Plum Fintech Limited ("We") are committed to protecting and respecting your privacy.
This policy (together with our Terms and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By using our personal savings assistant that monitors your daily spending and automatically sets aside money for you (the "Service"), you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (the "Act"), the data controller is Plum Fintech Limited of Shack 15, 67-71 Shoreditch High Street, London, England, E1 6JJ.
We may collect and process the following data about you:
We use account aggregation providers, currently Yodlee Inc., to help us to provide the Service by accessing your bank account information (“Account Aggregators”). By using the Account Aggregator’s service, you agree and grant their permission to aggregate your personal data, which may then be stored outside of your own country to the extent permitted by applicable law.
MANGOPAY helps us to provide the Service by providing you with an e-wallet. We will transfer your data to MANGOPAY as part of the MANGOPAY service. MANGOPAY will be a data processor of your data for the purposes of the Act. You also agree and grant MANGOPAY permission to pass your data to its own sub-contractors and partners when this data is necessary for MANGOPAY to fulfil its legal and regulatory obligations as an issuer of electronic money.
Facebook Messenger helps us to communicate to you and provide you the Service. By using the Facebook Messenger service, you agree to abide by their messenger platform policy https://developers.facebook.com/policy#messengerplatform.
We use information held about you in the following ways:
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
We will not share any of your personal bank account information with any third party. Any personal bank account information (such as account number and sort code) is stored and encrypted in our database using symmetric cryptography. We do not hold any of your personal bank login information; this will be held by our trusted Account Aggregator.
We may disclose your personal information to third parties:
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
A cookie is a small amount of data which often includes a unique identifier that is sent to your computer, tablet or mobile phone. Such technology can improve your experience of using a website, for example, by remembering your preference settings and tracking your use of a website so that it can be improved to meet your needs.
Cookies can be categorised as follows:
Currently we don’t use any cookies on our site.
Our site uses HTML5 Local Storage so that our domain can store and access the same data. Local Storage is similar to cookies in that it can store data locally within the user's browser. Local Storage also makes it possible to store large amounts of data, without affecting the website's performance.
We use HTML5 Local Storage to perform all the user actions associated with the Service such as facilitating deposits and withdrawals and also to ensure the security of your account. HTML5 Local Storage is not used to collect personal data.
You can block cookies and Local Storage by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies you may not be able to access all or parts of our site.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by communicating to us via our site or by communicating to us via the Facebook chatbot on Facebook Messenger.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act.