Privacy & CDR Consent

Last updated: October 2025

FinHealth Coach connects to your bank securely via government-regulated Open Banking providers. Under Australia’s Consumer Data Right (CDR), you control what data is shared and for how long. We only receive read-only access to the data you approve on your bank’s secure page.

What you authorise

• Account name and type
• Masked identifiers (e.g. xxxx1234)
• Balances
• Transaction history (date, merchant, amount, description)

We never see your credentials, full account numbers, BSBs, or Sort Codes.

Purpose of access

• Personalised insights and budgeting tools
• Spending pattern detection and goal tracking
• Wellbeing summaries (if enabled)

Regulatory references

Learn more at the Australian regulators (OAIC/ACCC) and UK regulators (ICO/FCA), and the Open Banking entity:

• OAIC — Consumer Data Right (AU)
• ACCC — Consumer Data Right (AU)
• ICO — Your data protection rights (UK)
• FCA — Account information & payment services (UK)
• Open Banking (UK) — What is Open Banking?

Your control

• Revoke provider access any time in Settings → Privacy.
• Request deletion of your data via Settings → Privacy.

For a step-by-step consent flow, see our Open Banking Consent page.

Compliance documents

View our Sub-processors and Data Retention documentation.