Picto thématique

Rule n° 58 - Personal banking information is only stored after the explicit consent of the user.

As a user, it can be very convenient to be able to leave your credit card number at a site because you expect to return there from time to time. However, the decision to allow the site to store this data must have been made voluntarily and in an informed manner.

#Accessibility #Privacy #e-commerce #Development


  • Leave the master user of his choice in banking data storage.
  • Prevent potential legal problems in case of complaint or data theft.
  • Strengthen user confidence in the use of their data.


  • Do not automatically save data allowing the use of a means of payment without the user's explicit consent.
  • Obtain the explicit consent of the user to save a means of payment intended to be automatically reused by the service (opt-in and not opt-out).


Check that during the ordering process, the means of payment used is not automatically saved by the service, and that the option to save the data for automatic reuse requires explicit validation (opt-in and not opt-out).

By Opquast - Read the license

Discover Opquast training and certification

The objective of these rules and the Opquast community mission is ‘making the web better’ for your customers and for everyone! Opquast rules cover the key major areas of risk that can negatively affect website users such as privacy, ecodesign, accessibility and security.

Opquast training has already allowed over 14,500 web professionals to have their skills certified. Train your teams or your students, contact us