Btw - I would be VERY surprised if Mondo stores any user data outside the EEA. Might you have read the community forum privacy policy rather than the Mondo privacy policy?
Mondo Privacy policy does mention it, but caveats it’s with a maybe
The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
I think this is fairly standard, if regional data centre goes down for the likes of Google, Adobe etc then it’s usually rerouted to the next closest data centre for storage until it can be sent to the RDC
Nah, have a read through what Bailey linked in the top post
This is fine and understandable obviously, but there are more robust Privacy options out there such as differential privacy and PGP. There are hundreds of email and messaging apps that use these methods to anonymise user data to the company, whereas Mondo simply seem to be looking at mass data and flaunting it.
Sure, it’s interesting and useful for a company to say ‘hey, look our users are doing X quite often, let’s do something to make that better’ and differential privacy at least should help them do this while protecting user databegin the company and potentially from governments who may wish to interfere (for one Orwellian example).
1 Like
You can’t just blanket statement any industry with privacy standards and expect that.
The banking industry legally has to store certain types of data and has to be in a position to present it to regulators and/or authorities such as HMRC. With the sort of encryption methods you are mentioning, this would not be possible without the consent of the user beforehand.
Also, I’m not aware of any service that uses differential privacy that provides an server side API.
Sure, statement data could be stored in an unreadable format on the server, but that data is needed elsewhere, too. Mondo have to store detailed, accurate data for their API to work.
This is an entirely different conversation to the original topic, IMO.
5 Likes
I also agree with some of the previous messages. Although, publishing anonymised data for where users purchase the most, shouldn’t be that big of an issue. Especially if its something like the top 10.
Having an option for users to opt out of this may be needed in the future however, as there will always be users who want to opt out of anything they can opt out. ¯_(ツ)_/¯
Any thoughts on enabling some kind of PGP encryption between user and Mondo or differential privacy which is worth discussing?
I’m a huge fan of GPG and i really love what Facebook did with GPG encrypting messages (i use this.). FB is a lot bigger than us though, and anything we build while we’re small comes at the expense of something else.
On the other hand, one of the things i hate most is those useless emails you get from banks/companies right now that just say “Your e-statement is ready to download. Please login to look at a PDF of your transactions”.
Webhooks and in-app-notifications go a long way to solving the “we need to push info to you securely” problem.
I hope that by the time we’re big enough to have the resources to build features like gpg mail that are going to have a small user base, something other than GPG+SMTP will have emerged. Maybe WhatsApp or other new services that have end-to-end crypto will have become the norm…
I did a talk about why i love GPG but hate GPG+Email at https://vimeo.com/165184756
I do know a few people that are not using Mondo exactly because they spending habits can be targeted even more than with a normal bank (or at least that’s the perception).
Having the option to opt out of thos kind of data collection (and usage, even on an anonymized and aggregated level), would help to solve this trust issue…
Especially if the company has some kind of plans to launch internationally, there are other countries (E.g. Germany) where this kind of privacy matters are more a deal breaker in winning the consumer’s trust.
When we last participated with ONS we received 6 1st class stamps as our reward 
In all seriousness I believe a customers data should be allowed to be used by the company that holds it providing this data is not being monitised for the benefit of company profits (selling on the data etc.) So for me I have no complaints in my data being anonymously used for infographics or ‘internal’ customer insights.
Should the company want to monitise the customer data this should be an opt in rather than opt out position and the customer should be rewarded for allowing the data to be used. This reward should be relative to the net profit achieved as a thank you.
For example if my data is worth a net of £10 profit to mondo per month then I could receive £5 per month. And have the option to opt in for a £5 per month reward or opt out and receive no reward.
Now in truth I do not know how valuable my data is, it could be £10 per month or just 50p But I think the suggestion still makes sense.
2 Likes