben, wie von dieser Anwendung angewiesen, vorausgesetzt, dass Sie in beiden Fällen ausdrücklich in die Weitergabe eingewilligt haben. Durch diese Weitergabe kann die Anwendung Ihnen Produkte und Dienstleistungen im Einklang mit den Anwendungsbedingungen zur Verfügung stellen.

2.14. Wir überprüfen die Richtigkeit der von Ihrem Kontoanbieter abgerufenen Kontoinformationen nicht und verlassen uns darauf, dass Ihr Kontoanbieter die Richtigkeit und Aktualität Ihrer Kontoinformationen sicherstellt.

2.15. Wir können Ihre Kontoinformationen standardisieren, kategorisieren, zusammenlegen, aggregieren und anderweitig verarbeiten, bevor wir Ihre Kontoinformationen auf dem Plaid-Dashboard anzeigen, sie an die Anwendung weitergeben, über die Sie auf unsere Dienste zugegriffen haben, oder sie auf Anweisung dieser Anwendung mit Ihrer ausdrücklichen Zustimmung an Dritte weitergeben.

2.16. Sie haben jederzeit die Möglichkeit, Ihre Zustimmung zur Bereitstellung von Kontoinformationsdiensten durch Plaid zu widerrufen oder zu ändern.

3. Anspruchsberechtigung und Verfügbarkeit

3.1. Sie dürfen die Dienste nur nutzen, wenn:

(a) Sie 18 Jahre oder älter sind

(b) Ihr Zahlungskonto und Ihr Kontoanbieter ihren Sitz in den Niederlanden oder einem anderen Land des EWR haben

(c) Sie uns genaue, vollständige und aktuelle Informationen bereitstellen und keine falschen Angaben zu Ihrer Identität oder anderen Informationen über Sie machen

(d) Sie sich mit dieser Vereinbarung und mit der Nutzung unserer Dienste gemäß dieser Vereinbarung einverstanden erklären und

(e) Sie sich verpflichten, alle Gesetze und Vorschriften zu befolgen, die für Ihre Nutzung der Dienste gelten

3.2. Die angebotenen Dienste und die Art und Weise, in der die Dienste erbracht werden, können je nach dem von Ihnen verwendeten Gerätetyp, der Art Ihres Zahlungskontos bzw. Ihrer Zahlungskontos, den Kontobedingungen und den Anwendungsbedingungen variieren.

4. Kommunikation

4.1. Sofern Plaid dies für angemessen hält, kann Plaid Ihnen Informationen und Benachrichtigungen per SMS an Ihre E-Mail-Adresse oder Ihre Handynummer senden.

4.2. Wenn sich Ihre Kontaktdaten (einschließlich Ihrer Handynummer oder E-Mail-Adresse) ändern, teilen Sie uns dies bitte so schnell wie möglich mit. Sie sind dafür verantwortlich, Ihr Handy oder Ihren E-Mail-Posteingang regelmäßig auf Informationen und Benachrichtigungen von Plaid zu überprüfen.

4.3. Sie können sich mit Plaid in Verbindung setzen, indem Sie uns eine E-Mail an regulatory@plaid.com senden.

5. Daten

5.1. Wir verwenden Ihre Daten im Einklang mit unserer Datenschutzrichtlinie für Endnutzer (die „Datenschutzrichtlinie“), die Sie auf unserer Website unter https://plaid.com/legal/#end-user-privacy-policy abrufen können. Wenn Sie nicht damit einverstanden sind, wie wir mit Ihren Daten umgehen, so wie es in der Datenschutzrichtlinie erläutert wird, sollten Sie unseren Dienst nicht nutzen.

6. Haftung

6.1. Für Verluste, die durch Umstände verursacht werden, die außerhalb unserer Kontrolle liegen, wie z. B. extreme Wetterbedingungen, terroristische Aktivitäten oder Arbeitskämpfe, übernimmt Plaid keine Haftung.

6.2. Plaid haftet nicht für einen Verstoß gegen eine Auflage, die ihm durch oder gemäß den geltenden niederländischen Finanzgesetzen und -vorschriften vorgeschrieben ist, wenn der Verstoß auf Folgendes zurückzuführen ist:

(a) ungewöhnliche oder unvorhersehbare Umstände, die nicht von Plaid zu vertreten sind und deren Folgen trotz aller Bemühungen unvermeidbar gewesen wären, oder

(b) Verpflichtungen von Plaid gemäß anderen Bestimmungen des EU- oder nationalen Rechts

6.3. Unsere Haftung für folgende Fälle wird weder ausgeschlossen noch beschränkt:

(a) Tod oder Personenschaden, der durch unsere Fahrlässigkeit verursacht wurde

(b) Betrug oder arglistige Täuschung unsererseits oder

(c) eine vorsätzliche Verletzung dieser Vereinbarung in wesentlicher Weise, die darauf abzielt, Ihnen zu schaden

6.4. Wir übernehmen keine Haftung für Schäden oder Verluste, die Ihnen durch Handlungen oder Unterlassungen Dritter entstehen, insbesondere Ihres Kontoanbieters bzw. Ihrer Kontoanbieter und der Anwendung, über die Sie auf unsere Dienste zugegriffen haben.

7. Beschwerden

7.1. Wenn Sie sich über unsere Dienste beschweren möchten, senden Sie uns bitte eine E-Mail an regulatory@plaid.com,, damit Plaid den Sachverhalt für Sie untersuchen kann. Wir werden versuchen, Ihre Beschwerden über unsere Dienste schnell und fair im Einklang mit unseren Verpflichtungen nach dem anwendbaren Recht zu bearbeiten. Plaid kann Sie jedoch an folgende Stellen verweisen:

(a) Ihren Kontoanbieter, falls sich Ihre Beschwerde auf die Dienste bezieht, die im Rahmen der Kontobedingungen erbracht werden, oder

(b) die Anwendung, über die Sie auf unsere Dienste zugegriffen haben, falls sich Ihre Beschwerde auf die Produkte und/oder Dienstleistungen bezieht, die über die Anwendung gemäß den Anwendungsbedingungen bereitgestellt werden.

7.2. Wenn sich Ihre Beschwerde auf unsere Dienste bezieht und wir keine Lösung finden, können Sie sich innerhalb von drei Monaten nach Zugang unserer endgültigen Antwort auf die Beschwerde oder innerhalb eines Jahres, nachdem Sie Ihre Beschwerde bei uns eingereicht haben, an die Beschwerdestelle für Finanzdienstleistungen (Klachteninstituut financiële dienstverlening – KiFiD) wenden. Die Beschwerdestelle für Finanzdienstleistungen erreichen Sie montags bis freitags von 9 bis 19 Uhr und samstags von 9 bis 13 Uhr telefonisch unter +3170 333 89 99, auf dem Postwege: KiFiD, Postbus 93257, 2509 AG Den Haag, Niederlande, oder per E-Mail: consumenten@kifid.nl. Plaid ist bei der Beschwerdestelle für Finanzdienstleistungen unter der Nummer R179714 registriert. Sie haben auch das Recht, Ihre Beschwerde direkt bei einem der zuständigen Zivilgerichte in den Niederlanden einzureichen.

7.3. Plaid ist ferner nicht verantwortlich für Beschwerden oder Streitigkeiten über Produkte und/oder Dienstleistungen, die von der Anwendung, über die Sie auf unsere Dienste zugegriffen haben, von anderen Dritten oder von Ihrem Kontoanbieter geliefert werden. Diese sollten Sie direkt mit der Anwendung, dem Dritten oder dem Kontoanbieter klären.

8. Änderungen an dieser Vereinbarung

8.1. Plaid behält sich das Recht vor, diese Vereinbarung jederzeit zu ändern. Wir werden Ihre Interessen, die von den beabsichtigten Änderungen betroffen sind, berücksichtigen und nur Änderungen vornehmen, die wir für angemessen halten.

8.2. Wir teilen Ihnen jede beabsichtigte wesentliche Änderung dieser Vereinbarung zusammen mit der neuen Version der Vereinbarung mindestens zwei Monate im Voraus schriftlich über die Kontaktdaten mit, die Sie uns übermittelt haben.

8.3. Wenn Sie mit einer vorgeschlagenen Änderung nicht einverstanden sind, informieren Sie uns bitte über die in Ziffer 4.3 genannten Kontaktdaten von Plaid, bevor die Änderung in Kraft tritt. Sie haben dann das Recht, diese Vereinbarung jederzeit vor dem vorgesehenen Datum des Inkrafttretens der Änderung zu kündigen. Setzen Sie sich nicht mit uns in Verbindung, um uns mitzuteilen, dass Sie die Änderungen ablehnen und diese Vereinbarung kündigen möchten, wird davon ausgegangen, dass Sie die Änderungen der Vereinbarung akzeptiert haben.

9. Kündigung

9.1. Das Vertragsverhältnis zwischen Ihnen und Plaid, das in dieser Vereinbarung dargelegt ist und Ihre Nutzung der Dienste regelt, bleibt bis zur Kündigung gemäß dieser Ziffer 9 bestehen.

9.2. Sie haben das Recht, das in dieser Vereinbarung festgelegte Vertragsverhältnis zwischen Ihnen und Plaid jederzeit fristlos zu kündigen, indem Sie Plaid über die in Ziffer 4.3 genannten Kontaktdaten von Plaid kontaktieren.

9.3. Wir können das Vertragsverhältnis mit Ihnen mit sofortiger Wirkung durch schriftliche Erklärung kündigen:

(a) wenn Sie wiederholt gegen diese Vereinbarung verstoßen und die Angelegenheit nicht zeitnah zur Zufriedenheit von Plaid lösen oder

(b) im Falle Ihres Todes oder Ihrer Geschäftsunfähigkeit

9.4. Wir sind berechtigt, diese Vereinbarung mit Ihnen mit einer Frist von mindestens 2 Monaten schriftlich zu kündigen.

10. Anwendbares Recht und Sprache

10.1. Auf diese Vereinbarung und alle Streitigkeiten oder Ansprüche (einschließlich außervertraglicher Streitigkeiten oder Ansprüche), die sich aus ihr oder in Verbindung mit ihr oder ihrem Gegenstand oder ihrem Zustandekommen ergeben, ist ausschließlich niederländisches Recht anwendbar.

10.2. Diese Vereinbarung ist in englischer und niederländischer Sprache verfügbar. Sämtliche Kommunikation mit Ihnen erfolgt in englischer Sprache.

Plaid Short Message Service (SMS) Terms

Effective Date: December 1, 2023

Plaid Inc. (“Plaid”) is a financial technology company that securely transfers your financial data from your bank to your apps. Plaid may send you Short Message Service (SMS) messages in order to provide a service to you and/or to confirm your identity by way of two-factor authentication. By agreeing to these SMS terms (“SMS Terms”), you consent to receive automated SMS messages from Plaid, and any of our SMS-related service providers (“service providers”), including through the use of an automatic telephone dialing system, at the telephone number you have provided. Message and data rates may apply. As a general matter, you will receive one message, per request. Carriers are not liable for delayed or undelivered messages.

By agreeing to these SMS Terms, you authorize your wireless carrier to use or disclose information about your account and your wireless device, if available, to Plaid or our service provider for the duration of your business relationship, solely to help Plaid or our service provider identify you or your wireless device and to prevent fraud. Please see our End User Privacy Policy to see how we treat your data.

The information your wireless carrier may disclose may include mobile number, name, address, email, network status, customer type, customer role, billing type, and mobile device identifiers (IMSI and IMEI). No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Text messaging originator opt-in data and consent information will not be shared with any third parties.

If you do not wish to receive SMS messages from Plaid or our service providers, or if you no longer want your wireless operator to share information about you with Plaid or our service providers, you agree to reply STOP to any SMS message from Plaid or sent on behalf of Plaid in order to opt out of the SMS message notifications. You may receive an additional SMS message confirming your decision to opt out. After opting out of SMS messages, you will no longer receive messages from Plaid or our service providers unless you subsequently request SMS messages from us or sign up for any of our services, such as a Plaid Account, that require sending you SMS messages.

If you are experiencing issues with the SMS messages from Plaid or our service providers, you can reply with the keyword HELP for more assistance, or you can contact login+sms@plaid.com.

Plaid Account Terms

Available languages:

• Française - Conditions du Compte Plaid

Effective Date: December 1, 2023

Background. Thanks for using Plaid! Plaid is a service that helps consumers like you connect your financial accounts, share your financial data, verify your identity, make transfers and payments, and use other products and services involving your financial and identity data with your chosen applications that use Plaid (“Apps”).

Additional Terms. These Plaid Account terms (“Plaid Account Terms”) supplement and incorporate by reference the End User Services Agreement (US) and together form an agreement between you and Plaid (the “Agreement”). Please review all terms in the End User Services Agreement (US), including in particular the Sections titled Rights to the Platform, Our Disclaimers, Liabilities for our Platform, Dispute Resolution, and Notices. Plaid may modify the Agreement upon notice to you, as detailed in the last paragraph of the End User Services Agreement (US), and acceptance of these modifications will be required to continue using your Plaid Account.

Plaid Account. Plaid allows you to save and manage your financial account connections and identity verification data in an account with Plaid (“Plaid Account”). This lets you accelerate your onboarding onto and use of Apps that use Plaid, including faster account connection, data sharing, identity verification, transfers and payments you make using Apps, and other products and services you use involving your financial and identity data in those Apps. Note that a Plaid Account is not a transaction or asset account for purposes of the Electronic Fund Transfer Act, does not store funds, and does not provide you with a means to initiate electronic fund transfers or other payments, but instead enables you to onboard onto and use Apps more quickly and easily.

When you connect one or more financial accounts to an App using Plaid, Plaid may ask you to provide and verify your phone number, email address, or other contact information in order to create your Plaid Account and remember each of your connections within your Plaid Account. When you verify your identity with an App through Plaid, Plaid may ask whether you want to save your identity data within your Plaid Account. By creating a Plaid Account, you authorize Plaid to retain and use your financial account connections and identity data in accordance with the Agreement and Plaid’s End User Privacy Policy.

How Your Account Works. Saving identity data and financial account connections in your Plaid Account enables you to more quickly onboard onto and use your Apps’ products and services. When you return to use your data and connections with your Apps, your Plaid Account helps us accurately recognize you and complete faster identity verification and account linking for you without you having to re-enter all of your saved information for each App.

As part of enabling these faster processes for you through your Plaid Account, Plaid may: (a) share with Apps, our subsidiaries, and our service providers information about whether or not you have a Plaid Account, and, if you do, certain information from your Plaid Account in order for us and them to provide services to you, including: (i) the number and types of financial account connections in your Plaid Account, (ii) the types of identity data and documents in your Plaid Account, and (iii) the services and use cases that Apps provide to you that can be supported by the financial account connections and identity data in your Plaid Account; (b) contact you using information that you provide or that is available in your saved identity data or financial account connections, including to send security notifications to confirm activity on your Plaid Account and messages outlining steps for you to complete or troubleshoot the process of using Plaid to onboard and use your Apps; and (c) verify your data to protect against fraud, misrepresentation, unauthorized or suspicious activity, or other malicious behavior – data we receive from this verification process may be stored in your Plaid Account for use when you return to share identity data with other Apps.

For more information about Plaid’s collection, use, and sharing of personal information about you, including in connection with your Plaid Account, please review Plaid’s End User Privacy Policy. The Agreement and Plaid’s End User Privacy Policy do not cover what Apps that you use do with your information. You should review the privacy policies and terms of service for those Apps for information about their practices.

Managing and Deleting Your Account. You can view and manage your Plaid Account at my.plaid.com or by contacting privacy@plaid.com. If you would like to delete your Plaid Account or have any questions about managing your Plaid Account or regarding your data rights, please contact privacy@plaid.com.

Your Use and Restrictions. You may only use your Plaid Account to enable faster onboarding onto and use of the Apps that use Plaid. By creating or using a Plaid Account, you expressly agree to the Agreement and that: (a) all data you provide and all financial accounts you connect are your own or that you are an authorized user of those accounts; (b) all data you provide to verify your identity is complete and accurate; and (c) you will not (i) use or access anyone else’s Plaid Account or related data, (ii) use any Plaid Account or related data for any fraudulent, illegal or misleading purpose, (iii) modify, reverse engineer or seek to gain unauthorized access to any Plaid Account or related Plaid systems, (iv) bypass or circumvent measures designed to prevent or limit access to any part of any Plaid Account or related Plaid systems, (v) copy, modify or create derivative works of any Plaid Account or related Plaid systems in any manner not authorized by Plaid, (vi) access any Plaid Account or related Plaid systems for competitive purposes or publish any benchmark or performance information, or (vii) use any Plaid Account or related Plaid systems in any manner that could damage, disable, overburden, or impair the functioning thereof or interfere with, disrupt, or negatively affect other users.

You acknowledge and understand that you are responsible for the data that you save in your Plaid Account. You will not provide any data that is: (i) defamatory, abusive, harassing, threatening, or an invasion of a right or the privacy of another person; (ii) bigoted, hateful, or racially or otherwise offensive; (iii) violent, vulgar, obscene, pornographic, or otherwise sexually explicit; (iv) trademarked or copyrighted content, or content that otherwise infringes on the intellectual property rights of another individual or company; or (v) otherwise harmful or can be reasonably expected to be harmful to any person or entity. Any unauthorized use of a Plaid Account is strictly prohibited and may result in deletion of your Plaid Account.

Wireless Device and SMS Terms. Plaid may send you Short Message Service (SMS) messages in order to provide a service to you and/or to confirm your identity by way of two-factor authentication. You consent to receive automated SMS messages from Plaid, and any of our SMS-related service providers, including through the use of an automatic telephone dialing system, at the telephone number you have provided. Message and data rates may apply. As a general matter, you will receive one message per request. Carriers are not liable for delayed or undelivered messages.

You authorize your wireless carrier to use or disclose information about your account and your wireless device, if available, to Plaid or our service provider for the duration of your business relationship, solely to help Plaid or our service provider identify you or your wireless device and to prevent fraud. Please see our End User Privacy Policy to see how we treat your data.

The information your wireless carrier may disclose may include mobile number, name, address, email, network status, customer type, customer role, billing type, and mobile device identifiers (IMSI and IMEI). No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. Text messaging originator opt-in data and consent information will not be shared with any third parties.

If you do not wish to receive SMS messages from Plaid or our service providers, or if you no longer want your wireless operator to share information about you with Plaid or our service providers, you agree to reply STOP to any SMS message from Plaid or sent on behalf of Plaid in order to opt out of the SMS message notifications. You may receive an additional SMS message confirming your decision to opt out. After opting out of SMS messages, you will no longer receive messages from Plaid or our service providers unless you subsequently request SMS messages from us or sign up for any of our services, such as a Plaid Account, that require sending you SMS messages.

If you are experiencing issues with the SMS messages from Plaid or our service providers, you can reply with the keyword HELP for more assistance, or you can contact login+sms@plaid.com .

Persons under the age of 18 may not create a Plaid Account. By creating and using your Plaid Account, you represent and warrant that you are 18 years old or older. If you have reason to believe that a person under 18 years of age is using our Services, please contact us at privacy@plaid.com and, upon confirmation, we will delete the relevant Plaid Account, subject to and in compliance with our requirements under applicable law.

Security. Plaid implements technical and organizational measures designed to safeguard your Plaid Account from unauthorized access, use, alteration, or disclosure and to maintain the security, confidentiality, and integrity of your data. However, we encourage you to take responsibility for securing your Plaid Account and other personal information, knowing that you provide it at your own risk. If you believe your Plaid Account has been compromised, please contact us immediately at privacy@plaid.com.

Miscellaneous. Any capitalized terms used but not defined in these Plaid Account Terms will have the meanings ascribed to them in the End User Services Agreement (US). In the event of a conflict between these Plaid Account Terms and the End User Services Agreement (US), these Plaid Account Terms will control and prevail as applicable to your use of a Plaid Account; provided that all other provisions of the End User Services Agreement (US) will remain in full force and effect. By accepting the Agreement or creating, accessing, managing, or using your Plaid Account, you agree to the Agreement and certify that you have all the necessary rights to do so. If you do not agree to the Agreement, please do not create, access, manage, or use a Plaid Account. If, at any time, you no longer agree to the Agreement, you may delete your Plaid Account. Plaid, in our sole discretion, may disable or delete a Plaid Account if (a) we suspect any violation of any of the terms contained in the Agreement, (b) your Plaid Account is unused and remains inactive for an extended period of time, (c) we suspect any unauthorized use of your Plaid Account, or (d) we are legally obligated to do so. Plaid reserves the right to seek all other available remedies, in law or in equity, in connection with such any issue.

Conditions du Compte Plaid

Langues disponibles:

• English - Plaid Account Terms

Date d’entrée en vigueur : 1er décembre 2023

Fond Merci d’utiliser Plaid ! Plaid est un service qui aide des consommateurs comme vous à connecter leurs comptes financiers, à partager leurs données financières, à vérifier leur identité, à effectuer des virements et des paiements, et à utiliser d’autres produits et services impliquant leurs données financières et d’identité avec les applications de leur choix qui utilisent Plaid (« Applications »).

Conditions supplémentaires Les présentes conditions du Compte Plaid (les « Conditions du Compte Plaid ») complètent et intègrent par référence le Contrat de services de l’utilisateur final (États-Unis) et constituent conjointement un contrat entre vous et Plaid (le « Contrat »). Veuillez consulter toutes les conditions du Contrat de services de l’utilisateur final (États-Unis), notamment les Sections intitulées Droits relatifs à la Plateforme, Nos clauses de non-responsabilité, Responsabilités liées à notre Plateforme, Règlement des litiges et Notifications.

Plaid se réserve le droit de modifier le contrat moyennant une notification, comme indiqué dans le dernier paragraphe du Contrat de services de l’utilisateur final (États-Unis), et l’acceptation de ces modifications sera nécessaire pour continuer à utiliser votre compte Plaid.

Compte Plaid. Plaid vous permet d’enregistrer et de gérer les connexions de vos comptes financiers et les données de vérification d’identité sur un compte Plaid (« Compte Plaid »). Cela vous permet de vous connecter plus rapidement aux applications qui utilisent Plaid et de les utiliser, notamment en accédant plus rapidement à votre compte, en partageant des données, en vérifiant votre identité, en effectuant des virements et des paiements à l’aide des applications, ainsi qu’en utilisant d’autres produits et services impliquant vos données financières et d’identité dans ces applications. Il convient de tenir compte du fait qu’un compte Plaid n’est pas un compte de transactions ou d’actifs au sens de la Loi sur le transfert électronique de fonds, qu’il ne stocke pas de fonds et qu’il ne vous permet pas d’initier des transferts électroniques de fonds ou d’autres paiements, mais qu’il vous permet d’accéder à des applications et de les utiliser plus rapidement et plus facilement.

Lorsque vous connectez un ou plusieurs comptes financiers à une application à l’aide de Plaid, Plaid peut vous demander de fournir et de vérifier votre numéro de téléphone, votre adresse électronique ou d’autres coordonnées afin de créer votre compte Plaid et de mémoriser chacune de vos connexions au sein dudit compte. Lorsque vous vérifiez votre identité avec une application via Plaid, Plaid peut vous demander si vous souhaitez enregistrer vos données d’identité dans votre compte Plaid. En créant un compte Plaid, vous autorisez Plaid à conserver et utiliser les connexions de votre compte financier et les données d’identité conformément au Contrat et à la Politique de confidentialité de l’utilisateur final de Plaid.

Fonctionnement de votre compte. En enregistrant les données d’identité et les connexions aux comptes financiers dans votre compte Plaid, vous pouvez accéder plus rapidement aux produits et services de vos applications et les utiliser. Lorsque vous utilisez à nouveau vos données et vos connexions avec vos Applications, votre Compte Plaid nous permet de vous reconnaître avec précision et de procéder plus rapidement à la vérification de votre identité et à la mise en relation de vos comptes sans que vous ayez à saisir à nouveau toutes les informations que vous avez enregistrées pour chaque Application.

Plaid vous permet, par le biais de l’utilisation de processus plus rapides via votre compte Plaid: (a) de partager avec les applications, nos filiales et nos prestataires de services des données indiquant la détention ou non d’un compte Plaid et, le cas échéant, certaines données de votre compte Plaid afin que nous et eux puissions vous fournir des services, notamment : (i) le nombre et les types de connexions de comptes financiers sur votre compte Plaid, (ii) les types de données et de documents d’identité sur votre compte Plaid, et (iii) les services et les cas d’utilisation que vous fournissent les applications et qui peuvent être pris en charge par les connexions de comptes financiers et les données d’identité sur votre compte Plaid ; (b) de vous contacter en utilisant les données que vous fournissez ou qui sont disponibles dans vos données d’identité sauvegardées ou vos connexions de comptes financiers, notamment pour envoyer des notifications de sécurité afin de confirmer l’activité sur votre compte Plaid et des messages décrivant les étapes à suivre pour compléter ou résoudre des problèmes lors du processus d’utilisation de Plaid pour embarquer et utiliser vos applications ; et (c) de vérifier vos données en vue de vous protéger contre la fraude, les fausses déclarations, les activités non autorisées ou suspectes, ou d’autres comportements malveillants - les données que nous recevons dans le cadre de ce processus de vérification peuvent être stockées dans votre compte Plaid pour être utilisées lorsque vous partagez à nouveau des données d’identité avec d’autres applications.

Pour plus d’informations sur la collecte, l’utilisation et le partage par Plaid des données à caractère personnel vous concernant, y compris en lien avec votre compte Plaid, veuillez consulter la Politique de confidentialité de l’utilisateur final de Plaid. Le Contrat et la Politique de confidentialité de l’utilisateur final de Plaid ne s’appliquent pas à l’utilisation de vos données par les applications utilisées. Si vous souhaitez obtenir de plus amples informations sur ces pratiques, veuillez consulter les politiques de confidentialité ou les conditions de service de ces applications.

Gestion et suppression de votre compte. Vous pouvez consulter et gérer votre compte Plaid sur my.plaid.com ou en contactant privacy@plaid.com. Si vous souhaitez supprimer votre compte Plaid ou si vous avez des questions sur la gestion de votre compte Plaid ou sur vos droits en matière de données, veuillez contacter privacy@plaid.com.

Votre utilisation et vos restrictions. Votre compte Plaid peut uniquement être utilisé pour accélérer l’intégration et l’utilisation des applications qui utilisent Plaid. En créant ou en utilisant un Compte Plaid, vous acceptez expressément le Contrat et reconnaissez que : (a) toutes les données que vous fournissez et tous les comptes financiers auxquels vous vous connectez sont les vôtres ou que vous êtes un utilisateur autorisé de ces comptes ; (b) toutes les données que vous fournissez pour vérifier votre identité sont complètes et exactes ; et (c) vous (i) n’utiliserez pas ou n’accéderez pas au Compte Plaid ou aux données connexes d’une autre personne, (ii) n’utiliserez pas un Compte Plaid ou des données connexes à des fins frauduleuses, illégales ou trompeuses, (iii) ne modifierez pas, ne ferez pas d’ingénierie inverse ou ne chercherez pas à obtenir un accès non autorisé à un Compte Plaid ou à des systèmes Plaid connexes, (iv) ne contournerez pas les mesures conçues pour empêcher ou limiter l’accès à toute partie d’un Compte Plaid ou des systèmes connexes de Plaid, (v) ne copierez pas, ne modifierez pas et ne créerez pas d’œuvres dérivées d’un Compte Plaid ou des systèmes connexes de Plaid d’une manière non autorisée par Plaid, (vi) n’accéderez pas à un Compte Plaid ou aux systèmes connexes de Plaid à des fins concurrentielles ou ne publierez pas de données de référence ou d’informations sur les performances, ou (vii) n’utiliserez pas un Compte Plaid ou des systèmes Plaid connexes d’une manière susceptible d’endommager, de désactiver, de surcharger ou de compromettre leur fonctionnement ou d’interférer avec d’autres utilisateurs, de les perturber ou d’avoir un effet négatif sur eux.

Vous reconnaissez et comprenez que vous êtes responsable des données que vous enregistrez dans votre Compte Plaid. Vous ne fournirez aucune donnée : (i) diffamatoire, abusive, harcelante, menaçante, ou portant atteinte à un droit ou à la vie privée d’une autre personne ; (ii) sectaire, haineuse ou racialement ou autrement offensante ; (iii) violente, vulgaire, obscène, pornographique ou autrement sexuellement explicite ; (iv) dont le contenu est protégé par une marque ou un droit d’auteur, ou dont le contenu porte atteinte aux droits de propriété intellectuelle d’une autre personne ou d’une autre société ; ou (v) nuisible ou dont on peut raisonnablement s’attendre à ce qu’elle soit nuisible à une personne ou à une entité quelconque. Toute utilisation non autorisée d’un Compte Plaid est strictement interdite et peut entraîner la suppression de votre Compte Plaid.

Conditions relatives aux appareils sans fil et aux SMS. Plaid peut vous envoyer des messages SMS (Short Message Service) afin de vous fournir un service et/ou de confirmer votre identité au moyen d’une authentification à deux facteurs. Vous acceptez de recevoir des messages SMS automatisés de Plaid et de l’un de nos fournisseurs de services liés aux SMS, y compris par le biais d’un système de composition téléphonique automatique, au numéro de téléphone que vous avez fourni. Des tarifs pour les messages et les données peuvent s’appliquer. En règle générale, vous recevrez un message par demande. Les opérateurs ne sont pas responsables des messages reçus en retard ou non délivrés.

Vous autorisez votre fournisseur de services sans fil à utiliser ou à divulguer des informations sur votre compte et votre appareil sans fil, le cas échéant, à Plaid ou à notre fournisseur de services pendant la durée de votre relation commerciale, uniquement pour aider Plaid ou notre fournisseur de services à vous identifier ou à identifier votre appareil sans fil et pour prévenir la fraude. Veuillez consulter notre Politique de confidentialité de l’utilisateur final pour en savoir plus sur les modalités de traitement de vos données.

Les données que votre opérateur sans fil peut divulguer peuvent inclure le numéro de téléphone mobile, le nom, l’adresse, l’adresse électronique, l’état du réseau, le type de client, le statut du client, le type de facturation et les identifiants de l’appareil mobile (IMSI et IMEI). Aucune donnée relative aux appareils mobiles ne sera communiquée à des tierces parties ou à des sociétés affiliées à des fins de marketing ou de promotion. Les données relatives au consentement de la personne à l’origine du message texte ne seront pas communiquées à des tierces parties.

Si vous ne souhaitez pas recevoir de messages SMS de Plaid ou de nos fournisseurs de services, ou si vous ne souhaitez plus que votre opérateur de téléphonie mobile partage des données vous concernant avec Plaid ou nos fournisseurs de services, vous acceptez de répondre STOP à tout message SMS de Plaid ou envoyé au nom de Plaid afin de ne plus recevoir de notifications par message SMS. Il se peut que vous receviez un SMS supplémentaire confirmant votre décision de vous désinscrire. En choisissant de vous désinscrire des messages SMS, vous ne recevrez plus de messages de Plaid ou de nos fournisseurs de services, à moins que vous ne nous demandiez par la suite de vous envoyer des messages SMS ou que vous ne vous inscriviez à l’un de nos services, tel qu’un Compte Plaid, qui nécessite l’envoi de messages SMS.

Si vous rencontrez des problèmes avec les messages SMS de Plaid ou de nos fournisseurs de services, vous pouvez répondre avec le mot clé HELP pour obtenir de l’aide, ou vous pouvez contacter login+sms@plaid.com.

Les personnes de moins de 18 ans ne peuvent pas créer de Compte Plaid. En créant et en utilisant votre Compte Plaid, vous déclarez et garantissez être âgé de 18 ans ou plus. Si vous avez des raisons de croire qu’une personne de moins de 18 ans utilise nos Services, veuillez nous contacter à l’adresse privacy@plaid.com et, après confirmation, nous supprimerons le Compte Plaid concerné, sous réserve et conformément à nos exigences en vertu de la loi applicable.

Sécurité. Plaid met en œuvre des mesures techniques et organisationnelles conçues pour protéger votre Compte Plaid contre l’accès, l’utilisation, l’altération ou la divulgation non autorisés et pour maintenir la sécurité, la confidentialité et l’intégrité de vos données. Nous vous invitons toutefois à sécuriser votre compte Plaid et vos autres données à caractère personnel, étant entendu que ces données sont fournies à vos propres risques. Si vous pensez que votre Compte Plaid a été compromis, veuillez nous contacter immédiatement à l’adresse privacy@plaid.com.

Divers. Tous les termes commençant par une majuscule, utilisés mais non définis dans les présentes conditions d’utilisation du Compte Plaid, auront la signification qui leur est attribuée dans le Contrat de services de l’utilisateur final (É.-U.). En cas de conflit entre les présentes conditions d’utilisation du compte Plaid et le Contrat de services de l’utilisateur final (É.-U.), les présentes conditions d’utilisation du compte Plaid prévaudront et s’appliqueront, le cas échéant, à votre utilisation d’un compte Plaid, sous réserve que toutes les autres dispositions du Contrat de services de l’utilisateur final (É.-U.) restent pleinement en vigueur. L’acceptation du contrat ou la création, l’accès, la gestion ou l’utilisation de votre compte Plaid impliquent que vous acceptez le contrat et que vous certifiez disposer de tous les droits nécessaires à cet effet. Si vous n’acceptez pas le Contrat, veuillez ne pas créer, accéder, gérer ou utiliser un compte Plaid. Si, à quelque moment que ce soit, vous n’acceptez plus le Contrat, vous pouvez supprimer votre compte Plaid. Plaid, à son entière discrétion, est habilitée à désactiver ou supprimer un compte Plaid si (a) elle a des motifs de croire qu’une condition du contrat a été violée, (b) votre compte Plaid n’est pas utilisé et reste inactif pendant une période prolongée, (c) elle a des motifs de croire que votre compte Plaid a été utilisé sans autorisation, ou (d) elle est légalement tenue de le faire. Plaid se réserve le droit de faire valoir tout autre recours disponible, en droit ou en équité, en lien avec cette question.

IDV Privacy Statement

Last Updated: December 18, 2024

Plaid Inc. and its subsidiaries, Plaid Financial Ltd. and Plaid, B.V. (collectively, “Plaid”, “we”, “our”, or “us”) offer identity verification, fraud detection, and watchlist screening services (the “IDV Services” or “Services”) globally to companies, firms, and financial institutions (“Customers” or “Customer”).

You may be asked by one of our Customers to complete various checks which use the IDV Services. This IDV privacy statement (“IDV Privacy Statement”) explains how your personal data (“Personal Information”) may be used when we carry out the IDV Services on behalf of our Customers.

Plaid does not knowingly collect, process, use, or share Personal Information for consumers under the age of 18. The IDV Services are intended only for individuals 18 years or older. If you are under 18, please do not use the IDV Services.

When we provide IDV Services to our Customers, our Customers determine the purpose and means by which Personal Information is processed (and our Customers are considered a data controller). We act on our Customers’ instructions with respect to how and why your Personal Information is processed. Plaid is a data processor or sub-processor when it facilitates identity verification, fraud detection, and watchlist screening services at the direction of our Customers. Our Customers direct us to collect your Personal Information. Plaid acts as a processor or sub-processor when directed to collect information from you, including Personal Information, and Plaid receives instructions from our Customers about whom to collect personal data from and when to collect and process Personal Information. We use your Personal Information to provide IDV Services to our Customers. We also transfer and/or provide access to download the information we collect from you, including Personal Information, to Customers at their instruction and request.

You should always check the privacy policies of our Customers and direct any queries and requests to exercise your rights with respect to your Personal Information to them.

Some of the IDV Services may be accessed directly by you, including through our websites that reference this policy (collectively “Sites”). In some instances, for example, if you are a Customer or if you wish to make an inquiry about the IDV Services, or if you visit our website, we may be a data controller. We describe how and why we use personal data in these circumstances in Plaid’s applicable privacy policies at www.plaid.com/legal/.

Plaid will not ever sell your Personal Information from the IDV Services to third parties. Our Customers decide how we use your Personal Information, control their data retention policies, and may specify how long to retain Personal Information and whether and when we share the information we collect, including your Personal Information, with our Customer.

Depending on the service required by our Customers, we may process Personal Information on our Customers' behalf as described in this IDV Privacy Statement, so we encourage you to read it carefully.

Biometric Policy and Release

Last Updated: November 11, 2024

Plaid’s Biometric Policy and Release (“Biometric Policy”) describes how Plaid Inc. and its subsidiaries, Plaid Financial Ltd. and Plaid, B.V. (collectively, “Plaid”) treat the photos and/or video images of your face, including scans of facial geometry extracted from those images, which may be considered biometric data in some jurisdictions.

Plaid acts as a service provider for our customers when providing identity verification and fraud prevention services. To provide our identity verification and/or fraud prevention services, our customers may require you to provide Plaid and/or Plaid’s service providers with an identity document that contains your image and/or a photograph or video image of yourself.

Plaid and/or Plaid’s service providers collect and process the image from your identity document and your photograph or video image, at our customer’s instruction, to derive a scan of your facial geometry using facial recognition or similar technology in order to provide our customers with identity verification and fraud prevention services. Plaid and/or Plaid’s service providers may also process and use your photograph or video image for fraud detection and prevention services, including to determine whether your photograph or video image depicts a real person. Your identity document image, photograph, or video image, and any derived facial geometry scan from those images, may be considered biometric information in some jurisdictions.

Plaid and/or Plaid’s service providers will collect, process, obtain, use, and store your identity document image, photograph, or video image for the purpose of:

1. Comparing your derived facial geometry from the image on your identity document to your derived facial geometry in the photograph or video image that you provide to help verify your identity;
2. To detect and prevent fraud, including by determining your estimated age, if applicable, using an image from your identity document, an image from a photograph or video image of yourself, and/or your derived facial geometry; and
3. To maintain or provide our services for our customers, including assisting our Customers to review identity verification sessions.

The image from your identity document, photograph, or video images of your face, and your derived facial geometry, if applicable, are stored in an encrypted format by Plaid and Plaid’s service providers on behalf of Plaid’s customers.

PLAID AND PLAID’S SERVICE PROVIDERS NEVER USE THE PERSONAL INFORMATION OR IMAGE EXTRACTED FROM YOUR IDENTITY DOCUMENT, PHOTOGRAPH, OR VIDEO IMAGE, INCLUDING ANY DERIVED FACIAL GEOMETRY SCAN ASSOCIATED WITH YOUR IMAGES, TO ENHANCE, IMPROVE, OR DEVELOP OUR SERVICES.

If you do not provide an identity document with an image of your face or a photograph and video image of yourself, Plaid and Plaid’s service providers will not process your images to derive your facial geometry data to compare your identity document to your photograph or video image. Plaid will retain a record of your partially completed verification process in accordance with customer’s instructions, unless otherwise required by law or legal process to delete such data after a shorter period of time. For more information, see our IDV Privacy Statement.

Retention and Storage

Where Plaid serves as a service provider, as defined by applicable law, our customers instruct Plaid to process, store, retain, or delete your identity document and/or photograph or video image. Plaid and Plaid’s service providers will permanently destroy and delete any identity document and/or photograph or video image in accordance with our customer’s instructions. Plaid will store identity documents and/or photograph or video images you provide for the duration of the business relationship between Plaid and our customer for which the images were collected and retained, unless otherwise required by law or legal process to delete such data after a shorter period of time.

If you have created a Plaid Account subject to the Plaid Account Terms and saved your identity verification information, Plaid may store at your instruction one or more identity document(s) containing facial imagery that you provide. Plaid does not ever process the image from these identity documents for any additional purpose unless instructed to do so by you, when you verify with a new app or service, nor does Plaid ever derive your facial geometry data from stored identity document(s) in your Plaid Account. You can learn more about how to delete your stored identity document(s) in your Plaid Account by contacting privacy@plaid.com or creating a Plaid Portal account by visiting my.plaid.com. Notwithstanding any indication to the contrary in Plaid’s End User Privacy Policy or the Plaid Account Terms this Biometric Policy shall prevail in the event of any inconsistency with other terms or notices provided to you.

Additional Terms

Plaid and/or Plaid’s service providers only use and process your image from your identity document and/or photograph or video image in accordance with this Biometric Policy, and for no other reasons. Plaid does not sell biometric information. Plaid is not responsible for the policies or practices of its customers. Please see Plaid’s IDV Privacy Statement to understand how we collect and use your Personal Information on behalf of our customers. Plaid encourages you to also review our customers’ privacy policies and any applicable terms and conditions which may apply to their use of your data, some of which may be considered biometric data in your region.

By using Plaid’s identity verification and fraud prevention services to connect to an app or service provided by our customers, you agree that any identity documents or photographs and video images you provide to verify your identity with our customers are (1) authentic, (2) submitted identity documents are your own government-issued identity documents, and (3) any submitted identity documents, photographs, or video images accurately depict your face and only your face in the photograph or video image that you provide.

You agree that you have read, understand, and voluntarily consent to this Biometric Policy and Release; release in favor of Plaid and Plaid’s service providers, any claims related to the collection, processing, use, disclosure of, or sharing of your identity document and your photograph or video image, including any data derived from these images to create a facial geometry scan; and you confirm that you are not accessing Plaid’s services in any jurisdiction where those services are not permitted by applicable law.

Developers

Developer Policy

Available languages:

• Française - Politique relative au développeur

• Español - Política de desarrolladores

• Deutsch - Richtlinie für Entwickler

Effective Date: January 31, 2022

Prior to January 31, 2022, the prior 2019 version of Plaid’s Developer Policy will remain in effect.

This Developer Policy ("Policy") provides rules and guidelines that govern access to or use by our developers (“you” or “your”) of the Plaid API, websites (“Site”), dashboards, related tools, and other products or services (collectively, the "Services") provided by Plaid Inc. and its subsidiaries, including Plaid Financial Ltd. and Plaid, B.V. (“Plaid”, “we”, “our”, and “us”). Any violation of this Policy may result in suspension or termination of your access to the Services and/or access to end users’ personal and financial information provided by Plaid ("End User Data").

By accessing and using the Services, you agree to comply with all the terms of this Policy. This Policy will apply each time you access or use the Services. If you are agreeing to the terms of this Policy on behalf of an organization or entity, you represent and warrant that you are so authorized to agree on behalf of that organization or entity. This Policy is important; please read it carefully.

We may update or change this Policy at any time in our discretion. If we make any changes to this Policy that we deem to be material, we will make a reasonable effort to inform you of such change. If you object to a change, your exclusive remedy is to cease any and all access and use of the Services.

Jump to section:

Registration

Compliance with Applicable Law

Security

Data Storage and Usage

Account Deactivation

Prohibited Conduct

Suspension and Termination

Reporting Violations

Universal Data Access

Miscellaneous

Registration

To sign up for the Services, you must create an account ("Account") by registering on our Site and providing true, accurate, and complete information about yourself and your use of the Services. You agree not to misrepresent your identity or any information that you provide for your Account, and to keep your Account information up to date at all times. It is your responsibility to maintain access to your Account; you may never share your Account information, including your Plaid Dashboard password, as well as your API authentication credentials, including your Client Identification Number (“Client ID”) and secret, with a third party or allow any other application or service to act as you.

Compliance with Applicable Law

When using the Services, you agree to abide by all applicable local, state, national, and international laws. You also confirm that you, your business, your employees, your service providers, and any others acting on your behalf adhere to all applicable laws, especially those pertaining to financial data, data protection, privacy and data security.

In addition, you certify that you, your officers, directors, shareholders, direct and indirect parent entities, subsidiaries, and affiliates:

• are and will remain in compliance with all applicable import, re-import, sanctions, anti-boycott, export, and re-export control laws and regulations (including all such laws and regulations that apply to a U.S. company, such as the Export Administration Regulations, the International Traffic in Arms Regulations, and economic sanctions programs implemented by the Office of Foreign Assets Control (OFAC));
• are not subject to, or owned by parties that are subject to, sanctions or otherwise identified on any sanctions-related list, including but not limited to lists maintained by the United States government (such as the List of Specially Designated Nationals and Blocked Persons, maintained by OFAC, the Entity List maintained by the U.S. Commerce Department’s Bureau of Industry and Security, and the CAATSA section 231(d) list maintained by the U.S. State Department), the United Nations Security Council, the United Kingdom, the European Union or its Member States, or other applicable government authority; and
• are not engaging, and will not engage, in activities which may require or permit any applicable government authority to pursue an enforcement action against, or impose economic sanctions on you or us.

The certifications immediately above are not sought, and are not provided, if and to the extent such request or certification would constitute a violation of the EU Blocking Statute, of laws or regulations implementing the EU Blocking Statute in the EU Member States or in the United Kingdom, or any similar anti-boycott, non-discrimination, or blocking provisions foreseen in applicable local laws.

You are solely responsible for ensuring that your use of the Services is in compliance with all laws applicable to you, including without limitation, the rules and guidelines of any system or network that facilitates payments and any security requirements, including under the Payment Card Industry Data Security Standards (PCI-DSS), as may be applicable to you.

Security

You are responsible for securely maintaining your Plaid Dashboard username and password, as well as your API authentication credentials, including your Client ID and secret. You agree to notify us promptly at security@plaid.com in the event of any breach of security or unauthorized use of your Account or any End User Data. You must never publish, distribute, or share your Client ID or secret, and must encrypt this information in storage and during transit.

Your systems and application(s) must handle End User Data securely. With respect to End User Data, you should follow industry best practices but, at a minimum, must perform the following:

• Maintain administrative, technical, and physical safeguards that are designed to ensure the security, privacy, and confidentiality of End User Data.
• Use modern and industry standard cryptography when storing or transmitting any End User Data.
• Maintain reasonable access controls to ensure that only authorized individuals that have a business need have access to any End User Data.
• Monitor your systems for any unauthorized access.
• Patch vulnerabilities in a timely fashion.
• Log and review any events suggesting unauthorized access.
• Plan for and respond to security incidents.
• Comply with relevant rules and regulations with regard to the type of data you are handling, such as the Safeguards Rule under the Graham-Leach-Bliley Act.

Data Storage and Usage

Any End User Data in your possession must be stored securely and in accordance with applicable laws. To the extent applicable, if you use End User Data in an anonymized form then your use of such anonymized data must be clearly and conspicuously disclosed to the End User including a description of how you use such anonymized End User Data.

Account Deactivation

Once you stop using the Services in accordance with any applicable agreement you may have with us, you may deactivate your Account by following the instructions on the Site. We may also deactivate your Account if you have ceased using the Services for three months; your applicable agreement with us terminates or expires; or as reasonably necessary under applicable law. After your Account deactivation, we will deprovision your access to all End User Data associated with your integration.

Even after your Account deactivation, and to the extent permitted under applicable law, we may still retain any information we collected about you for as long as necessary to fulfill the purposes outlined in our privacy policy/statement, or for a longer retention period if required or permitted under applicable law.

Prohibited Conduct

You agree not to, and agree not to assist or otherwise enable any third party to:

• sell or rent End User Data to marketers or any other third party;
• access or use the Services or End User Data for any unlawful, infringing, threatening, abusive, obscene, harassing, defamatory, deceptive, or fraudulent purpose;
• collect and store end users’ bank credentials and/or End User Data other than as required to access or use the Services, as authorized by the end user, as permitted by Plaid, and as permitted under applicable law;
• use, disclose, or retain any “nonpublic personal information” (as defined under the Gramm-Leach-Bliley Act) or “personal information” (as defined under the California Consumer Privacy Act) other than in strict compliance with applicable law;
• use, disclose, or otherwise process any “personal data” (as defined in Regulation (EU) 2016/679 (General Data Protection Regulation)) other than in strict compliance with applicable law;
• access or use the Services or access, transmit, process, or store End User Data in violation of any applicable privacy laws or in any manner that would be a breach of contract or agreement with the applicable end user;
• access or use the Services to infringe any patent, trademark, trade secret, copyright, right of publicity, or other right of any person or entity;
• access or use the Services for any purpose other than for which it is provided by us, including for competitive evaluation, spying, creating a substitute or similar services to any of the Services, or other nefarious purpose;
• scan or test (manually or in an automated fashion) the vulnerability of any Plaid infrastructure without express prior written permission from Plaid;
• breach, disable, interfere with, or otherwise circumvent any security or authentication measures or any other aspect of the Service;
• overload, flood, or spam any part of the Services;
• create developer accounts for the Services by any means other than our publicly-supported interfaces (e.g., creating developer accounts in an automated fashion or otherwise in bulk);
• transfer, syndicate, or otherwise distribute the Services or End User Data without express prior written permission from Plaid;
• decipher, decompile, disassemble, copy, reverse engineer, or attempt to derive any source code or underlying ideas or algorithms of any part of the Services, except as permitted by applicable law;
• modify, translate, or otherwise create derivative works of any part of the Services;
• access or use the Services or End User Data in a manner that violates any agreement between you or the end user and Plaid; or
• access or use the Services or End User Data in a manner that violates any applicable law, statute, ordinance, or regulation.

Suspension and Termination

We reserve the right to withhold, refuse, or terminate access to the Services and/or End User Data in whole or in part where we believe the Services are being accessed or used in violation of this Policy or any other Plaid agreement, including Plaid’s agreements with any third party partners or data sources of Plaid (each, a “Partner”), or where use would pose a risk of harm, including reputational harm, to Plaid, its infrastructure, its data, the Services, an end user, or a Partner.

We will use reasonable efforts to notify you via email or other method when deciding to withhold, refuse, or terminate access to the Services and/or End User Data. We may immediately suspend or terminate access without notice if appropriate under the circumstances, such as when we become aware of activity that is a violation of any applicable law or when we determine, in our sole discretion, that harm is imminent.

Plaid will not be liable for any damages of any nature suffered by you or any third party resulting from Plaid’s exercise of its rights under this Policy or under applicable law.

Reporting Violations

If any person becomes aware of a violation of this Policy, we request that you immediately notify us via email to legalnotices@plaid.com. We may take any appropriate action -- including reporting any activity or conduct that we suspect violates the law to appropriate law enforcement officials, regulators, or other appropriate third parties -- in our sole discretion in respect to such violations.

Universal Data Access

Plaid promotes an Open Finance ecosystem in which end users own their data (e.g., financial data) and may grant access to such data to third parties. To the extent that you host any such end user data not already accessible by Plaid, upon Plaid’s reasonable request, the parties agree to cooperate in good faith to negotiate and initiate an arrangement for Plaid to access such end user data on behalf of end users.

Miscellaneous

The failure by you or Plaid to exercise in any respect any right provided for herein or in any other agreement you may have with us shall not be deemed a waiver of any further rights hereunder.

If any provision of this Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.

Politique relative au développeur

Available languages:

• English - Developer Policy

• Español - Política de desarrolladores

• Deutsch - Richtlinie für Entwickler

Date d’entrée en vigueur : 31 janvier 2022

La version 2019 de la Politique applicable aux Développeurs de Plaid restera en vigueur jusqu’au 31 janvier 2022.

La présente Politique applicable aux Développeurs (la « Politique ») prévoit des règles et des lignes directrices régissant l’accès ou l’utilisation par nos développeurs (« vous », « votre »,« vos ») de l’API de Plaid, des sites web (« Site »), des tableaux de bord, des outils connexes et d’autres produits ou services (collectivement les « Services ») fournis par Plaid Inc., et ses filiales, y compris Plaid Financial Ltd., et Plaid B.V., (« Plaid », « nous »,« notre », « nos »). Toute violation de la Politique peut entraîner une suspension ou une résiliation de votre accès aux Services et/ou aux informations personnelles et financières des utilisateurs finaux fournies par Plaid (« Données des Utilisateurs Finaux»)

En accédant et en utilisant les Services, vous vous engagez à respecter tous les termes de la présente Politique. La Politique s'applique à chaque fois que vous accédez ou que vous utilisez les Services. Si vous acceptez les termes de la Politique au nom d’une organisation ou d’une entité, vous déclarez et garantissez que vous êtes autorisés à vous engager au nom de cette organisation ou entité. La présente Politique est importante ; nous vous prions de la lire attentivement.

Nous pouvons être amenés à mettre à jour ou à modifier, à tout moment et à notre discrétion, la présente Politique. Si nous apportons des modifications que nous estimons importantes à la Politique, nous mettrons en œuvre des moyens raisonnables pour vous en informer. Si vous n’acceptez pas une modification, votre seul recours consiste à cesser d'accéder et d’utiliser les Services.

Aller à la section :

Inscription

Conformité avec la Loi Applicable

Sécurité

Stockage et Utilisation des Données

Désactivation de Compte

Usages Interdits

Suspension et Résiliation

Signalement des Violations

Accès Universel aux Données

Divers

Inscription

Pour vous inscrire aux Services, vous devez créer un compte (« Compte ») en vous inscrivant sur notre site et en fournissant des informations exactes, précises et complètes sur vous et votre utilisation des Services. Vous vous engagez à ne pas fausser votre identité ou les informations que vous fournissez pour votre Compte, et à mettre à jour les informations de votre Compte à tout moment. Il est de votre responsabilité de conserver l'accès à votre Compte ; vous ne devez jamais communiquer à un tiers les informations relatives à votre Compte, y compris votre mot de passe de Tableau de Bord Plaid, ainsi que vos données d'authentification API, y compris votre Numéro d’Identification Client (« ID Client ») et vos informations confidentielles, ni permettre à toute autre application ou service d'agir en votre nom.

Conformité avec la Loi Applicable

Lorsque vous utilisez les Services, vous devez vous conformer à toutes les lois applicables, qu’elles soient locales, fédérales, nationales ou internationales. Vous confirmez également que vous, votre entreprise, vos salariés, vos prestataires de services et toute autre personne agissant en votre nom respectez toutes les lois applicables, en particulier celles applicables aux données financières et à la protection des données, à la protection de la vie privée et à la sécurité des données.

De plus, vous garantissez que vous, vos cadres, administrateurs, actionnaires, société mère directe ou indirecte, filiales et sociétés affiliées :

• êtes et demeurerez en conformité avec l’ensemble des lois et règlementations applicables concernant les importations, les sanctions, les exportations anti-boycott et le contrôle de la réexportation (y compris toutes lois et règlementations qui s'appliquent à une société américaine, telles que les Réglementations de l'Administration Américaine des Exportations, les Règlements Relatifs au Trafic International d’Armes, et les programmes de sanctions économiques mis en œuvre par le Bureau du Contrôle des Avoirs Etrangers (OFAC)) ;
• n’êtes pas soumis, ni détenus par des tiers qui font l’objet de sanctions ou qui sont autrement identifiés sur une liste associée à des sanctions, incluant sans s’y limiter les listes établies par le Gouvernement des États-Unis (telles que la Liste des Ressortissants Spécialement Désignés et des Personnes Bloquées, établie par l’OFAC, la Liste des Entités établie par le Bureau de l'Industrie et de la Sécurité du Ministère Américain du Commerce, et la liste de la section 231(d) de la CAATSA tenue par le département d'État Américain), le Conseil de Sécurité des Nations Unies, le Royaume-Uni, l'Union Européenne ou ses États membres, ou toute autre autorité gouvernementale compétente ; et
• n’êtes pas impliqués et ne serez pas impliqués dans des activités qui pourraient conduire une autorité gouvernementale à engager une action ou imposer des sanctions économique à votre ou notre encontre.

Les garanties précisées ci-dessus ne seront ni demandées ni fournies si celles-ci constituent une violation du Règlement de Blocage de l’UE, ou de lois ou règlementations transposant le Règlement de Blocage dans les États membres de l’UE ou au Royaume-Uni, ou toute disposition similaire contre le boycott, la discrimination ou le blocage prévue dans les lois locales applicables.

Vous êtes personnellement chargés de veiller à ce que votre utilisation des Services soit en conformité avec toutes les lois qui vous sont applicables, y compris et sans s’y limiter les règles et lignes directrices de tout système ou réseau qui facilite les paiements et les exigences de sécurité, y compris à la Norme de sécurité informatique des données de l'industrie des cartes de paiements (PCI-DSS), si applicable.

Sécurité

Vous êtes personnellement responsable du maintien de la sécurité de votre nom d’utilisateur et mot de passe de Tableau de Bord Plaid, ainsi que de vos données d'authentification API, y compris votre ID Client et vos informations confidentielles. Vous vous engagez à nous avertir sans délai à l'adresse security@plaid.com en cas de toute violation de la sécurité ou d’utilisation non autorisée de votre Compte ou des Données des Utilisateurs Finaux. Vous êtes tenus de ne jamais publier, distribuer ou partager votre ID Client ou vos informations confidentielles, et de crypter ces informations lors du stockage et du transfert.

Vos systèmes et application(s) doivent traiter les Données des Utilisateurs Finaux de manière sécurisée. En ce qui concerne les Données des Utilisateurs Finaux vous êtes tenus de suivre les meilleures pratiques de l'industrie et devez, à tout le moins, effectuer les opérations suivantes :

• Maintenir des mesures de sauvegardes administratives, techniques et physiques conçues pour garantir la sécurité, le respect de la vie privée et la confidentialité des Données des Utilisateurs Finaux.
• Utiliser une méthode de cryptographie moderne et conforme aux normes du secteur pour le stockage ou la transmission des Données des Utilisateurs Finaux.
• Maintenir des contrôles d'accès suffisants pour garantir que seules les personnes autorisées ayant un besoin professionnel aient accès aux Données des Utilisateurs Finaux.
• Surveiller vos systèmes pour éviter les accès non autorisés.
• Remédier sans délai aux vulnérabilités.
• Enregistrer et examiner tout événement suggérant un accès non autorisé.
• Prévoir les incidents de sécurité et y répondre.
• Se conformer aux règles et règlements applicables en ce qui concerne le type de données que vous traitez, telle que la Règle de Protection de la loi Gramm-Leach-Bliley.

Stockage et Utilisation des Données

Toutes les Données des Utilisateurs Finaux en votre possession doivent être stockées en sécurité et conformément aux lois applicables.

Le cas échéant, si vous utilisez les Données des Utilisateurs Finaux sous une forme anonymisée, votre utilisation de telles données anonymisées doit être indiquée à l’Utilisateur Final clairement et de manière évidente en incluant une description de la façon dont vous utilisez ces Données des Utilisateurs Finaux anonymisées.

Désactivation de Compte

Une fois que vous cessez d’utiliser les Services conformément à un contrat conclu avec nous, vous pouvez désactiver votre Compte en suivant les instructions sur le Site. Nous nous réservons le droit de désactiver votre Compte si vous cessez d’utiliser les Services pendant trois mois, si le contrat applicable conclu avec nous est résilié ou a expiré, ou si cela est nécessaire en vertu de la loi applicable . Après la désactivation de votre Compte, nous supprimerons vos accès aux Données des Utilisateurs Finaux associées à votre intégration.

Même après la désactivation de Compte, et dans la limite autorisée par la loi applicable, nous pourrons conserver des informations collectées à votre sujet pendant aussi longtemps qu’elles seront nécessaires à la réalisation des objectifs prévus dans notre politique/déclaration de confidentialité, ou pour une période plus longue si la loi applicable l’exige ou l'autorise.

Usages Interdits

Vous vous engagez personnellement à ne pas, et à ne pas aider ou permettre à un tiers de :

• vendre ou louer les Données des Utilisateurs Finaux à des sociétés de marketing ou à d'autres tiers ;
• accéder aux Services ou aux Données des Utilisateurs Finaux ou les utiliser de manière illégale, abusive, obscène, à des fins de harcèlement, de diffamation ou de fraude, ou dans un but illicite ;
• collecter et stocker les informations de connexion bancaire des utilisateurs finaux et/ou des Données des Utilisateurs Finaux autres que celles qui sont nécessaires pour accéder ou utiliser les Services, tel qu’autorisé par l’utilisateur final, tel que permis par Plaid ou en vertu du de la loi applicable ;
• utiliser, divulguer ou conserver toute « information personnelle non publique » (telle que définie par la loi Gramm-Leach-Bliley) ou « information personnelle » (telle que définie par la Loi Californienne sur la Protection de la Vie Privée des Consommateurs) autrement qu’en stricte conformité avec la loi applicable;
• utiliser, divulguer ou traiter toute « donnée à caractère personnel » (telle que définie par le Règlement (EU) 2016/679 (Règlement Général sur la Protection des Données)) autrement qu’en stricte conformité avec la loi applicable ;
• accéder ou utiliser les Services, ou accéder aux Données des Utilisateurs Finaux, les transmettre, traiter ou les stocker en violation des lois sur la protection de la vie privée applicables ou d’une manière qui violerait un contrat ou un accord avec l’utilisateur final concerné ;
• accéder aux Services ou les utiliser pour enfreindre un brevet, une marque déposée, un secret commercial, un droit d’auteur, un droit à la publicité ou tout autre droit d’une personne ou d’un organisme ;
• accéder aux Services ou les utiliser à des fins autres que celles pour lesquelles ils sont fournis, y compris pour une évaluation concurrentielle, l’espionnage, la création d’un service de substitution ou similaire à une partie des Services, ou dans un autre but nuisible ;
• scanner ou tester (de manière manuelle ou automatique) la vulnérabilité de l’infrastructure de Plaid sans la permission écrite préalable expresse de Plaid ;
• violer, désactiver, interférer avec ou contourner de toute autre manière toute mesure de sécurité ou d'authentification ou tout autre aspect des Services ;
• surcharger, inonder ou spammer toute partie des Services ;
• créer des comptes de développeurs pour les Services par tout moyen autre que nos interfaces publiquement opérées (ex. en créant des comptes de développeur de façon automatisée ou en nombre important) ;
• transférer, vendre sous licence ou autrement distribuer les Services ou les Données des Utilisateurs Finaux sans la permission écrite préalable expresse de Plaid ;
• déchiffrer, décompiler, désassembler, copier, procéder à l’ingénierie inversée ou tenter de dériver tout code source ou idée ou algorithme sous-jacents à toute partie des Services, sauf si la loi applicable le permet ;
• modifier, traduire ou autrement créer des travaux dérivés à partir des Services ;
• accéder aux Services ou aux Données des Utilisateurs Finaux ou les utiliser d’une manière qui enfreint tout contrat entre vous ou l’utilisateur final et Plaid ; ou
• accéder aux Services ou aux Données des Utilisateur Finaux ou les utiliser d’une manière qui enfreint une loi, un statut, une ordonnance ou règlementation applicables.

Suspension et Résiliation

Nous nous réservons le droit de retenir, refuser ou résilier l'accès aux Services et/ou aux Données des Utilisateurs Finaux en tout ou en partie lorsque nous estimons qu’il y a eu un accès aux Services ou qu’ils ont été utilisés en violation de la présente Politique ou de tout autre contrat Plaid, y compris les contrats de Plaid avec des partenaires tiers ou des fournisseurs de données de Plaid (un « Partenaire »), ou lorsque l’utilisation créerait un risque de nuisance, y compris à la réputation de Plaid, à son infrastructure, ses données, aux Services, à un utilisateur final ou un Partenaire.

Nous mettrons en œuvre des moyens raisonnables pour vous informer par e-mail ou par un autre moyen si nous décidons de retenir, refuser ou résilier un accès aux Services ou aux Données des Utilisateurs Finaux. Nous nous réservons le droit de suspendre ou de résilier immédiatement l'accès sans préavis si les circonstances l'exigent, par exemple lorsque nous avons connaissance d'une activité qui constitue une violation de toute loi applicable ou lorsque nous déterminons, à notre seule discrétion, que le préjudice est imminent.

Plaid n’est pas responsable des dommages de toutes natures subis par vous ou par un tiers résultant de l’exercice par Plaid de ses droits en vertu de la présente Politique ou de la loi applicable.

Signalement des Violations

Nous demandons à toute personne ayant connaissance d’une violation de la présente Politique de nous en informer immédiatement par e-mail à l’adresse legalnotices@plaid.com. En ce qui concerne ces violations, nous nous réservons le droit de prendre toute mesure appropriée à notre seule discrétion -- y compris de signaler aux autorités policières compétentes, aux régulateurs ou autres tiers compétents si nous soupçonnons qu’une activité ou conduite viole la loi.

Accès Universel aux Données

Plaid veut promouvoir un écosystème financier ouvert dans lequel les utilisateurs finaux détiennent leurs propres données (ex., des données financières) et peuvent accorder l'accès à celles-ci à des tiers. Dans la mesure où vous hébergez de telles données d’utilisateurs finaux non accessibles par Plaid, les parties conviennent à la demande de Plaid, de coopérer de bonne foi afin de négocier et de convenir d’un arrangement afin que Plaid puisse accéder aux données des utilisateurs finaux au nom des utilisateurs finaux.

Divers

Le fait pour Plaid ou vous-même de ne pas exercer un droit prévu dans la présente Politique ne constitue aucunement un abandon de ce droit ou du droit de l’utiliser ultérieurement.

Si une disposition de la présente Politique se révélerait être inapplicable ou invalide, cette disposition sera limitée ou annulée dans les limites du minimum nécessaire de sorte que la Politique demeure par ailleurs pleinement effective, en vigueur et applicable.

Política de Desarrolladores

Available languages:

• English - Developer Policy

• Française - Politique relative au développeur

• Deutsch - Richtlinie für Entwickler

Fecha de Entrada en Vigor: 31 de enero de 2022

Hasta el 31 de enero de 2022, se mantendrá en vigor la versión de 2019 de la Política para Desarrolladores de Plaid.

Esta Política para Desarrolladores (la “Política”) establece las normas y las directrices que rigen el acceso o el uso, por parte de nuestros desarrolladores (“usted” o “su”), de la API (application programming interface, interfaz de programación de aplicaciones), sitios web (“Sitio”), paneles, herramientas asociadas y otros productos o servicios de Plaid (de manera conjunta, los “Servicios”), proporcionados por Plaid Inc. y sus filiales, incluidas Plaid Financial Ltd. y Plaid, B.V. (“Plaid”, “nosotros”, “nuestro” y “nos”). Cualquier violación de esta Política podrá provocar la suspensión o cancelación de su acceso a los Servicios y/o del acceso a la información personal y financiera de los usuarios finales facilitada por Plaid (“Datos del Usuario Final”).

Al acceder a los Servicios y utilizarlos, usted acepta cumplir con todas las condiciones de esta Política. Esta Política aplicará cada vez que usted acceda a los Servicios o los utilice. En caso de que usted acepte las condiciones de esta Política actuando por cuenta de una organización o entidad, usted manifiesta y garantiza que está autorizado para aceptar actuando por cuenta de dicha organización o entidad. Esta Política es importante, por lo que le rogamos que la lea con atención.

Podremos actualizar o cambiar esta Política siempre que lo consideremos necesario. Si introducimos cualquier cambio en ella que consideremos sustancial, haremos un esfuerzo razonable para informarle de dicho cambio. En caso de que usted se oponga a un cambio, su única alternativa es dejar de acceder a los Servicios y no utilizarlos en modo alguno.

Ir a la sección:

Registro

Cumplimiento con la Normativa Aplicable

Seguridad

Almacenamiento de Datos

Desactivación de la Cuenta

Conductas Prohibidas

Suspensión y Cancelación

Comunicación de Infracciones

Acceso Universal a los Datos

Miscelánea

Registro

Para darse de alta en los Servicios, usted deberá crear una cuenta (la “Cuenta”) registrándose en nuestro Sitio y proporcionando información cierta, exacta y completa sobre usted y su uso de los Servicios. Usted acuerda no falsear su identidad ni ninguna información que usted facilite para su Cuenta, así como mantener la información de su Cuenta actualizada en todo momento. Usted es el responsable de mantener el acceso a su Cuenta; no deberá compartir nunca su información de Cuenta, incluyendo su contraseña del Panel de Plaid y sus credenciales de autenticación API, incluyendo su Número de Identificación de Cliente (“ID de Cliente”) y secreto, con un tercero, ni permitir que ninguna otra aplicación o servicio actúe haciéndose pasar por usted.

Cumplimiento con la Normativa Aplicable

Cuando usted utilice los Servicios, acepta cumplir toda la normativa local, estatal, nacional e internacional que resulte de aplicación. Asimismo, usted confirma que usted, su empresa, sus trabajadores, sus prestadores de servicios y cualquier otra persona que actúe por cuenta de usted cumplen con toda la normativa aplicable, en particular la relativa a datos financieros, protección de datos, privacidad y seguridad de los datos.

Además, usted garantiza que usted, sus directivos, accionistas y empresas matrices y filiales (directas e indirectas):

• cumplen y cumplirán toda la normativa aplicable en materia de importación, reimportación, sanciones, antiboicot, exportación y control de reexportación (incluyendo toda la referida normativa aplicable a una empresa estadounidense, como las Export Administration Regulations (Reglamento sobre la Administración de la Exportación), las International Traffic in Arms Regulations (Reglamento sobre Tráfico Internacional de Armas) y los programas de sanciones económicas implementados por la Office of Foreign Assets Control (Oficina de Control de Activos Extranjeros; OFAC, por sus siglas en inglés));
• no están sujetos a, ni pertenecen a entidades que estén sujetas a, sanciones, ni están identificados de otra forma en ninguna lista relacionada con sanciones, incluyendo, con carácter enunciativo y no limitativo, listas mantenidas por el Gobierno de los Estados Unidos (como la List of Specially Designated Nationals and Blocked Persons (Lista de Nacionales Especialmente Designados y Personas Bloqueadas), mantenida por la OFAC, la Entity List (Lista de Entidades) mantenida por la U.S. Commerce Department’s Bureau of Industry and Security (Oficina de Industria y Seguridad del Departamento de Comercio de los Estados Unidos ) y la lista de la sección 231(d) de la CAATSA (Countering America's Adversaries Through Sanctions Act, Ley para Combatir a los Adversarios de América a través de Sanciones) mantenida por el U.S. State Department (Departamento de Estado de Estados Unidos)), el Consejo de Seguridad de las Naciones Unidas, el Reino Unido, la Unión Europea o sus Estados Miembros u otra autoridad gubernamental que resulte de aplicación; y
• no participan ni participarán en actividades que pudieran exigir o justificar que cualquier autoridad gubernamental que resulte de aplicación inicie acciones legales contra usted o contra nosotros o le imponga, a usted o a nosotros, sanciones económicas.

Las garantías inmediatamente anteriores no se exigirán ni se facilitarán, si y en la medida en que dicha solicitud o garantía constituya una violación del Estatuto de Bloqueo de la Unión Europea, de normativa que lo implemente en los Estados Miembros de la UE o en el Reino Unido, o de cualesquiera disposiciones similares antiboicot, de no discriminación o de bloqueo previstas en la normativa local aplicable.

Usted es el único responsable de garantizar que su uso de los Servicios cumple con todas las normas que le sean aplicables, entre las que se incluyen, con carácter enunciativo y no limitativo, las reglas y directrices de cualquier sistema o red que facilite pagos, así como cualesquiera requisitos de seguridad, incluyendo bajo los Payment Card Industry Data Security Standards (Estándares de Seguridad de Datos de la Industria de las Tarjetas de Pago, PCI-DSS), según le apliquen a usted.

Seguridad

Usted es el responsable de conservar de manera segura su nombre de usuario y contraseña del Panel de Plaid, así como sus credenciales de autenticación API, incluyendo su ID de Cliente y secreto. Usted se compromete a notificarnos de inmediato a través de security@plaid.com en caso de cualquier brecha de seguridad o uso no autorizado de su Cuenta o cualesquiera Datos del Usuario Final. Nunca deberá publicar, distribuir ni compartir su ID de Cliente o secreto y deberá cifrar esta información cuando se encuentre almacenada y en tránsito.

Sus sistemas y aplicación(es) deberán manejar los Datos del Usuario Final de forma segura. Respecto de los Datos del Usuario Final, deberá cumplir con las mejores prácticas del sector pero, como mínimo, deberá adoptar las siguientes medidas:

• Mantener las salvaguardas administrativas, técnicas y físicas diseñadas para garantizar la seguridad, la privacidad y la confidencialidad de los Datos del Usuario Final.
• Usar una criptografía actual y habitual en el sector cuando almacene o transmita cualesquiera Datos del Usuario Final.
• Mantener unos controles de acceso razonables para garantizar que sólo las personas autorizadas que así lo requieran por necesidades del negocio tengan acceso a cualesquiera Datos del Usuario Final.
• Monitorizar sus sistemas para detectar cualquier acceso no autorizado.
• Solucionar las vulnerabilidades en un plazo oportuno.
• Registrar y examinar cualquier evento que sugiera un acceso no autorizado.
• Prepararse para y dar una respuesta a incidentes de seguridad.
• Cumplir con la normativa relevante respecto del tipo de datos que usted esté manejando, como la Safeguards Rule (Regla de Seguridad) de conformidad con la Graham-Leach-Bliley Act (Ley Graham-Leach-Bliley).

Almacenamiento de Datos

Cualesquiera Datos del Usuario Final que se encuentren en su poder deberán ser almacenados de forma segura y de acuerdo con la normativa aplicable.

En la medida que proceda, si usted utiliza Datos del Usuario Final de forma anonimizada, entonces deberá informar clara y manifiestamente al Usuario Final del uso que usted haga de tales datos anonimizados, incluyendo una descripción de cómo usa usted los referidos Datos del Usuario Final anonimizados.

Desactivación de la Cuenta

Una vez que usted deje de usar los Servicios de conformidad con cualquier acuerdo que resulte de aplicación que usted pueda tener con nosotros, podrá desactivar su Cuenta siguiendo las instrucciones que figuran en el Sitio. Nosotros también podremos desactivar su Cuenta si usted ha dejado de utilizar los Servicios durante tres meses, se produce la terminación de su contrato con nosotros que resulte aplicable o según sea razonablemente necesario de conformidad con la normativa aplicable. Después de que se haya desactivado su Cuenta, cancelaremos su acceso a todos los Datos del Usuario Final asociados a su integración.

Incluso tras la desactivación de su Cuenta, y en la medida que la normativa aplicable lo permita, aún podremos conservar cualquier información que recabásemos sobre usted durante el plazo que sea necesario para cumplir con las finalidades descritas en nuestra política o declaración de privacidad o durante un plazo de retención mayor si la normativa aplicable así lo exige o permite.

Conductas Prohibidas

Usted acuerda que no realizará ninguna de las conductas siguientes, ni ayudará a ni facilitará de ninguna manera que ningún tercero las realice:

• vender o alquilar los Datos del Usuario Final a comercializadores o a cualquier otro tercero;
• acceder a los Servicios o los Datos del Usuario Final, o usarlos, con cualquier propósito ilegal, infractor, amenazante, abusivo, obsceno, hostigador, difamatorio, engañoso o fraudulento;
• recabar y almacenar credenciales bancarias de los usuarios finales y/o Datos del Usuario Final de una forma distinta de la necesaria para acceder a los Servicios o usarlos, distinta de la autorizada por el usuario final, la permitida por Plaid y la permitida por la normativa aplicable;
• usar, divulgar o conservar cualquier “información personal no pública” (según lo definido por la Gramm-Leach-Bliley Act (Ley Gramm-Leach-Bliley)) o “información personal” (según se define en la California Consumer Privacy Act (Ley sobre la Privacidad del Consumidor de California)), de una manera en que no se cumpla estrictamente con la normativa aplicable;
• usar, divulgar o tratar de otra forma cualquier “dato personal” (según se define en el Reglamento (UE) 2016/679 (Reglamento General de Protección de Datos)), de una manera en que no se cumpla estrictamente con la normativa aplicable;
• acceder a o usar los Servicios o acceder a, transmitir, tratar o almacenar Datos del Usuario Final con infracción de cualquier normativa aplicable en materia de privacidad o de cualquier modo que constituiría un incumplimiento de un contrato o acuerdo con el usuario final correspondiente;
• acceder a los Servicios o usarlos para infringir cualquier patente, marca, secreto comercial, derecho de autor, derecho de publicidad u otro derecho de cualquier persona o entidad;
• acceder a los Servicios o usarlos, para cualquier finalidad distinta de aquellas para las que son facilitados por nosotros, incluyendo para evaluación competitiva, espionaje, crear Servicios sustitutivos de o similares a cualquiera de los Servicios u otros fines maliciosos;
• analizar o probar (de manera manual o automática) la vulnerabilidad de cualquier infraestructura de Plaid sin autorización expresa, previa y por escrito de Plaid;
• infringir, deshabilitar, interferir con o eludir de otro modo cualquier medida de seguridad o autenticación o cualquier otro aspecto de los Servicios;
• sobrecargar, inundar (flood) o enviar spam a cualquier parte de los Servicios;
• crear cuentas de desarrollador para los Servicios, por cualquier medio distinto a nuestras interfaces con soporte público (p. ej., crear cuentas de desarrollador de manera automática o masivamente de otro modo);
• transferir, re-difundir o distribuir de otro modo los Servicios o Datos del Usuario Final sin el consentimiento expreso, previo y por escrito de Plaid;
• descifrar, descompilar, desarmar, copiar, realizar ingeniería inversa o intentar obtener cualquier código fuente o ideas o algoritmos subyacentes de cualquier parte de los Servicios, salvo que lo permita la normativa aplicable;
• modificar, traducir o crear de otra forma obras derivadas de cualquier parte de los Servicios;
• acceder a los Servicios o los Datos del Usuario Final, o usarlos, de una manera que infrinja cualquier acuerdo entre usted o el usuario final y Plaid; o
• acceder a los Servicios o los Datos del Usuario Final, o usarlos, de una manera que infrinja cualquier ley, estatuto, ordenanza o reglamento aplicable.

Suspensión y Cancelación

Nos reservamos el derecho de denegar, rechazar o cancelar el acceso a los Servicios y/o a los Datos del Usuario Final, en todo o en parte, si, a nuestro juicio, se está accediendo a los Servicios o se están utilizando de forma que se viole la presente Política o cualquier otro acuerdo de Plaid, incluyendo los acuerdos que Plaid mantiene con cualesquiera socios externos o fuentes de datos de Plaid (cada uno de ellos, un “Socio”), o cuando el uso pueda implicar un riesgo de daños, incluidos daños reputacionales, para Plaid, su infraestructura, sus datos, los Servicios, un usuario final o un Socio.

Haremos esfuerzos razonables para comunicarle por correo electrónico o por otro medio nuestra decisión de denegar, rechazar o cancelar el acceso a los Servicios y/o a los Datos del Usuario Final. Podremos suspender o cancelar el acceso de inmediato, sin comunicárselo con antelación, cuando sea apropiado según las circunstancias, como cuando tengamos conocimiento de una actividad que suponga una violación de cualquier normativa aplicable o cuando juzguemos, a nuestra entera discreción, que el daño es inminente.

Plaid no será responsable de ningún daño de ninguna naturaleza, que usted o cualquier tercero sufran como resultado del ejercicio, por parte de Plaid, de sus derechos conforme a esta Política o de acuerdo con la normativa aplicable.

Comunicación de Infracciones

Si cualquier persona tuviera conocimiento de una infracción de la presente Política, le rogamos que nos lo comunique de inmediato a través de un correo electrónico dirigido a legalnotices@plaid.com. Podremos adoptar cualquier medida pertinente (incluida la denuncia de cualquier actividad o conducta que sospechemos que viola la ley a las autoridades competentes, reguladores u otros terceros que correspondan), a nuestra entera discreción, con respecto a dichas violaciones.

Acceso Universal a los Datos

Plaid promueve un ecosistema Open Finance (Finanzas Abiertas) en el que los usuarios finales son propietarios de sus datos (p. ej. datos financieros) y pueden dar acceso a terceros a tales datos. En la medida en que usted aloje cualesquiera de esos datos de usuario final a los que Plaid todavía no tenga acceso, a petición razonable de Plaid, las partes acuerdan cooperar de buena fe para negociar e iniciar un acuerdo en virtud del cual Plaid tenga acceso a dichos datos de usuario final por cuenta de los usuarios finales.

Miscelánea

La falta de ejercicio por su parte o por parte de Plaid, en cualquier aspecto, de cualquier derecho establecido en este documento o en cualquier otro acuerdo que usted pueda tener con nosotros, no se considerará una renuncia a cualquier otro derecho aquí reconocido.

Si cualquier disposición de la presente Política fuera declarada inaplicable o carente de validez, dicha disposición se limitará o eliminará en la medida mínima necesaria, de forma tal que esta Política continúe estando plenamente vigente, con plenos efectos y siendo aplicable.

Richtlinie für Entwickler

Available languages:

• English - Developer Policy

• Française - Politique relative au développeur

• Español - Política de desarrolladores

Gültigkeitsdatum: 31. Januar 2022

Vor dem 31. Januar 2022 gilt weiterhin die vorherige Version 2019 der Plaid-Richtlinie für Entwickler.

Diese Richtlinie für Entwickler (die „Richtlinie“) legt Regeln und Richtlinien fest, die den Zugang oder die Nutzung der Plaid-API, der Websites (die „Website“), der Dashboards, der zugehörigen Tools und anderer Produkte oder Dienstleistungen (zusammen die „Dienste“) regeln, welche von Plaid Inc. und seinen Tochtergesellschaften, einschließlich Plaid Financial Ltd. und Plaid, B.V. („Plaid“, „wir“, „unser“ und „uns“) bereitgestellt werden. Ein Verstoß gegen diese Richtlinie kann zur Aussetzung oder Beendigung Ihres Zugangs zu den Diensten und/oder Zugangs zu den von Plaid bereitgestellten personenbezogenen und finanziellen Daten der Endnutzer (die „Endnutzerdaten“) führen

Mit Ihrem Zugriff auf die Dienste und deren Nutzung erklären Sie sich damit einverstanden, alle Bestimmungen dieser Richtlinie einzuhalten. Diese Richtlinie gilt jedes Mal, wenn Sie die Dienste aufrufen oder nutzen. Falls Sie im Namen einer Organisation oder einer juristischen Person den Bedingungen dieser Richtlinie zustimmen, sichern Sie zu, dass Sie berechtigt sind, im Namen dieser Organisation oder juristischen Person zuzustimmen. Diese Richtlinie ist wichtig; bitte lesen Sie sie sorgfältig.

Wir sind berechtigt, diese Richtlinie jederzeit nach eigenem Ermessen zu aktualisieren oder zu ändern. Wenn wir Änderungen an der Richtlinie vornehmen, die unserer Ansicht nach wesentlich sind, werden wir uns in angemessener Weise bemühen, Sie über diese Änderungen in Kenntnis zu setzen. Wenn Sie mit einer Änderung nicht einverstanden sind, besteht Ihre einzige Abhilfe darin, den Zugang zu den Diensten und deren Nutzung einzustellen.

Zum Abschnitt springen:

Registrierung

Befolgung der anwendbaren Gesetze

Sicherheit

Datenspeicherung und -verwendung

Deaktivierung des Kontos

Verbotenes Verhalten

Aussetzung und Beendigung

Meldung von Verstößen

Universeller Datenzugriff

Sonstiges

Registrierung

Wenn Sie sich für die Dienste anmelden möchten, müssen Sie ein Konto erstellen (das „Konto“), indem Sie sich auf unserer Website registrieren und wahrheitsgemäße, genaue und vollständige Angaben zu Ihrer Person und Ihrer Nutzung der Dienste machen. Sie verpflichten sich, keine falschen Angaben zu Ihrer Identität oder zu den Informationen, die Sie für Ihr Konto angeben, zu machen und Ihre Kontoinformationen stets auf dem neuesten Stand zu halten. Es ist Ihre Verantwortung, den Zugang zu Ihrem Konto aufrechtzuerhalten. Sie dürfen Ihre Kontoinformationen, einschließlich Ihres Plaid Dashboard-Passworts, sowie Ihre API-Authentifizierungsdaten, einschließlich Ihrer Kundenidentifikationsnummer (die „Kunden-ID“) und Ihres Geheimnisses, niemals an Dritte weitergeben oder zulassen, dass eine andere Anwendung oder ein anderer Dienst in Ihrem Namen handelt.

Befolgung der anwendbaren Gesetze

Wenn Sie die Dienste nutzen, erklären Sie sich damit einverstanden, alle anwendbaren lokalen, bundesstaatlichen, nationalen und internationalen Gesetze zu befolgen. Darüber hinaus bestätigen Sie, dass Sie, Ihr Unternehmen, Ihre Mitarbeiter, Ihre Dienstleister und alle anderen, die in Ihrem Namen handeln, alle anwendbaren Gesetze befolgen, insbesondere solche, die sich auf Finanzdaten, Datenschutz, Privatsphäre und Datensicherheit beziehen.

Des Weiteren bestätigen Sie, dass Sie, Ihre Führungskräfte, Direktoren, Aktionäre, direkten und indirekten Muttergesellschaften, Tochtergesellschaften und verbundenen Unternehmen:

• alle anwendbaren Import-, Re-Import-, Sanktions-, Anti-Boykott-, Export- und Re-Export-Kontrollgesetze und -vorschriften (darunter auch alle Gesetze und Vorschriften, die für ein US-Unternehmen gelten, wie z. B. die Export Administration Regulations, die International Traffic in Arms Regulations und die vom Office of Foreign Assets Control (OFAC) umgesetzten Wirtschaftssanktionsprogramme) befolgen und befolgen werden
• keinen Sanktionen unterliegen oder im Eigentum von Parteien stehen, die Sanktionen unterliegen oder anderweitig auf einer sanktionsbezogenen Liste aufgeführt sind, beispielsweise auf der von der US-Regierung geführten Liste der „Specially Designated Nationals and Blocked Persons“ (OFAC), der vom Bureau of Industry and Security des US-Handelsministeriums geführten „Entity List“ und der vom US-Außenministerium geführten „CAATSA Section 231(d)“-Liste, einer Liste des Sicherheitsrats der Vereinten Nationen, des Vereinigten Königreichs, der Europäischen Union oder ihrer Mitgliedstaaten oder einer anderen zuständigen Regierungsbehörde, und
• sich weder jetzt noch in Zukunft an Aktivitäten beteiligen, die es erforderlich machen oder ermöglichen, dass eine zuständige Regierungsbehörde eine Vollstreckungsmaßnahme gegen Sie oder uns ergreift oder wirtschaftliche Sanktionen gegen uns verhängt.

Die unmittelbar vorstehend genannten Bestätigungen werden nicht verlangt und nicht abgegeben, wenn und soweit das Verlangen oder die Bestätigung einen Verstoß gegen das EU-Sperrgesetz, gegen Gesetze oder Verordnungen zur Umsetzung des EU-Sperrgesetzes in den EU-Mitgliedstaaten oder im Vereinigten Königreich oder gegen ähnliche Anti-Boykott-, Nicht-Diskriminierungs- oder Sperrbestimmungen, die im Rahmen der anwendbaren lokalen Gesetze vorgesehen sind, darstellen würde.

Sie sind allein dafür verantwortlich, dass Ihre Nutzung der Dienste im Einklang mit allen auf Sie anwendbaren Gesetzen steht, insbesondere mit den Regeln und Richtlinien aller Systeme oder Netzwerke, die Zahlungen ermöglichen, sowie mit allen Sicherheitsanforderungen, einschließlich der Payment Card Industry Data Security Standards (PCI-DSS), soweit diese auf Sie anwendbar sind.

Sicherheit

Für die sichere Aufbewahrung Ihres Plaid Dashboard-Benutzernamens und -Passworts sowie Ihrer API-Authentifizierungsdaten, einschließlich Ihrer Kunden-ID und Ihres Geheimnisses, sind Sie selbst verantwortlich. Für den Fall einer Verletzung der Sicherheit oder einer unbefugten Nutzung Ihres Kontos oder von Endnutzerdaten verpflichten Sie sich, uns unverzüglich unter security@plaid.com zu benachrichtigen. Sie dürfen Ihre Kunden-ID und Ihr Geheimnis niemals veröffentlichen, teilen oder weitergeben und müssen diese Informationen bei der Speicherung und während der Übertragung verschlüsseln.

Ihre Systeme und Anwendungen müssen die Endnutzerdaten sicher behandeln. In Bezug auf Endnutzerdaten sollten Sie bewährte Praktiken der Branche befolgen, müssen aber mindestens die folgenden Maßnahmen ergreifen:

• Treffen Sie administrative, technische und physische Sicherheitsvorkehrungen, um die Sicherheit, den Datenschutz und die Vertraulichkeit von Endnutzerdaten zu gewährleisten.
• Setzen Sie bei der Speicherung oder Übertragung von Endnutzerdaten moderne und branchenübliche Verschlüsselungsverfahren ein.
• Führen Sie angemessene Zugangskontrollen durch, um den Zugriff auf Endnutzerdaten auf autorisierte Personen zu beschränken, die dafür eine geschäftliche Notwendigkeit haben.
• Überwachen Sie Ihre Systeme auf unbefugten Zugriff.
• Schließen Sie rechtzeitig etwaige Sicherheitslücken.
• Protokollieren und überprüfen Sie alle Ereignisse, die auf einen unbefugten Zugriff hinweisen.
• Planen Sie Sicherheitszwischenfälle und Ihre Reaktion darauf.
• Halten Sie die einschlägigen Regeln und Vorschriften in Bezug auf die Art der von Ihnen gehandhabten Daten ein, wie z. B. die Safeguards Rule des Graham-Leach-Bliley Act.

Datenspeicherung und -verwendung

Alle Endnutzerdaten, die sich in Ihrem Besitz befinden, müssen sicher und unter Beachtung der anwendbaren Gesetze aufbewahrt werden. Sollten Sie Endnutzerdaten in anonymisierter Form verwenden, müssen Sie den Endnutzer klar und deutlich darauf hinweisen, einschließlich einer Beschreibung, wie Sie diese anonymisierten Endnutzerdaten verwenden.

Deaktivierung des Kontos

Wenn Sie die Dienste nicht mehr gemäß der geltenden Vereinbarung mit uns nutzen, können Sie Ihr Konto anhand der Anweisungen auf der Website deaktivieren. Wir können Ihr Konto auch deaktivieren, wenn Sie die Dienste drei Monate lang nicht mehr genutzt haben, wenn Ihre Vereinbarung mit uns gekündigt wird oder ausläuft oder wenn dies nach dem anwendbaren Recht angemessen ist. Nach der Deaktivierung Ihres Kontos werden wir Ihnen den Zugriff auf alle mit Ihrer Integration verbundenen Endnutzerdaten entziehen.

Selbst nach der Deaktivierung Ihres Kontos können wir, soweit dies gesetzlich zulässig ist, die von uns über Sie erfassten Daten so lange aufbewahren, wie es für die Erfüllung der in unserer Datenschutzrichtlinie/-erklärung genannten Zwecke erforderlich ist, oder noch länger, wenn dies nach dem anwendbaren Recht erforderlich oder zulässig ist.

Verbotenes Verhalten

Sie verpflichten sich, Folgendes zu unterlassen und auch Dritte nicht dabei zu unterstützen:

• Endnutzerdaten an Vermarkter oder andere Dritte zu verkaufen oder zu vermieten
• auf die Dienste oder Endnutzerdaten für ungesetzliche, verletzende, bedrohende, missbräuchliche, obszöne, belästigende, verleumderische, täuschende oder betrügerische Zwecke zuzugreifen oder diese zu nutzen
• die Bankdaten von Endnutzern und/oder Endnutzerdaten zu erfassen und zu speichern, es sei denn, dies ist für den Zugang zu den Diensten oder deren Nutzung erforderlich, vom Endnutzer gestattet, von Plaid erlaubt oder nach dem anwendbaren Recht erlaubt
• „nicht-öffentliche personenbezogene Daten“ (laut Definition im Gramm-Leach-Bliley Act) oder „personenbezogene Daten“ (laut Definition im California Consumer Privacy Act) zu verwenden, offenzulegen oder aufzubewahren, es sei denn, dies geschieht unter strikter Einhaltung des anwendbaren Rechts
• „personenbezogene Daten“ (wie in der Verordnung (EU) 2016/679 [Datenschutz-Grundverordnung] definiert) zu verwenden, offenzulegen oder anderweitig zu verarbeiten, es sei denn, dies geschieht unter strikter Einhaltung des anwendbaren Rechts
• auf die Dienste zuzugreifen oder diese zu nutzen oder auf Endnutzerdaten zuzugreifen, diese zu übermitteln, zu verarbeiten oder zu speichern, wenn dies gegen einschlägige Datenschutzgesetze verstoßen oder eine Verletzung des Vertrags oder der Vereinbarung mit dem jeweiligen Endnutzer darstellen würde
• auf die Dienste zuzugreifen oder diese zu nutzen, um ein Patent, eine Marke, ein Geschäftsgeheimnis, ein Urheberrecht, ein Veröffentlichungsrecht oder ein anderes Recht einer natürlichen oder juristischen Person zu verletzen
• zu einem anderen als dem von uns vorgesehenen Zweck auf die Dienste zuzugreifen oder diese zu nutzen, einschließlich zu Zwecken der Wettbewerbsanalyse, des Ausspionierens, der Schaffung eines Ersatzprodukts oder eines ähnlichen Angebots zu den Diensten oder zu anderen unlauteren Zwecken
• die Schwachstellen der Infrastruktur von Plaid ohne ausdrückliche vorherige schriftliche Genehmigung von Plaid zu scannen oder zu testen (manuell oder auf automatisierte Weise)
• Sicherheits- oder Authentifizierungsmaßnahmen oder andere Aspekte der Dienste zu verletzen, zu deaktivieren, zu stören oder anderweitig zu umgehen
• die Dienste ganz oder teilweise zu überlasten, zu überschwemmen oder zu spammen
• Entwicklerkonten für die Dienste auf andere Weise als über unsere öffentlich unterstützten Schnittstellen zu erstellen (z. B. durch die automatische Erstellung von Entwicklerkonten oder auf andere Weise in großen Mengen)
• die Dienste oder Endnutzerdaten ohne ausdrückliche vorherige schriftliche Genehmigung von Plaid zu übertragen, zu syndizieren oder anderweitig zu verbreiten
• den Quellcode oder die zugrundeliegenden Ideen oder Algorithmen der Dienste zu entschlüsseln, zu dekompilieren, zu disassemblieren, zu kopieren, zurückzuentwickeln oder abzuleiten, es sei denn, dies ist nach anwendbarem Recht zulässig
• die Dienste zu modifizieren, zu übersetzen oder auf andere Weise Bearbeitungen davon zu erstellen
• auf eine Weise auf die Dienste oder Endnutzerdaten zuzugreifen oder diese zu nutzen, die gegen eine Vereinbarung zwischen Ihnen oder dem Endnutzer und Plaid verstößt, oder
• auf die Dienste oder Endnutzerdaten in einer Weise zuzugreifen oder diese zu nutzen, die gegen ein anwendbares Gesetz, ein Regelwerk, eine Verordnung oder eine Vorschrift verstößt

Aussetzung und Beendigung

Wir behalten uns das Recht vor, den Zugang zu den Diensten und/oder Endnutzerdaten ganz oder teilweise zu verweigern oder zu beenden, wenn wir glauben, dass der Zugang zu den Diensten oder deren Nutzung gegen diese Richtlinie oder eine andere Vereinbarung von Plaid verstößt, einschließlich der Vereinbarungen von Plaid mit Drittpartnern oder Datenquellen von Plaid (jeweils ein „Partner“), oder wenn die Nutzung das Risiko eines Schadens, einschließlich eines Imageschadens, für Plaid, seine Infrastruktur, seine Daten, die Dienste, einen Endnutzer oder einen Partner bedeuten würde.

Falls wir beschließen, den Zugang zu den Diensten und/oder Endnutzerdaten zu sperren, zu verweigern oder zu beenden, werden wir uns in angemessener Weise bemühen, Sie per E-Mail oder auf anderem Wege zu informieren. Wir können den Zugang sofort und ohne Vorankündigung aussetzen oder beenden, wenn die Umstände dies erfordern, z. B. wenn wir von Aktivitäten Kenntnis erlangen, die gegen ein anwendbares Gesetz verstoßen, oder wenn wir nach eigenem Ermessen feststellen, dass ein Schaden droht.

Plaid haftet nicht für Schäden irgendwelcher Art, die Ihnen oder Dritten durch die Wahrnehmung der Rechte von Plaid aus dieser Richtlinie oder nach anwendbarem Recht entstehen.

Meldung von Verstößen

Sollten Sie von einem Verstoß gegen diese Richtlinie Kenntnis erlangen, bitten wir Sie, uns unverzüglich per E-Mail an legalnotices@plaid.com zu informieren. Wir können nach eigenem Ermessen in Bezug auf solche Verstöße alle angemessenen Maßnahmen ergreifen – einschließlich der Meldung von Aktivitäten oder Verhaltensweisen, die unserer Meinung nach gegen das Gesetz verstoßen, an die zuständigen Strafverfolgungsbehörden, Aufsichtsbehörden oder andere geeignete Dritte.

Universeller Datenzugriff

Plaid unterstützt ein Open Finance-Ökosystem, in dem Endnutzer Eigentümer ihrer Daten (z. B. Finanzdaten) sind und Dritten Zugang zu diesen Daten verschaffen können. Soweit Sie solche Endnutzerdaten hosten, die Plaid noch nicht zugänglich sind, verpflichten sich die Parteien, nach angemessener Aufforderung durch Plaid nach Treu und Glauben miteinander zu kooperieren, um eine Vereinbarung auszuhandeln und in die Wege zu leiten, die Plaid den Zugriff auf diese Endnutzerdaten im Namen der Endnutzer erlaubt.

Sonstiges

Das Versäumnis Ihrerseits oder von Plaid, ein hierin oder in einer anderen Vereinbarung mit uns vorgesehenes Recht geltend zu machen, gilt nicht als Verzicht auf weitere Rechte aus der Vereinbarung.

Sollte eine Bestimmung dieser Richtlinie für nicht durchsetzbar oder unwirksam befunden werden, wird diese Bestimmung auf das erforderliche Mindestmaß beschränkt oder aufgehoben, so dass diese Richtlinie ansonsten in vollem Umfang wirksam und durchsetzbar bleibt.

Developer Policy (2019)

Effective Date: December 30, 2019

To view the most current policy, effective January 2022, click the appropriate link in the sidebar.

This Developer Policy ("Policy") provides rules and guidelines that govern access to or use by our developers (“you” or “your”) of the Plaid API, websites (“Site”), dashboards, related tools, and other products or services (collectively, the "Service") provided by Plaid Inc. and its subsidiaries, including Plaid Financial Ltd. and Plaid, B.V. (“Plaid”, “we”, “our”, and “us”). Any violation of this Policy may result in suspension or termination of your access to the Service and/or access to end users’ personal and financial information ("End User Data").

By accessing and using the Service, you agree to comply with all the terms of this Policy. This Policy will apply each time you access or use the Service. If you are agreeing to the terms of this Policy on behalf of an organization or entity, you represent and warrant that you are so authorized to agree on behalf of that organization or entity. This Policy is important; please read it carefully.

We may update or change this Policy at any time in our discretion. If we make any changes to this Policy that we deem to be material, we will make a reasonable effort to inform you of such change. If you don’t agree with the change, you are free to reject it; unfortunately, that means you will no longer be able to use the Service.

Jump to section:

Registration

Compliance with Applicable Law

Security

Data Storage

Account Deactivation

Prohibited Conduct

Suspension and Termination

Reporting Violations

Miscellaneous

Registration

To sign up for the Service, you must create an account ("Account") by registering on our Site and providing true, accurate, and complete information about yourself and your use of the Service. You agree not to misrepresent your identity or any information that you provide for your Account, and to keep your Account information up to date at all times. It is your responsibility to maintain access to your Account; you may never share your Account information, including your Plaid Dashboard password, as well as your API authentication credentials, including your Client Identification Number (“Client ID”) and secret, with a third party or allow any other application or service to act as you.

If you become aware of any unauthorized use of your Account or any other breach of security, please immediately notify us via email to security@plaid.com.

Compliance with Applicable Law

When using the Service, you must abide by all applicable local, state, national, and international laws. You also confirm that you, your business, your employees, your service providers, and any others acting on your behalf adhere to all applicable laws, especially those pertaining to financial data and to data protection, privacy and data security.

In addition, you certify that you, your officers, directors, shareholders, direct and indirect parent entities, subsidiaries, and affiliates:

• are and will remain in compliance with all applicable import, re-import, sanctions, anti-boycott, export, and re-export control laws and regulations (including all such laws and regulations that apply to a U.S. company, such as the Export Administration Regulations, the International Traffic in Arms Regulations, and economic sanctions programs implemented by the Office of Foreign Assets Control (OFAC));
• are not subject to, or owned by parties that are subject to, sanctions or otherwise identified on any sanctions-related list, including but not limited to lists maintained by the United States government (such as the List of Specially Designated Nationals and Blocked Persons, maintained by OFAC, the Entity List maintained by the U.S. Commerce Department’s Bureau of Industry and Security, and the CAATSA section 231(d) list maintained by the U.S. State Department), the United Nations Security Council, the United Kingdom, the European Union or its Member States, or other applicable government authority; and
• are not engaging, and will not engage, in activities which may require or permit any applicable government authority to pursue an enforcement action against, or impose economic sanctions on you or us.

The certifications immediately above are not sought, and are not provided, if and to the extent such request or certification would constitute a violation of the EU Blocking Statute, of laws or regulations implementing the EU Blocking Statute in the EU Member States or in the United Kingdom, or any similar anti-boycott, non-discrimination, or blocking provisions foreseen in applicable local laws.

You are solely responsible for ensuring that your use of the Service is in compliance with all laws applicable to you, including without limitation, the rules and guidelines of any system or network that facilitates payments and any security requirements, including under the Payment Card Industry Data Security Standards (PCI-DSS), as may be applicable to you.

Security

You are responsible for securely maintaining your Plaid Dashboard username and password, as well as your API authentication credentials, including your Client ID and secret. You must notify us immediately in the event of any breach of security or unauthorized use of your Account or any End User Data. You must never publish, distribute, or share your Client ID or secret, and must encrypt this information in storage and during transit.

Your systems and application(s) must handle End User Data securely. With respect to End User Data, you should follow industry best practices but, at a minimum, must perform the following:

• Maintain administrative, technical, and physical safeguards that are designed to ensure the security, privacy, and confidentiality of End User Data.
• Use modern and industry standard cryptography when storing or transmitting any End User Data.
• Maintain reasonable access controls to ensure that only authorized individuals that have a business need have access to any End User Data.
• Monitor your systems for any unauthorized access. Patch vulnerabilities in a timely fashion. Log and review any events suggesting unauthorized access.
• Plan for and respond to security incidents.
• Comply with relevant rules and regulations with regard to the type of data you are handling, such as the Safeguards Rule.

Data Storage

Any End User Data in your possession must be stored securely and in accordance with applicable laws.

Account Deactivation

Once you stop using the Service in accordance with any applicable agreement you may have with us, you may deactivate your Account by following the instructions on the Site. We may also deactivate your Account if you have ceased using the Service for three months; your applicable agreement with us terminates or expires; or as reasonably necessary under applicable law. After your Account deactivation, we will deprovision your access to all End User Data associated with your integration.

Even after your Account deactivation, and to the extent permitted under applicable law, we may still retain any information we collected about you for as long as necessary to fulfill the purposes outlined in our privacy policy/statement, or for a longer retention period if required or permitted under applicable law.

Prohibited Conduct

You agree not to, and agree not to assist or otherwise enable any third party to:

• sell or rent End User Data to marketers or any other third party;
• access or use the Service or End User Data for any unlawful, infringing, threatening, abusive, obscene, harassing, defamatory, deceptive, or fraudulent purpose;
• collect and store end users’ bank credentials and/or End User Data other than as required to access or use the Service, as authorized by the end user, as permitted by Plaid, and as permitted under applicable law;
• use, disclose, or retain any “nonpublic personal information” (as defined under the Gramm-Leach-Bliley Act) or “personal information” (as defined under the California Consumer Privacy Act) other than in strict compliance with applicable law;
• use, disclose, or otherwise process any “personal data” (as defined in Regulation (EU) 2016/679 (General Data Protection Regulation)) other than in strict compliance with applicable law;
• access or use the Service or access, transmit, process, or store End User Data in violation of any applicable privacy laws or in any manner that would be a breach of contract or agreement with the applicable end user;
• access or use the Service to infringe any patent, trademark, trade secret, copyright, right of publicity, or other right of any person or entity;
• access or use the Service for any purpose other than for which it is provided by us, including for competitive evaluation, spying, creating a substitute or similar service to any of the Service, or other nefarious purpose;
• scan or test (manually or in an automated fashion) the vulnerability of any Plaid infrastructure without express prior written permission from Plaid;
• breach, disable, interfere with, or otherwise circumvent any security or authentication measures or any other aspect of the Service;
• overload, flood, or spam any part of the Service;
• create developer accounts for the Service by any means other than our publicly-supported interfaces (e.g., creating developer accounts in an automated fashion or otherwise in bulk);
• transfer, syndicate, or otherwise distribute the Service or End User Data without express prior written permission from Plaid;
• decipher, decompile, disassemble, copy, reverse engineer, or attempt to derive any source code or underlying ideas or algorithms of any part of the Service, except as permitted by applicable law;
• modify, translate, or otherwise create derivative works of any part of the Service;
• access or use the Service or End User Data in a manner that violates any agreement between you or the end user and Plaid; or
• access or use the Service or End User Data in a manner that violates any applicable law, statute, ordinance, or regulation.

Suspension and Termination

We reserve the right to withhold, refuse, or terminate access to the Service and/or End User Data in whole or in part where we believe the Service is being accessed or used in violation of this Policy or any other Plaid agreement, including Plaid’s agreements with any third party partners or data sources of Plaid (each, a “Partner”), or where use would pose a risk of harm, including reputational harm, to Plaid, its infrastructure, its data, the Service, an end user, or a Partner.

We will use reasonable efforts to notify you via email or other method when deciding to withhold, refuse, or terminate access to the Service and/or End User Data. We may immediately suspend or terminate access without notice if appropriate under the circumstances, such as when we become aware of activity that is a violation of any applicable law or when we determine, in our sole discretion, that harm is imminent.

Plaid will not be liable for any damages of any nature suffered by you or any third party resulting from Plaid’s exercise of its rights under this Policy or under applicable law.

Reporting Violations

If any person becomes aware of a violation of this Policy, we request that you immediately notify us via email to legalnotices@plaid.com. We may take any appropriate action -- including reporting any activity or conduct that we suspect violates the law to appropriate law enforcement officials, regulators, or other appropriate third parties -- in our sole discretion in respect to such violations.

Miscellaneous

The failure by you or Plaid to exercise in any respect any right provided for herein shall not be deemed a waiver of any further rights hereunder.

If any provision of this Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.

Modulr Terms and Conditions (EU)

Last Updated: 10 June 2025

EEA Safeguarding

Background

Modulr Finance B.V. (“Modulr”) is a provider of Modulr Products (as described to you by Partner Platform), which includes the provision of an electronic money account for businesses and associated payment services. These Introduced Client Terms of Business govern the Modulr Products that Modulr agrees to provide to the Introduced Client.
These Introduced Client Terms of Business (including all the attached Schedules), together with the Modulr Account Terms and Conditions set out the terms on which the Modulr Products are provided and constitute the Agreement between Modulr and the Introduced Client.

THE PARTIES AGREE AS FOLLOWS:

1. Interpretation
   1. In these Introduced Client Terms of Business: (a) a reference to a clause is a reference to a clause in these Introduced Client Terms of Business; (b) headings are for reference only and shall not affect the interpretation of these Introduced Client Terms of Business; (c) the singular shall include the plural and vice versa; (d) a reference to a person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality) and that person's personal representatives, successors and permitted assigns; (e) a reference to a party shall include its personal representatives, successors and permitted assigns; (f) reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time.
   
   
2. Modulr Products
   1. Modulr will make available to the Introduced Client such products that are provided to the Partner Platform and as described by Partner Platform in the application process.
   2. The Introduced Client agrees to the Partner Platform providing all such information to Modulr who will check and verify the identity of the Introduced Client, its directors, beneficial owners and Authorised Users as required by law.
   3. The Introduced Client acknowledges that a search of the available public registers may take place for anti-money laundering purposes on the individuals listed in clause 2.2 above.
   4. The Introduced Client acknowledges that the individuals noted in clause 2.2 above may have their their personal details accessed by third parties for the specific purpose of anti-money laundering and countering the financing of terrorism (AML/CFT), identity verification and fraud prevention.
   5. The Account is provided by Modulr to the Introduced Client in accordance with the Modulr Account Terms and Conditions. Modulr Products provided to the Introduced Client under this Agreement are for the sole use by the Introduced Client.
   6. The Introduced Client can use the Account and Cards (where applicable) to make Transactions on the terms and conditions set out in the Modulr Account Terms and Conditions. A record of all Transactions relating to the Account can viewed on the Website or accessed via the Partner Platform (as applicable).
   7. The Introduced Client shall promptly notify Customer Services as soon as it becomes aware login and security information enabling access to its Modulr Products have been lost, stolen or compromised.
   8. From time to time Modulr may carry out additional checks on the Introduced Client, including the identity of its directors, beneficial owners and the nature of its business in accordance with its Due Diligence Procedure and as required by law. Modulr may contact the Introduced Client or the Partner Platform (as applicable) for such purposes. The Introduced Client agrees to provide such information as necessary.
   9. The Introduced Client shall comply with all legislation and regulation as it applies to the Introduced Client. Any failure to comply with relevant legislation or regulation shall be considered a material breach of the Agreement and may result in Modulr discontinuing the provision of the Modulr Products as set out in clause 6.4.
   10. The Introduced Client shall implement as appropriate Modulr's reasonable security recommendations it notifies to the Introduced Client from time to time.
   
   
3. Authorised Users
   1. Access to the Modulr Products is restricted to individuals that have been designated by the Introduced Client as Authorised Users.
   2. The Introduced Client must notify Modulr of all individuals it wishes to be an Authorised User.
   3. Each Authorised User is permitted to access and use the Modulr Products in accordance with these Introduced Client Terms of Business.
   4. The Introduced Client shall ensure that each Authorised User complies with these Introduced Client Terms of Business.
   5. The Introduced Client shall ensure its Authorised Users;
      1. take all reasonable care to ensure Modulr Product access credentials, including login details to the Website, where applicable, are kept confidential to each Authorised User; and
      2. do not share any information that would enable another party to access the Introduced Client's Modulr Account.
   6. The Introduced Client acknowledges and agrees that each Authorised User is authorised by the Introduced Client to act on its behalf. Modulr shall deem any instruction given by an Authorised User is an instruction given by the Introduced Client.
   7. The Introduced Client will be responsible for timely notification to Modulr of any revocation of Authorised User access and will be liable for Transactions made, Fees incurred and use of Modulr Products by an Authorised User until Modulr has had two full Business Days to act on any received notice. This clause shall not apply to Introduced Clients accessing Modulr Products via the Partner Platform.
   8. Where the Introduced Client accesses Modulr Products through a Partner Platform, such Partner Platform will be considered the Authorised User. In this instance if additional Authorised Users are required they must be requested by the Partner Platform. The use of a Partner Platform to access the Modulr Products by the Introduced Client are set out in further detail below.
   
   
4. Accessing Modulr Products through a Partner Platform
   1. In the event the Introduced Client utilizes a Partner Platform to access Modulr Products, the Introduced Client agrees and authorises the Partner Platform to instruct Modulr to access and use the Modulr Products on behalf of the Introduced Client, which shall include but not be limited to making Transactions, viewing and retrieving Transaction data, initiating refunds and closing the Account.
   2. The Introduced Client acknowledges and agrees that Modulr shall have no liability whatsoever with respect to the performance, availability or quality of any Partner Platform.
   3. The Introduced Client acknowledges and agrees to the following:
   1. it must satisfy itself that its Platform Partner Agreement grants the Partner Platform all permission necessary to operate the Account on the Introduced Client's behalf;
   2. the Platform Partner will be granted full access to operate the Introduced Client's Account as an Authorised User of the Introduced Client;
   3. it is responsible for monitoring Partner Platform activities on its Account. Any queries relating to such activities will be raised with the Partner Platform directly and settled between Partner Platform and the Introduced Client;
   4. the Introduced Client has no recourse against Modulr for any act or omission of the Partner Platform with respect to its Account;
   5. the Introduced Client understands it can only access its Account to make Transactions, review Transactions made or otherwise use Modulr Products through the service provided by the Partner Platform; and
   6. it will only use the Account for the purpose set out in the Partner Platform Agreement.
   4. On receipt of notification by Modulr from the Partner Platform that it wishes to terminate this Agreement, this Agreement shall terminate. Any funds in the Introduced Client's Account will be returned in accordance with the terms of the Modulr Account Terms and Conditions.
   5. If the Introduced Client has any complaint or concern relating to the Modulr Account or other Modulr Products, such complaint or concern shall be raised directly to the Partner Platform, who shall deal with it in accordance with Modulr's Complaints Policy, a copy of which is available on request from the Partner Platform and on the Website.
   
   
5. Customer Services
   1. The Introduced Client can contact Customer Services if it has any queries about the Modulr Products. Information may be requested from the Introduced Client, including but not limited to, its Authorised Users, Cardholders or Transaction information so that it can verify the identity of an Authorised User , the Cardholder and/or the Modulr Products provided to such Introduced Client.
   2. Any information shared by the Introduced Client will be kept strictly confidential. Where such information is provided in connection to a service provided by a third party, for example, the Account, then the Introduced Client's information will only be used in accordance with instructions of such third party and only for the purpose of providing Customer Services to the Introduced Client on behalf of such third party.
   3. As part of Modulr's commitment to providing a quality customer service, its managers periodically monitor telephone communications between its employees and Introduced Clients to ensure that Modulr's high quality service standards are maintained. The Introduced Client consents to such monitoring and recording of telephone communications and agrees to make its Authorised Users aware of such practice.
   
   
6. Term and Termination
   1. This Agreement shall commence on the date the Introduced Client receives confirmation from Modulr or the Partner Platform (where applicable) of its successful application for Modulr Products and shall continue until terminated by the Introduced Client, Partner Platform (if acting on behalf of the Introduced Client) or Modulr.
   2. The Introduced Client or the Partner Platform (where applicable) may terminate this Agreement immediately by notifying Customer Services in writing by post or email.
   3. Modulr may terminate this Agreement and close the Introduced Client's Account(s) by providing the Introduced Client with at least two months' notice.
   4. Modulr may suspend or terminate this Agreement immediately if, for any reason, the Introduced Client (i) is unable to satisfy the Due Diligence Procedures, (ii) for breach of this Agreement, (iii) has provided false, incomplete or misleading information, (iv) has engaged in fraudulent, money laundering, terrorism financing or other illegal activity or we have reasonable suspicions in respect of same or (v) we are required to do so under any applicable law or regulation or at the direction of any regulatory, law enforcement or other competent authority. Modulr shall notify you as soon as possible, unless prohibited by law, of such suspension or termination of the Agreement.
   5. This Agreement will automatically terminate when all Accounts of the Introduced Client are closed (for any reason).
   6. Modulr may terminate or suspend this Agreement in whole or in part immediately by giving written notice to the Introduced Client if Modulr ceases to provide Cards pursuant to this Agreement.
   7. On termination of this Agreement for any reason, any balance remaining in the Introduced Client's Account(s) shall be returned to the Introduced Client in accordance with the Modulr Account Terms and Conditions. The Introduced Client shall pay immediately all outstanding Fees due (where applicable) under this Agreement and in the event of a negative balance in an Account, shall reimburse Modulr such amount equal to the negative balance.
   
   
7. Intellectual Property
   1. The Introduced Client acknowledges all Intellectual Property Rights in the Modulr Products are owned by or provided under licence to Modulr. Modulr grants the Introduced Client a non-exclusive, royalty-free licence for the duration of this Agreement to access and use the Modulr Products only for the purpose contemplated by this Agreement.
   2. Nothing in this Agreement shall operate to create or transfer any Intellectual Property Right to the Introduced Client.
   
   
8. ConfideForce Majeure
   1. Modulr will not be liable for the non-performance or failure to provide any part of the Modulr Products occurring as a result of any events that are beyond the reasonable control of Modulr, for example, but not limited to, fire, telecommunications or internet failure, utility failure, power failure, equipment failure, employment strife, riot, war, terrorist attack, non-performance of third party suppliers, acts of God such as storm or lightening damage, or other causes over which Modulr has no reasonable control.
   
   
9. Assignment Transfer and Subcontracting
   1. The Modulr Products provided to the Introduced Client are personal to the Introduced Client. The Introduced Client cannot novate, assign or otherwise transfer this Agreement, any interest or right under this Agreement (in whole or in part) without the prior written consent of Modulr. This clause shall have proprietary effect (goederenrechtelijke werking).
   2. The Introduced Client agrees Modulr may, in its sole discretion, assign, or transfer some or all of its rights and obligations or delegate any duty of performance set out in the documents forming this Agreement. Modulr may subcontract any of its obligations under this Agreement.
   3. In the event of any transfer of this Agreement by Modulr to another service provider, Modulr will notify the Introduced Client no later than two months before the proposed transfer; if the Introduced Client does not want to transfer to the new provider, the Introduced Client must notify Modulr of its objection in writing to Customer Services. On receipt of such notification, Modulr will terminate this Agreement. Any balance remaining in the Introduced Client's Account(s) will be returned to the Introduced Client in accordance with the redemption procedure set out in the Modulr Account Terms and Conditions.
   
   
10. Liability
    1. Nothing in this Agreement will operate to limit either party's liability with respect to fraud or for death or personal injury resulting from negligence, in either case whether committed by that party or its employees, agents or subcontractors.
    2. Modulr makes no warranty that access to and use of the Modulr Products will be uninterrupted or error free.
    3. The Introduced Client acknowledges and agrees that Modulr is not liable to the Introduced Client for any loss, liability or damages the Introduced Client suffers which result from, are related to, or in any way are connected with any fraud control, restriction measures, or other measures implemented from time to time including as required for compliance with legal and regulatory requirements, unless such loss, liability or damage is a direct result of Modulr's fraud, gross negligence or willful misconduct in procuring the implementation of fraud control or purchase restriction measures that Modulr has expressly agreed in writing to procure for the Introduced Client.
    4. Modulr shall not be liable to the Introduced Client for any loss or damage the Introduced Client may suffer as a result of any act or omission of an Authorised User or Cardholder or an Authorised User's use or Cardholder's use or inability to use of the Modulr Products.
    5. The Introduced Client agrees to indemnify Modulr against any and all actions, claims, costs, damages, demands, expenses, liabilities, losses and proceedings Modulr directly or indirectly incurs or which are brought against Modulr if the Introduced Client, or an Authorised User, or a Cardholder has acted fraudulently, been negligent or has misused a Modulr Product or any of the services provided under this Agreement.
    6. Modulr shall not be responsible in any way for any interest or claims of any third parties in respect of the Modulr Products, except as required by law or regulation.
    
    
11. Reports
    1. Modulr may make available certain management or other reporting or business administration functionality via the Website.
    2. Modulr may from time to time amend, modify, replace or withdraw in whole or in part such reporting it provides without further notice.
    
    
12. Data Privacy
    1. Modulr will collect and retain personal information about the Introduced Client and each Authorised User and Cardholder to enable Modulr to deliver the Modulr Products, the services linked to it and deal with any enquiries that the Introduced Client may have about it. Modulr is the data controller of the personal information gathered by Modulr for such purpose. If Modulr uses a third party to provide a part of the Modulr Product then that provider will be the owner and controller of the personal information they require to collect in order to operate the relevant service. The use of personal information by third-party service providers will be set out in their service terms and conditions of use. Modulr will, at such third-party provider's direction, process personal data on its behalf, for example, to enable Modulr to provide Customer Services to the Introduced Client.
    2. Modulr processes personal information in accordance with relevant laws on the protection of personal data.
    3. If Modulr transfers the Introduced Client's information to a third party in a country outside of the European Economic Area Modulr will ensure that the third party agrees to apply the same levels of protection that Modulr is legally obliged to have in place when Modulr processes personal data.
    4. Further information about how Modulr uses personal information can be found in Modulr's Privacy Policy; please contact Customer Services for a copy of this.
    
    
13. Changes to the Agreement
    1. Modulr may amend or modify this Agreement by giving two months' notice to the Introduced Client unless Modulr is required to make such a change sooner by law. All proposed changes will be posted on the Website and communicated to the Introduced Client by such other means that Modulr agreed with the Introduced Client, for example by email. If the Introduced Client is accessing Modulr Products via a Partner Platform, all notifications will be communicated via such Partner Platform.
    2. The Introduced Client has no obligation to accept such amendments proposed by Modulr.
    3. The Introduced Client will be taken to have accepted any change to this Agreement that Modulr notifies to the Introduced Client unless the Introduced Client tells Modulr otherwise before the relevant change takes effect. In such circumstances, Modulr will treat notice of objection by the Introduced Client as notification that the Introduced Client wishes to terminate this Agreement and the use of all Modulr Products immediately. All Accounts of the Introduced Client will be closed and any balance remaining in the Introduced Client's Account will be returned to the Introduced Client in accordance with the redemption procedure set out in the Modulr Account Terms and Conditions. In such circumstances, the Introduced Client will not be charged a fee for the Account closure and return of any balance.
    
    
14. General
    1. In these Introduced Client Terms of Business, headings are for convenience only and shall not affect the interpretation of these Introduced Client Terms of Business.
    2. Any delay or failure by Modulr to exercise any right or remedy under this Agreement shall not be interpreted as a waiver of that right or remedy or stop Modulr from exercising its rights at any subsequent time.
    3. In the event that any part of this Agreement is held not to be enforceable, this shall not affect the remainder of the Agreement which shall remain in full force and effect.
    4. The Introduced Client shall remain responsible for complying with this Agreement until its Account(s) are closed (for whatever reason) and all sums due under this Agreement have been paid in full.
    5. This Agreement is written and available only in English and all correspondence with the Introduced Client shall be in English.
    6. Exclusion of relevant statutory provisions: the following provisions of the Netherlands Civil Code do not apply in the relationship between Modulr and the Introduced Client: articles 7:516, 7:517, 7:518 and 7:519, article 7:520(1), article 7:522(3), article 7:527, articles 7:529 to 7:531, article 7:534 and articles 7:543, 7:544 and 7:545 Netherlands Civil Code and all legislation pursuant to and/or based on such articles. Furthermore, if not already covered by the articles referred to in the preceding sentence, the rules regarding provision of information in the Market Conduct Supervision (Financial Institutions) Decree (Besluit gedragstoezicht financiële ondernemingen Wft) that follow from Title III PSD2 do not apply. The above contains the exclusion of the relevant provisions of PSD2 as implemented in Dutch law. Consequently, all rules with regard to the content and provision of the information required by Title III of PSD2 and the following provisions of Title IV of PSD2 do not apply to this Agreement: article 62(1), article 64(3), article 72, article 74, article 76, article 77, article 80 and article 89 of PSD2 and all legislation pursuant to and/or based on such articles. This clause shall not apply if the Introduced Client is a Consumer
    7. This Agreement - and any contractual and non-contractual obligation pursuant hereto - is governed by the laws of the Netherlands and the Introduced Client agrees that any disputes hereunder (including non-contractual disputes) shall be under the exclusive jurisdiction of the competent Courts of Amsterdam.

The Modulr Account Terms and Conditions;
Important information you need to know
Please read these Terms and Conditions carefully before you agree to use an Account or any related services provided by or through us.
These Terms and Conditions, together with the Introduced Client Terms of Business constitute the entire agreement between Modulr and you.
By accepting the Modulr Account Terms and Conditions you accept the terms of the Agreement, or by agreeing to open an Account and/or using our services, you accept these Terms and Conditions. If there is anything you do not understand, please contact Customer Services.

1. Definitions
• 3DS - means the EMV 3DS service offered by us for you or a Cardholder to use when you or a Cardholder make a purchase or place an order on the internet with your Card.
• Account - The electronic money account, also known as Modulr Account provided by us in accordance with these Terms and Conditions.
• Account Information Service Provider - means a third party payment service provider who is authorised by or registered with De Nederlandsche Bank N.V. or another European regulator to provide online account information services, who, with your permission will be able to access certain online account information on one or more payment accounts held by you to give you a consolidated view of your payment accounts.
• Account Limits - any limit that applies in relation to your Account and/or Card, such as account maximum balance, and limits on receiving and sending payments from your Account as referred in paragraph 2.
• Account Manager - The individuals elected by the Account Owner to be responsible for the management of the Account, also known as an “Authorised User”.
• Account Owner - The entity legally responsible for an Account.
• Agreement - The agreement for your Account made up of these Terms and Conditions, together with the Introduced Client Terms of Business, which constitute the entire agreement between you and Modulr.
• Application Programming Interface (API) - means the interfaces provided by Modulr to the Introduced Client (and the Partner Platform on the Introduced Client's behalf) to directly instruct Modulr Accounts via the Introduced Client's or the Partner Platform's own application.
• AML Policy - Modulr's written policy on anti-money laundering and counter terrorist financing as may be amended from time to time by Modulr.
• Applicant - A customer of the Partner Platform who applies for Modulr Products but is yet to be accepted by Modulr as an Introduced Client.
• Available Balance - The value of funds available on your Account.
• Bacs Credit - Means Bacs Direct Credit. A service enabling organisations to make payments to an account which takes 3 Business Days for the funds to be cleared.
• Business Days - Monday to Friday between the hours of 9am-5pm but does not include bank holidays, or public holidays in the Netherlands.
• Card - means a Virtual Card or a Physical Card.
• Cardholder - means the individual authorised to use the Physical or Virtual Card issued to you.
• Card Scheme -Mastercard and/or Visa or such other payment network through which Card Transactions are processed as may be made available to you from time to time.
• Card Transaction -means a Virtual Card Transaction or a Physical Card Transaction.
• CHAPS - the Clearing House Automated Payment System, a service enabling organisations to make same-day payments to an account within the UK, within the CHAPS operating days and times.
• Chargeback has the meaning given to it in Schedule 1 of the Introduced Client Terms of Business.
• Consumer - means a natural person not acting in the course of its business or profession.
• Confidential Information - any information (whether or not recorded in documentary form, or stored on any magnetic or optical disk or memory) relating to: the business, products, affairs, strategy, contracts, customer relationships, commercial pipelines, business contacts, prospective customers, existing customers, business models, customer pricing, management systems, business methods, corporate plans, maturing new business opportunities, research and development projects, marketing and sales information, sales targets and statistics, discount structures, suppliers and potential suppliers, source codes, computer programs inventions, know-how, technical specifications and other technical information relating to products and services.
• Customer Services - The contact centre for dealing with queries about your Account.
• Data Protection Laws - means all laws relating to the processing of Personal Data, privacy and security, including, without limitation, the EU Data Protection Directive 95/46/EC, the Dutch GDPR Implementation Act (Uitvoeringswet Algemene Verordening gegevensbescherming) (as may be amended from time to time) and the General Data Protection Regulations (EU) 2016/679 ("GDPR") together with equivalent legislation of any other applicable jurisdiction, delegated legislation of other national data protection legislation, and all other applicable law, regulations and approved codes of conduct, certifications, seals or marks in any relevant jurisdiction relating to the processing of personal data including the opinions, guidance, advice, directions, orders and codes of practice issued or approved by a supervisory authority or the Article 29 Working Party or the European Data Protection Board.
• Due Diligence Procedure - Modulr's procedures for carrying out due diligence on Introduced Clients in order to comply with its policies and regulatory obligations.
• Faster Payment - A service allowing you to make and receive electronic GBP payments in the which is received by the recipient bank within 2 hours provided that the receiving organisation or bank is part of Faster Payments Scheme.
• Information - Means any information related to the organisation, and any personal information related to Account Manager or the Cardholder.
• Intellectual Property Rights - means without limitation all patents (including models and inventions), trademarks, service marks, trade names, internet designations including domain names, business names, copyrights, design rights, database rights, rights to or in computer software, know-how, trade secrets, rights to or in confidential information and all other intellectual property rights and rights or forms of protection of a similar nature or effect which may subsist anywhere in the world whether or not registered or capable of registration, together with all applications for registration of, and any licence to use, any of the foregoing and "Intellectual Property" shall be construed accordingly;
• Introduced Client - Any client of Modulr which has been introduced by the Partner Platform and whose account is operated by the Partner Platform based on instructions the Partner Platform receives from the Introduced Client (where relevant).
• Introduced Client Terms of Business - The terms on which Modulr provides Modulr Products to the Introduced Client.
• Merchant- means a merchant authorised to accept Card Scheme-branded Cards.
• Modulr Account Terms and Conditions - This agreement, between Modulr and the Introduced Client which governs the terms on which the Introduced Client may use its Account.
• Modulr Products - those products, including but not limited to the Account described by the Partner Platform in the application process.
• One-Time Passcode - means the six-digit passcode sent to your mobile phone number by us, via SMS.
• Online Portal - means the interface provided by Modulr for the Introduced Client to access via the public internet, subject to applicability based on the Introduced Client's relationship with the Partner Platform and can be used for the management of accounts.
• Partner Platform - A third party that is permitted by Modulr to introduce and act on behalf of Introduced Clients, and permitted by you to act as an Authorised User.
• Partner Platform Agreement - an agreement between the Introduced Client and the Partner Platform for the provision of various services, under the terms of which the Introduced Client wishes to open an Account with Modulr to be used for the purpose and in accordance with the terms set out in the Partner Platform Agreement.
• Payment Initiation Service Provider - means a third party payment service provider authorised by or registered with De Nederlandsche Bank N.V. or another European regulator to provide an online service to initiate a Transaction at your request on your Account.
• Physical Card - means a physical card-based payment instrument issued by us to you which uses the Card Scheme payments network, as well as any version or record of such an issued payment instrument stored on an app or other platform, and which may be used to make Physical Card Transactions.
• Physical Card Transaction - means the use of a Physical Card to make a payment to a Merchant.
• Regulator - De Nederlandsche Bank N.V., located at Spaklerweg 4, 1096 BA Amsterdam, Netherlands or any authority, body or person having, or who has had, responsibility for the supervision or regulation of any regulated activities or other financial services in the Netherlands.
• SEPA - the Single Euro Payments Area is the area where citizens, companies and other economic actors can make and receive payments in euro, within Europe, whether within or across national boundaries under the same basic conditions, rights and obligations, regardless of their location. SEPA is driven by the European Commission and the European Central Bank, amongst others, as a key component of the EU Internal Market. SEPA shall be deemed to encompass the countries and territories which are part of the geographical scope of the SEPA Schemes, as listed in the EPC List of SEPA Scheme Countries, as amended from time to time.
• SEPA Credit Transfer - a service allowing you to make and receive non-urgent EUR electronic payments within SEPA provided that the receiving organization or bank is part of the scheme.
• SEPA Instant Credit Transfer - a service allowing you to make and receive near real-time EUR electronic payments within SEPA provided that the receiving organization or bank is part of the scheme.
• SEPA Transfers - means, together, SEPA Credit Transfer and SEPA Instant Credit Transfer.
• SWIFT - the global member-owned financial telecommunications system used to facilitate the secure transfer of messages, including payment instructions, between financial institutions.
• SWIFT Inbound Payment - an inbound payment (in such currencies as may be supported by Modulr from time to time) made via SWIFT.
• SWIFT Outbound Payment - an outbound payment (in such currencies as may be supported by Modulr from time to time) made via SWIFT.
• SWIFT Payments - means, together, SWIFT Inbound Payments and SWIFT Outbound Payments (and SWIFT Payment shall be construed accordingly).
• Transaction - any debit, credit or other adjustment to an Account that affects the balance of monies held in it, including a Card Transaction.
• TPP (Third Party Provider) - means an Account Information Service Provider or a Payment Initiation Service Provider.
• we, us, our or Modulr - Modulr Finance B.V., a company registered in the Netherlands with number 81852401, whose registered office is at Weteringschans 165 C, 1017 XD Amsterdam and who is regulated by De Nederlandsche Bank N.V. for issuance of electronic money under reference number R182870.
• Virtual Card - means a virtual card-based payment instrument consisting of (amongst other things) a unique 16 digit account number issued to you which uses the Card Scheme payments network, as well as any version or record of such an issued payment instrument stored on an app or other platform, and which may be used to make Virtual Card Transactions.
• Virtual Card Transaction - means the use of a Virtual Card to make a payment to a Merchant.
• Website - means the customer portal that Introduced Clients can log in to in order to use the Modulr Products.
• you, your - The Account Owner, also referred to as an Introduced Client.
2. ACCOUNT & CARD LIMITS
   1. Limits may apply to the balance on your Account at any time, the maximum value of an individual payment Transaction, maximum Virtual Transaction value per Card, the maximum aggregate value of all payment Transactions made from your Account or Cards in a particular time period e.g. during any one Business Day and the maximum number of payment Transactions made from your Account over a particular timeframe. Your Cards may also have certain Card Transaction types disabled, such as cash withdrawals at an ATM.
   2. The limits and restrictions that apply to your Account and Card will be communicated to you during the Account set-up process and/or before the Card is issued to you (as applicable). These limits may also change over time based on your Account and/or Card usage; any such change will be communicated to you. You can check the limits at any time by contacting Customer Services. You should not make a payment Transaction request which exceeds such.
   3. From time to time a Card Transaction may be authorised which exceeds the limit or restriction applicable to your Account or Card, for example when it is used in an offline environment for example but not limited to payments for or on transport (purchases on a train, aeroplane, underground or toll payments). In such circumstance, a negative balance on your Account may occur. In this case the process in paragraphs 5.15 to 5.17 inclusive will apply.
   4. Certain Merchants may require verification that the funds held on your Account will cover the Card Transaction amount and will place a "pre-authorisation" on your Card. This amount will be unavailable to you until the Card Transaction is completed or released by the Merchant. The pre-authorisation allows the Merchant up to 30 days to claim and settle any funds owed to them from the Card. Examples include but are not limited to hotels and rental cars. If there are insufficient funds available on your Account, Modulr must still make this settlement, which may result in a negative balance on your Account. In this case the process in paragraphs 5.15 to 5.17 inclusive will apply.
   5. To manage our risk, particularly with respect to money laundering, fraud or security concerns, we also apply internal controls, including limits, to certain types of payment. We change these as necessary but for security purposes, we do not disclose them.
3. SCOPE OF THESE TERMS AND CONDITIONS
   1. Your Account is an electronic money account (and therefore is not a traditional bank account) and the electronic money and any Card associated with it is issued to you by us. We are regulated by De Nederlandsche Bank N.V. for the issuance of electronic money. Your rights and obligations relating to the use of this Account are subject to these Terms and Conditions between you and us.
   2. The types of Transactions enabled for your Account will be explained to you by the Partner Platform, or as subsequently enabled by us. The terms of these Modulr Account Terms and Conditions applicable to specific Transactions or payment types (for example, Cards) apply only to the extent that such Transactions or payment types are enabled for your Account.
   3. This Agreement is written and available only in English and we undertake to communicate with you in English regarding any aspect of your Account.
   4. You agree that we or the Partner Platform may communicate with you by e-mail or telephone for issuing any notices or information about your Account and therefore it is important that you ensure you keep your e-mail address and mobile phone number updated.
   5. You can request a copy of these Terms and Conditions at any time by contacting Customer Services.
   6. By accepting these Terms and Conditions, you acknowledge that the Dutch Deposit Guarantee Scheme or other government-sponsored insurance does not apply to funds held in the Account.
4. OPENING YOUR ACCOUNT
   1. Your Account will be opened on your behalf by the Partner Platform. You may only hold an Account so long as you remain an approved client of the Partner Platform that provided you with your account details.
5. USING THE ACCOUNT
   1. Your Account can receive bank transfers and other payment types as added and notified to you by Modulr from time to time. Subject to paragraph 5.3, we will credit your Account when we receive the funds which could be up to three Business Days after the payment being instructed, depending on how the payment was sent.
   2. Your Account can also receive internal transfers from other Modulr Accounts owned or controlled by the Partner Platform, which apply instantly.
   3. An incoming payment will not be credited to your Account if:
   • the Account has reached the Account Maximum Balance or Account Limits; or
   • the Account is blocked or terminated; or
   • the sender has provided incorrect/invalid Account Details for your Account; or
   • we suspect the payment to be fraudulent.
   4. If we are unable to credit your Account for any of the reasons in paragraph 5.3 then the funds may be sent back to the sender without a prior notification to you.
   5. Your Account will be configured and operated by the Partner Platform. You agree that Modulr and we may take instructions from the Partner Platform regarding the operation of your Account, including the creation of beneficiaries and instruction of payments, on your behalf. We and Modulr have no liability for actions taken by the Partner Platform. If you disagree with any actions taken by the Partner Platform these should be discussed with the Partner Platform. We are also authorised to take instructions from any other Account Manager (where different from Partner Platform) and, with respect to Physical Card Transactions, from the Cardholder. You are responsible for all actions of the Account Manager and any Cardholder in relation to the Account and/or Card(s).
   6. Your Account can make payments out to external bank accounts via SEPA Transfer, Faster Payments, SWIFT Payments (if selected as a Modulr Product) and other methods as added and notified to you by the Partner Platform from time to time. With regard to SEPA Transfers, Modulr will automatically process inbound and outbound SEPA payments via SEPA Instant Credit Transfers where possible. In the event Modulr is unable to process such payments via SEPA Instant Credit Transfers, the payments will default to being made via SEPA Credit Transfers.
   7. Where Cards are made available to you, your Account can be used to fund Card Transactions. You or your Account Manager or Partner Platform can request a Virtual Card or a Physical Card to be issued to you via the Online Portal or Modulr API.
   8. Where a Virtual Card or Physical Card is issued to you, you may be able to register and/or store the details of the Card within third-party apps and/or devices and to use those third-party apps/devices to initiate payments with your Card. When you first register your Card within a third-party app/device we support, you may be required to verify that it is you requesting the registration of the Card. If you do not do this, you may not be able to register and use your Card through the third-party app/device.
   9. The value of any Card Transaction, together with any applicable fees and charges, will be deducted from your Account once we receive the authorization request from the Merchant.
   10. If the Card Transaction is made in a currency other than the currency the Card is denominated in, the Card Transaction will be converted to the currency of the Card by the relevant Card Scheme at a rate set by it on the day we receive details of the Card Transaction. The exchange rate varies throughout the day and is not set by us. You can check the relevant Card Scheme rate as follows:
   • Mastercard Card Scheme rate at: https://www.mastercard.co.uk/en-gb/consumers/get-support/convert-currency.html;
   • VISA Card Scheme rate at: https://www.visa.co.uk/support/consumer/travel-support/exchange-rate-calculator.html.
   11. If you use the Card to make a purchase online, you may be asked by the Merchant to use 3DS. Physical Cards are automatically enrolled for use with 3DS. When you use 3DS, you agree that the following shall apply in relation to your use of the Card:
   • You must provide us with your mobile phone number before you can use 3DS. You must ensure that your mobile phone can receive SMS at the time of your purchase.
   • When you use 3DS to purchase from a participating Merchant, you will be presented with an electronic receipt and the One-Time Passcode will be sent to your mobile phone.
   • Without your One-Time Passcode, you will not be able to make purchases from participating Merchants.
   • If you update your mobile phone number, then you must notify us immediately of your new details to ensure our records are correct.
   • The One-Time Passcode is valid for the purchase you received it for. You are responsible for the security and confidentiality of your One-Time Passcode and must not share it with anyone else.
   • You will be responsible for any fees or charges imposed by your mobile phone service provider in connection with your use of 3DS.
   12. A Transaction is deemed to be authorized by you when you or your Account Manager or Partner Platform:
       • enters the security information on the Modulr Online Portal to confirm a Transaction is authorized or when it is instructed via the Modulr API with the relevant security credentials;
       • when you or your Account Manager or Partner Platform submits a request for the creation of a Virtual Card via the Online Portal or Modulr API, you shall be deemed to have authorized any subsequent Virtual Card Transaction made using such Virtual Card up to the authorization value specified when creating the request for the creation of the Virtual Card;
       • when you or the Cardholder (i) enter a PIN or provide any other security credentials; (ii) sign a sales voucher; (iii) provide the Physical Card details and/or provide any other details as requested; (iv) wave/swipe the Physical Card over a card reader; or (v) insert the Physical Card into a card device or an ATM;
       • when you give instructions through a third party (such as the recipient of a Payment Initiation Service Provider).

       Once the Transaction is confirmed, we cannot revoke the Transaction save for in those circumstances set out in paragraph 5.13 below.

   13. You can cancel any Transaction which is agreed to take place on a date later than the date you authorized it, provided that you give us notice to cancel no later than the close of business on the Business Day before the Transaction was due to take place.
   14. Cancelling a recurring Card Transaction with us will not cancel the agreement with the organization you are paying. It is your responsibility to tell the organization collecting the payment about the changes to your instructions.
   15. If for any reason whatsoever, a negative balance arises because a Transaction is completed when there are not enough funds on your Account for that Transaction, you shall reimburse the negative balance amount immediately, unless circumstances described in sections 5.16 and 5.17 apply. You agree that once we make this negative balance known to you, we will charge you the amount of the negative balance, and you must repay it immediately. We may set-off the amount of the negative balance against any funds on your Account, including any subsequently loaded funds. Until we are reimbursed this negative balance amount, we may arrange for your Account, including Card(s), to be suspended. We may also report the negative balance to credit reference agencies.
   16. Where a negative balance arises because of an error on the part of a Merchant where the Card Transaction occurred, we will seek to recover the negative balance amount from the Merchant.
   17. Where a negative balance arises because of an error on the part of the recipient of the payment or us, we will seek to recover the negative balance amount from the person who made the error.
   18. The Available Balance on your Account will not earn any interest.
   19. You can check the balance and Transaction history of your Account at any time via the interface provided to you by the Partner Platform or by contacting Customer Services, or the Online Portal if you have relevant access details.
   20. You will be provided with a monthly statement free of charge setting out information relating to individual payment Transactions by the Partner Platform or us (using the details we have associated with your Account).
6. THIRD PARTY ACCESS
   1. You can instruct a TPP to access information on your Account or initiate certain Transactions from your Account provided such TPP has identified itself to us and it has acted in accordance with the relevant regulatory requirements. We will treat any instruction from a TPP as if it was from you or an Account Manager.
   2. We may deny a TPP access to your Account if we are concerned about unauthorised or fraudulent access by that TPP. Setting out the reason for such denial. Before doing so, we will tell you that we intend to deny access and give our reasons for doing so unless it is not reasonably practicable, in which case we will immediately inform you afterwards. In either case, we will tell you in the manner in which we consider most appropriate in the circumstances. We will not tell you if doing so would compromise our security measures or would otherwise be unlawful.
   3. If you have provided consent to a TPP to access the data in your Account to enable them to provide account information services to you or initiate Transactions on your behalf, you consent to us sharing your information with the TPP as is reasonably required for them to provide their services to you. You must let us know if you withdraw this permission and we recommend you let the TPP know. On notification from you, we will not provide such TPP access to your Account or the data in it.
7. CLOSING YOUR ACCOUNT
   1. You may close your Account by contacting Customer Services. Please refer to your contract with the Partner Platform for any terms relating to your need to maintain your Account.
   2. The Account will be closed if the Partner Platform instructs us to close your Account (in which case the Partner Platform will inform you of this instruction).
   3. On termination of the Agreement for any reason, these Terms and Conditions will automatically terminate, and your Account will be closed, and any Cards issued to you will be cancelled.
   4. Any Available Balance remaining on the Account after Account closure will be transferred to your nominated bank account via SEPA Transfer based on instructions to us from the Partner Platform. If for any reason this is not possible, such Available Balance will remain yours, and you may at any time request a refund by contacting Customer Services. You will not have any access to your Account from the date of Account closure, and this Agreement will terminate.
8. YOUR LIABILITY AND AUTHORISATIONS
   1. You are responsible for understanding and complying with the Agreement, including these Terms and Conditions.
   2. We may at any time suspend, restrict or refuse to authorize any use of your Account, Cards (including cancelling Card(s)) or refuse to process your instructions or authorize any particular Transaction where:
      1. we are concerned about the security of or access to your Account and/or your Card;
      2. we know or suspect that your Account and/or Card is being used in an unauthorized or fraudulent manner;
      3. we need to do so in order to comply with the law or otherwise for regulatory or crime prevention purposes;
      4. the Transaction would breach the limits applicable to your Account and/or Card;
      5. you, the Account Manager, or the Cardholder breach an important part of these Terms and Conditions, or repeatedly breach any term in this Agreement and fail to resolve the matter in a timely manner.
   3. If we cancel, suspend, or restrict your Account and/or Card(s), or otherwise refuse to execute a payment order or initiate a Transaction, we will notify you or the Partner Platform of the refusal, suspension, or cancellation (as applicable) without undue delay, provided we are legally permitted to do so. If possible, we will provide the reasons for the refusal and the procedure for rectifying any factual errors that led to the refusal.
   4. You, the Account Manager, or Cardholder must not:
      1. allow another person to use security information related to the Account, Cards, and/or app/device used for Transactions;
      2. disclose passwords or any security information to any other person, verbally or in a way that allows observation by others.
   5. You must take all reasonable steps to keep your Account, password(s), and other security-related details safe, including those related to any registered app and/or devices. If you receive a request for your password from a non-Modulr website or have doubts about a website's genuineness, report it to us or contact Customer Services. In case of any indication of compromise, change your password immediately and notify us promptly.
   6. In the event of an unauthorized Transaction, we will refund the amount to you within one Business Day following notification, with your maximum liability limited to €50. However, you will bear all losses and liability for:
      1. Transactions resulting from fraud, intentional or grossly negligent breach of these Terms and Conditions;
      2. Transactions made by the Partner Platform, other Account Managers, Cardholders, or authorized TPPs;
      3. Unauthorized Transactions due to the use of lost or stolen Physical Cards or compromised security information of the Account, Cards, or app/device where your Card is registered/stored.
   7. Keep us updated with changes to your information, including email address and mobile numbers, to ensure effective communication regarding your Account and any changes to these Terms and Conditions.
   8. If you request to recall a Transaction caused by an error or mistake not attributable to Modulr, we reserve the right to charge a handling fee of €25 per recall, along with any applicable fees payable to third-party banks or institutions for handling the recall.
   9. You agree to indemnify and hold harmless us, Modulr, our distributors, partners, agents, sponsors, service providers, and their group companies from any costs of legal action taken to enforce this Agreement, including these Terms and Conditions, and any breach of these Terms and Conditions by you.
9. DISPUTES AND INCORRECT TRANSACTIONS
   1. If you (or an Account Manager or Cardholder) have a reason to believe that:
      1. a Transaction on your Account was unauthorized or made incorrectly,
      2. a Physical Card is lost or stolen, or
      3. someone else (other than TPP) knows the security credentials or has unauthorized access to your Account and/or Card,
      you must inform us immediately by contacting Customer Services. After you notify us, we will replace a lost, stolen, or misappropriated Physical Card and/or security credentials, as appropriate.
   2. We will investigate your claim for a refund of unauthorized or incorrectly executed Transactions, provided that you have notified us without undue delay upon becoming aware of such incorrectly executed or unauthorized Transaction, and in any case within the timeframes required by the Card Scheme rules for Card Transactions or within 13 months of the date of the relevant Transaction for all other Transactions. We will not be liable for any unauthorized or incorrectly executed Transactions notified to us after this period.
   3. If you dispute a Transaction:
      1. Subject to 9.3.2 and 9.3.3, we will immediately refund the amount to your Account to the position it would have been in if the unauthorized Transaction had not taken place. We will have no further liability to you. If we subsequently discover that you were not entitled to a refund, we shall treat the refund as a mistake and be entitled to reapply the Transaction.
      2. If there are reasonable grounds for thinking that you may not be entitled to a refund, we may investigate before giving you a refund and provide you with our supporting evidence if we believe you are not entitled to the refund.
      3. If the Transaction was initiated through a TPP, it is for the TPP to prove that the Transaction was authenticated, accurately recorded, and not affected by a technical breakdown or other deficiency linked to the TPP's payment initiation service.
   4. If an incorrect Transaction is paid into your Account that should not have been, we will, where possible, immediately send the funds back to the bank acting for the person from whose account the Transaction was made. In such circumstances, you agree to return the funds to us and provide the necessary assistance to recover the amount from you. If we cannot recover the funds, we are required to provide sufficient details about you and the incorrect payment to the bank or institution that sent the payment to enable them to recover the funds.
   5. You will be liable for all Transactions made from your Account if you (or the Account Manager or the Cardholder) have acted fraudulently or have failed with gross negligence:
      1. to keep the security credentials used to access or use your Account and/or Card safe and secure or otherwise failed to comply with these Terms and Conditions in relation to the safety of your Account and/or Card, or
      2. failed to notify us in accordance with 9.1 above.
   6. You may be entitled to a refund for a Transaction initiated by a payee if:
      1. the authorization did not specify the exact amount,
      2. the amount of the Transaction exceeded what you could reasonably have expected, taking into account your previous spending pattern and other relevant circumstances (we may request information to determine if this is correct), and
      3. you requested a refund within 8 weeks of the date the Transaction was debited to your Account.
      In such circumstances, we will refund you within 10 Business Days of receiving your claim for a refund or, where applicable, within 10 Business Days of receiving any further requested information. If we refuse the refund, we will provide you with reasons for the refusal.
10. VARIATION
    1. We may change these Terms and Conditions by providing you with at least two months' prior notice by e-mail (provided you have supplied us with an up-to-date e-mail address).
    2. If you do not agree with the changes to the Terms and Conditions, you may notify us at any time within the two months' notice period, and these Terms and Conditions will be terminated, and your Account closed free of charge. If you do not notify us otherwise during this period, you will be deemed to have accepted the change, and it will apply to you when it comes into force.
    3. If any part of these Terms and Conditions is inconsistent with any legal requirements, we will not rely on that part but treat it as if it actually reflected the relevant legal requirement. If operational changes are necessary to fully comply with the new regulatory requirement, we will make those changes as soon as reasonably practical.
11. TERMINATION OR SUSPENSION
    1. We can terminate your Account at any time if we give you two months' notice and transfer any Available Balance at the time to your nominated bank account without a charge.
    2. We can suspend or terminate your Account at any time with immediate effect (and until your default has been remedied or the Agreement terminated) without any prior notice to you if:
       1. we discover that any of the Information we hold for you is false, misleading, or materially incorrect, or
       2. you, the Account Manager, the Cardholder, or a third party has engaged in fraudulent activity, money laundering, terrorism, terrorism financing, or other illegal activity in connection with your Account, or we have reasonable suspicions in respect of the same, or
       3. you have reached your Account Limit, or
       4. you or the Account Manager have breached these Terms and Conditions, or
       5. we are required to do so under any applicable law or regulation or at the direction of any regulatory, law enforcement, or other competent authority.
    3. In the event that we do suspend or terminate your Account, we will inform you in advance if possible; otherwise, we will notify you immediately afterwards to the extent permitted by law.
12. OUR LIABILITY
    1. Our liability in connection with these Terms and Conditions (whether arising in contract, tort, breach of statutory duty, or otherwise) shall be subject to the following exclusions and limitations:
       1. We shall not be liable for any default resulting directly or indirectly from any cause beyond our control, including but not limited to a lack of funds.
       2. We shall not be liable for any loss of profits, loss of business, or any indirect, consequential, special, or punitive losses.
       3. Where sums are incorrectly deducted from your Available Balance due to our default, our liability shall be limited to payment to you of an equivalent amount to that which was incorrectly deducted from your Available Balance.
       4. In all other circumstances of our default, our liability will be limited to transferring any Available Balance to your nominated bank account.
    2. In circumstances where sums are incorrectly deducted from your Available Balance due to our fault, if we require your support to enable us to recover the incorrect deduction, you agree to provide us with all assistance that we reasonably require.
    3. Nothing in these Terms and Conditions shall exclude or limit our liability for death or personal injury resulting from our negligence or fraud.
    4. To the extent permitted by law, all conditions or warranties implied by law, statute, or otherwise are expressly excluded.
    5. The above exclusions and limitations set out in this paragraph shall apply to any liability of our affiliates and other suppliers, contractors, agents, or distributors and any of their respective affiliates (if any) to you, which may arise in connection with these Terms and Conditions.
13. YOUR INFORMATION
    1. Some personal data will be necessary for us to provide you with the Account and services under this Agreement. Modulr is a Data Controller and shall only use your personal data for this purpose. Please see the Privacy Policy (please contact Customer Services for details of where to access this) for full details on the personal data that we hold, how we will use it, and how we will keep it safe. Modulr will at all times comply with Data Protection Laws.
    2. We will retain details of individual transactions for six years from the date on which the particular transaction was completed. We will maintain all other records for six years from when we have ceased to provide you with any product or service.
    3. You must update any changes to your Information by contacting Customer Services.
    4. If we discover that the Information we hold about you is incorrect, we may have to suspend or cancel your Account until we can establish the correct Information in order to protect both parties.
    5. If you or the Account Manager allow or give consent to an Authorized Third-Party Provider to access your Account to provide their services, you should know that we have no control over how an Authorized Third-Party Provider will use your information, nor will we be liable for any loss of information after an Authorized Third-Party Provider has access to your information.
14. COMPLAINTS PROCEDURE
    1. Complaints regarding any element of the service provided by us can be sent to Customer Services.
    2. All complaints will be subject to our complaints procedure. We will provide you with a copy of our complaints procedure upon request, and if we receive a complaint from you, a copy of our complaints procedure will automatically be posted or emailed to you.
    3. In most cases, we will provide a full response by email to your complaint within fifteen Business Days after the date we receive your complaint. In exceptional circumstances where we are unable to respond in full to your complaint, we will inform you of the delay and provide our reasons, along with the timeframe within which you will receive a full reply. This full reply will be provided within thirty-five days of the date we received your complaint.
    4. If we fail to resolve your complaint to your satisfaction, any disputes must be submitted to the exclusive jurisdiction of the competent courts in Amsterdam, the Netherlands, except as subject to your local statutory rights. If you qualify as a Consumer (i.e., non-business or professional user), you may also refer your complaint to the Financial Services Complaints Tribunal (Kifid - www.kifid.nl).
15. GENERAL
    1. Any delay or failure to exercise any right or remedy under these Terms and Conditions by us shall not be construed as a waiver of that right or remedy or preclude its exercise at any subsequent time.
    2. If any provision of these Terms and Conditions is deemed unenforceable or illegal, the remaining provisions will continue in full force and effect.
    3. You may not assign or transfer any of your rights and/or benefits under these Terms and Conditions, and you shall be the sole party to the contract between us. You will remain liable until the Account issued to you is terminated. We may assign our rights and benefits at any time without prior written notice to you. We may subcontract any of our obligations under these Terms and Conditions.
    4. No third party who is not a party to these Terms and Conditions has a right to enforce any of the provisions in these Terms and Conditions.
    5. You can obtain a copy of this Agreement at any time by contacting Customer Services.
    6. These Terms and Conditions - including any contractual and non-contractual obligations hereto - are governed by the laws of the Netherlands, and you agree to the exclusive jurisdiction of the Courts of Amsterdam.
    7. This Account is not covered by a compensation scheme. As a responsible e-money issuer, we will ensure that once we have received your funds, they are deposited in a secure account specifically for the purpose of redeeming Transactions made from your Account and will be safeguarded in accordance with our obligations under the Dutch Financial Supervision Act (Wet op het financieel toezicht). In the event that we become insolvent, funds that you have loaded which have arrived with and been deposited by us are protected against the claims made by our creditors in line with Dutch law.
    8. Exclusion of relevant statutory provisions: the following provisions of the Netherlands Civil Code do not apply in the relationship between Modulr and the Introduced Client: articles 7:516, 7:517, 7:518, and 7:519, article 7:520(1), article 7:522(3), article 7:527, articles 7:529 to 7:531, article 7:534, and articles 7:543, 7:544, and 7:545 of the Netherlands Civil Code, and all legislation pursuant to and/or based on such articles. Furthermore, if not already covered by the articles referred to in the preceding sentence, the rules regarding provision of information in the Market Conduct Supervision (Financial Institutions) Decree (Besluit gedragstoezicht financiële ondernemingen Wft) that follow from Title III PSD2 do not apply. The above contains the exclusion of the relevant provisions of PSD2 as implemented in Dutch law. Consequently, all rules with regard to the content and provision of the information required by Title III of PSD2 and the following provisions of Title IV of PSD2 do not apply to this Agreement: article 62(1), article 64(3), article 72, article 74, article 76, article 77, article 80, and article 89 of PSD2, and all legislation pursuant to and/or based on such articles. This paragraph shall not apply if the Introduced Client is a Consumer.
16. CONTACTING CUSTOMER SERVICES
    1. Customer Services are provided by the Partner Platform. The details shall be provided by Partner Platform.

EEA Safeguarding Information

Safeguarding: How Modulr keeps customer funds safe

Who is Modulr?

Modulr enables thousands of businesses of all sizes across the UK and Europe to efficiently pay-in, collect and disburse funds instantly into a range of accounts, wallets and cards. We've created an industry-leading platform, connected to an expanding network of accounting and payroll platforms. Our payments expertise and extensive product capability also enables us to solve specific problems for a growing portfolio of hundreds of clients in a range of industry verticals.

Is Modulr a bank?

Modulr is not a bank, we're an Electronic Money Institution (EMI). An EMI is an organisation that has been authorised by the regulator to issue e-money accounts and provide payment services. In the EEA, we're regulated by De Nederlandsche Bank.

How is Modulr different from a bank?

One of the main differences between Modulr, an EMI, and a bank is that banks lend money, whereas EMIs are prohibited from lending money. Specifically, banks receive deposits from customers that they use to lend money out and make a profit on the difference. By contrast, an EMI such as Modulr does not lend any customer funds or offer interest on balances. Our payment services however are regulated by the same payments regulations that apply to banks.

How does Modulr protect customer funds?

Modulr is required by law to use a process called Safeguarding to protect customer money. This means we ensure that the funds we receive in exchange for e-money are segregated from all other funds that we hold and they cannot be used for any other purposes. The funds we safeguard are therefore completely separate from the additional funds that Modulr holds to meet its corporate obligations and run its business. These safeguarded funds are held at credit institutions (banks) in specially designated accounts belonging to Stichting Custodian Modulr Finance, an entity whose sole purpose is to ensure the safeguarding of funds for Modulr customers. Furthermore, as an EMI, we must also hold an additional amount equal to 2% of the total value of safeguarded client funds in our own funds, which are held separately to those client funds. The purpose of the 2% additional funds is to ensure that, in the case of any problems with our business, there are enough funds to support an orderly business wind-down and the process of returning of client funds. Combining this '2%' requirement with safeguarding means that there is a protection mechanism to help ensure an orderly wind-down and return of customer funds if ever required.

What is the DGS and is it applicable to Modulr?

The DGS is the Deposit Guarantee Scheme, which protects money in Dutch bank accounts up to a maximum of €100,000 per person, per bank. DNB and the Deposit Guarantee Fund (DGF) are jointly responsible for the DGS. The DGS is not applicable to EMIs such as Modulr. However, as mentioned, our safeguarding requirements mean that all customer money held at Modulr, regardless of the amount, is segregated from all other funds that we hold and cannot be used for any other purpose. So, while the DGS is not applicable to e-money, the regulatory requirements outlined above are designed to protect the balance of customer funds, as opposed to only compensating up to a maximum limit, as is the case with the DGS.

Where is money safeguarded?

Modulr must deposit the value of all the e-money it has issued to customers at a credit institution (bank). These safeguarded funds are held at credit institutions (banks) in specially designated accounts belonging to Stichting Custodian Modulr Finance, an entity whose sole purpose is to ensure the safeguarding of funds for Modulr customers, in line with Dutch legislation.

What would happen in the event of Modulr's insolvency?

In addition to our safeguarding obligations and the requirement to maintain an additional 2% of corporate funds as regulatory capital, we're also required to prepare orderly wind-down plans. These plans are a regulatory requirement and include the early identification of a potential insolvency event and the return of your funds before an insolvency process commences, if possible.

In the event that Modulr becomes insolvent, your funds are separate from the funds of Modulr and therefore the creditors of Modulr (other third parties that are owed money from Modulr) are not able to make a claim against safeguarded funds and would not affect your entitlement to your funds. An independent insolvency professional (referred to as an 'insolvency practitioner') would be appointed to return your funds to you. However, where an insolvency practitioner is unable to take their costs of sending the funds to you from elsewhere (for example, the general pot of Modulr funds remaining or from the additional 2% own funds described above) they are entitled to take their costs from safeguarded funds which would include your funds. In this unlikely circumstance, you may not receive the total value of your funds.

Who regulates Modulr in the EEA?

Modulr Finance B.V. is licensed and regulated by De Nederlandsche Bank (Relatienummer R182870) as an Electronic Money Institution.

Modulr Terms and Conditions (UK)

Last Updated: 10 June 2025

UK Safeguarding

Background

Modulr is a provider of Modulr Products (as described to you by Partner Platform), which includes the provision of an electronic money account for businesses and associated payment services. The electronic money account is provided by Modulr FS. These Introduced Client Terms of Business govern the Modulr Products that Modulr agrees to provide to the Introduced Client.
These Introduced Client Terms of Business (including all the attached Schedules), together with the Modulr Account Terms and Conditions set out the terms on which the Modulr Products are provided and constitute the Agreement between Modulr, Modulr FS and the Introduced Client.

THE PARTIES AGREE AS FOLLOWS:

1. Interpretation
   1. In these Introduced Client Terms of Business: (a) a reference to a clause is a reference to a clause in these Introduced Client Terms of Business; (b) headings are for reference only and shall not affect the interpretation of these Introduced Client Terms of Business; (c) the singular shall include the plural and vice versa; (d) a reference to a person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality) and that person's personal representatives, successors and permitted assigns; (e) a reference to a party shall include its personal representatives, successors and permitted assigns; (f) reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time.
   
   
2. Modulr Products
   1. Modulr will make available to the Introduced Client such products that are provided to the Partner Platform and, as described by Partner Platform in the application process.
   2. The Introduced Client agrees to the Partner Platform providing all such information to Modulr who will check and verify the identity of the Introduced Client, its directors, beneficial owners and Authorised Users as required by law.
   3. The Introduced Client acknowledges that a search of the electoral register may take place for anti-money laundering purposes on the individuals listed in clause 2.2 above.
   4. The Introduced Client acknowledges that a “soft footprint” search may be placed on the electronic files of the individuals noted in clause 2.2 above by the Credit Reference Agencies and their personal details may be accessed by third parties for the specific purpose of anti-money laundering and countering the financing of terrorism (AML/CFT), identity verification and fraud prevention.
   5. The Account and Cards (where applicable) are provided by Modulr FS to the Introduced Client in accordance with the Modulr Account Terms and Conditions. Modulr Products provided to the Introduced Client under this Agreement are for the sole use by the Introduced Client.
   6. The Introduced Client can use the Account and Cards (where applicable) to make Transactions on the terms and conditions set out in the Modulr Account Terms and Conditions. A record of all Transactions relating to the Account can viewed on the Website or accessed via the Partner Platform (as applicable).
   7. The Introduced Client shall promptly notify Customer Services as soon as it becomes aware login and security information enabling access to its Modulr Products have been lost, stolen or compromised.
   8. From time to time Modulr may carry out additional checks on the Introduced Client, including the identity of its directors, beneficial owners and the nature of its business in accordance with its Due Diligence Procedure and as required by law. Modulr may contact the Introduced Client or the Partner Platform (as applicable) for such purposes. The Introduced Client agrees to provide such information as necessary.
   9. The Introduced Client shall comply with all legislation and regulation as it applies to the Introduced Client. Any failure to comply with relevant legislation or regulation shall be considered a material breach of the Agreement and may result in Modulr discontinuing the provision of the Modulr Products as set out in clause 6.4.
   10. The Introduced Client shall implement as appropriate Modulr's reasonable security recommendations it notifies to the Introduced Client from time to time.
   
   
3. Authorised Users
   1. Access to the Modulr Products is restricted to individuals that have been designated by the Introduced Client as Authorised Users.
   2. The Introduced Client must notify Modulr of all individuals it wishes to be an Authorised User.
   3. Each Authorised User is permitted to access and use the Modulr Products in accordance with these Introduced Client Terms of Business.
   4. The Introduced Client will be responsible for training its Authorised Users in the appropriate use of Modulr Products.
   5. The Introduced Client shall ensure its Authorised Users;
      1. take all reasonable care to ensure Modulr Product access credentials, including login details to the Website, where applicable, are kept confidential to each Authorised User; and
      2. do not share any information that would enable another party to access the Introduced Client's Account.
   6. The Introduced Client acknowledges and agrees that each Authorised User is authorised by the Introduced Client to act on its behalf. Modulr shall deem any instruction given by an Authorised User is an instruction given by the Introduced Client.
   7. The Introduced Client will be responsible for timely notification to Modulr of any revocation of Authorised User access and will be liable for Transactions made, Fees incurred and use of Modulr Products by an Authorised User until Modulr has had one full Business Day to act on any received notice. This clause shall not apply to Introduced Clients accessing Modulr Products via the Partner Platform.
   8. Where the Introduced Client accesses Modulr Products through a Partner Platform, such Partner Platform will be considered the Authorised User. In this instance if additional Authorised Users are required they must be requested by the Partner Platform. The use of a Partner Platform to access the Modulr Products by the Introduced Client are set out in further detail below.
   
   
4. Accessing Modulr Products through a Partner Platform
   1. In the event the Introduced Client utilizes a Partner Platform to access Modulr Products, the Introduced Client agrees and authorises the Partner Platform to instruct Modulr to access and use the Modulr Products on behalf of the Introduced Client, which shall include but not be limited to making Transactions, viewing and retrieving Transaction data, initiating refunds and closing the Account.
   2. The Introduced Client acknowledges and agrees that Modulr shall have no liability whatsoever with respect to the performance, availability or quality of any Partner Platform.
   3. The Introduced Client acknowledges and agrees to the following:
      1. it must satisfy itself that its Platform Partner Agreement grants the Partner Platform all permission necessary to operate the Account on the Introduced Client's behalf;
      2. the Platform Partner will be granted full access to operate the Introduced Client's Account as an Authorised User of the Introduced Client;
      3. it is responsible for monitoring Partner Platform activities on its Account. Any queries relating to such activities will be raised with the Partner Platform directly and settled between Partner Platform and the Introduced Client;
      4. the Introduced Client has no recourse against Modulr for any act or omission of the Partner Platform with respect to its Account;
      5. the Introduced Client understands it can only access its Account to make Transactions, review Transactions made or otherwise use Modulr Products through the service provided by the Partner Platform; and
      6. it will only use the Account for the purpose set out in the Partner Platform Agreement.
   4. On receipt of notification by Modulr from the Partner Platform that it wishes to terminate this Agreement, this Agreement shall terminate. Any funds in the Introduced Client's Account will be returned in accordance with the terms of the Modulr Account Terms and Conditions.
   5. If the Introduced Client has any complaint or concern relating to the Account or other Modulr Products, such complaint or concern shall be raised directly to the Partner Platform, who shall deal with it in accordance with Modulr's Complaints Policy, a copy of which is available on request from the Partner Platform and on the Website.
   
   
5. Customer Services
   1. The Introduced Client can contact Customer Services if it has any queries about the Modulr Products. Information may be requested from the Introduced Client, including but not limited to, its Authorised Users, Cardholders or Transaction information so that it can verify the identity of an Authorised User, the Cardholder and/or the Modulr Products provided to such Introduced Client.
   2. Any information shared by the Introduced Client will be kept strictly confidential. Where such information is provided in connection to a service provided by a third party, for example, the Account, then the Introduced Client's information will only be used in accordance with instructions of such third party and only for the purpose of providing Customer Services to the Introduced Client on behalf of such third party.
   3. As part of Modulr's commitment to providing a quality customer service, its managers periodically monitor telephone communications between its employees and Introduced Clients to ensure that Modulr's high quality service standards are maintained. The Introduced Client consents to such monitoring and recording of telephone communications and agrees to make its Authorised Users aware of such practice.
   
   
6. Term and Termination
   1. This Agreement shall commence on the date the Introduced Client receives confirmation from Modulr or the Partner Platform (where applicable) of its successful application for Modulr Products and shall continue until terminated by the Introduced Client, Partner Platform (if acting on behalf of the Introduced Client) or Modulr.
   2. The Introduced Client or the Partner Platform (where applicable) may terminate this Agreement immediately by notifying Customer Services in writing by post or email.
   3. Modulr may terminate this Agreement and close the Introduced Client's Account(s) by providing the Introduced Client with at least two months' notice.
   4. Modulr may suspend or terminate this Agreement immediately if, for any reason, the Introduced Client (i) is unable to satisfy the Due Diligence Procedures, (ii) for breach of this Agreement, (iii) has provided false, incomplete or misleading information, (iv) has engaged in fraudulent, money laundering, terrorism financing or other illegal activity or we have reasonable suspicions in respect of same or (v) we are required to do so under any applicable law or regulation or at the direction of any regulatory, law enforcement or other competent authority. Modulr shall notify you as soon as possible, unless prohibited by law, of such suspension or termination of the Agreement.
   5. This Agreement will automatically terminate when all Accounts of the Introduced Client are closed (for any reason).
   6. Modulr may terminate or suspend this Agreement in whole or in part immediately by giving written notice to the Introduced Client if Modulr ceases to provide Cards pursuant to this Agreement.
   7. On termination of this Agreement for any reason, any balance remaining in the Introduced Client's Account(s) shall be returned to the Introduced Client in accordance with the Modulr Account Terms and Conditions. The Introduced Client shall pay immediately all outstanding Fees due (where applicable) under this Agreement and in the event of a negative balance in an Account, shall reimburse Modulr FS such amount equal to the negative balance.
   
   
7. Intellectual Property
   1. The Introduced Client acknowledges all Intellectual Property Rights in the Modulr Products are owned by or provided under licence to Modulr. Modulr grants the Introduced Client a non-exclusive, royalty-free licence for the duration of this Agreement to access and use the Modulr Products only for the purpose contemplated by this Agreement.
   2. Nothing in this Agreement shall operate to create or transfer any Intellectual Property Right to the Introduced Client.
   
   
8. Force Majeure
   1. Modulr and/or Modulr FS will not be liable for the non-performance or failure to provide any part of the Modulr Products occurring as a result of any events that are beyond the reasonable control of Modulr, for example, but not limited to, fire, telecommunications or internet failure, utility failure, power failure, equipment failure, employment strife, riot, war, terrorist attack, non-performance of third party suppliers, acts of God such as storm or lightening damage, or other causes over which Modulr and/or Modulr FS has no reasonable control.
   
   
9. Assignment Transfer and Subcontracting
   1. The Modulr Products provided to the Introduced Client are personal to the Introduced Client. The Introduced Client may not novate, assign or otherwise transfer this Agreement, any interest or right under this Agreement (in whole or in part) without the prior written consent of Modulr.
   2. The Introduced Client agrees Modulr may, in its sole discretion, assign, or transfer some or all of its rights and obligations or delegate any duty of performance set out in the documents forming this Agreement. Modulr may subcontract any of its obligations under this Agreement.
   3. In the event of any transfer of this Agreement by Modulr to another service provider; if the Introduced Client does not want to transfer to the new provider, the Introduced Client must notify Modulr of its objection in writing to Customer Services. On receipt of such notification, Modulr it will terminate this Agreement. Any balance remaining in the Introduced Client's Account(s) will be returned to the Introduced Client in accordance with the redemption procedure set out in the Modulr Account Terms and Conditions.
   4. It is acknowledged by the Introduced Client that Modulr enters into this Agreement on its own behalf and as agent for and on behalf of Modulr FS with respect only to clauses 10 and 14 of these Introduced Client Terms of Business.
   
   
10. Liability
    1. Nothing in this Agreement will operate to limit either party or its agent's liability with respect to fraud or for death or personal injury resulting from negligence, in either case whether committed by that party or its employees, agents or subcontractors.
    2. Modulr and Modulr FS makes no warranty that access to and use of the Modulr Products will be uninterrupted or error free.
    3. The Introduced Client acknowledges and agrees that Modulr and/or Modulr FS are not liable to the Introduced Client for any loss, liability or damages the Introduced Client suffers which result from, are related to, or in any way are connected with any fraud control, restriction measures or other measures implemented from time to time including as require, unless such loss, liability or damage is a direct result of Modulr and/or Modulr FS's fraud, gross negligence or willful misconduct in procuring the implementation of fraud control or purchase restriction measures that Modulr has expressly agreed in writing to procure for the Introduced Client.
    4. Modulr and Modulr FS shall not be liable to the Introduced Client for any loss or damage the Introduced Client may suffer as a result of any act or omission of an Authorised User or Cardholder or an Authorised User's or Cardholder's use of or inability to use of the Modulr Products.
    5. The Introduced Client agrees to indemnify Modulr and Modulr FS against any and all actions, claims, costs, damages, demands, expenses, liabilities, losses and proceedings Modulr and/or Modulr FS directly or indirectly incurs or which are brought against Modulr if the Introduced Client, or an Authorised User, or a Cardholder has acted fraudulently, been negligent or has misused a Modulr Product or any of the services provided under this Agreement.
    6. Modulr and/or Modulr FS shall not be responsible in any way for any interest or claims of any third parties in respect of the Modulr Products, except as required by law or regulation.
    
    
11. Reports
    1. Modulr may make available certain management or other reporting or business administration functionality via the Website.
    2. Modulr may from time to time amend, modify, replace or withdraw in whole or in part such reporting it provides without further notice.
    
    
12. Data Privacy
    1. Modulr will collect and retain personal information about the Introduced Client and each Authorised User and Cardholder to enable Modulr to deliver the Modulr Products, the services linked to it and deal with any enquiries that the Introduced Client may have about it. Modulr is the data controller of the personal information gathered by Modulr for such purpose. If Modulr uses a third party to provide a part of the Modulr Product then that provider will be the owner and controller of the personal information they require to collect in order to operate the relevant service. The use of personal information by third-party service providers will be set out in their service terms and conditions of use. Modulr will, at such third-party provider's direction, process personal data on its behalf, for example, to enable Modulr to provide Customer Services to the Introduced Client.
    2. Modulr processes personal information in accordance with relevant laws on the protection of personal data.
    3. If Modulr transfers the Introduced Client's information to a third party in a country outside of the European Economic Area Modulr will ensure that the third party agrees to apply the same levels of protection that Modulr is legally obliged to have in place when Modulr processes personal data.
    4. Further information about how Modulr uses personal information can be found in Modulr's Privacy Policy; please contact Customer Services for a copy of this.
    
    
13. Changes to the Agreement
    1. Modulr may amend or modify this Agreement by giving no less than two (2) months' notice to the Introduced Client unless Modulr is required to make such a change sooner by law. All proposed changes will be posted on the Website and communicated to the Introduced Client by such other means that Modulr agreed with the Introduced Client, for example by email. If the Introduced Client is accessing Modulr Products via a Partner Platform, all notifications will be communicated via such Partner Platform.
    2. The Introduced Client has no obligation to accept such amendments proposed by Modulr.
    3. The Introduced Client will be taken to have accepted any change to this Agreement that Modulr notifies to the Introduced Client unless the Introduced Client tells Modulr otherwise before the relevant change takes effect. In such circumstance, Modulr will treat notice of objection by the Introduced Client as notification that the Introduced Client wishes to terminate this Agreement and the use of all Modulr Products immediately. All Accounts of the Introduced Client will be closed and any balance remaining in the Introduced Client's Account will be returned to the Introduced Client in accordance with the redemption procedure set out in the Modulr Account Terms and Conditions. In this circumstance the Introduced Client will not be charged a fee for the Account closure and return of any balance.
    
    
14. General
    1. In these Introduced Client Terms of Business, headings are for convenience only and shall not affect the interpretation of these Introduced Client Terms of Business.
    2. Any delay or failure by Modulr to exercise any right or remedy under this Agreement shall not be interpreted as a waiver of that right or remedy or stop Modulr from exercising its rights at any subsequent time.
    3. In the event that any part of this Agreement is held not to be enforceable, this shall not affect the remainder of the Agreement which shall remain in full force and effect.
    4. The Introduced Client shall remain responsible for complying with this Agreement until its Account(s) are closed (for whatever reason) and all sums due under this Agreement have been paid in full.
    5. This Agreement is written and available only in English and all correspondence with the Introduced Client shall be in English.
    6. This Agreement is governed by the laws of England and the Introduced Client agrees to the non-exclusive jurisdiction of the English courts.

Schedule 3 - Direct Debit Mandate

1. Introduction
   1. The terms of this Schedule 3 shall apply where BACS Direct Debit Mandates are included within the Modulr Products.


2. Direct Debit Mandate Service
   1. The Direct Debit Mandate service enables the Introduced Client and / or Account Manager to set up Direct Debit Mandates on an Account via UK BACS Direct Debit scheme (“Direct Debit Mandate Service”). The amounts and payment dates of the Direct Debits may vary.
   2. The Introduced Clients (or the Partner Platform or the Account Manager acting on the Introduced Client's behalf) will be able to set up a Direct Debit Mandate on the Account by completing a Direct Debit Mandate form.
   3. The Introduced Client will be able to view or cancel a Direct Debit Mandate on the Introduced Client's Account via the user interface provided by Partner Platform.
   4. Without prejudice to any other rights of Modulr, Modulr may withdraw the Direct Debit Mandate Service by giving the Introduced Client at least 2 months' notice by e-mail.

Part C: - The Modulr Account Terms and Conditions; Important information you need to know
The Modulr Account Terms and Conditions
Please read these Terms and Conditions carefully before you agree to use an Account or any related services provided by or through us.
These Terms and Conditions, together with the Introduced Client Terms of Business constitute the entire agreement between Modulr and you.
By signing the Modulr Account Terms and Conditions you accept the terms of the Agreement, or by agreeing to open an Account and/or using our services, you accept these Terms and Conditions. If there is anything you do not understand, please contact Customer Services using the contact details provided to you by Partner Platform.

1. DEFINITIONS
   • Account - The electronic money account, also known as Modulr Account provided by us in accordance with these Terms and Conditions.
   • Account Information Service Provider - means a third party payment service provider who is authorised by or registered with the Financial Conduct Authority or another European regulator to provide online account information services, who, with your permission will be able to access certain online account information on one or more payment accounts held by you to give you a consolidated view of your payment accounts.
   • Account Limit - any limit that applies in relation to your Account and/or Card, such as account maximum balance, and limits on receiving and sending payments from your Account as referred in paragraph 2.
   • Account Manager - The individuals elected by the Account Owner to be responsible for the management of the Account, also known as an “Authorised User”.
   • Account Owner - The entity legally responsible for an Account.
   • Agreement - The agreement for your Account made up of these Terms and Conditions, together with the Introduced Client Terms of Business which constitute the entire agreement between you and Modulr.
   • Application Programming Interface (API) - means the interfaces provided by Modulr to the Introduced Client (and the Partner Platform on the Introduced Client's behalf) to directly instruct Accounts via the Introduced Client's or the Partner Platform's own application.
   • AML Policy - Modulr's written policy on anti-money laundering and counter terrorist financing as may be amended from time to time by Modulr.
   • Applicant - A customer of the Partner Platform who applies for Modulr Products but is yet to be accepted by the Modulr as an Introduced Client.
   • Available Balance - The value of funds available on your Account.
   • Bacs Credit - Means Bacs Direct Credit. A service enabling organisations to make payments to an account which takes 3 Business Days for the funds to be cleared.
   • Business Days - Monday to Friday between the hours of 9am-5pm but does not include bank holidays, or public holidays in the United Kingdom.
   • Card - means a Virtual Card or a Physical Card.
   • Cardholder - means the individual authorised to use the Physical Card issued to you.
   • Card Scheme -Mastercard and/or Visa or such other payment network through which Card Transactions are processed as may be made available to you from time to time.
   • Card Transaction -means a Virtual Card Transaction or a Physical Card Transaction.
   • CHAPS - the Clearing House Automated Payment System, a service enabling organisations to make same-day payments to an account within the UK, within the CHAPS operating days and times.
   • Chargeback has the meaning given to it in the Introduced Client Terms of Business.
   • Confidential Information - any information (whether or not recorded in documentary form, or stored on any magnetic or optical disk or memory) relating to: the business, products, affairs, strategy, contracts, customer relationships, commercial pipelines, business contacts, prospective customers, existing customers, business models, customer pricing, management systems, business methods, corporate plans, maturing new business opportunities, research and development projects, marketing and sales information, sales targets and statistics, discount structures, suppliers and potential suppliers, source codes, computer programs inventions, know-how, technical specifications and other technical information relating to products and services.
   • Customer Services - The contact centre for dealing with queries about your Account. Contact details for Customer Services can be obtained from the Partner Platform.
   • Data Protection Laws - the following, to the extent they are applicable to a party: the Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and all applicable laws and regulations relating to processing of personal data and privacy (as amended or replaced from time to time), including where applicable the guidance and codes of practice issued by the Information Commissioner (in the United Kingdom) or other applicable supervisory authority;
   • Direct Debit - a payment collected via UK Direct Debit scheme operated by Bacs from or to your Account.
   • Direct Debit Collection - a payment collected to your Account via UK Direct Debit scheme on the basis of an instruction given by you to the payer's payment service provider.
   • Direct Debit Guarantee - means the refund terms applicable to Direct Debit Mandates as set out on the direct debit form or direct debit confirmation provided to you by the payment recipient.
   • Direct Debit Mandate - a payment collected from your Account via UK Direct Debit scheme on the basis of a mandate permitting someone else (recipient) to instruct us to transfer money from your Account to that recipient.
   • Due Diligence Procedure - Modulr's procedures for carrying out due diligence on Introduced Clients in order to comply with its policies and regulatory obligations.
   • Faster Payment - A service allowing you to make and receive electronic payments in the UK which is received by the recipient bank within 2 hours provided that the receiving organisation or bank is part of Faster Payments Scheme.
   • Fees - where relevant, those fees payable by the Introduced Client.
   • Information - Means any information related to the organisation, and any personal information related to Account Manager or the Cardholder.
   • Intellectual Property Rights - means without limitation, all patents (including models and inventions), trademarks, service marks, trade names, domain names, business names, copyrights, design rights, database rights, rights to or in computer software, know-how, trade secrets, rights to or in confidential information and all other intellectual property rights and rights or forms of protection of a similar nature or effect which may subsist anywhere in the world whether or not registered or capable of registration, together with all applications for registration of, and any licence to use, any of the foregoing and "Intellectual Property" shall be construed accordingly;
   • Introduced Client - Any client of Modulr which has been introduced by the Partner Platform and whose account is operated by the Partner Platform based on instructions the Partner Platform receives from the Introduced Client (where relevant).
   • Introduced Client Terms of Business - The terms on which Modulr provides Modulr Products to the Introduced Client.
   • Merchant - means a merchant authorised to accept Card Scheme-branded Cards.
   • Modulr - Modulr Finance Ltd, a company registered in England and Wales with number 09897957 and whose registered office is at Scale Space, 58 Wood Lane, London, W12 7RZ. Modulr Finance Ltd (FRN: 900699) is a registered agent of Modulr FS Ltd.
   • Modulr Account Terms and Conditions - This agreement, between Modulr FS and the Introduced Client which governs the terms on which the Introduced Client may use its Account.
   • Modulr Products - those products, including but not limited to the Account as described by Partner Platform in the application process.
   • Online Portal - means the interface provided by Modulr for the Introduced Client to access via the public internet, subject to applicability based on the Introduced Client's relationship with the Partner Platform.
   • Payment Initiation Service Provider - means a third party payment service provider authorised by or registered with by the Financial Conduct Authority or another European regulator to provide an online service to initiate a Transaction at your request on your Account.
   • Partner Platform - A third party that is permitted by Modulr and Modulr FS to introduce and act on behalf of Introduced Clients, and permitted by you to act as an Authorised User.
   • Partner Platform Agreement - an agreement between the Account Owner and the Partner Platform for the provision of various services, under the terms of which the Introduced Client wishes to open an Account with Modulr to be used for the purpose and in accordance with the terms set out in the Partner Platform Agreement.
   • Physical Card - means a physical card-based payment instrument issued by us to you which uses the Card Scheme payments network, as well as any version or record of such an issued payment instrument stored on an app or other platform, and which may be used to make Physical Card Transactions.
   • Physical Card Transaction - means the use of a Physical Card to make a payment to a Merchant.
   • Regulator - the Financial Conduct Authority, located at 12 Endeavour Square, London, E20 1JN or any authority, body or person having, or who has had, responsibility for the supervision or regulation of any regulated activities or other financial services in the United Kingdom.
   • SEPA - the Single Euro Payments Area is the area where citizens, companies and other economic actors can make and receive payments in euro, within Europe, whether within or across national boundaries under the same basic conditions, rights and obligations, regardless of their location. SEPA is driven by the European Commission and the European Central Bank, amongst others, as a key component of the EU Internal Market. SEPA shall be deemed to encompass the countries and territories which are part of the geographical scope of the SEPA Schemes, as listed in the EPC List of SEPA Scheme Countries, as amended from time to time.
   • SEPA Credit Transfer - a service allowing you to make and receive non urgent EUR electronic payments within SEPA provided that the receiving organisation or bank is part of the scheme.
   • SEPA Instant Credit Transfer - a service allowing you to make and receive near real time EUR electronic payments within SEPA provided that the receiving organisation or bank is part of the scheme.
   • SEPA Transfers - means, together, SEPA Credit Transfer and SEPA Instant Credit Transfer.
   • SWIFT - the global member-owned financial telecommunications system used to facilitate the secure transfer of messages, including payment instructions, between financial institutions.
   • SWIFT Inbound Payment - an inbound payment (in such currencies as may be supported by Modulr from time to time) made via SWIFT.
   • SWIFT Outbound Payment - an outbound payment (in such currencies as may be supported by Modulr from time to time) made via SWIFT.
   • SWIFT Payments - means, together, SWIFT Inbound Payments and SWIFT Outbound Payments (and SWIFT Payment shall be construed accordingly).
   • Transaction - any debit, credit or other adjustment to an Account that affects the balance of monies held in it, including a Virtual Card Transaction.
   • TPP (Third Party Provider) - means an Account Information Service Provider or a Payment Initiation Service Provider.
   • we, us, our or Modulr FS - Modulr FS Ltd, a company registered in England and Wales with number 09897919 and whose registered office is at Scale Space, 58 Wood Lane, London, W12 7RZ and who is regulated by the Financial Conduct Authority for issuance of electronic money under FRN 900573, or Modulr acting on Modulr FS Ltd's behalf.
   • Virtual Card - means a virtual card-based payment instrument consisting of (amongst other things) a unique 16 digit account number issued to you which uses the Card Scheme payments network, as well as any version or record of such an issued payment instrument stored on an app or other platform, and which may be used to make Virtual Card Transactions.
   • Virtual Card Transaction - means the use of a Virtual Card to make a payment to a Merchant.
   • Website - means the customer portal that Introduced Clients can login to in order to use the Modulr Products.
   • you, your - The Account Owner, also referred to as an Introduced Client.
2. ACCOUNT & CARD LIMITS
   1. Limits may apply to the balance on your Account at any time, the maximum value of an individual payment Transaction, maximum Virtual Transaction value per Card, the maximum aggregate value of all payment Transactions made from your Account or Cards in a particular time period e.g. during any one Business Day and the maximum number of payment Transactions made from your Account over a particular timeframe. Your Cards may also have certain Card Transaction types disabled, such as cash withdrawals at an ATM.
   2. The limits and restrictions that apply to your Account and Card will be communicated to you during the Account set-up process and/or before the Card is issued to you (as applicable). These limits may also change over time based on your Account and/or Card usage; any such change will be communicated to you. You can check the limits at any time by contacting Customer Services. You should not make a payment Transaction request which exceeds such.
   3. From time to time a Card Transaction may be authorised which exceeds the limit or restriction applicable to your Account or Card, for example when it is used in an offline environment for example but not limited to payments for or on transport (purchases on a train, aeroplane, underground or toll payments). In such circumstance, a negative balance on your Account may occur. In this case the process in paragraphs 5.14 to 5.16 inclusive will apply.
   4. Certain Merchants may require verification that the funds held on your Account will cover the Card Transaction amount and will place a “pre-authorisation” on your Card. This amount will be unavailable to you until the Card Transaction is completed or released by the Merchant. The pre-authorisation allows the Merchant up to 30 days to claim and settle any funds owed to them from the Card. Examples include but are not limited to hotels and rental cars. If there are insufficient funds available on your Account, Modulr must still make this settlement, which may result in a negative balance on your Account. In this case the process in paragraphs 5.14 to 5.16 inclusive will apply.
   5. To manage our risk, particularly with respect to money laundering, fraud or security concerns, we also apply internal controls, including limits, to certain types of payment. We change these as necessary but for security purposes, we do not disclose them.
3. SCOPE OF THESE TERMS AND CONDITIONS
   1. Your Account is an electronic money account and the electronic money and any Card associated with it is issued to you by us. We are regulated by the Financial Conduct Authority for the issuance of electronic money (FRN 900573). Your rights and obligations relating to the use of this Account are subject to these Terms and Conditions between you and us.
   2. The types of Transactions enabled for your Account will be explained to you by the Partner Platform, or as subsequently enabled by us. The terms of these Modulr Account Terms and Conditions applicable to specific Transactions or payment types (for example, Cards) apply only to the extent that such Transactions or payment types are enabled for your Account.
   3. This Agreement is written and available only in English and we undertake to communicate with you in English regarding any aspect of your Account.
   4. You agree that we or the Partner Platform may communicate with you by e-mail or telephone for issuing any notices or information about your Account and therefore it is important that you ensure you keep your e-mail address and mobile phone number updated.
   5. You can request a copy of these Terms and Conditions at any time by contacting Customer Services.
4. OPENING YOUR ACCOUNT
   1. Your Account will be opened on your behalf by the Partner Platform. You may only hold an Account so long as you remain an approved client of the Partner Platform that provided you with your account details.
5. USING THE ACCOUNT
   1. Your Account can receive bank transfers and other payment types as added and notified to you by Modulr from time to time. Subject to paragraph 5.3, we will credit your Account when we receive the funds which could be up to three Business Days after the payment being instructed, depending on how the payment was sent.
   2. Your Account can also receive internal transfers from other Accounts owned or controlled by the Partner Platform, which apply instantly.
   3. An incoming payment will not be credited to your Account if:
   1. the Account has reached the Account Limits; or
   2. the Account is blocked or terminated; or
   3. the sender has provided incorrect/invalid Account Details for your Account; or
   4. we suspect the payment to be fraudulent.
   4. If we are unable to credit your Account for any of the reasons in paragraph 5.3 then the funds may be sent back to the sender without a prior notification to you.
   5. Your Account can make payments out to external bank accounts via Faster Payments, SEPA Transfer, SWIFT Payments (if selected as a Modulr Product) and other methods as added and notified to you by the Partner Platform from time to time.
   6. Your Account will be configured and operated by the Partner Platform. You agree that Modulr and we may take instructions from the Partner Platform regarding the operation of your Account, including the creation of beneficiaries and instruction of payments, on your behalf. We and Modulr have no liability for actions taken by the Partner Platform. If you disagree with any actions taken by the Partner Platform these should be discussed with the Partner Platform. We are also authorised to take instructions from any other Account Manager (where different from Partner Platform) and, with respect to Physical Card Transactions, from the Cardholder. You are responsible for all actions of the Account Manager and any Cardholder in relation to the Account and/or Card(s).
   7. Where Cards are made available to you, your Account can be used to fund Card Transactions. You or your Account Manager or Partner Platform can request a Virtual Card or a Physical Card to be issued to you via the Online Portal or Modulr API.
   8. Where a Virtual Card or Physical Card is issued to you, you may be able to register and/or store the details of the Card within third party apps and/or devices and to use those third party apps/devices to initiate payments with your Card. When you first register your Card within a third party app/device we support, you may be required to verify that it is you requesting the registration of the Card. If you do not do this, you may not be able to register and use your Card through the third party app/device.
   9. The value of any Card Transaction, together with any applicable fees and charges, will be deducted from your Account once we receive the authorisation request from the Merchant.
   10. If the Card Transaction is made in a currency other than the currency the Card is denominated in, the Card Transaction will be converted to the currency of the Card by the relevant Card Scheme at a rate set by it on the day we receive details of the Card Transaction. The exchange rate varies throughout the day and is not set by us. You can check the relevant Card Scheme rate as follows.
       • Mastercard Card Scheme rate at: https://www.mastercard.co.uk/en-gb/consumers/get-support/convert-currency.html;
       • VISA Card Scheme rate at: https://www.visa.co.uk/support/consumer/travel-support/exchange-rate-calculator.html.
   11. A Transaction is deemed to be authorised by you:
   1. when you or your Account Manager or Partner Platform enters the security information on the Modulr Online Portal to confirm a Transaction is authorised, or when it is instructed via the Modulr API with the relevant security credentials;
   2. when you or your Account Manager or Partner Platform submits a request for a creation of a Virtual Card via the Online Portal or Modulr API, you shall be deemed to have authorised any subsequent Virtual Card Transaction made using such Virtual Card up to the authorisation value specified when creating the request for creation of the Virtual Card;
   3. when you or the Cardholder (i) enter a PIN or provide any other security credentials; (ii) sign a sales voucher; (iii) provide the Physical Card details and/or provide any other details as requested; (iv) wave/swipe the Physical Card over a card reader; or (v) insert the Physical Card into a card device or an ATM;
   4. when you give instructions through a third party (such as the recipient of a Direct Debit Mandate or a Payment Initiation Service Provider). Once the Transaction is confirmed, we cannot revoke the Transaction save for in those circumstances set out in paragraph 5.10 below.
   12. You can cancel any Transaction which is agreed to take place on a date later than the date you authorised it, provided that you give us notice to cancel no later than close of business on the Business Day before the Transaction was due to take place;
   13. Cancelling a Direct Debit Mandate with us will not cancel the agreement with the organisation you are paying. It is your responsibility to tell the organisation collecting the payment about the changes to your instructions.
   14. If for any reason whatsoever, a negative balance arises because a Transaction is completed when there are not enough funds on your Account for that Transaction, you shall reimburse the negative balance amount immediately, unless circumstances described in sections 5.15 and 5.16 apply. You agree that once we make this negative balance known to you, we will charge you the amount of negative balance and you must repay it immediately. We may charge the amount of the negative balance against any funds on your Account, including any subsequently loaded funds. Until we are reimbursed this negative balance amount, we may arrange for your Account, including Card(s) to be suspended. We may also report the negative balance to credit reference agencies.
   15. Where a negative balance arises because of an error on the part of a Merchant where the Card Transaction occurred, we will seek to recover the negative balance amount from the Merchant.
   16. Where a negative balance arises because of an error on the part of the recipient of the payment or us, we will seek to recover the negative balance amount from the person who made the error.
   17. The Available Balance on your Account will not earn any interest.
   18. You can check the balance and Transaction history of your Account at any time via the interface provided to you by the Partner Platform or by contacting Customer Services, or the Online Portal if you have relevant access details.
   19. You will be provided with a monthly statement free of charge setting out information relating to individual payment Transactions by the Partner Platform or us (using the details we have associated with your Account).
6. THIRD PARTY ACCESS
   1. You can instruct a TPP to access information on your Account or initiate certain Transactions from your Account provided such TPP has identified itself to us and it has acted in accordance with the relevant regulatory requirements. We will treat any instruction from an TPP as if it was from you or an Account Manager.
   2. We may deny a TPP access to your Account if we are concerned about unauthorised or fraudulent access by that TPP. setting out the reason for such denial. Before doing so, we will tell you that we intend to deny access and give our reasons for doing so, unless it is not reasonably practicable, in which case we will immediately inform you afterwards. In either case, we will tell you in the manner in which we consider most appropriate in the circumstances. We will not tell you if doing so would compromise our security measures or would otherwise be unlawful.
   3. If you have provided consent to a TPP to access the data in your Account to enable them to provide account information services to you or initiate Transactions on your behalf, you consent to us sharing your information with the TPP as is reasonably required for them to provide their services to you. You must let us know if you withdraw this permission and we recommend you let the TPP know. On notification from you, we will not provide such TPP access to your Account or the data in it.
7. CLOSING YOUR ACCOUNT
   1. You may close your Account by contacting Customer Services. Please refer to your contract with the Partner Platform for any terms relating to your need to maintain your Account.
   2. The Account will be closed if the Partner Platform instructs us to close your Account (in which case the Partner Platform will inform you of this instruction).
   3. On termination of the Agreement for any reason, these Terms and Conditions will automatically terminate, and your Account will be closed and any Cards issued to you will be cancelled.
   4. Any Available Balance remaining on the Account after Account closure will be transferred to your nominated bank account via Faster Payments or SEPA Transfer (as relevant) based on instructions to us from the Partner Platform. If for any reason this is not possible, such Available Balance will remain yours for a period of six years from the date of Account closure. Within this period, you may at any time request a refund by contacting Customer Services. You will not have any access to your Account and we will not return any funds remaining on the Account after six years from the date of Account closure and this Agreement will terminate.
8. YOUR LIABILITY AND AUTHORISATIONS
   1. You are responsible for understanding and complying with the Agreement including these Terms and Conditions.
   2. We may at any time suspend, restrict or refuse to authorise any use of your Account and/or Cards (including cancelling Card(s)) or refuse to process your instructions or authorise any particular Transaction where:
   1. we are concerned about the security of or access to your Account and/or your Card;
   2. we know or suspect that that your Account and/or Card is being used in an unauthorised or fraudulent manner;
   3. we need to do so in order to comply with the law or otherwise for regulatory or crime prevention purposes;
   4. the Transaction would breach the limits applicable to your Account and/or Card;
   5. you, the Account Manager or the Cardholder breach an important part of these Terms and Conditions, or repeatedly breach any term in this Agreement and fail to resolve the matter in a timely manner.
   3. If we cancel, suspend or restrict your Account and/or Card(s), or otherwise refuse to execute a payment order to or to initiate a Transaction, we will, without undue delay and provided we are legally permitted to do so, notify you or the Partner Platform of the refusal, suspension or cancellation (as applicable). If possible, we will provide the reasons for the refusal to execute the Transaction and/or suspending the use of your Account and/or Card and where those reasons relate to factual matters, the procedure of rectifying any factual errors that led to the refusal.
   4. You or the Account Manager or the Cardholder must not:
   1. allow another person to use security information related to the Account, Cards and/or app/device you use to make Transactions
   2. write down password(s) or any security information unless this is done in a way that would make it impossible for anyone else to recognise any of that information, or
   3. disclose passwords or any security information, or otherwise make them available to any other person, whether verbally or by entering them in a way that allows them to be observed by others.
   5. You must take all reasonable steps to keep your Account and password(s) and any other security-related details safe, including the security-related details relating to any app and/or devices you have registered or stored your Card on, at all times. If you visit a website or receive a message that asks for your password, other than the Modulr website, this should be reported to us. If you are in doubt whether a website is genuine, you should contact Customer Services. If you have any indication that your Account, password or other security information has been compromised, you must immediately change your password and notify us as soon as possible.
   6. You will be liable for all Transactions that take place as a result of you, the Account Manager or the Cardholder acting fraudulently or failing to comply with these Terms and Conditions with intent or gross negligence. Any such Transactions and any fees and charges relating to such Transactions will be deducted from the Available Balance on your Account.
   7. You will be liable for all Transactions that the Partner Platform, any other Account Manager makes on your behalf or the Cardholder makes as per this Agreement, along with those made by a TPP authorised by you to initiate a Transaction.
   8. You will be liable for all unauthorised Transactions that arise from the use of lost or stolen Physical Cards, the Account or Card security information such as but not limited to the Online Portal log in details and API security details, Card number and CVV if you, the Account Manager, or the Cardholder fail to keep the security features of the Account, Cards and/or app/device where your Card is registered/stored safe.
   9. It is your responsibility to keep us updated of changes to your Information, including e-mail address and mobile numbers. Failure to do so may result in us being unable to contact you regarding your Account or to let you know about changes to these Terms and Conditions.
   10. If you request to recall a Transaction due to an error or mistake caused other than by Modulr, we reserve the right to charge you (i) a handling fee of £25 per recall and (ii) any fee payable by Modulr to a third-party bank or institution for handling the recall.
   11. You agree to indemnify and hold harmless, us, Modulr and our distributors, partners, agents, sponsors, and service providers and their group companies from and against the costs of any legal action taken to enforce this Agreement, including these Terms and Conditions and/or any breach of these Terms and Conditions by you.
9. DISPUTES AND INCORRECT TRANSACTIONS
   1. If you (or an Account Manager or Cardholder) have a reason to believe that (i) a Transaction on your Account was unauthorised or was made incorrectly, (ii) a Physical Card is lost or stolen; or (iii) someone else (other than TPP) knows the security credentials or otherwise has unauthorised access to your Account and/or Card, you must inform us immediately by contacting Customer Services. After you notify us, we will replace a lost, stolen or misappropriated Physical Card and/or security credentials, as appropriate.
   2. We will investigate your claim for a refund of unauthorised or incorrectly executed Transactions, provided at all times that you have notified us without undue delay of becoming aware of such incorrectly executed or unauthorised Transaction and in any case within the timeframes required by the Card Scheme rules if the incorrect Transaction relates to a Card Transaction and for all other Transactions within 13 months of the date of the relevant Transaction. We will not be liable for any unauthorised or incorrectly executed Transactions notified to us after this period.
   3. If you dispute a Transaction:
   1. subject to 9.3.2 and 9.3.3 we will immediately refund the amount to your Account to the position it would have been in if the unauthorised Transaction had not taken place. We will have no further liability to you. If we subsequently discover that you were not entitled to a refund, we shall treat the refund as a mistake and be entitled to reapply the Transaction.
   2. if there are reasonable grounds for thinking that you may not be entitled to a refund (based on the evidence available to us at the time you report the unauthorised Transaction), we may investigate before giving you a refund and we will provide you with our supporting evidence if we believe you are not entitled to the refund;
   3. if the Transaction was initiated through a TPP, it is for the TPP to prove that, the Transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiency linked to the TPP's payment initiation service; and
   4. if we make an error on a Transaction made to someone else through the Direct Debit scheme, we will refund you in accordance with the Direct Debit Guarantee.
   4. If an incorrect Transaction is paid into your Account that should not have, we will, where possible, immediately send the funds back to the bank acting for the person from whose account the Transaction was made. In such circumstance you agree to return the funds to us and provide such assistance that we require in recovering the amount from you. If we cannot recover the funds, we are required to provide sufficient details about you and the incorrect payment to the bank or institution that sent the payment to enable them to recover the funds.
   5. You will be liable for all Transactions made from your Account if you (or the Account Manager or the Cardholder) have acted fraudulently or have failed with gross negligence:
   1. to keep the security credentials used to access or use your Account and/or Card safe and secure or otherwise failed to comply with these Terms and Conditions in relation to the safety of your Account and/or Card; or
   2. failed to notify us in accordance with 9.1 above.
   6. You may be entitled to a refund where a Transaction from your account which was initiated by payee provided that:
   1. the authorisation did not specify the exact amount;
   2. the amount of Transaction exceeded the amount you could reasonably have expected (taking into your previous spending pattern and other relevant circumstances). We may ask you to provide such information as is reasonably necessary for us to determine if this is correct; and
   3. you asked for a refund within 8 weeks of the date the Transaction was debited to your Account.
   In such circumstances we will refund you within 10 Business Days of receiving your claim for a refund or, where applicable, within 10 Business Days of receiving any further information we requested - or we will provide you with reasons for refusing the refund.
   7. If you want a refund for a Transaction made using the Direct Debit scheme, the Direct Debit Guarantee will apply instead of the terms in 9.6 above.
10. VARIATION
    1. We may change these Terms and Conditions by providing you with at least two months' prior notice by e-mail (provided you have supplied us with an up-to-date e-mail address).
    2. If you do not agree with the changes to the Terms and Conditions, you may at any time within the two months' notice period notify us and these Terms and Conditions will be terminated and your Account closed. If you do not notify us to the contrary during this period then you will be deemed to have accepted the change and it will apply to you when it comes into force.
    3. If any part of these Terms and Conditions are inconsistent with any legal requirements then we will not rely on that part but treat it as if it did actually reflect the relevant legal requirement. If we need to make operational changes before we can fully comply with the new regulatory requirement, we will make those changes as soon as reasonably practical.
11. TERMINATION OR SUSPENSION
    1. We can terminate your Account at any time if we give you two months' notice and transfer any Available Balance at the time to your nominated bank account without a charge.
    2. We can suspend or terminate your Account at any time with immediate effect (and until your default has been remedied or the Agreement terminated) without any prior notice to you if:
    1. we discover any of the Information that we hold for you is false, misleading or materially incorrect; or
    2. if you, the Account Manager, the Cardholder or a third party has engaged in fraudulent activity, money laundering, terrorism, terrorism financing or other illegal activity in connection with your Account or we have reasonable suspicions in respect of the same; or
    3. if you have reached your Account Limit;
    4. you or the Account Manager have breached these Terms and Conditions; or
    5. we are required to do so under any applicable law or regulation or at the direction of any regulatory, law enforcement or other competent authority.
    3. In the event that we do suspend or terminate your Account then if we are able to do so, we will tell you in advance otherwise we will let you know immediately afterwards (to the extent we are permitted by law).
12. OUR LIABILITY
    1. Our liability and the liability of our agents in connection with these Terms and Conditions (whether arising in contract, tort (including negligence), breach of statutory duty or otherwise) shall be subject to the following exclusions and limitations:
    1. Neither we, nor our agents shall be liable for any default resulting directly or indirectly from any cause beyond our control, including but not limited to, a lack of funds;
    2. Neither we, nor our agents shall be liable for any loss of profits, loss of business, or any indirect, consequential, special or punitive losses;
    3. where sums are incorrectly deducted from your Available Balance due to our default, our liability and that of our agents shall be limited to payment to you of an equivalent amount to that which was incorrectly deducted from your Available Balance;
    4. in all other circumstances of our default, our liability and that of our agents jointly will be limited to transferring any Available Balance to your nominated bank account.
    2. In circumstances where sums are incorrectly deducted from your Available Balance due to our fault, if we require your support to enable us to recover the incorrect deduction, you agree to provide us and our agents with all assistance that we reasonably require.
    3. Nothing in these Terms and Conditions shall exclude or limit our liability or that of our agents for death or personal injury resulting from our negligence or fraud.
    4. To the extent permitted by law, all conditions or warranties implied by law, statute or otherwise are expressly excluded.
    5. The above exclusions and limitations set out in this paragraph shall apply to any liability of our affiliates and other suppliers, contractors, agents or distributors and any of their respective affiliates (if any), to you, which may arise in connection with these Terms and Conditions.
13. YOUR INFORMATION
    1. Some personal data will be necessary for us to provide you with the Account and services under this Agreement. Modulr FS is a Data Controller and shall only use your personal data for this purpose. Please see the Privacy Policy (please contact Customer Services for details of where to access this) for full details on the personal data that we and Modulr Finance Ltd hold, how we will use it and how we will keep it safe. Modulr will at all times comply with Data Protection Laws.
    2. We will retain details of individual transactions for six years from the date on which the particular transaction was completed. We will maintain all other records for six years from which we have ceased to provide you with any product or service
    3. You must update any changes to your Information by contacting Customer Services.
    4. If we discover that the Information we hold about you is incorrect, we may have to suspend or cancel your Account until we can establish the correct Information, in order to protect us both.
    5. If you or the Account Manager allow or give consent to an Authorised Third Party Provider to access your Account to provide their services, you should know that we have no control over how an Authorised Third Party Provider will use your information nor will we be liable for any loss of information after an Authorised Third Party Provider have access to your information.
14. COMPLAINTS PROCEDURE
    1. Complaints regarding any element of the service provided by us can be sent to Customer Services.
    2. All complaints will be subject to our complaints procedure. We will provide you with a copy of our complaints procedure upon request and, if we receive a complaint from you, a copy of our complaints procedure will automatically be posted or emailed to you.
    3. In most cases we will provide a full response by email to your complaint within fifteen Business Days after the date we receive your complaint. In exceptional circumstances where we are unable to respond in full to your complaint, we will inform you of this giving our reasons for the delay and the timeframe within which you will receive a full reply, which in any event shall be within thirty-five Business Days of the date we received your complaint.
    4. If we fail to resolve your complaint to your satisfaction you may refer your complaint to the Financial Ombudsman Service (Exchange Tower, London E14 9SR, phone 0800 023 4567). Details of the service offered by the Financial Ombudsman Service are available at www.financial-ombudsman.org.uk.
15. GENERAL
    1. Any delay or failure to exercise any right or remedy under these Terms and Conditions by us shall not be construed as a waiver of that right or remedy or preclude its exercise at any subsequent time.
    2. If any provision of these Terms and Conditions is deemed unenforceable or illegal, the remaining provisions will continue in full force and effect.
    3. You may not assign or transfer any of your rights and/or benefits under these Terms and Conditions and you shall be the sole party to the contract between us. You will remain liable until the Account issued to you is terminated. We may assign our rights and benefits at any time without prior written notice to you. We may subcontract any of our obligations under these Terms and Conditions.
    4. Save for Modulr, who acts on our behalf, no third party who is not a party to these Terms and Conditions has a right to enforce any of the provisions in these Terms and Conditions and the Contracts (Rights of Third Parties) Act 1999 shall not apply.
    5. These Terms and Conditions contain the information set out in Schedule 4 of the Payment Service Regulations 2017 and you can obtain a copy of this Agreement at any time by contacting Customer Services.
    6. These Terms and Conditions are governed by English law and you agree to the exclusive jurisdiction of the courts of England and Wales.
    7. The Financial Services Compensation Scheme is not applicable for this Account. No other compensation schemes exist to cover losses claimed in connection with your Account. As a responsible e-money issuer, we will ensure that once we have received your funds they are deposited in a safeguarded account in accordance with our legal obligations. In the event that we become insolvent funds that are safeguarded by us are protected against the claims made by our creditors.
16. CONTACTING CUSTOMER SERVICES
    1. Customer Services are provided by the Partner Platform. The details shall be provided by the Partner Platform.

UK Safeguarding Information

Safeguarding: How Modulr keeps customer funds safe

Who is Modulr?

Modulr enables thousands of businesses of all sizes across the UK and Europe to efficiently pay-in, collect and disburse funds instantly into a range of accounts, wallets and cards. We've created an industry-leading platform, connected to an expanding network of accounting and payroll platforms. Our payments expertise and extensive product capability also enables us to solve specific problems for a growing portfolio of hundreds of clients in a range of industry verticals.

Is Modulr a bank?

Modulr is not a bank, we're an Electronic Money Institution (EMI). An EMI is an organisation that has been authorised by the regulator to issue e-money accounts and provide payment services. In the UK, we're authorised and regulated by the Financial Conduct Authority (FCA).

How is Modulr different from a bank?

One of the main differences between Modulr, an EMI, and a bank is that banks lend money, whereas EMIs are prohibited from lending money. Specifically, banks receive deposits from customers that they use to lend money out and make a profit on the difference. By contrast, an EMI such as Modulr does not lend any customer funds or offer interest on balances. Our payment services however are regulated by the same payments regulations that apply to banks.

How does Modulr protect customer funds?

Modulr is required by law to use a process called Safeguarding to protect customer money. This means we ensure that the funds we receive in exchange for e-money are segregated from all other funds that we hold and they cannot be used for any other purposes. The funds we safeguard are therefore completely separate from the additional funds that Modulr holds to meet its corporate obligations and run its business. These safeguarded funds must be held in specially designated client accounts at credit institutions (banks), the Bank of England or invested in secure, liquid assets that the FCA has approved for such purposes. Furthermore, as an EMI, we must also hold an additional amount equal to 2% of the total value of safeguarded client funds in our own funds, which are held separately to those client funds. The purpose of the 2% additional funds is to ensure that, in the case of any problems with our business, there are enough funds to support an orderly business wind-down and the process of returning of client funds. Combining this '2%' requirement with safeguarding means that there is a protection mechanism to help ensure an orderly wind-down and return of customer funds if ever required.

What is the FSCS and is it applicable to Modulr?

The FSCS is the Financial Services Compensation Scheme, which provides consumers protection of their bank deposits up to a maximum of £85,000, or £170,000 for a joint account, in the event of a bank failure. The FSCS scheme only applies to certain institutions and does not include, EMIs such as Modulr. However, as mentioned, our safeguarding requirements mean that all customer money held at Modulr, regardless of the amount, is segregated from all other funds that we hold and cannot be used for any other purpose. So, while the FSCS is not applicable to e-money, the regulatory requirements outlined above are designed to protect the balance of customer funds, as opposed to only compensating up to a maximum limit, as is the case with the FSCS.

Where is money safeguarded?

Modulr must deposit the value of all the e-money it has issued to customers at a credit institution (bank) and/or the Bank of England or invest those funds in secure, liquid assets that the FCA has approved for such purposes. In accordance with the relevant legislation, Modulr uses a range of leading clearing banks to safeguard funds as well as invests funds in secure liquid assets that the FCA has approved for such purposes. Additionally with our direct access to payment systems such as Faster Payments and Bacs, Modulr is one of a few non-bank Payment Service Providers to also be able to hold funds at the Bank of England. Our safeguarding processes are subject to independent external annual audit.

What would happen in the event of Modulr's insolvency?

In addition to our safeguarding obligations and the requirement to maintain an additional 2% of corporate funds as regulatory capital, we're also required to prepare orderly wind-down plans. These plans are a regulatory requirement and include the early identification of a potential insolvency event and the return of your funds before an insolvency process commences, if possible.

In the event that Modulr becomes insolvent, your funds are separate from the funds of Modulr and therefore the creditors of Modulr (other third parties that are owed money from Modulr) are not able to make a claim against safeguarded funds and would not affect your entitlement to your funds. An independent insolvency professional (referred to as an 'insolvency practitioner') would be appointed to return your funds to you. However, where an insolvency practitioner is unable to take their costs of sending the funds to you from elsewhere (for example, the general pot of Modulr funds remaining or from the additional 2% own funds described above) they are entitled to take their costs from safeguarded funds which would include your funds. In this unlikely circumstance, you may not receive the total value of your funds. The process of returning your funds by an insolvency practitioner is likely to take longer than if you were making a claim in the FSCS.

Who regulates Modulr in the UK?

Modulr FS Ltd (FRN: 900573) is licensed as an authorised E-Money Institution (EMI) and regulated by the Financial Conduct Authority (FCA). Modulr Finance Limited (FRN: 900699) is registered with the Financial Conduct Authority as an EMD Agent of Modulr FS Limited.

Job Candidates

Candidate Privacy Notice (Global)

Available languages:

• Française - Avis de confidentialité du Candidat

• Nederland - Privacyverklaring voor sollicitanten

• Deutsch - Datenschutzerklärung für Bewerber

Effective Date: February 1, 2024

At Plaid, we understand the importance of privacy and transparency. The purpose of this Candidate Privacy Notice (“Notice”) is to explain how Plaid Inc. and its subsidiaries, including Plaid Financial Ltd. and Plaid, B.V. (collectively, “Plaid”, “we”, “our”, or “us”), collect, use, and share personal data and information from and about potential candidates (“you” or “your”) for positions with Plaid (“Candidate Information”).

Please note that if you submit your CV/resume or other Candidate Information through our website, we may also collect and process information about you in connection with your access to or use of Plaid’s website. Additional information regarding our use of your data can be found in our Privacy Statement. Further information about the types of cookies we use on our website, why we use them, and how you can control or limit the use of cookies can be found in our Cookie Policy.

Jump to section:

Our Data Practices

• Information We Collect

• How We Use Your Information

• How We Disclose Your Information

• Our Lawful Bases for Processing (UK and EEA Candidates Only)

• Our Retention Practices

Other Details

• International Data Transfers

• California Candidates Data Protection Rights

• UK, EEA, and Canadian Candidates Data Protection Rights

• Changes to this Notice

• Contacting Plaid

Our Data Practices

Information We Collect

We collect Candidate Information provided by (1) you, including through Plaid’s Careers page (available at https://plaid.com/careers/), (2) third parties, such as background check providers, recruitment consultants or professional recruitment agencies, or (3) Plaid itself through candidate research. We may also derive Candidate Information by creating a profile reflecting your employment preferences, characteristics, behavior, intelligence, abilities, and aptitudes, such as through notes taken as part of the interview process.

We collect the following categories of Candidate Information about candidates we consider for jobs:

• identifiers and contact information, including your full name, address, phone number, email address, or other contact information;

• professional or employment-related information, including information in your resume or CV; your work history, certifications, professional licenses, and other experience; and contact details of your former/current employer (when such details contain your personal data);

• education information, including information about your degrees and training; transcripts; and academic achievements;

• social networking and similar information, such as social media and public profile information, including URLs related to your LinkedIn, Twitter, GitHub, and Portfolio profiles, and your personal website;

• in certain regions (like the US) and as permitted by applicable law we may collect demographic and other sensitive information (e.g., race, gender, veteran status, ethnicity, sexual orientation, and disability status); and

• other information you submit, including additional information provided in an application form, cover letter, or other work product.

If your application progresses, we will also collect the following Candidate Information:

• information collected as part of the interview process, such as notes taken from your interview (when they contain your personal data); and personal data included in any take-home project;

• information necessary to schedule your interview, including identifiers such as your address, your Known Traveler Number, and any frequent traveler details;

• audio and visual information, including photographs for work profiles and security footage gathered on Plaid premises.

• electronic network activity information and usage data, including your use of plaid equipment, devices, software and other assets.

• details about employment expectations, including, to the extent they contain your personal data, type of employment sought, compensation expectations, willingness to relocate, and other job preferences;

• (if and to the extent relevant for a specific role) information necessary to run a background check, such as information obtained either from you or through reference and background checks, subject to any further permissions or notifications required and/or permitted by applicable law, usually by way of providing an official Certificate of Good Conduct (for instance in the Netherlands: Verklaring Omtrent Gedrag or VOG); and

• information required to initiate employment, including proof of eligibility to work in a specified country (such as a passport or visa); demographic information such as your date and place of birth, and citizenship; identifiers such as your social security number (where required and/or permitted by law), national insurance number, other government-issued identifier, tax identifiers and related tax information (where required and/or permitted by law), and bank account numbers and related information; benefits eligibility information; and other information you provide for the purposes of starting employment or executing an employment agreement.

How We Use Your Information

We use the Candidate Information collected about you to process your application for employment and to comply with statutory obligations we have in relation to your application, including confirming your eligibility to work in a given location.

We will also use your Candidate Information for the following purposes:

• administering and processing your application, including verifying your identification, experience and other information you submit and, if your application progresses, any interview information and background check information;

• communicating with you about your application, including contacting you via phone, email or social media platforms about your application and, if your application progresses, coordinating any interview and background check;

• assessing and evaluating your suitability for the role for which you have applied, or for other vacancies, including verifying your identification, experience and other information you submit and, if your application progresses, any interview information and background check information;

• conducting reference and background checks, including criminal records checks, as part of your application, subject to applicable law, including verifying your identification, experience and other information you submit and, if your application progresses, any interview information and background check information;

• complying with applicable laws and employment-related requirements, including verifying identification information and information required to initiate employment, for purposes such as confirming ability to legally work in a specific location, setting up payroll, withholdings and benefits, and complying with statutory reporting requirements;

• improving our recruitment process, as permitted by applicable law and only in certain regions (like the US), including by generating analytics using Candidate Information to ensure we recruit a diverse set of candidates;

• informing you of career opportunities, including other vacancies for which you may be eligible; and

• for other notified purposes with your consent.

Please note that if you accept employment with Plaid, your Candidate Information will become part of your employment record and will be used for employment purposes in accordance with applicable law and any applicable Personnel Privacy Notice. If you are not accepted for a role, however, we may still keep your application, including relevant Candidate Information, to allow us to consider you for other career opportunities with Plaid and provided that, if required by applicable laws, we obtained your prior consent for such longer retention of your personal data. If you do not want your information retained in the event you are not offered a position, as applicable, please refer to the following sections below for options that may be available to you: California Candidates Data Protection Rights and UK, EEA, and Canadian Candidates Data Protection Rights.

Plaid does not use your personal data for automated individual decision making (including profiling).

How We Disclose Your Information

We disclose your personal data to others as follows, or as otherwise described in this Notice:

• between and among Plaid and our subsidiaries and affiliated entities, as the specific entity you're applying to work for is part of a wider group of companies with headquarters in the United States and offices in various jurisdictions that share human resources and IT systems for processing your application, assessing your suitability for the role, and initiating employment (if applicable);

• with our data processors and other service providers, including data analytics service providers, background check service providers, and recruitment agencies, in connection with the services they perform for us or on our behalf. Where required, these service providers, partners, or vendors acting on our behalf will be subject to contractual obligations to implement appropriate technical and organizational measures to safeguard the Candidate Information, and to process it only as instructed.

• to law enforcement, government authorities, regulators, and other third parties, such as courts and other authorities, independent external advisers and internal compliance and investigation teams, if we believe such disclosure is in accordance with, or is otherwise required by, any applicable law, regulation, or legal process;

• in connection with, or during the negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company, as permitted by applicable law;

• as necessary to protect Plaid, including to establish, exercise, or defend against potential, threatened or actual legal claims;

• to enforce any contract with you or if we believe that your actions are inconsistent with our policies;

• to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or

• for any other notified purpose, with your consent or at your direction.

We may also use or disclose aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, to the extent permitted under applicable law.

Our Lawful Bases for Processing (UK and EEA Candidates Only)

For candidates in the United Kingdom (“UK”) and European Economic Area (“EEA”), our legal basis for collecting, using, and sharing Candidate Information will depend on the information concerned and the context in which we collected or processed it. In general, however, we will normally only collect and process Candidate Information where:

(a) we need to comply with legal obligations applicable to us (such as applicable immigration and/or employment laws and regulations);

(b) we need the information to fulfill our responsibilities in any actual or prospective agreement with you (such as an employment agreement or an offer of employment if you are considered for employment);

(c) the processing is necessary for our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms (such as to ensure a safe working environment for all our team members, and to ensure the reliability of our candidates, and otherwise to administer and process your application, or to communicate with you about your application); and

(d) we have your consent to do so (in cases where your consent is truly freely given).

Where we are legally allowed or required to collect and process special categories of data (for example, race), then we will only process such information:

• where we reasonably need to do so in order to comply with our legal obligations as a prospective employer;

• where we need to do so in order to be informed of your working capacity;

• where we need to do so to protect your or another person's vital interests (and we are unable to obtain your consent); or

• where you have given us your consent (in cases where your consent is truly freely given).

To the extent we rely on consent to collect and process Candidate Information, you have the right to decline your consent or to withdraw your consent at any time by contacting us at people-privacy@plaid.com. Withdrawing your consent will not, however, affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal data conducted for other purposes in reliance on lawful processing grounds other than consent.

Our Retention Practices

We retain Candidate Information for no longer than necessary to satisfy the purpose for which it was collected and used, as described in this Notice, unless a longer retention period is required or permitted under applicable law. As noted above, however, if you accept employment with Plaid, your Candidate Information will become part of your employment record and will be used for employment purposes in accordance with applicable law and any applicable Employee Privacy Notice.

Other Details

International Data Transfers

We operate internationally, and as a result, will transfer Candidate Information across international borders, including from the UK, EEA, and/or Canada to the United States, for processing and storage. To the extent that Candidate Information is transferred from the UK or EEA to territories/countries for which the EU Commission and/or Secretary of State in the UK (as appropriate) has not made a finding that the legal framework in that territory/country provides adequate protection for individuals' rights and freedoms for their personal data, we will transfer such data consistent with applicable data protection laws, including through the use of the EU Commission-approved and/or Secretary of State in the UK approved (as appropriate) standard contractual clauses (as applicable). You can ask for a copy of these standard contractual clauses by contacting us as set out below.

In addition, we are committed to ensure that we comply with any additional requirements or guidelines from the European Court of Justice, data protection law and/or supervisory authorities in relation to the transfer of personal data.

California Candidates Data Protection Rights

The California Consumer Privacy Act or “CCPA”, as amended by the California Privacy Rights Act, affords candidates residing in California certain rights with respect to their Candidate Information. If you are a California resident, this section applies to you.

We collect, or have collected in the preceding 12 months, the categories of Candidate Information listed in the below table from the sources identified in the “Information We Collect” section. For details about the precise data points we collect, or have collected in the preceding 12 months, please see the “Information We Collect” section above. We use and disclose the Candidate Information for the business and commercial purposes listed in the following table, and we disclose the Candidate Information to the recipients also listed in the following table.

We retain the categories of Candidate Information in accordance with the retention practices described above in Our Retention Practices.

Plaid does not (1) “sell” or “share” (as those terms are defined by the CCPA) Candidate Information or (2) use or disclose sensitive personal information for any purpose other than what is specified in CCPA section 1798.121(a).

Subject to certain limitations, you have the right to (a) request to know more about the sources of and the categories and specific pieces of Candidate Information we collect, use, and disclose and the categories of third parties to which we disclose such information, (b) request deletion of Candidate Information, (c) request correction of inaccurate Candidate Information, and (d) not be discriminated against for exercising these rights. You may make these requests by emailing us at people-privacy@plaid.com completing this webform or calling (415) 799 - 1354. We will verify your request by asking you to provide information related to your recent interactions with us, such as your phone number and email address. We will not discriminate against you if you exercise your rights under the CCPA.

If we receive your request from an authorized agent who does not provide a valid power of attorney, we may ask the authorized agent to provide proof that you gave the agent signed permission to submit the request to exercise rights on your behalf. In the absence of a valid power of attorney, we may also require you to verify your own identity directly with us or confirm to us that you otherwise provided the authorized agent permission to submit the request. If you are an authorized agent seeking to make a request, please email us at people-privacy@plaid.com.

UK, EEA, and Canadian Candidates Data Protection Rights

Under applicable law, you have certain rights in relation to your Candidate Information. These rights can differ by country and province.

Subject to certain limitations and exceptions, those rights include the right to: (i) know whether we process personal data about you, (ii) request access to or rectification of the personal data we process about you; (iii) object to, or request that we restrict, the processing of your personal data; (iv) request that we delete personal data about you; (v) request that we provide the personal data you provided to us in a structured, commonly used and machine-readable format, for transmission to another controller; (vi) revoke consent at any time where our processing is based on your consent; and (vii) lodge a complaint with your local supervisory authority (if you are in the UK, please see this page for contact details for the UK Information Commissioner's Office and if you’re in the EEA, please see this page for contact details).

If you’d like to exercise any of your rights, where applicable, please contact us using the contact information provided below.

Additionally, we are happy to provide you with a more detailed overview of our relevant processing purposes (as well as the related categories of data, retention periods and legal processing grounds) upon your request.