Privacy & security
At Spaycial, we have nothing to hide. Ethics and transparency are cornerstones of all our activities.
Spaycial is an ACPR-Banque de France-approved payment institution (CIR 17038) since 2018 and is GDPR compliant.
ACPR & Banque de France
Payment Services Directive (PSD2)
Since 2018 and PSD2, Spaycial has an ACPR-Banque de France-agreement, a license allowing us, third-party provider, to collect payment data, that makes it easy and secure for shopping enthusiasts to be rewarded for purchases in their favorite stores.
What transactions do we have access to?
We only have access to the consultation of your current account transactions or, if applicable, to your bank card transactions used within the framework of loyalty programs to which you have subscribed and in order to:
- allow you to access our services,
- allow us to issue cashbacks,
- communicate personalized promotional offers to you,
- carry out aggregate statistics and 100% anonymized.
Under no circumstances do we have access to your savings account. We can never make an internal or external transfer from your account.
Protection of your personal data
In order to ensure the protection of your data, we implement various security mechanisms for your data such as :
The banking transactions we analyze are linked to random identifiers so that neither our banking partners nor our customers (merchants, shopping malls) are able to identify you.
Servers based in Europe
Our solution is hosted in Europe on a network infrastructure that complies with PSD2 security requirements.
Access control & authentication
In order to protect our users’ data, we use several strong authentication methods. As part of our governance, we follow an authorization and clearance process to limit access to your data.
Our solution and infrastructure are regularly audited by independent auditors.
We make all newcomers aware of security through continuous monitoring and training on basic risks.