Privacy Policy

Last updated: 2026-05-18

1. Who we are (controller)

This service is operated by Leenders Cloud Solutions BV, a Belgian besloten vennootschap registered in the Crossroads Bank for Enterprises under number 1013229732 (BTW BE1013229732), with its registered office at d'Erckenteelstraat 13, 3500 Hasselt. For any privacy-related question, contact gilles@leenders.be.

2. What data we process

• Account identity — your email address and display name, sourced from our identity provider (WorkOS).
• Bank account & transaction data — when you link a bank account via Ponto Connect, we receive IBAN, holder name, balance, and transaction history (description, counterparty, amount, value / execution date) under the OAuth scopes ai, name, offline_access.
• App-internal categorisation — categories, labels, notes, budgets you create. This data is generated by you, not by your bank.
• Operational metadata — IP address of each sync (PSD2/RTS requirement), timestamps, and a per-access audit row stored for your review on the Settings page.

3. Lawful basis

• Contract performance (GDPR Art. 6(1)(b)) — running the app you signed up to.
• Consent (GDPR Art. 6(1)(a)) — for the bank-linking step. You can revoke this at any time on the Settings page; we then revoke the upstream grant and detach the account(s) from our integration.

4. Where the data lives

All servers and databases for this app are hosted in Amazon Web Services eu-west-1 (Ireland). Bank data passes through Isabel NV / Ibanity infrastructure in the EU; see §6 for processor details.

5. Retention

Bank-sourced transactions are retained for a window you control on the Settings page (default: 2 years; range 30 days–10 years). A nightly job deletes rows older than your configured window. App-internal data (categories, budgets, labels) is retained until you delete the profile.

6. Processors / sub-processors

• Isabel NV / Ibanity — Account Information Service Provider (AISP) authorised by the National Bank of Belgium (#0455.530.509). Fetches and forwards your bank data on your behalf. See ibanity.com.
• Amazon Web Services EMEA SARL — infrastructure hosting (compute, storage, networking) in eu-west-1.
• WorkOS Inc. — authentication / identity (email + sign-in only).

7. Onboarding pre-fill (when enabled)

If we use Ponto's optional onboarding pre-fill before redirecting you to your bank, your email address is sent to Ponto so they can pre-populate the consent screen. We disclose this here per Ibanity's documentation requirement.

8. Your rights

• Access (Art. 15) — the Settings > Data access log surfaces every read.
• Rectification (Art. 16) — update categories/labels in-app; for source data, contact your bank.
• Erasure (Art. 17) — Settings > Delete this profile wipes everything.
• Portability (Art. 20) — request a JSON export by email.
• Lodge a complaint with the Belgian Data Protection Authority (Gegevensbeschermings­autoriteit) — Drukpersstraat 35, 1000 Brussels — gegevensbeschermingsautoriteit.be.

9. Security

Bank refresh tokens are encrypted at rest with AES-GCM. All in-transit traffic uses TLS 1.2+. Calls to Ibanity are authenticated with a private mTLS keypair held exclusively in our infrastructure.

10. Changes to this policy

Material changes are announced in-app at next login. The current version is always available at this URL.