Is Mercury safe with your data?
Mercury
Partial disclosure · high confidence
Mercury earns a C (50/100) because it discloses its data practices only in part.
#98
of 211 apps ranked
50
score · Finance avg 37
+13
vs category average
Mercury discloses user rights comprehensively including data access, deletion, and opt-out mechanisms, but lacks retention timelines and does not disclose AI model training or use of AI services for users.
What Mercury's privacy policy and terms of service say about your data
D3.2 upgrade from half to full
The policy specifies a concrete 30-day deletion timeline: 'automatically deleted from our back-end within 30 days,' meeting the 'named mechanism / concrete number' standard for full.
No user-facing AI disclosed
References to AI and machine learning cover internal fraud detection and categorization, not any user-facing AI service, so AI interaction is not disclosed
No automated-decision rights
The policy says nothing about automated decisions affecting users, human review, or related governance
What the policy is silent or vague on
- Not stated: keeping user inputs out of model training
- Not stated: a way to opt out of training
- Not stated: whether training use differs by plan
- Not stated: your ownership of generated outputs
Mercury privacy rating
Details
- Category
- Finance
- Modalities
- text
- Processes biometrics
- No
- Policy last updated
- 2026-06-18
- Region scored
- Global / US-default
- Last assessed
- 2026-07-08
Documents examined
Other finance apps
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.