Is Cube safe with your data?

Cube

Cube Planning, Inc.

40/100

Weak disclosure · high confidence

Cube earns a D (40/100) because it leaves much about its data practices unstated.

#169

of 177 apps ranked

score · Finance avg 57

-17

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Cube's privacy policy is a conventional B2B SaaS document. It lists the categories of data it collects, names its hosting and analytics providers, and states plainly that it does not sell personal information. The weaknesses are real and consistent with a D. Data subjects can ask Cube to act on their rights, but the policy does not guarantee it will. Retention is described only as vague and necessity-based, with no day count or deletion timeline, and the policy says nothing about AI training or named cross-border transfer safeguards.

What Cube's privacy policy says about your data

Data rights are discretionary

The policy says you may submit requests about your personal information, then adds that Cube may not be required by law to honor them and will respond as it has the capacity to do so. Access, deletion, and rectification are conditional, and the policy does not guarantee them.

Does not sell personal data

Cube states it does not sell, rent or lease personal information to third parties. It does run Google remarketing and behavioral targeting, with an opt-out available through Google Analytics controls.

Named security controls

Security is concrete for data in transit. All data moves over encrypted TLS connections, staff need password or cryptographic authentication to access personal data, and infrastructure runs in U.S.-based data centers.

Vague retention, no transfer safeguards

Retention is limited to what Cube needs to comply with legal obligations or deems necessary, with no day count and no deletion timeline. The policy names no SCCs, adequacy decision, or DPF safeguard for cross-border transfers.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

Cube privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights0 of 5 disclosed

Grants a right to access your dataPartial

Grants a right to delete your dataPartial

Offers data portability in a usable formatSilent

Grants a right to correct your dataPartial

Grants a way to object to or opt out of processingPartial

Retention and deletion0 of 3 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestPartial

Sets a shorter retention for AI conversation logsNot applicable

Commits to collecting only the data it needsSilent

Third-party sharing2 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementPartial

Does not sell or share data for advertising, or offers opt-outPartial

Names a safeguard for international data transfersSilent

States a standard for government and law-enforcement accessDisclosed

Transparency2 of 3 disclosed

Discloses that you are interacting with AINot applicable

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesPartial

Is versioned and dated, with change noticeDisclosed

Sensitive data and children1 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataSilent

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability1 of 3 disclosed

Describes its security safeguardsDisclosed

Commits to breach notificationPartial

Names a certification or a privacy contactSilent

DisclosedPartialSilentAdverseNot applicable

Details

Category: Finance
Modalities: text
Processes biometrics: No
Policy last updated: 2025-05-19
Region scored: Global / US-default
Assessed: 2026-06-20

Read Cube's privacy policy

Other finance apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.