It has never been easier to manage your business finances as a freelancer - but easy shouldn’t mean unsecured. Kontist has a number of safety measures in place to make sure your money, your account and your business information are always protected.
Kontist is committed to protecting your personal information and ensuring that you are in control of your data.
There have been big changes in data in 2018, with PSD2 and GDPR, two major EU regulations relevant to banks, coming into force more or less at the same time. PSD2 mandates access for third parties to bank account information and GDPR creates a framework for protecting personal data based on individual consent.
Although it sounds like the two are in conflict - one mandating access and the other mandating privacy - we see this as an opportunity. It’s an opportunity for you as a customer to have full access to your banking data, and the choice to share it with third parties for a richer, more personal banking experience- while also retaining control over what personal data gets shared. The two laws complement each other, and we believe they make trust in an open banking possible.
For several months, Kontist has been working towards achieving compliance with the GDPR. We assessed the new requirements arising from the GDPR and have taken the necessary steps to ensure that we process all customer and user data in accordance with the General Data Protection Regulation by the May 2018 deadline. In cooperation with our banking partner solarisBank, we have adapted and agreed our terms and conditions.
Kontist is built on a reliable infrastructure, which allows us to share your information with your accounting service when you opt-in. We work closely with these partners to develop integrations that ensure the privacy and security of integrated users.
Our integrations are custom built through direct collaboration with each accounting partner. All accounting integrations share relevant bank data directly with our partners, which eliminates the risk of incorrect or delayed data transmission.
The Kontist push API only shares your data with the accounting systems you’ve authorized. Disconnecting your integration stops the transmission of new data and removes all accounting data from the Kontist app. For legal reasons, you need to delete synced banking transactions directly in your accounting system.
Your bank data is only shared with an accounting system after you set up the integration by logging into your accounting system through the Kontist app. You can disconnect the integration at anytime.
Your data will always be SSL-encrypted when transmitted between Kontist and our integrated partners. Your data is only accessible using a unique security-token that is specific to you and your integration.
In addition to your username and password, you have to enter a TAN in order to confirm money transfers. This code is only sent by SMS to the verified mobile phone number attached to your account.
Instead of using a password, you can log in to your account with fingerprint and face recognition. These unique biological features are far more difficult to copy or steal than traditional passwords.
When switching between apps on your mobile device, the preview image of the Kontist app app is blurred, so that sensitive information such as your account balance does not appear in the multitasking overview.
If you opt in, you will receive a push notification on your smartphone for each new transaction in your bank account or on your Kontist card, so you’re always on top of what is happening with your money.
If you think you may have lost your physical Mastercard, you can lock it Kontist’s banking app with just one tap. You also have the option to change your card’s PIN on demand.
Kontist meets Mastercard’s high security standard, which allows us to offer a virtual card as part of of our standard account offering. Since your virtual Mastercard only exists as a card number in the app, it cannot be stolen.
To protect your account and sensitive finance data, we do not allow rooted or jailbroken devices as they intentionally disable default security mechanisms of the Apple and Android operating systems.
Our trusted bank partners, solarisBank (your account-holding institution) and Wirecard Bank (card-issuing institution) are both established, internationally operating companies.
Your money is kept in a regulated, ring-fenced German bank account. Your funds will never be moved, invested or lent to anyone else. It’s your money, and you can always access it.
Your bank account is held by solarisBank, which holds a European full banking license and therefore is a member of the Deposit Protection Fund of the Association of German Banks, regulated by BaFin and the European Central Bank (EZB). Assets in your Kontist business bank account are covered by the Deposit Protection Fund under EU directives up to € 100,000.
Kontist protects you with limits for card payments. The risk of falling into debt is eliminated with our Debit Mastercard, which does not offer a credit line. You stay in full control of your expenses.