Not GDPR Compliant
The application requires access to the personal phone contacts. Instead, it should allow adding an individual phone number to whom to pay as similar applications like Revolut do. It’s not GDPR compliant to require to load and have visibility over all person’s contacts to be able to use the application. This should be investigated by the Data Protection Commissioner.