I have enjoyed using the monzo prepaid card for many months now. When the new current account became a reality I was excited about he potential. However upon reading the terms and conditions and privacy policy of the new monzo account I was horrified to find out from Monzo customer service that information from my monzo account including the phone device id is shared with facebook.
Under GDPR consumers will have the legal right to opt out of any invasive marketing such as facebook. Why does Monzo not allow user’s to opt out of this data sharing with facebook? I have attached the chat with monzo where they direct me to close my account if I do not want my information to be shared with facebook.
This is very disappointing from such a promising company. This issue reason why I will not be upgrading and I hope this can help inform others about this underhand practice. It would be far more honest if monzo let people opt out of such sharing and informed user’s of this practise in the first place.
The terms and conditions don’t mention facebook at all. I’m not one to call someone out as trolling normally but this seems to be posting something inflammatory just to start an argument.
In particular “We won’t share identifiable personal data with third parties for their direct marketing unless you give us permission” would seem to directly contradict the statement in the first post.
To be fair, there is a feature where you can import a profile picture from Facebook, that presumably uses the Facebook SDK - the question is, does the SDK do anything until you actually use that feature?
I have raised these concerns internally so that someone who knows more about this can respond.
I will say that our terms and conditions and privacy policy can safely be considered the source of truth. Personal data is treated with extreme care here, and we have a team of people dedicated to making sure we are GDPR compliant.
We use the Facebook API for pulling in a profile picture if you choose to do so. I am not sure exactly what data is exchanged during this process. From a technical standpoint, I cannot imagine that this exchange would take place until you actually log in to Facebook and submit your authorisation. It is, after all, a standard OAuth login procedure.
The full privacy policy is here. In true Monzo fashion, it is clear and unambiguous.
Facebook has many flaws but the one thing it does well is tell you what external applications want access to your Facebook account. Monzo are not Cambridge Analytica, Monzo would need permission to access your Facebook and you could also revoke that permission in Facebook after that request. That said, I havn’t seen Monzo attempt to access Facebook ever from the iOS app.
To add to the above points, if you want to close your Monzo account because you’re uncomfortable with the policy, it would make us sad, but it’s your decision.
However, please don’t make the mistake of closing your account and moving to another provider who’ll treat your personal data less sensitively than we do, but try to hide that fact behind a legalese privacy policy and a general lack of transparency.
