PostFinance EBICS App data privacy statement

Publication details

The PostFinance EBICS App was released by PostFinance in 2020. (Version: XY)

You will find information on the financial services for business customers at


PostFinance Ltd
Mingerstrasse 20
CH-3030 Berne, Switzerland

Copyright © 2020 PostFinance Ltd
All rights reserved

1. Introduction

Data protection is a top priority for PostFinance Ltd (hereinafter referred to as “PostFinance”, “we” or “us”). We therefore commit to the legally compliant, transparent, responsible and customer-friendly handling of data and information disclosed to our company.

The collection and processing of personal data and information by PostFinance complies with the applicable data protection regulations (particularly including Swiss data protection legislation), regulatory requirements and requirements resulting specifically from the laws governing postal and banking services.

Personal data and information means any details that relate to an identified or identifiable natural person or a legal entity.

This privacy statement describes data processing within the scope of the “PostFinance EBICS App”, in particular the collection, use, distribution and any other processing of personal data by PostFinance in connection with your use of the mobile PostFinance EBICS App (hereinafter referred to as “EBICS App”).

“User” in this privacy statement refers to the individual using the EBICS App, the individual to whom the personal data and information relate, and who is either the owner of the data or an authorized agent.

Please convey the information in this privacy statement to your current and future representatives, as well as any other individuals for whom you either have provided or will provide PostFinance with personal data.

2. Who is responsible for data processing, and who can I contact?

PostFinance is responsible under the Federal Act on Data Protection.

If you have any questions about the processing of your personal data, please contact us at the following address:

PostFinance Ltd
Technical Support Corporates
Mingerstrasse 12
CH-3030 Berne, Switzerland

3. What type of data do we process?

Personal data and information collected by the EBICS App include usage data (e.g. logs), bank access details, revenue, bank account details (e.g. entry data, account balance) and user authorization data. As far as using the EBICS App is concerned, personal data and information required to run the app is either provided voluntarily by the user, or collected, processed and utilized automatically.

If personal data and information is either lacking or not provided, the EBICS App may only be able to provide its intended service in part, to a limited degree or not at all.

4. Why do we process data?

We collect data about the user to enable the PostFinance EBICS App to run properly. In order for the user to be able to use the PostFinance EBICS App, i.e. to approve payment orders, display account documents as well as other functions, the relevant data from the PostFinance EBICS server is required. In order to approve a payment, the data must be made visible on the app. All banking data (such as account balances and entries) is displayed for the user and is used to process payment transactions. 

5. Where is the data stored, and for how long?

All personal data and payment transaction data, as well as any other data such as logs, are stored solely on your mobile device (in a “data vault”). No data collected directly in the app is stored by PostFinance or by any other financial institution. PostFinance has no knowledge of payment transaction data exchanged with third-party banks (known as “multi-banking”), and PostFinance does not store such data. Your password is only used to encrypt the data vault, and is never passed on to PostFinance or third parties. All data is permanently deleted as soon as it is no longer required to fulfil the purpose for which it was collected (if, for example, the PostFinance EBICS App is deleted).

Data which serve as proof of payment approval by a business customer is stored on the PostFinance EBICS server in accordance with all applicable statutory and regulatory provisions.

6. How we protect your data

PostFinance has implemented appropriate technical, physical and organizational measures designed to protect personal data and information from accidental or unlawful destruction or accidental loss, damage, alteration, unauthorized disclosure or access, as well as from all other forms of unlawful processing.

Access to the EBICS App is secured by a password selected by the user and which is also used to encrypt data from the EBICS App on the user’s smartphone. The user can also activate registration by fingerprint or Face ID if the function is available on their device. Data is transferred via SSL-encrypted connections. Data from the app is not stored on a PostFinance server or any server used by its service providers, as the data is only retrieved from the bank access of the relevant banks.

7. Data transmission to third parties

Your data is stored at PostFinance where it is inaccessible to third parties. The data collected is limited to essential information and is only used and stored in order to process the requested transaction. Your data is not disclosed to individuals or organizations outside of PostFinance Ltd (clarification needed) without your consent.

8. Update

It may from time to time be necessary to update this privacy statement, in which case we will notify you. 

9. Customer communication by e-mail

If you use one of the e-mail addresses published by us to make contact, you expressly authorize us to respond to you by the same means either to the sender address or to an address you indicate. E-mails are sent in unencrypted format over the Internet and may be accessed, viewed and manipulated by third parties. E-mails therefore lack confidentiality and indicate an existing relationship with PostFinance. E-mail is therefore not a suitable means for sending confidential information. We do not accept customer orders via e-mail.

Last update: 19.04.2020