Picto thématique

Rule n° 58 - Personal banking information is only stored after the explicit consent of the user.

As a user, it can be very convenient to be able to leave your credit card number at a site because you expect to return there from time to time. However, the decision to allow the site to store this data must have been made voluntarily and in an informed manner.

#E-Commerce #Development #Privacy

Goal

  • Leave the master user of his choice in banking data storage.
  • Prevent potential legal problems in case of complaint or data theft.
  • Strengthen user confidence in the use of their data.

Implementation

  • Do not automatically save data allowing the use of a means of payment without the user's explicit consent.
  • Obtain the explicit consent of the user to save a means of payment intended to be automatically reused by the service (opt-in and not opt-out).

Control

Check that during the ordering process, the means of payment used is not automatically saved by the service, and that the option to save the data for automatic reuse requires explicit validation (opt-in and not opt-out).

By Opquast - Read the license