Back to Home
Tillify Logo

Consumer Information

Understanding how Tillify uses secure payment partners

Secure Payments

Tillify partners with New Zealand's leading open banking platforms and global payment processors to ensure your money is safe. Our partners are regulated by the Financial Markets Authority (FMA) and adhere to strict security and privacy standards.

How Tillify Uses Payment Providers

Tillify uses trusted payment partners to enable secure, cashless payments for roadside stalls and small businesses.

1. Customer Payments to You

Customers can choose to pay via:

  • Bank Transfer: The customer is redirected to our banking partner to pay directly from their bank account. The full amount goes to your bank account.
  • Card Payment: The customer pays with a credit or debit card. Our payment processor handles the payment and funds are deposited into your connected account (and then paid out to your bank).

✅ Customers pay you directly or via your secure account

✅ We do NOT access customer bank accounts or card numbers

2. Platform Fee Payments (Your Payments to Us)

Tillify charges a small fee for each successful transaction. These fees accumulate and you can pay your outstanding balance at any time. When you pay fees, we use our banking partner to create a secure payment request that you approve through your internet banking.

✅ You receive customer payments in full - fees are billed separately

✅ We do NOT automatically deduct fees from your bank account

What Data Does Tillify Access?

We DO Access:

  • Payment confirmation: We receive notification when a payment is successfully completed
  • Transaction details: Amount, date, and reference of completed payments
  • Payment status: Whether a payment request was approved, declined, or is pending

We DO NOT Access:

  • Your internet banking username or password
  • Your full bank account balance or transaction history
  • Personal banking information beyond payment confirmations
  • The ability to initiate payments without your explicit approval
  • Customer bank account details or credentials

How Payment Requests Work

1

Tillify Creates Payment Request

When a customer wants to pay or you owe platform fees, we create a payment request through our banking partner's secure API.

2

You're Redirected to Secure Gateway

The payer is redirected to a secure banking platform where they log into their own bank.

3

You Authorize the Payment

Using your bank's internet banking, you review and approve the payment. We never see your banking credentials.

4

Payment Processed

Your bank processes the payment directly. Our partner confirms the payment status and notifies Tillify.

5

You're Returned to Tillify

After payment completion, you're redirected back to Tillify with a confirmation message.

Your Rights and Control

✓ You Have Full Control

  • Every payment requires your explicit approval through internet banking
  • You can decline payment requests at any time
  • You can disconnect bank access at any time
  • You can close your Tillify account at any time
  • You can request deletion of your data (subject to legal retention requirements)

🔒 Security Measures

  • All communications use bank-grade encryption (HTTPS/TLS)
  • Our partners are regulated by the Financial Markets Authority
  • No storage of banking credentials on our servers
  • Regular security audits and monitoring
  • Compliance with New Zealand Privacy Act 2020

What Happens to Your Bank Account Details?

When you add your bank account to Tillify, you manually enter your account number. This is stored securely in our database to:

  • Direct customer payments straight to your bank account
  • Display where customer payments will be sent
  • Track which account receives payments for each QR code

Important: We store your account number but NOT your internet banking credentials. We cannot access your account without your explicit approval through our banking partner.

Payment Flow: Customer payments go directly to your bank account in full. Platform fees are calculated separately and billed to you monthly via secure payment request.

Privacy and Data Protection

Tillify is committed to protecting your privacy. We comply with New Zealand's Privacy Act 2020 and handle your information in accordance with our Privacy Policy.

Data We Collect:

  • Account registration details (name, email)
  • Bank account numbers (manually entered by you)
  • QR code details (product names, prices)
  • Transaction records (amounts, dates, statuses)
  • Payment confirmations

Data We Share:

We only share your data with:

  • Banking Partners: To process bank transfer payments
  • Card Processors: To process card payments and manage payouts

We never sell your data to third parties.

Questions?

Contact Tillify:

If you have questions about how we use your data:

Regulatory Information

Banking Regulation

Our banking partner is registered with the Financial Markets Authority (FMA) as a financial service provider in New Zealand.

Card Payment Regulation

Our card processor is a certified PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

  • Security: PCI-DSS Level 1 Compliant
  • Encryption: All card numbers are encrypted at rest with AES-256

Important: How to Recognize Legitimate Payment Requests

Always verify payment requests are legitimate:

  • Payment requests will redirect to our secure banking partner's domain
  • Check for the secure padlock icon (🔒) in your browser
  • Verify the payment amount and recipient before approving
  • Be wary of unexpected payment requests - contact us if unsure
  • Never share your internet banking credentials with anyone

Your security is our priority.

If you have any concerns about payment security or suspicious activity, please contact us immediately at security@tillify.nz