I am planning to use Plaid API and have a spring boot backend but given that I will be storing my financial information (such as whatever the Plaid API needs me to store to use their endpoints as well as just the transactions on my credit and chequing account), the security of the data is obviously crucial. and I think my problem is I don't know what I don't know.

I have a basic idea of what kind of things I need to protect against.

1. WIll have to use Spring security (or whatever is best) for thing like protecting against xss and csrf
2. I need to ensure that the PostgreSQL database is encrypted

but beyond that, I don't know much about the nuances of each type of security and customizations I should be on the look-out for. wonder if there's a trustworthy resource for at least detailing for me the kind of security I need to implement on either the Spring or PostgreSQL side of things?

To start: I was taught in the 90s when I first entered the "internet" that "everything online is public. The End."
I still adhere to that. I am perhaps a bit overly cautious and whatnot, as I will forego convenience to have the feeling of privacy (though in some cases I believe it's just a smokescreen).

That being said, the main premise to my question is this: I have three cards with which I pay for things. I have a debit card which I use for most purchases, a credit card I use for large purchases I can't immediately cover with my bank account, and a credit card for two specific payments. Every December my company gifts all employees a $100 Visa gift card. I tend to splurge on things I'd rather not have show up in my bank account or credit card, because I feel my purchase habits are tracked (similar as to when I put in a local brewery into Waze... and yeah, I use Waze.)

And now to my actual question: is there a credit company, or a method of credit/debit card I can utilize that will not track/share/etc my personal or purchase info? I had never thought of this idea, aside from the gift cards which usually come with some form of caveat (you lose money on fees for a prepaid card, or you can lose your balance if not spent in a certain time frame, etc) until just now I guess. I found privacy.com which looks kind of legit, but ... I'm always skeptical to start.

All that being said, if you could offer any advice or thoughts on the matter, I would greatly appreciate it. Thanks!

(Edit: the original reason I ask this is because I was thinking that I use Discord a lot and would like to throw a few bucks their way and customize my profile or something "fun" like that, but I do not want them to have my info.)