Hi, great that you want to switch to bunq! In this document you can read more Hi, great that you are interested in our public API! Join the club now by registering via your bunq account and you’re good to go within a heartbeat.
This document explains the do’s and dont’s of our public API. Read on to find out more!
Ok, so you got access to our public API, now what!? Go have fun! Use our public API as much as you want within the applicable limits. These limits are needed to prevent things from getting out of hand and to comply with applicable laws and regulations. They may change from time to time.
Because of the applicable laws and regulations we need to know who uses our public API. This means your access to our public API and your API Key are personal, so please only use them (for) yourself.
While using our public API please keep in mind, our public API is intended for normal use of our banking and payment services, so please use it for that purpose only. Be good; refrain from illegal activities, violating these terms and conditions, and from actions which might harm us (our activities/plans/reputation) or others.
To keep everybody safe, take adequate measures and use best efforts to prevent unauthorized access to/use of our public API and the information you collect via our public API.
Be aware, your API Key gives access to your account, so please keep it secret and only share with parties that you fully trust and are legally allowed to access your account.
Payment Services Directive 2 (PSD2)
PSD2 is a regulation requiring all European banks to open up their banking infrastructure for new parties. As we believe in innovation and transparency, we’ve published our public API long before the PSD2 requirements came along allowing you to start building cool stuff!
At the same time, PSD2 may affect your current or planned usage of our public API, as some of the services now fall under the regulation. This is especially true for (but not limited to) the following services:
- Your API creation allows you to access payment history data from other bunq users;
- Your API creation allows you to perform balance checks on accounts from other bunq users;
- Your API creation allows you to initiate a payment on accounts from other bunq users;
If your activities fall with in this scope, you are required to obtain a PSD2 permit from a competent authority in the country your company is located. We would like to point out that the requirements for such a permit and whether you are required to obtain one is something we can’t assess for you. Please be aware that using our public API without the required PSD2 permit is at your own risk.
In case you have questions regarding the need of a permit or the scope of PSD2, please contact your local competent authority.
PSD2 API Support
Integrating your app with PSD2 APIs can be tough. However, we're here to help you out if you need dedicated guidance or troubleshooting. Simply by sending an email to email@example.com you can purchase a dedicated support package. We have a team of highly experienced coders that will help you out with all your questions and comments. Here's what to expect:
- Troubleshooting API and SDK issues
- How-to questions and best practices
- Custom feature development
- Custom debugging
- Writing custom code
As mentioned in our pricing document, which can be found on www.bunq.com/pricing, support can be acquired in packs of 10 hours. Our software will keep track of the hours of support you have used up. The purchased support hours are non-refundable.
Do you know or suspect that someone has unauthorized access to our public API or the information that you received via our public API? If so, give us a shout! Block the relevant API access via our app, use the support chat to contact us and take appropriate measures to prevent the problem from getting bigger.
Did you notice an error or irregularity in our public API? If so, please give us a shout via the support chat. In case of a security issue, please use our Responsible Disclosure Policy. You can find this policy on our policies page.
What do I need to bring to the party?
Using our public API is a bit like a BYO-party. We provide the API and you do the rest. This means you’re responsible for arranging appropriate hard- and software and legal permits to make use of our public API. The use of third party hardware, software or services is at your own cost and risk.
Now imagine you bring a friend to the party. At the party you’re responsible for the people you bring along, so make sure that anyone you engage complies with these terms and conditions.
For your reading pleasure
Our legal team and developers have written some non-fiction literature for you, enjoy!
In order to explain the functionalities and operations of the public API we have created an API Doc.
Depending on your type of account, the terms & condition bunq business or the terms & conditions bunq personal (as far as relevant) apply to the services provided via our public API. In relevant cases, where the applicable terms and conditions mention the bunq app this shall also mean the bunq public API.
Our Privacy & Cookie Statement applies to the information submitted to our public API. You can find the most recent version of our Privacy & Cookie Statement on our privacy page.
Developments in the financial sector, changing regulatory regimes (such as PSD2) and new feature requests (among other things) require us to be flexible. This means we may need to change the functionalities and availability (of parts) of our public API from time to time. To make changes as smooth as possible we apply a migration window of 2 months, after this period we stop the support for changed parts of the public API.
Show me the money!
Please have a look at our prices for using the public API. The prices may change from time to time. You can find the latest/current prices and specifications on our pricing page.
Developers, we love you!
The moment you agree to these terms and conditions we will grant you a developer license to use our Sandbox and to (contract someone to) develop and distribute applications that (can) make use of our public API. You’re now part of our developer community!
We consider an application (app) any piece of software that (can) make use of our public API. Developing an app also includes the integration of our public API in existing software.
Your developer license is personal, so please only use it (for) yourself.
Let’s keep it nice
Whether you want to build an app for your smartwatch or an app to visualize your finances, you’re free to create whatever you want as long as your application and related services do not facilitate misuse of our services, do not infringe any intellectual property rights and are not harmful to us (our activities/plans/reputation) or others.
We highly value security, privacy and design, therefore we might from time to time publish guidelines on these topics. To ensure the quality of available apps, please only create applications in accordance with these guidelines.
Compare building your app with building an airplane. If you fly the plane and a wing falls off mid-air, you have a problem. It’s your problem and any passengers aboard are your responsibility. Similarly, you bear the sole responsibility and liability for the development and use of your app (by yourself and third parties). To prevent confusion, do not create the impression that your app is somehow developed by us or in cooperation with us, is PSD2 compliant (if it’s not), or is in anyway approved or endorsed by us.
Being responsible, in our book, also means taking good care of your end users, so please provide adequate (customer) support for your app and related services.
Engaging a third party (e.g. to develop an app for you) is bit like bringing someone along to a party. At the party, you’re responsible for the people you bring along, so make sure that anyone you engage complies with these terms and conditions.
Now imagine you have a warehouse and a trucking company brings in and picks up goods. As long as the goods are in your warehouse you are responsible for them. The goods are not yours, so you treat them with care, you protect them and you don’t use them (unless the owner gave you permission).
As a developer it’s the same with regard to data. Via your app, our public API and any related services you might collect data from your end users. You are fully responsible for the processing and security of all data in your possession/control, and will have to comply with all applicable laws and regulations, such as PSD2 and the General Data Protection Regulation (GDPR). Privacy is important to us, so keep the data confidential and ensure the security in accordance with industry standards.
Logo’s and names
We understand the importance of properly branding and marketing products. That’s why we grant you all necessary rights to use our name and logo in your app, and for the promotion of your app. Our Branding Guidelines apply to the use of our name and logo. You can find our Branding Guideline on www.bunq.com.
What better way to promote our public API than to simultaneously promote the API and the apps that make use of it? That’s why we may make use of your app, and your company and product name/logo for promotional purposes.
As a developer you might get access to information that is not yet known to the public and that has or could have commercial value and/or is competitively sensitive. For example, technical information about our public API, exciting news about upcoming API changes or information about cool new products.
This information is our little secret, so please keep it secret, only use it for the purpose it was provided for and only share it with affiliates and representatives on a need-to-know and confidential basis.
Check it out!
From time to time we love to check out what our developer community has created. In order for us to be able to do so, please allow and enable us to test your app and related services free of charge.
Our Sandbox is a digital test environment for our public API. In our Sandbox you can use fake test accounts with fake money to execute test transactions. Sandbox accounts and developer keys for the Sandbox can be obtained by contacting us via the support chat in the bunq app.
With regard to intellectual property we like to keep things simple: all that you create or have created is yours and all that we create or have created is ours. What’s yours stays yours and what’s ours stays ours.
We love user feedback! So please provide us with any suggestions or comments you might have.
To transform feedback in to awesome new features and products we will be free to use the provided feedback in any way we want without obligation or restriction of any kind.
We just want to make awesome products and don’t like people covering their ass. Our legal team however insisted on putting in this paragraph to ‘protect our interests’ (sigh). Now let’s get it over with!
We are developers ourselves and will keep developing new features, products and services. Please take into account that this means that we may at some point develop features, products or services which might compete with yours.
What’s more, earlier we explained that we may change the public API from time to time. Important to note is that we can do so without any liability or obligations to you. This means developing an app is at your own risk.
In some cases, we may decide to reject your registration for our public API. We can do so without any obligation or liability to you.
We provide our public API and Sandbox "as is" and "as available" without warranty of any kind whatsoever, either expressed or implied. This included, but is not limited to, the implied warranties of fitness for a particular purpose, reliability and availability.
You’re liable for all activities performed with your API access/key. Using our public API and Sandbox is at your own risk. We are only liable for damages and/or losses in case of intent or gross negligence on our part. We are never liable for any lost revenues, lost profits, consequential, indirect, incidental, special, punitive or exemplary damages.
We put a lot of effort in creating our public API and obviously don’t like it to be copied, so do not (attempt to) create any code that is (in any way) derived from the public API and all related information, materials and software.
These terms and conditions require you to limit the use and disclosure of certain information. You will be liable for all losses and damage resulting from non-compliance with this requirement.
Our public API contains third party content. This content is the sole responsibility of the person that makes it available and might be subject to intellectual property rights.
You are responsible and liable for any third party you engage to perform (on your behalf) services relating to our public API (e.g. develop an app or provide related services).
You indemnify us and hold us (and our affiliates, directors, officers, employees, and users) harmless from all losses, liabilities, damages and expenses (including legal costs) which we may incur in relation to claims, legal proceedings or litigation arising from or in connection with:
- misuse of our public API by you or your end users;
- acts of third parties you engaged;
- use of your application and related services; or
b. a violation of these terms and conditions or any laws by you or your end users, especially relating to PSD2 and GDPR requirements.
We consider not acting like we ask you in these terms and conditions a violation of these terms and conditions.
To finalize, a little joke to cheer you up after all this legal talk: how many programmers does it take to change a light bulb? None. It's a hardware problem.
You can stop using our public API any time you want. To terminate this agreement, cancel your API key via our app. In case you don’t have an active API Key this agreement terminates automatically if you don’t use our services (banking or Sandbox) for 60 consecutive days. We would be sad to see you go!
In some cases, we may want to terminate our agreement with you, for example because it is uneconomical for us to continue our relationship. We can do so with a period of notice of 30 calendar days.
In some situations, we may want to immediately block your access to our API, revoke your developer licence and/or terminate this agreement. We can do so in case:
- you do not comply with what these terms and conditions and any related documents require/ask from you;
- we are required to do so by law;
- you have provided us with false information or did not keep us up-to-date;
- we know or suspect that you use (or have used) our services for fraudulent or illegal activities, or activities contrary to public order and/or morals;
- your application and related services result in a disproportionally high level of enquiries to our customer support;
- you do not allow/enable us to properly test/review your app and related services (free of charge);
- you are in breach with any other agreement you have with us;
- we close your bunq account(s) for whatever reason;
- you become or we suspect you might become insolvent or the subject of any insolvency proceeding.
We can terminate, block and revoke without any liability or obligations to you. Upon termination of this agreement, all rights and licenses granted to you by us will cease immediately, and your access to our public API will end (be blocked).
In case your developer license is revoked or ceased you will sadly no longer be part of our developer community. This means you have to immediately stop making your app available to third parties and use best efforts to prevent your app from (further) spreading. You will furthermore need to halt any related services and stop using our Sandbox. Support for our public API needs to be removed from your app with the next release of your app or at least within one month after the termination.
Secret information is not all of a sudden less secret because our agreement with you has ended. Therefore, when these terms and conditions come to an end (for whatever reason), those terms that by their nature are intended to continue indefinitely will continue to apply. This includes at least the provisions about liability, data, legal nastiness and secrecy.
Some situations might require us to modify these terms and conditions, for example to clarify a provision or because we introduced a new feature. Changes will become effective 30 days after they are published. Changes addressing the new public API functionalities, or changes made for legal reasons, will be effective immediately. If you do not agree to the modified terms and conditions, stop using our public API, Sandbox and your developer license. By continuing to use our public API, Sandbox and/or your developer license, you accept the modified terms and conditions.
The rights and obligations under these terms and conditions are non-transferable and non-assignable without our prior approval.
This is an English translation of our Dutch public API Terms and Conditions. Small differences might exist between the Dutch and English version due to language differences. The Dutch version will prevail in case of any discrepancies or conflicts between the English and Dutch version. On request we can provide you with the Dutch version.
A judge might rule that a provision of these terms and conditions is void, invalid or inoperative. In this case the remaining provisions shall not be affected and shall remain in effect. Otherwise, we would have to agree on a whole new agreement. The invalid provision shall be deemed modified to the least degree necessary to remedy the invalidity.
If we do not enforce a provision at any point that does not mean we cannot and will not enforce it at a later time.
This agreement shall be governed and interpreted in accordance with the laws of the Netherlands. Any dispute, controversy or claim shall be brought before the courts in Amsterdam.