Identity Verification using Plaid: During our onboarding process, all users are required to verify their legal identity using Plaid. This safety measure helps to protect users from security concerns such as identity theft and allows us to screen for fraudulent users.

Raw Card Data: Your raw card data is never stored in our system in any form – not in our databases, caches, or logs. Once it's forwarded to our third-party payment processor via the latest HTTPS/TLS protocols, its lifecycle on our end is terminated. All raw card data is routed through Load Balancers before hitting the endpoints provided by Chexy's payment partners. No Chexy employee has access to the full unencrypted card information. Our systems and protocols are continuously assessed through regular audits to ensure the highest degree of privacy and protection for our users.

PCI Compliance: Payment Card Industry Compliance, most commonly referred to as PCI Compliance, refers to a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. Chexy is Type D compliant. This means we adhere to stringent requirements to ensure the safe handling and transmission of cardholder data. In addition to this, we conduct quarterly security scans and assessments through our Payment Service Provider (PsiGate) to ensure we are always at the forefront of security best practices.

Data Retention:While it's essential to retain some user information for operational purposes, we don't hold onto your data any longer than necessary. Upon your request, we will promptly delete any personal data we have stored, in accordance with applicable legal and ethical reporting or document retention requirements.

To delete your data, simply reach out to our customer support team who can help to facilitate the deletion process. Once your data is deleted, it is permanently removed from our systems, ensuring your privacy and peace of mind.