Yes, the collected data of your customers is your property. The responsibility therefore lies largely with you. Therefore, secure your dashboard with a strong password. As well as a printout (export) of the collected data. Non-compliance with GDPR legislation can result in a fine of 2-4% of your worldwide annual turnover. Reason enough to pay attention to the little things! In this article you can read how to provide an export file with a password to prevent unauthorized access.
SpotOn has access to its customers' accounts, but may only change settings with the customer's permission. Nothing is done with the stored data. However, this does mean that SpotOn also bears some responsibility for this data, such as providing security for all internal systems and the supplied hardware that processes data. In addition, SpotOn also works with a strict policy on customer-of-customer data.