And that customer (me too) is not a fan of the idea of giving permission for every bank transaction to become part of some vendor's data harvest.

The banks having to do it if we want them to, doesn't not mean we have to want them to.

> if the customer gives permission

I took from you replying “not a fan of every bank transaction becoming” with the fact that the banks have to give access at the customer's request, and the requirement somehow impacted the “not a fan” because it is not optional.

> if the customer gives permission

Of course once permission has been given, it is part of that dataset (whether or not that is made clear by the app) and numerous other datasets (unless the law requires companies not share that data, and companies all fully obey that law, and they don't have any little data accidents).