As with everything we do, we have tried to simplify a complex process and make our legal documents as reader-friendly as possible. However, (contrary to the simplicity of our API) some complexities persist in these documents. As you read and have questions, please do not hesitate to contact us.
Jump to section:
First, Some Background
A quick note about Plaid
Our mission at Plaid is to empower innovators by delivering access to the financial system. Our technology provides an easy way for you (the "end user") to connect your bank account and other financial accounts to software applications that can help you do things like save for retirement, manage your spending, streamline credit applications, or transfer money. These software applications are built and provided by our business customers (we’ll call them “developers” here), and powered by Plaid. By delivering access to high-quality, usable financial account data that we’ve translated and standardized, we enable our developers to focus on building experiences that benefit you.
Our goal with this Policy is to provide a simple and straightforward explanation of what information Plaid collects from and about end users, and how we use and share that information. While we generally rely upon our developers to inform you about the services we provide to the developer, and also to provide notice and obtain any necessary consent for us to process your information, we value transparency and want to provide you with a clear and concise description of how we treat your information.
Please note that this Policy only covers the information that Plaid collects, uses, and shares, and it does not explain what our developers do with any end user information we provide to them (or any other information they may collect about you, their end user). This Policy also does not cover any websites, products, or services provided by others. We encourage you to review the privacy policies or notices of our developers or those third parties for information about their practices.
Our Data Practices
Information We Collect
Information you provide. When you connect your financial accounts with a developer application, you may provide, through our integrated services, login information required by your financial institution to access your account, such as your username and password, answers to challenge questions, or a security token. When providing this information, you give the developer, and Plaid as its service provider, the authority to act on your behalf to access and transmit your information from the relevant financial institution.
Information collected from your financial institutions. The information we receive from the financial institutions that maintain your financial accounts may vary depending on the specific Plaid services our developers use to power their applications, as well as the information made available by your financial institutions. The types of information we collect from your financial institutions may include, but are not limited to:
Account information, including financial institution name, account name, account type, and account and routing number;
Information about an account balance, including current and available balance;
Information about credit accounts, including statement due dates and balances owed, payment amounts and dates, transaction history, and interest;
Information about loan accounts, including due dates, balances, payment amounts and dates, interest, loan type, payment plan, and term;
Information about the account owner(s), including name, email address, phone number, and address information.
Information about account transactions, including amount, date, type, and a description of the transaction.
The data may include information from all your sub-accounts (e.g., checking, savings, and credit card) accessible through a single set of account credentials, even if only a single sub-account is designated by you.
Information we receive about you from other sources. We may receive information about you directly from the relevant developer or other third parties, including service providers and identity verification services.
How We Use Your Information
We use the information we collect to operate, improve, and protect the services we provide to our developers, and to develop new services. More specifically, we use your information:
To operate, provide, and maintain our services;
To improve, enhance, modify, add to, and further develop our services;
To protect you, our developers, our partners, or Plaid from fraud, malicious activity, and other privacy and security-related concerns;
To develop new services;
To provide customer support to our developers, including to help respond to your inquiries related to our service or our developers’ applications;
To investigate any misuse of our service or our developers’ applications, including violations of our Developer Policy, criminal activity, or other unauthorized access to our services; and
For any other purpose with your consent.
How We Share and Store Your Information
We take deliberate steps designed to protect end user information in our possession. These steps include, but are not limited to, maintaining information security controls such as data encryption, firewalls, logical and physical access controls, and continuous monitoring. These controls are regularly evaluated for effectiveness against industry-standards internally and by independent security auditors.
We do not sell or rent end user information to marketers or other third parties. But we do share end user information with third parties as described in this Policy. For example, we share your information with the developer of the application you are using and as directed by that developer (such as with another third party if so directed by you). We may also share your information:
With your consent;
With our service providers, partners, or contractors in connection with the services they perform for us or our developers;
If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena);
In connection with a change in ownership or control of all or a part of our business (such as a merger, acquisition, reorganization, or bankruptcy);
Between and among Plaid and our current and future parents, affiliates, subsidiaries and other companies under common control and ownership; or
As we believe reasonably appropriate to protect the rights, privacy, safety, or property of you, our developers, our partners, or Plaid.
We may collect, use, and share information we collect in an aggregated or de-identified manner (that does not identify you personally) for any purpose permitted under applicable law. This includes creating or using aggregated or de-identified data based on the collected information to develop new services and to facilitate research.
We retain information we collect about you for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted under applicable law, regulation, or contract. As permitted under applicable law, even after you stop using an application or terminate your account with our developers we may still retain your information (for example, if you still have an account with another developer or if there is residual information within our databases or systems); however, your information will only be used and shared as required by law or in accordance with this Policy.
Some Last Details…
Changes to This Policy
Our full company name is Plaid Inc., and you can contact us at:
P.O. Box 636
San Francisco, CA 94104
Please note: In certain jurisdictions, you may have the right to obtain access to any personal information of yours that is under the control of an organization. We encourage you to reach out directly to the developer or provider of the application you are using with any questions about the developer’s services, access to your personal information, or about our relationship with that developer. We work with our developers to respond to inquiries that relate to us, our services, or our data practices, and may share any communications we receive from you or your contact information with the applicable developer to respond to such inquiries.
Politique de protection de la confidentialité
Date d’entrée en vigueur : le 14 juin 2018
Plaid attache une grande importance à la confidentialité et à la sécurité. Cette Politique de confidentialité vise à vous aider à comprendre, entre autres méthodes décrites dans les présentes, comment nous recueillons, utilisons et communiquons l’information sur l’utilisateur final que nous détenons, dans le but d’exécuter, d’améliorer, de développer et de protéger nos services. Nous vous prions de prendre le temps de la lire attentivement.
Passez à la section:
Un peu de contexte pour commencer
Un petit mot au sujet de Plaid
Plaid se fixe pour mission d’autonomiser les innovateurs en leur assurant un accès au système financier. Notre technologie vous offre (à titre d’« utilisateur final ») un moyen facile de relier votre compte bancaire et vos autres comptes financiers à des applications logicielles qui peuvent vous aider à, par exemple, épargner en vue de la retraite, gérer vos dépenses, simplifier vos demandes de crédit, ou transférer des fonds. Plaid est le moteur de ces applications logicielles, qui sont créées et fournies par nos clients commerciaux (nous les désignons ici sous le nom de « développeurs »). Nous assurons l’accès à des données financières utilisables et de grande qualité, que nous traduisons et normalisons en vue d’aider nos développeurs à se concentrer sur l’élaboration d’une expérience dont vous tirerez profit.
Concernant cette Politique de confidentialité Nous voulons dans cette Politique donner une explication simple et directe de la nature de l’information que Plaid recueille auprès des utilisateurs finaux, et à leur sujet, ainsi que de nos méthodes d’utilisation et de communication de cette information. Si nous faisons généralement appel à nos développeurs pour vous tenir informés des services que nous fournissons à ces derniers, et aussi pour communiquer des avis et obtenir les consentements qui nous sont nécessaires pour traiter vos données, nous avons la transparence à cœur et nous tenons à décrire clairement et en peu de mots comment nous traitons vos données.
Notez que cette Politique porte uniquement sur l’information que Plaid recueille, utilise et transmet, sans expliquer l’usage que font nos développeurs de toute donnée sur un utilisateur final que nous leur transmettons (ou autre information qu’ils peuvent recueillir au sujet de cet utilisateur final, c’est-à-dire vous-même). Cette politique ne traite pas non plus des sites Web, produits ou services fournis par d’autres. Nous vous invitons à passer en revue les politiques ou avis de confidentialité de nos développeurs ou des tierces parties en cause afin de vous mettre au courant de leurs façons de faire.
Comment nous traitons les données
Information que nous recueillons
L’information que vous fournissez: lorsque vous reliez vos comptes financiers à l’application d’un développeur, vous pouvez faire appel à nos services intégrés pour communiquer les données de connexion dont votre institution financière a besoin pour accéder à votre compte (nom d’utilisateur et mot de passe, réponses à des questions d’identification, jeton de sécurité, etc.). Quand vous donnez cette information, vous accordez au développeur (et à Plaid en sa qualité de fournisseur de services) le pouvoir d’agir en votre nom pour accéder à vos renseignements depuis l’institution financière en cause, et les transmettre.
L’information recueillie auprès de vos institutions financières: la nature de l’information que nous envoient les institutions financières détenant vos comptes financiers varie en fonction des services particuliers de Plaid dont se servent nos développeurs pour leurs applications, de même que de l’information mise à notre disposition par vos institutions financières. Les types d’information que nous recueillons auprès de vos institutions financières peuvent comprendre, notamment, mais non limitativement:
de l’information sur le compte (nom de l’institution financière, nom du compte, type de compte, numéro de compte et d’acheminement, etc.);
de l’information sur le solde du compte, notamment le solde actuel et le solde disponible;
de l’information sur les comptes de crédit, notamment dates d’échéance et solde dû dans les relevés, montants et dates des paiements, historique des opérations, et intérêts;
de l’information sur les comptes de prêt, notamment dates d’échéance, soldes, montants et dates des paiements, intérêts, type de prêt, mode de paiement, et durée du prêt;
de l’information sur le ou les détenteurs du compte (nom, adresse courriel, numéro de téléphone, adresse, etc.);
de l’information sur les opérations du compte, notamment le montant, la date et le type, et une description de l’opération.
Les données peuvent comprendre de l’information sur tous vos sous-comptes (de chèques, d’épargne, carte de crédit, etc.) accessibles au moyen d’un ensemble unique d’identifiants de compte, même si vous n’avez désigné qu’un seul sous-compte.
L’information envoyée par vos appareils: notre technologie est intégrée aux applications de nos développeurs. Quand votre appareil se connecte à nos services par une application d’un développeur, nous recevons des données sur cet appareil (adresse IP, modèle du matériel, système d’exploitation et autres données techniques). Nous pouvons aussi faire appel à des cookies (témoins), ou technologies de suivi semblables, pour recueillir des données sur le taux d’utilisation et pour nous aider à améliorer nos services.
L’information à votre sujet qui nous parvient d’autres sources: nous pouvons aussi recevoir de l’information à votre sujet directement du développeur en cause ou d’autres tierces parties, notamment des fournisseurs de services et des services de vérification de l’identité.
Usage que nous faisons de vos renseignements
Nous nous servons de l’information que nous recueillons pour exploiter, améliorer et protéger les services que nous offrons à nos développeurs, et pour en créer de nouveaux. Plus précisément, nous faisons l’usage des renseignements à votre sujet aux fins suivantes :
Exploiter, fournir et maintenir nos services;
Améliorer, rehausser, modifier, agrandir et développer encore davantage nos services;
Vous protéger et protéger nos développeurs, nos partenaires ou Plaid contre la fraude, les actes malveillants, et les autres problèmes de confidentialité et de sécurité;
Développer de nouveaux services;
Assurer un soutien à nos clients développeurs, entre autres aider à répondre à vos demandes de renseignements sur nos services ou sur les applications de nos développeurs;
Enquêter sur tout usage abusif de nos services ou des applications de nos développeurs, y compris sur toute violation de notre Politique relative aux développeurs, sur des activités criminelles ou sur les accès non autorisés à nos services;
À toute autre fin à laquelle vous consentez.
Comment nous communiquons et stockons vos renseignements
Nous prenons des mesures destinées spécifiquement à protéger l’information de l’utilisateur final en notre possession, entre autres en assurant des contrôles de la sécurité de l’information comme le cryptage de données, les pare-feu, les contrôles d’accès logiques et physiques, et la surveillance permanente. L’efficacité de ces contrôles fait l’objet d’évaluations périodiques à l’interne en fonction des normes de l’industrie, et par des auditeurs de sécurité indépendants.
Nous ne vendons ni ne louons de renseignements relatifs aux utilisateurs finaux aux spécialistes du marketing ou autres tierces parties, mais nous communiquons en fait de tels renseignements à des tiers, comme décrit dans la présente Politique. À titre d’exemple, nous communiquons vos renseignements au développeur de l’application que vous utilisez, selon les directives de ce développeur (par exemple avec une autre tierce partie si vous en donnez instruction). Nous pouvons aussi communiquer vos renseignements :
Avec votre consentement;
Avec nos fournisseurs de services, partenaires ou entrepreneurs relativement aux services qu’ils rendent à nous ou à nos développeurs;
Si nous croyons de bonne foi que la divulgation s’impose pour se conformer aux lois, règlements ou procédures juridiques applicables (par exemple une ordonnance d’un tribunal ou une assignation à témoigner);
En lien avec un changement de propriétaire ou de contrôle de notre entreprise, en tout ou en partie (fusion, acquisition, réorganisation, faillite, etc.);
Entre et parmi Plaid et ses parents, filiales et succursales actuels et futurs, et autres entreprises sous un même contrôle et une même propriété;
Selon ce que nous estimons raisonnable pour protéger vos droits, votre confidentialité, votre sécurité ou vos biens, ou ceux de nos développeurs ou partenaires, ou de Plaid.
Nous pouvons recueillir, utiliser et communiquer les renseignements que nous recueillons sous une forme groupée ou anonymisée (qui ne vous identifie pas personnellement) à toute fin autorisée par le droit applicable. Cela comprend la création ou l’utilisation de données groupées ou anonymisées à partir de l’information recueillie en vue d’établir de nouveaux services et de faciliter les recherches.
Nous conservons l’information que nous recueillons à votre sujet aussi longtemps qu’il le faut pour répondre aux objets énoncés dans cette Politique, à moins qu’un délai de conservation plus long soit exigé ou autorisé par le droit applicable, des règlements ou un contrat. Nous pouvons, dans le respect du droit applicable, conserver vos renseignements même après que vous avez cessé d’utiliser une application ou résilié votre compte avec nos développeurs (si par exemple vous avez encore un compte avec un autre développeur, ou s’il reste quelques renseignements dans nos bases de données ou systèmes); dans ce cas, vos renseignements ne seront utilisés et communiqués que dans la mesure exigée par la loi ou conformément à cette Politique.
Quelques derniers petits détails…
Nous pouvons à l’occasion modifier cette Politique de confidentialité. Dans ce cas, nous affichons la nouvelle politique sur le site Web de Plaid (plaid.com/legal) et actualisons la date d’entrée en vigueur figurant au début des présentes. Conformément à nos ententes avec les développeurs, nous informons également ces derniers de toute modification importante, parce qu’ils sont généralement les mieux placés pour en informer au besoin leurs utilisateurs finaux.
Modifications de cette politique
Le nom complet de notre entreprise est Plaid Inc. Voici nos coordonnées :
P.O. Box 636
San Francisco, CA 94104
Nota : dans certains ressorts, vous avez le droit d’accéder à des renseignements personnels vous concernant, qui sont sous le contrôle d’une organisation. Nous vous invitons à prendre directement contact avec le développeur ou fournisseur de l’application que vous utilisez pour toute question sur les services offerts par le développeur, l’accès à vos renseignements personnels ou notre lien avec ce développeur. Nous nous associons à nos développeurs pour répondre aux demandes de renseignements à notre sujet, ou qui concernent nos services ou la façon dont nous traitons les données, et il peut arriver que nous communiquions les messages que nous recevons de votre part, ou vos coordonnées, au développeur en cause pour qu’il y réponde.
Effective Date: June 14, 2018
Thank you for visiting and/or using Plaid!
This Privacy Statement explains the ways Plaid Inc. ("Plaid," “we,” or “us”) may collect, use, and share information about you in connection with your access to or use of Plaid’s websites and our products and services (collectively, “Services”), and in connection with any other information we collect when you interact with us, except as outlined in the paragraph below. We hope you will take some time to read this Privacy Statement carefully.
Jump to section:
Our Data Practices
Information We Collect
Information you provide. We collect the information you provide directly to us, such as the information you provide when you create a developer account, update your profile, fill out our "contact us" forms, sign up for our emails, request customer support, enroll in billing, execute a services agreement, complete a compliance questionnaire, or otherwise communicate with us. The types of information we collect from you may include, but is not limited to, full name, email address, company name, address, phone number, driver’s license, date of birth, taxpayer identification number, and any other information you choose to provide.
Information we collect when you use our Services. When you use our Services, we automatically collect information about you, including:
Log Information: We collect log files when you use our Services, which includes, but is not limited to, the type of browser you use, access times, pages viewed, and your IP address.
Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information when you use our Services, including cookies and web beacons. Cookies are small data files stored by your web browser, on your hard drive, or in device memory that help us improve our Services and your experience, determine usage of parts and features of our Services, and monitor for and detect potential harmful conduct. Web beacons are electronic images that may be used in our Services or emails and help deliver cookies, count visits, and understand usage and campaign effectiveness.
Information we collect from other sources. We may also collect information about you from other sources. For example, we may collect information about you from other members of your company, which may include your name, email address, and date of birth.
How We Use Your Information
Examples of how we use the information we collect include:
To operate, improve, and develop our Services;
To verify the identity of you and other members of your company;
To bill developers for our Services, to transmit payment, and for tax reporting purposes;
To send you technical notices, updates, security alerts, and administrative messages;
To respond to your comments, questions, inquiries, and customer service requests;
To help personalize the Services experience for you;
To communicate with you about products, services, offers, and events offered or sponsored by Plaid, and to provide news and other information we think may be of interest to you;
To monitor and analyze trends, usage, and activities in connection with our Services;
To try to detect and prevent fraud, malicious activity, and other illegal activities;
To protect the rights, privacy, safety, or property of Plaid and others; and
For any other purpose described to you when the information was collected.
How We Share Your Information
We may share information about you as follows, or as otherwise described in this Privacy Statement:
With our service providers, partners, contractors, or vendors, including collection agencies in the event of delinquent payments from our developers;
If we believe in good faith that disclosure is appropriate to comply with applicable law, regulation, or legal process (such as a court order or subpoena), including in connection with requests from law enforcement or other governmental authorities;
If we believe your actions are inconsistent with our agreements or policies, or to protect the rights, privacy, safety, or property of Plaid or others;
In connection with a change in ownership or control of all or part of our business (such as a merger, acquisition, reorganization, or bankruptcy);
Between and among Plaid and our current and future parents, affiliates, subsidiaries and other companies under common control and ownership; and
With your consent or at your direction.
We may also collect, use, and share aggregated or de-identified information, which cannot reasonably be used to identify you, for any purpose permitted under applicable law.
Developer Account Information. You may update information you provide to us as part of your online developer account by logging into your account or by contacting us.
Cookies. Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
Promotional or Marketing Communications. You may opt out of receiving promotional or marketing emails from Plaid by following the instructions in those emails. If you opt out and are one of our developers, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
Access to Your Information. In certain jurisdictions, you have the right (i) to know if we have collected information about you under this Privacy Statement, (ii) to request access to the personal information we have in our custody and control (subject to certain legal limitations), and (iii) to have the right to have it corrected or annotated if you believe there are any errors in your personal information. As described above, if you are one of our developers, you can conveniently access your online account information by logging into your account or by contacting us. To obtain access to personal information, please contact us at the contact information provided below. We may require additional information to verify your identity, which will only be used for that purpose.
Changes to this Statement
We may change this Privacy Statement periodically. If we make changes, we will notify you by updating the effective date at the top of the Statement. We may also provide notice of any changes through other means, such as placing a notice on our homepage or sending you an email. We encourage you to review the Privacy Statement whenever you access the Services or otherwise interact with us to stay informed about our data practices and the choices available to you.
If you have any questions about this Privacy Statement, please contact us at:
P.O. Box 636
San Francisco, CA 94104
Effective Date: May 15, 2018
This Developer Policy ("Policy") provides rules and guidelines that govern access to or use by our developers ("you" or “your”) of the Plaid API, websites (“Site”), dashboards, related tools, and other products or services (collectively, the "Service") provided by Plaid Inc. (“Plaid,” “we,” or “us”). Any violation of this Policy may result in suspension or termination of your access to the Service and/or access to end users’ personal and financial information ("End User Data").
By accessing and using the Service, you agree to comply with all the terms of this Policy. This Policy will apply each time you access or use the Service. If you are agreeing to the terms of this Policy on behalf of an organization or entity, you represent and warrant that you are so authorized to agree on behalf of that organization or entity. This Policy is important; please read it carefully.
We may change this Policy at any time in our discretion. If we make any change to this Policy that we deem to be material, we will make a reasonable effort to inform you of such change. If you don’t agree with the change, you are free to reject it; unfortunately, that means you will no longer be able to use the Service.
Jump to section:
To sign up for the Service, you must create an account ("Account") by registering on our Site and providing true, accurate, and complete information about yourself and your use of the Service. You agree not to misrepresent your identity or any information that you provide for your Account, and to keep your Account information up to date at all times. It is your responsibility to maintain access to your Account; you may never share your Account information, including your password and Client Secret, with a third party or allow any other application or service to act as you.
If you become aware of any unauthorized use of your Account or any other breach of security, please immediately notify us via email to firstname.lastname@example.org.
Compliance with Applicable Law
When using the Service, you must abide by all applicable local, state, national, and international laws and regulations. You also confirm that you, your business, your employees, your service providers, and any others acting on your behalf adhere to all applicable laws and regulations, especially those pertaining to financial and personally-identifiable data. You are solely responsible for ensuring that your use of the Service is in compliance with all laws and regulations applicable to you.
You are responsible for securely maintaining your authentication credentials, including your Client Identification Number ("Client ID") and Client Secret. You must notify us immediately in the event of any breach of security or unauthorized use of your Account or any End User Data. You must never publish, distribute, or share your Client ID or Secret, and must encrypt this information in storage and during transit.
Your systems and application(s) must handle End User Data securely. With respect to End User Data, you should follow industry best practices but, at a minimum, must perform the following:
Maintain administrative, technical, and physical safeguards that are designed to protect the security, privacy, and confidentiality of End User Data.
Use modern and industry standard cryptography when transmitting any End User Data.
Maintain reasonable access controls to ensure that only authorized people have access to any End User Data.
Monitor your systems for any unauthorized access. Patch vulnerabilities in a timely fashion. Log and review any events suggesting unauthorized access.
Plan for and respond to security incidents.
Comply with relevant rules and regulations with regard to the type of data you are handling, such as the Safeguards Rule.
Unless otherwise agreed in writing with Plaid, you agree to only store all End User Data in the locations in which you operate. Any End User Data in your possession must be stored securely and in accordance with applicable laws and regulations.
You, and you alone, are responsible for providing all customer service to your end users for any and all issues relating to your product and services, including but not limited to issues relating to your use of the Service.
Once you stop using the Service in accordance with any applicable agreement you may have with us, you may deactivate your Account by following the instructions on the Site. We may also deactivate your Account if you have ceased using the Service for three months; your applicable agreement with us terminates or expires; or as reasonably necessary under applicable law. After your Account deactivation, we will deprovision your access to all End User Data associated with your integration.
You agree not to, and agree not to assist or otherwise enable any third party to:
access or use the Service or End User Data for any unlawful, infringing, threatening, abusive, obscene, harassing, defamatory, deceptive, or fraudulent purpose;
collect and store end user’s bank credentials and/or End User Data other than as required to access or use the Service, as authorized by the end user, as permitted by Plaid, and as permitted under applicable law;
use or disclose any "nonpublic personal information" (as defined under the Gramm-Leach-Bliley Act) received from Plaid for any purpose not permitted under applicable law;
access or use the Service or access, transmit, process, or store End User Data in violation of any applicable privacy laws or in any manner that would be a breach of contract or agreement with the applicable end user;
access or use the Service to infringe any patent, trademark, trade secret, copyright, right of publicity, or other right of any person or entity;
access or use the Service for any purpose other than for which it is provided by us, including for competitive evaluation, spying, creating a substitute or similar service to any of the Service, or other nefarious purpose;
scan or test (manually or in an automated fashion) the vulnerability of any Plaid infrastructure without express prior written permission from Plaid;
breach, disable, interfere with, or otherwise circumvent any security or authentication measures or any other aspect of the Service;
overload, flood, or spam any part of the Service;
create developer accounts for the Service by any means other than our publicly-supported interfaces (e.g., creating developer accounts in an automated fashion or otherwise in bulk);
transfer, syndicate, resell, or otherwise distribute the Service or End User Data without express prior written permission from Plaid;
decipher, decompile, disassemble, copy, reverse engineer, or attempt to derive any source code or underlying ideas or algorithms of any part of the Service, except as permitted by applicable law;
modify, translate, or otherwise create derivative works of any part of the Service;
access or use the Service or End User Data in a manner that violates any agreement between you or the end user and Plaid; or
access or use the Service or End User Data in a manner that violates any applicable law, statute, ordinance, or regulation.
Suspension and Termination
We reserve the right to withhold or refuse access to the Service and/or End User Data in whole or in part where we believe the Service is being accessed or used in violation of this Policy or any other Plaid agreement, including Plaid’s agreements with any third party partners or data sources of Plaid (each, a "Partner"), or where use would pose a risk to an end user, any Partner, or Plaid itself.
We will use reasonable efforts to notify you via email or other method when deciding to suspend or terminate access to the Service and/or End User Data. We may immediately suspend or terminate access without notice if appropriate under the circumstances, such as when we become aware of activity that is a violation of any applicable law or that exposes Plaid, its infrastructure, data, or Service, or any Partner to harm, including reputational harm.
Plaid will not be liable for any damages of any nature suffered by you or any third party resulting from Plaid’s exercise of its rights under this Policy or under applicable law.
If any person becomes aware of a violation of this Policy, we request that you immediately notify us via email to email@example.com. We may take any appropriate action -- including reporting any activity or conduct that we suspect violates the law to appropriate law enforcement officials, regulators, or other appropriate third parties -- in our sole discretion in respect to such violations.
The failure by you or Plaid to exercise in any respect any right provided for herein shall not be deemed a waiver of any further rights hereunder.
If any provision of this Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Policy shall otherwise remain in full force and effect and enforceable.
Last updated on September 22nd, 2015
The Service enables applications to connect with end-user-authorized data from financial institutions including banks, card issuers, and card networks ("financial institutions"). Further, we attempt to structure, normalize, and cleanse the data we return to the client into a concise and highly functional format. Plaid currently supports financial institutions in the United States. We are neither a bank, money service business, nor payment processor – and we cannot assume any liability for the products or services that are built using our service.
We will provide customer service to help resolve any issues relating to your Account, our services, and the other use of our software. The extent and nature of such customer service may be determined by Plaid in its sole and absolute discretion. You, and you alone, are responsible for providing all customer service to your end-users for any and all issues relating to your product and services, including but not limited to issues relating to the Service. For questions on how to contact Plaid support, please see our support page.
General Services Content
You agree that the Service contains information and other content specifically provided by Plaid or its partners and that such content is protected by copyrights, trademarks, service marks, patents, trade secrets or other proprietary rights and laws. For clarity, this section does not apply to end User Data. Except as expressly authorized by Plaid in writing, you shall not sell, license, rent, modify, distribute, copy, reproduce, transmit, publicly display, publicly perform, publish, adapt, edit or create derivative works from such content. However, Plaid hereby grants you a limited, revocable, non-sublicensable license to reproduce and display such content (excluding any software code); provided, that you retain all copyright and other proprietary notices contained therein. Reproducing, copying or distributing any such content, including any materials or design elements on the Service, for any other purpose is strictly prohibited without the express prior written permission of Plaid.
Your Security Obligations
We cannot guarantee the security of our users' applications. We reserve the right to terminate a user without notice if we suspect that they are at risk of a security breach. While we cannot ensure that our users follow all the necessary security protocols, we strongly recommend that you adhere to the following minimum security protocols:
Use of PCI compliant servers
Use of HTTPS for all API requests (non-HTTPS requests are currently disabled)
Do not store end-user credentials or other sensitive personally identifiable information
Encryption of your client ID and secret in all storage and communication
It is your responsibility to maintain the security of your account information, including your Client Identification Number ("client ID") and Client Secret ("secret"). You must notify us immediately of any breach of security or unauthorized use of your Account. You may never publish, distribute or share your Client ID or Secret.
You are responsible for all of your (and your end users') activity in connection with the Service. You shall not (and shall not permit any other party to) either (a) take any action or (b) upload, download, post, submit or otherwise distribute or facilitate distribution of any content on or through the Service, that:
infringes any patent, trademark, trade secret, copyright, right of publicity or other right of any other person or entity or violates any law or contractual duty;
is unlawful, threatening, abusive, harassing, defamatory, libelous, deceptive, fraudulent, invasive of another's privacy, tortious, obscene, vulgar, pornographic, offensive, profane, contains or depicts nudity, contains or depicts sexual activity, or is otherwise inappropriate as determined by us in our sole discretion;
contains software viruses or any other computer codes, files, or programs that are designed or intended to disrupt, damage, limit or interfere with the proper function of any software, hardware, or telecommunications equipment or to damage or obtain unauthorized access to any system, data, password or other information of ours or of any third party;
impersonates any person or entity, including any of our employees or representatives; or
includes anyone's identification documents or sensitive financial information.
You shall not (directly or indirectly): (i) decipher, decompile, disassemble, reverse engineer or otherwise attempt to derive any source code or underlying ideas or algorithms of any part of the Service (including without limitation any application), except to the limited extent applicable laws specifically prohibit such restriction, (ii) modify, translate, or otherwise create derivative works of any part of the Service, or (iii) copy, rent, lease, distribute, or otherwise transfer any of the rights that you receive hereunder. You shall abide by all applicable local, state, national and international laws and regulations.
You shall not: (i) take any action that imposes or may impose (as determined by us in our sole discretion) an unreasonable or disproportionately large load on our (or our third party providers') infrastructure; (ii) interfere or attempt to interfere with the proper working of the Service or any activities conducted on the Service; (iii) bypass, circumvent or attempt to bypass or circumvent any measures we may use to prevent or restrict access to the Service (or other accounts, computer systems or networks connected to the Service); (iv) run any form of auto-responder or "spam" on the Service; (v) use manual or automated software, devices, or other processes to "crawl" or "spider" any page of the Site; (vi) harvest or scrape any content from the Services; or (vii) otherwise take any action in violation of our guidelines and policies.
Privacy and End User Data
Payments and Billing
The terms of your payment will be based on your payment method and may be determined by agreements between you and the financial institution, credit card issuer or other provider of your payment method. If we, through the payment processor, do not receive payment from you, you agree to pay all amounts due on your billing account upon demand.
Some of the paid services may consist of recurring period charges as agreed to by you. By choosing a recurring payment plan, you acknowledge that such services have an initial and recurring payment feature and you accept responsibility for all recurring charges prior to cancellation. We may submit periodic charges (e.g., monthly) without further authorization from you, until you provide notice (receipt of which is confirmed by us) that you have terminated this authorization or wish to change your payment method. Such notice will not affect charges submitted before we reasonably could act.
You must provide current, complete and accurate information for your billing account. You must promptly update all information to keep your billing address current, complete and accurate, and must promptly notify us or your payment processor if your payment method is canceled (e.g., for loss or theft) or if you become aware of a potential breach of security. If you fail to provide any of the foregoing information, you agree that we may continue charging you for any use of paid services under your billing account unless you have terminated your paid services as set forth above.
If the amount to be charged to your billing account varies from the amount you preauthorized (other than due to the imposition or change in the amount of state sales taxes), you have the right to receive, and we shall provide, notice of the amount to be charged and the date of the charge before the scheduled date of the transaction. Any agreement you have with your payment provider will govern your use of your payment method. You agree that we may accumulate charges incurred and submit them as one or more aggregate charges during or at the end of each billing cycle.
Your non-termination or continued use of a paid service reaffirms that we are authorized to charge your payment method for that paid service. We may submit those charges for payment and you will be responsible for such charges. This does not waive our right to seek payment directly from you. Your charges may be payable in advance, in arrears, per usage, or as otherwise described when you initially selected to use the paid service.
You agree that, during the time you are a registered Service user, we may identify you as a customer of Plaid (including, without limitation, on the Site and in promotional materials).
Limitation on Liability
IN NO EVENT SHALL PLAID, ITS OFFICERS, DIRECTORS, EMPLOYEES, AGENTS, VENDORS OR SUPPLIERS BE LIABLE UNDER CONTRACT, TORT, STRICT LIABILITY, NEGLIGENCE OR ANY OTHER LEGAL THEORY WITH RESPECT TO THE APPLICATION: (I) FOR ANY LOST PROFITS OR SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES OF ANY KIND WHATSOEVER, EVEN IF FORESEEABLE, (II) FOR ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE (REGARDLESS OF THE SOURCE OF ORIGINATION), OR (III) FOR ANY DIRECT DAMAGES IN EXCESS OF (IN THE AGGREGATE) $100.00 (U.S.) (PROVIDED THAT, IF YOU ARE A PAYING USER OF THE SERVICE, SUCH AMOUNT SHALL BE CAPPED AT THE AMOUNTS PAID BY YOU TO PLAID DURING THE THREE (3) MONTH PERIOD IMMEDIATELY PRIOR TO THE DATE THE CAUSE OF ACTION ACCRUED). THE FOREGOING LIMITATIONS SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.
THE SERVICE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. PLAID MAKES NO WARRANTY THAT (I) THE SERVICE IS FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS, OR (II) THE RESULTS OF USING THE SERVICE WILL MEET USER'S REQUIREMENTS. IN ADDITION, PLAID MAKES NO WARRANTY THAT ANY END USER DATA WILL BE TIMELY, ACCURATE OR COMPLETE. THE FOREGOING DISCLAIMERS SHALL NOT APPLY TO THE EXTENT PROHIBITED BY APPLICABLE LAW.