waiz is registered at the Bank of Greece as an Account Information Service Provider under the European Regulation PSDII (Payment Services Directive II).
PSDII allows for new and existing fintech players to collect data from users’ payment accounts and present it to them through their own platforms, following their consent.
The regulation acknowledges that bank customers are the owners of their data and therefore only your consent is needed for us to access your data.
waiz adheres to all applicable financial services and security standards, as set out by EBA regulations (European Banking Authority) and GDPR providing bank-equivalent security.
All data is encrypted with the best available technology (2048-bit encryption keys) and tight security protocol, as per the European and local regulation.
We do not share your data with third parties.
This of course means we don’t sell your data – neither individual nor collective.
We do not match your data with your actual identity.
Only the data you see while using the application is drawn from your bank. If you don’t see it, we don’t have it.
We don’t store any data when you remove a bank or delete an account.