Is Fivetran safe with your data?

Fivetran

Fivetran, Inc.

77/100

Good disclosure · high confidence

Fivetran earns a B (77/100) because it discloses most of its data practices.

#20

of 177 apps ranked

score · Data platform avg 62

+15

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Fivetran's privacy notice is an enterprise data-platform disclosure. It grants a full data-subject rights suite, names its international transfer safeguards, and lists a Data Protection Officer with a direct contact address. It misses an A on two points: retention is described only in vague terms with no day count or deletion timeline in the notice itself, and breach notification is absent. No dealbreakers apply. Fivetran does not train on user data by default, assigns no broad perpetual content licence, and does not refuse deletion. It does share data for commercial purposes including online advertising, but it provides an explicit opt-out and honors Global Privacy Control and Do Not Track signals.

What Fivetran's privacy policy says about your data

Full rights suite

The notice grants access, correction, deletion, portability, objection, restriction, consent withdrawal and non-discrimination, all exercisable by contacting Fivetran, and it publishes annual access and deletion request metrics for 2023 through 2025.

Named transfer safeguards

International transfers rely on the EU-U.S., UK Extension and Swiss-U.S. Data Privacy Frameworks plus standard contractual clauses, with a Data Protection Addendum available online and SCCs provided on request.

Retention stays vague

Retention is described as keeping data where there is an ongoing legitimate business need, with no day count or concrete deletion timeline in the notice itself. The detail is pushed to a linked page.

Sale and sharing carry an opt-out

Fivetran shares data for commercial purposes including online advertising, and it offers an opt-out of sale and sharing, takes an opt-in approach in the U.S., and automatically honors Global Privacy Control and Do Not Track signals.

What the policy is silent or vague on

Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs
Not stated: breach notification
Only partial: a way to opt out of training

Fivetran privacy rating

Training-data use1 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inDisclosed

Names a way to opt out of or into trainingPartial

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights5 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatDisclosed

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion1 of 3 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestPartial

Sets a shorter retention for AI conversation logsNot applicable

Commits to collecting only the data it needsDisclosed

Third-party sharing4 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementDisclosed

Does not sell or share data for advertising, or offers opt-outPartial

Names a safeguard for international data transfersDisclosed

States a standard for government and law-enforcement accessDisclosed

Transparency4 of 4 disclosed

Discloses that you are interacting with AIDisclosed

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesDisclosed

Is versioned and dated, with change noticeDisclosed

Sensitive data and children1 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataPartial

Security and accountability2 of 3 disclosed

Describes its security safeguardsDisclosed

Commits to breach notificationSilent

Names a certification or a privacy contactDisclosed

DisclosedPartialSilentAdverseNot applicable

Details

Category: Data platform
Modalities: text
Processes biometrics: No
Policy last updated: 2026-05-01
Region scored: Global / US-default
Assessed: 2026-06-20

Read Fivetran's privacy policy

Other data platform apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.