Policies & agreements

By creating a BankOps account you agree to these terms. BankOps provides a cloud-based banking software platform ("Service") on a subscription basis. Your institution's data is isolated from other tenants using Postgres row-level security policies and separate encryption keys.

You may cancel your subscription at any time. On cancellation your data is retained for 30 days in read-only mode, then archived for a further 60 days before permanent deletion. You can export your data at any time via the platform's export tools.

BankOps reserves the right to suspend accounts that violate these terms or applicable law. Suspension is preceded by written notice where possible. Material changes to these terms are communicated via email at least 30 days in advance.

This agreement is governed by the laws of Ghana. Disputes shall be resolved by binding arbitration before a panel agreed between the parties. Nothing in this clause limits either party's right to seek interim injunctive relief.

BankOps processes personal data on behalf of financial institutions ("data controllers"). As a data processor, BankOps follows your instructions for processing your customers' data and does not use it for any other purpose.

Data is stored in secured data centres. Encryption is applied at rest (AES-GCM) and in transit (TLS 1.3). Access is limited to authorised staff and audited via our hash-chained audit trail.

To request export, correction or deletion of your institution's data, contact your BankOps account administrator or reach us at privacy@bankops.net.

We collect minimal operational data (account identifiers, usage metrics, support tickets) to operate and improve the platform. This data is never sold to third parties and is retained only as long as necessary.

A standard Data Processing Agreement (DPA) is available on request for Business and Enterprise plans, covering GDPR Article 28 requirements and applicable local data protection legislation.

Contact support@bankops.net with your institution name and country to receive the standard DPA for review and signature.

The DPA covers: categories of data processed, processing purposes, sub-processors used, data transfer mechanisms, security measures, and breach notification procedures.

BankOps may only be used for legitimate financial institution operations in compliance with applicable law. You are responsible for ensuring your use of the platform complies with all regulations governing your institution.

The following uses are prohibited: money laundering, sanctions evasion, financing of terrorism, fraud, or any other illegal financial activity. Any such use will result in immediate account termination and reporting to relevant authorities.

Automated scraping, bulk data extraction or any attempt to circumvent rate limits or access controls is prohibited. API access is subject to the rate limits specified in your plan.