Frollo, as an Accredited Data recipient, provides a personal finance management mobile app that can access your personal banking information securely via the governments’ Open Banking initiative. The rules for Open Banking are defined by the Consumer Data Right (CDR) which aims to provide greater choice and control for Australians over how their data is used and disclosed.
In order to access customer banking data, a person must be identifiable, or ‘reasonably identifiable’ and the data requested from the bank accounts nominated relates to them and is appropriate for that persons use. This includes banking data from a joint account.
Collection of your personal banking data
Frollo adopts a data minimisation approach and only collects banking information which is necessary to provide its personal finance management service.
There are no fees for accessing your personal banking data and Frollo does not accept consumer requests to access any additional data such as voluntary product or consumer data that the bank may have but not obligated to supply under the CDR rules.
All data collected, with a person’s consent, is used in providing Frollo personal finance services via an app. In this context, data which Frollo will access for the duration of the consent is:
- customer and account information,
- bank balances,
- and transactions made to and from the bank account nominated.
This will occur several times a day in order to supply the most up to date notifications required for the Frollo service to be useful as a finance management tool (for which it is intended).
A consent receipt is provided at the time of providing consent. Both the consent provided, in terms of its scope and duration, and a summary of data retrieved from the nominated bank account are provided in a dashboard available from the mobile app. Frollo customers will be able to change the consent provided or communicate any changes via this dashboard.
Classes of CDR data
The following classes of data are held by Frollo:
- Name of account
- Type of account
- Incoming & outgoing transactions
- Descriptions of transactions
- Who you have sent money to and received money from (e.g. their name, BSB, account number)
Purposes of CDR data
Account information and transaction details are collected by Frollo so we can support users with their financial goals. This information is used to provide users with insights about where their money is going, and tools to manage their money more effectively.
To provide a positive consumer experience and ensure consumer control over their data, Frollo does not provide information to third parties to engage in direct marketing. We may send information to customers from time to time relating to products and services that can assist with their financial goals and general financial wellness.
Frollo does not disclose or use your personal data (including banking data) for commercial purposes.
Frollo does not disclose your personal banking data to any non-accredited or accredited persons, be they in Australia or overseas.
Outsourced service providers
Frollo does not provide CDR data to any outsourced providers. Frollo develops and maintains its own software for use with banking data collected under the CDR Rules.
Accessing and correcting your personal information
A user can request correction of their data through the contact us channels listed below.
Sufficient details must be provided in order to assess and correct the data that is incorrect. If notified by phone or email, Frollo will update the consumer dashboard, as soon as practical, with the request and later with the notification of the corrective action if applicable.
Once assessed, notice is given over email and the consumer’s dashboard. The notice sets out what Frollo did in response to the request, any corrective action or comments, and the complaint mechanism available to the consumer if they are not satisfied.
How to contact us
How to make a complaint
If you believe that there has been a breach of the CDR rules by Frollo, please submit your CDR consumer data complaint via email to email@example.com.
Please include the following information when submitting your complaint.
- Your name;
- Your contact details;
- Your preferred contact method of complainant (phone / email / letter); and,
- The details of your complaint.
A CDR complaint can be made at any time. Once your complaint is received, Frollo will immediately acknowledge receipt of the complaint within five (5) business days of being received.
Frollo will investigate your complaint and attempt to provide you with a written response to resolve the complaint, within thirty (30) calendar days of receipt of your complaint.
If your complaint remains unresolved after thirty (30) calendar days, you will be advised in writing that additional time is required to complete the investigation and to provide a response.
When the complaint is resolved, you will receive a ‘final response’ letter within 45 days, informing you of:
- the final outcome of your complaint or dispute;
- your right to take their complaint or dispute to External Dispute Resolution; and
- if you are not satisfied with the response, you may lodge a complaint with the Australian Financial Complaints Authority.
If your complaint remains outstanding within forty-five (45) days, Frollo must write to you to:
- inform you of the reasons for the delay;
- specify a date when a decision can be reasonably expected;
- informs your of your right to take your complaint or dispute to an External Dispute Resolution; and
- if you are not satisfied with our response, you may lodge a complaint with the Australian Financial Complaints Authority.
Events for notifying CDR consumer
Frollo does not make a consumer’s data banking data accessible or visible to outside
organisations. Frollo employs stringent up to date information security practices.
In the event of a data breach e.g. someone gaining unauthorised access which results in loss of CDR data, we would notify a CDR consumer as soon as practical in order for the consumer to take appropriate action if required.
Consequence of withdrawing consent
When you stop sharing data with Frollo, then we will stop collecting data from this account. We will also delete any data we previously received from this account.
Without this data, we will be limited in our ability to help you track your budget.
The detailed impact to using Frollo is as follows:
- Transaction Details: If you stop sharing these details we will no longer be able to identify how much money you have spent.
- Direct debits and scheduled payments: If you stop sharing these details we will no longer be able to identify the amount of regular payments you make.
Deleting CDR data
You can stop sharing data with us at any time by going to your data sharing dashboard within the app: Settings>Data Sharing, or by writing to us at firstname.lastname@example.org
We will delete all banking data collected under a user’s consent, along with any derived data, within 24 hours of the following events:
- Your consent for access to banking data expires
- You stop sharing data with us before consent expires, or, you request data sharing to stop via the bank holding the account
- You delete your Frollo account
- Your bank notifies us that you cease to be an eligible consumer with them
When any of these events occur, subject to not requiring that the data is held by Australian law, Frollo will delete the users data using a scheduled daily process. The process deletes all bank data for the accounts for which consent was held. This includes data derived from the banking data obtained.
Availability of policy
Helping people feel good about money
Wouldn’t it be good not to have to worry about money?
Well, it’s possible. You can fix your finances in just a few simple steps. Once you see the full picture, tweak a few things, score some smart savings, you’ll soon have more coming in than you have going out. That’s all it takes to help you shift the balance.