Is Brex safe with your data?
Brex
Partial disclosure · medium confidence
Brex earns a C (67/100) because it discloses its data practices only in part.
#55
of 177 apps ranked
67
score · Finance avg 54
+13
vs category average
Brex discloses comprehensive rights, data recipients, and international transfer safeguards but lacks transparency on data retention periods, AI training practices, and specific security controls.
What Brex's privacy policy says about your data
Rights & Deletion
Brex grants access, deletion, correction, and portability rights across California, Virginia, Canada, Brazil, and EU jurisdictions, though deletion is subject to legal retention obligations.
Data Sharing & Transfers
Recipients are named (service providers, affiliates, business customers, financial partners), and international transfers to EEA, UK, and Switzerland are protected by standard contractual clauses.
Retention & AI Training (Gap)
Policy is silent on specific data retention periods (states only as long as necessary) and makes no disclosure of whether customer data trains AI models or any opt-out mechanism.
Security Controls (Gap)
Encryption and trust programs are mentioned generically with reference to a Trust Center, but no named security certifications (ISO 27001, SOC2) or breach notification timeline is disclosed.
The area-by-area breakdown for Brex is being prepared and will appear after its next scoring pass on the current rubric. The summary and highlights above reflect the latest assessment.
Details
- Category
- Finance
- Modalities
- text
- Processes biometrics
- No
- Policy last updated
- 2026-04-07
- Region scored
- Global / US-default
- Assessed
- 2026-06-20
Other finance apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.