PreeceBanking ("the Service") is a private, self-hosted application operated by an individual ("the Operator") who is also the only data subject. This policy explains what data the Service handles and why.
The Operator is the data controller. The Service runs on the Operator's own server; data is not hosted by, or shared with, any third-party application or analytics provider.
Through Enable Banking's account information services, and only for the Operator's own accounts, the Service retrieves: account identifiers and metadata (e.g. account name, IBAN, currency), balances, and transaction records. These are stored verbatim. No data belonging to any other person is collected.
Solely to give the Operator a consolidated view of their own finances for personal record-keeping. The data is not used for marketing, profiling for third parties, or any automated decision-making affecting others.
Processing is carried out on the basis of the Operator's own consent, which authorises the bank, via Enable Banking, to share the Operator's account information. Consent can be withdrawn at any time by revoking access in the bank or letting the authorisation lapse.
The only third party in the data flow is Enable Banking, acting as the regulated account-information service provider that brokers access to the banks. No data is passed onward to any other party.
Data is held in a database on the Operator's self-hosted server, accessible only to the Operator. It is retained for as long as it is useful to the Operator and deleted on request or when no longer needed. Access to the server and its secrets is restricted.
As the sole data subject and controller, the Operator can access, correct, export, or delete the data directly. Bank-held data rights are exercised with the bank.
Privacy questions: privacy@russellpreece.com.