Data Security is at the heart of everything we do and our most important promise to you. We take your privacy very seriously and we will never disclose, share or sell your data without your consent, unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in our Terms and Conditions and Privacy Policy.

The Legal and Regulatory bits

Upside is a registered data controller with the Information Commissioner's Office (ICO) - ICO Registration
We always act in compliance with the Data Protection Act (DPA 2018)
Where you have consented to us providing you with promotional offers and/or marketing, you are free to withdraw this consent at any time.

Our extremely clever engineers say:

Upside combines our cutting-edge technology with industry standard security measures for handling your data;
All data stored in our servers is encrypted;
All communication messages between our servers, your bank and our app are secured with encryption during transmission, making them secret;
Upside's servers run on Amazon's cloud technology, trusted by some of the largest financial institutions in the world;
We utilise read only access to your bank transactions and use tokens meaning that your credentials are never stored in our systems

Will Upside ever share my data?

Upside runs 'Cashback campaigns' on behalf of our Partners. As such, where applicable, we provide the Cashback eligible transaction data back to the retailer for validation so they can then approve and pay the Cashback.
Depending on the information held by the merchant/partner already, especially in the case of loyalty cards, that merchant may know who made the transaction though this would be the case only if you are already 'known' to a specific retailer in the first place.
That said, Upside will never pass on any personal information to any other party that is not involved in the transaction or supply any information not already known to the originating merchant.
We do not pass on any form of visual identity at all.

What that means is, we:

Have read-only access to your transaction data, based on your OpenBanking (PSD2) authorisation (linking your account);
Never store or have access to your bank login details;
Cannot access your bank account directly, so no money can be taken from your account without your prior knowledge and consent
Will never share your data with any third party with the exception of transaction data specifically relating to a purchase qualifying for cashback

If you require more information or would like to speak to us about Upside's approach to security and privacy feel free to contact us at [email protected] or Talk to us
Was this article helpful?
Thank you!