Rule n° 59 - Personal banking information is only stored after the explicit consent of the user.

As a user, it can be very convenient to be able to leave your credit card number at a site because you expect to return there from time to time. However, the decision to allow the site to store this data must have been made voluntarily and in an informed manner.

#Basics #Accessibility #Development #e-commerce #Privacy
Previous Next

Goal

  • Leave the user in control of his or her choices regarding the storage of banking data.
  • Prevent potential legal problems in case of complaint or data theft.
  • Strengthen user confidence in the use of their data.

Solution technique

  • Do not automatically save data allowing the use of a means of payment without the user's explicit consent.
  • Obtain the explicit consent of the user to save a means of payment intended to be automatically reused by the service (opt-in and not opt-out).

Moyen de contrôle

Check that during the ordering process, the means of payment used is not automatically saved by the service, and that the option to save the data for automatic reuse requires explicit validation (opt-in and not opt-out).