1. Our Agreement
You are seeing these terms because you are asking us to securely obtain information from one or more of your banks or other financial institutions. You may be using one of our apps directly or you may be using or applying for products or services from someone to whom we provide identity, data and risk services too.
2. About Us
The IDCo, we, us and our means:
The IDCO. Limited (The IDCo, we or us) is a company registered in Scotland with company number SC400459 and whose registered and office is at 83 Princes Street, Edinburgh, Scotland EH2 2ER. The IDCO. Limited (FRN: 798579) is authorised and regulated by the Financial Conduct Authority for the provision of payment services under the Payment Services Regulations 2017.
If you are resident in the EU, we will be acting as a joint controller along with The IDCO Estonia OÜ whose registered office is in Tallinn, Estonia, who also act as our representative in the EU. Where relevant, references to the ID Co shall be deemed to include The IDCO Estonia OÜ. Where we process personal data from an applicant, we will be acting as a joint controller along with the nominated Client of that Applicant or Customer.
If you wish to contact us for any reason, you can email us at email@example.com or write to us at the relevant address above.
If we need to contact you, including if we want to inform you of any suspected fraud or other security threat, we will email you. All information or notifications that we provide to you will be in English.
3. What We Do
We provide regulated account information services (AIS). We enable you to:
- safely grant read-only access to view information relating to your Payment Accounts (Account Information); and
- where relevant, share that Account Information with third parties who will use your Account Information to provide a service that you have agreed to use (such as a credit reference service, or an affordability check). In these circumstances, we are responsible for the provision of AIS.
To use our AIS, you will be asked to select the Account Provider and Payment Account(s) you want to connect, and the Account Information you want to access and, if relevant, what you would like to share with third parties. If you consent, you instruct The IDCo to:
- access the Payment Account(s) and Account Information that you have selected. We may do this just once, each time you use our service, or automatically up to four times a day, depending upon your requirements.; and/or
- provide that Account Information to you and share it with any third parties you have selected and instructed us to share data with.
After you select your Account Provider and Payment Account, we will redirect you to your Account Provider (either on a web browser, or your banking mobile application) who will ask you to complete their log-on procedures, which may include additional procedures (e.g. a password or biometric identifier such as a fingerprint) to securely authenticate yourself. Once your Account Provider has confirmed who you are and your request, we will be able to access your Account Information, provide it to you, and share it in accordance with your instructions to us.
The Account Information retrieved and shared may include your personal account details (such as name and address), transaction history, transaction amounts and descriptions, account name and number, currency, account balance, any overdraft balance, payment due dates and other information about your transactions. This will depend on the services being provided by the third party through which you access our AIS service.
At your instruction, and with your explicit consent, we will also provide that Account Information or data derived from your Account Information to third parties in accordance with the provisions above.
4. Giving & Withdrawing Consent
Our AIS are provided to you on the basis of your explicit consent given to us as part of the process set out above.
You may withdraw your consent to let us access any of your Account Information at any time. You can do this (a) by telling us; or (b) or by telling your Account Provider. If we continue to provide AIS to you, you will need to renew The IDCo's access to your Payment Account(s) by authenticating with the relevant Account Provider at least every 90 days, and every time you wish to access and/or share Account Information other than your account balance or transaction data relating to transactions occurring in the last 90 days.
You may withdraw your consent for us to share Account Information with your chosen third parties at any time. You can do this (a) by telling us or (b) telling the third party, but we cannot ‘unshare’ data we have already provided to them. If you withdraw consent for us to share data with a third party, that third party may no longer be able to provide its services to you.
5. Our Services & Third Parties
We are not responsible for the function of other applications. Our AIS service may be integrated with a third party, but we are not responsible for any problems that you may have with the operation or functionality of their website or application other than in relation to our AIS.
We are not responsible for third party content. You should be aware that:
- third parties are independent from us and are responsible for their own products and services and for complying with the laws governing the sale or supply of their products and services;
Your Account Provider is responsible for your Payment Account. We are not responsible for any problems that you might have with the functionality or suitability of your Account Provider (e.g. your bank or credit card issuer). We are responsible for retrieving and transmitting your Account Information safely and securely but not for the content of your Account Information itself, which is the responsibility of your Account Provider. If you have any questions in relation to these, you should speak to the relevant partner that provides the app or website that you are using, or to your Account Provider.
Use by third parties of Account Information. Once your Account Information is transmitted via our software to a third party (with your consent), that third party becomes responsible for it.
We do not charge you to use our account information services.
7. How To Complain If Things Go Wrong
If our service fails to meet your expectations, you should contact us be email to firstname.lastname@example.org, or by writing to us. We aim to initially respond to any complaints with 15 business days of receipt and provide you with a final response within 35 business days.
If you are not happy with the outcome of your complaint you may refer it to:
- For UK residents: the UK Financial Ombudsman Service, whose details are available at www.financial-ombudsman.org.uk or by telephoning 0800 023 4567. You may request a copy of our complaints-handling procedure at any time.
- For EU residents: the Financial Services and Pensions Ombudsman, whose details are available at www.fspo.ie or by telephoning +353 1 567 7000.
We do not guarantee the availability of our AIS and we reserve the right to perform maintenance, upgrades or emergency repairs, which may affect the availability of our services.
9. Our Liability
We do not accept responsibility for consequential losses. If we are responsible for a delay or failure of any Payment Order, we will not be liable for loss of opportunity, loss of investment or loss of profit relating to any transaction with a Marketplace Participant that you made or tried to make.
We do not exclude or limit in any way our liability to you where it would be unlawful to do so. This includes liability for death or personal injury caused by our negligence or the negligence of our employees, agents or subcontractors or for fraud or fraudulent misrepresentation.
We do not exclude or limit liability for our failure to comply with our regulatory obligations. This includes our obligations in the UK under the Payment Services Regulations 2017 or in Ireland under the European Union (Payment Services) Regulation 2018.
We are not liable for losses resulting from events outside of our control. We will not be responsible for any loss you may suffer as a result of abnormal or unforeseeable circumstances beyond our reasonable control and which are unavoidable despite all our reasonable efforts to ensure continuity of service.
10. Our Intellectual Property
We reserve all rights in the name “The IDCo”, and all related domains and sub-domains, our logo and our service marks, brand names, trading names and/or trade marks.
Other trade marks, products and company or brand names mentioned may be the trade marks of their respective owners or licensors and all rights in such trade marks are reserved to their respective owners or licensors.
11. You Must Not
- Disassemble or attempt to reverse engineer any software in the Marketplace, except as permitted by law;
- Copy, distribute or communicate to the public content from the Marketplace or seek to copy, remove or alter any regulatory notices, trade marks, logos or business names from the Marketplace; or
- Use a program or application to scrape, copy or index the content from the Marketplace;
- Use or launch automated systems such as bots, spiders or load testers that access or attempt to access our services.
12. Termination & Suspension
We may provide AIS to you on a one-off basis. If you use our AIS on a continuing basis, you can stop at any time and terminate this agreement. We may suspend our AIS at any time we reasonably suspect your use is, or would be, unlawful, unauthorised, fraudulent or abusive.
If what you have done can be put right, we will give you a reasonable opportunity to do so. We will give you at least two months’ notice if we intend to end your rights to use our service. We do not need to contact you if it would be unlawful to do so or would compromise our reasonable security measures.
We may transfer this agreement to someone else. We may transfer our rights and obligations under these terms to another organisation. We will always tell you in writing if this happens and we will ensure that the transfer will not affect your rights under the contract.
You need our consent to transfer your rights to someone else. You may only transfer your rights or your obligations under these terms to another person if we agree in writing.
No rights for third parties. This agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.
If a court finds part of this contract illegal, the rest will continue in force. Each of the paragraphs of these terms operates separately. If any court or relevant authority decides that any of them are unlawful, the remaining paragraphs will remain in full force and effect.
Even if we delay in enforcing this contract, we can still enforce it later. Even if we delay in enforcing this contract, we can still enforce it later. If we do not insist immediately that you do anything you are required to do under these terms, or if we delay in taking steps against you in respect of your breaking this contract, that will not mean that you do not have to do those things and it will not prevent us taking steps against you at a later date.
Which laws apply to this contract and where you may bring legal proceedings:
AIS: Our account information services, which is what we do when we securely access the information from your payment account(s)
Payment Account: An account with your Account Provider.
Account Provider: usually your bank but this could be a credit card provider or an e-money firm.
Frequently asked questions
What is open banking and how does it work?
Open banking is the practice that allows people and businesses to share up to 12 months of transaction data. DirectID is regulated by the Financial Conduct Authority as an Account Information Service Provider (AISP) - the intermediary who safely facilitate this process.
What is transaction categorisation?
Transaction categorisation is the process of adding context to raw transaction data. The process gives you an understanding of what your customers' spend their money and where.
How does bank account verification work?
Using the bank account verification API, DirectID matches the details provided from your customer to those on their account. We apply a set of sophisticated algorithms and rules to verify the name, and then tell you what does and does not match.
How do you verify income with open banking?
After a customer shares their data, DirectID identify recurring credits to the account and group these. Using an algorithm we identify the monthly income for each income stream. We then return the calculated income and confidence score to you.
Get started using open banking data
Talk with one of our specialists to find out more about using open banking data.
Demo of the guided customer consent journey
Walk through of our real-time data & insights
Coverage check in your markets