Fiskil
Consumer Data Right (CDR) · Australia. Full regulatory disclosures, consent model, and data handling.
“We partner with licensed providers so you always know exactly who is authorised to access your data and under what rules.”
Draft — BankSync has not been appointed as a CDR Representative
This page is a draft. BankSync has not been appointed as a CDR Representative of Fiskil Pty Ltd, and no CDR connectivity is live. Details below describe the intended arrangement and may change before launch.
Fiskil Pty Ltd
Consumer Data Right (CDR) · CDR Open Banking (ACCC)
- ACCC CDR Accreditation
- ADRBNK000246
- Jurisdiction
- Australia
- Registered Address
- Australia
- Website
- fiskil.com.au
- Public Register
- ACCC CDR Register
- External Dispute Resolution
- Australian Financial Complaints Authority (AFCA) via Fiskil, and the Office of the Australian Information Commissioner (OAIC)
About this Provider
Fiskil Pty Ltd is an Accredited Data Recipient (ADR) under Australia's Consumer Data Right regime, accredited by the ACCC (registration ADRBNK000246). Fiskil provides a CDR Representative platform that allows downstream software companies to access CDR data without holding their own accreditation.
BankSync's Relationship with this Provider
BankSync has not been appointed as a CDR Representative of Fiskil Pty Ltd. CDR connectivity is not live, and no CDR data is currently being collected or disclosed to BankSync. The intended arrangement, once executed, would be a CDR Representative appointment under CDR Rule 1.10AA, with Fiskil acting as our CDR Principal under Fiskil's CDR Policy. Until that appointment is signed and published on the ACCC's public CDR Register, none of the disclosures on this page are operative.
Consent & Access
How consent is collected
Consent is collected through Fiskil's hosted consent screen, where you authenticate directly with your bank. BankSync never handles your banking credentials.
Consent duration
12 months maximum (CDR Rule 4.14). You receive advance notice before expiry.
How to revoke
You may revoke consent at any time through your bank's CDR consent portal, via Fiskil's consent dashboard, or by contacting BankSync support. Revoking consent immediately disables sync and queues deletion of your connection data.
Data Handling
Stored by BankSync
- Account metadata (institution name, account type)
- Consent record (status, purpose, data categories, expiry date)
- Encrypted OAuth tokens (AES-256 at rest)
- Sync timestamps and audit log of state-changing actions
Transient (never persisted)
- Transaction history (amounts, dates, descriptions, categories)
- Account balances
- Account holder details
Transient data passes through an edge worker sync step spawned in the region closest to you. It is held only in memory and forwarded directly to your connected destination. It is never written to disk or a database.
No Secondary Use
CDR data accessed through Fiskil is used solely to provide the sync service you have requested. BankSync does not sell, share, analyse, or use your CDR data for any secondary purpose. This is a requirement of the CDR Rules.
Regulatory Disclosures
- 1This page is a draft. BankSync has not been appointed as a CDR Representative of Fiskil Pty Ltd, holds no CDR accreditation of its own, and is not currently authorised to access CDR data under the Consumer Data Right regime.
- 2The intended arrangement is for BankSync to be appointed as a CDR Representative of Fiskil Pty Ltd (CDR Registration ADRBNK000246) under CDR Rule 1.10AA, with Fiskil acting as our CDR Principal and collecting and disclosing CDR data on our behalf under Fiskil's CDR Policy. None of this is in effect today.
- 3BankSync does not currently appear on the ACCC's public CDR Register as a CDR Representative. The disclosures below describe the proposed model and will only become operative if and when that appointment is executed and published.
- 4Consent is collected through Fiskil's hosted consent screen. Maximum consent duration is 12 months (CDR Rule 4.14). You receive advance notice before expiry.
- 5CDR data is used solely to provide the sync service you have requested. BankSync does not sell, share, or use your CDR data for any secondary purpose.
- 6Financial data obtained under CDR is processed transiently. It is not written to BankSync's persistent storage. Data passes through an edge worker sync step, spawned in the region closest to you, and is held only in temporary in-memory state before being forwarded to your connected destination.
- 7Upon account deletion or consent revocation, all active CDR consents are immediately withdrawn and connection data is queued for deletion.
- 8CDR complaints can be directed to Fiskil Pty Ltd or to the Australian Financial Complaints Authority (AFCA) and the Office of the Australian Information Commissioner (OAIC). Applicable laws include the Privacy Act 1988 (Cth), Competition and Consumer Act 2010 (Cth), and the Consumer Data Right Rules.
Regulatory Resources
CDR Third-Party Data Sharing
ACCC guidance explaining how CDR data may be shared with CDR Representatives like BankSync
Consumer Data Right (CDR) — cdr.gov.au
Official ACCC resource for CDR consumers: your rights, how it works, and how to find providers
CDR Register — Find a Provider
Verify Fiskil (ADRBNK000246) and BankSync on the public CDR Register
Fiskil Pty Ltd
CDR Principal and Accredited Data Recipient. BankSync adopts Fiskil's CDR Policy under CDR Rule 1.10AA(2)(e)
OAIC — Consumer Data Right
Office of the Australian Information Commissioner: your CDR privacy rights and how to lodge a complaint
Know Who Holds Your Data
Every licensed provider, fully disclosed. Regulated frameworks, consent you control.
14-day free trial • Cancel anytime