Privacy is an absolute non-negotiable when it comes to money. In this post we lay out our honest and transparent approach to privacy. There’ll be parts you like, parts you don’t agree with, and parts we could’ve missed. In any case, we are open for dialogue towards anything that can make Fold better and trustworthy for everyone.
Privacy by law
We are part of a regulated and self-policing ecosystem that ensures data safety and protects against data misuse.
- Fold is a certified Financial Information User in the Account Aggregator ecosystem and adhere to technical specifications prescribed by ReBIT, an undertaking of the Reserve Bank of India.
- Finvu, an RBI-regulated Account Aggregator is our partner to ensure that we get access to your data through a secure and encrypted process.
- We are a member of Sahamati, an industry alliance coordinating and promoting the Account Aggregator ecosystem in India.
- We are ISO 27001 certified, a widely recognised standard for information security.
- We are in the process of obtaining PCI DSS and SOC2 compliance certificates before going out of beta in 2023.
- We work with third parties that are regulated and adhere to industry-standard compliance and auditing practices.
Privacy by design
We take the following measures in designing our databases:
- Our database is encrypted using AES 256-bit encryption at rest and we limit access to the database to only authorised Fold services.
- We encrypt data in transit using TLS/HTTPS protocol when accessed by our clients (iOS/Android/Web app).
- Our infrastructure is built on top of Amazon Web Services, which has more than 96 industry security certifications, including ISO 27001, PCI DSS, and SOC3.
- All data is stored only in AWS data centres in India.
- We have a database backup retention policy of 3 days with encrypted backups.
- Transactions are processed only to provide financial insights and automatic categorisation.
- Fold doesn’t read your emails or messages in any case or scenario. All your financial data is securely fetched through an RBI Licensed Account Aggregator.
We hope this post helps Fold in securing your confidence, and if you were on the fence, you give Fold a shot. We want to make better financial products for India, we are homegrown and proud and we won’t be able to do it without your trust and help. We are available at [email protected].