Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is Mercury's privacy policy explaining how the company collects and uses your business and personal financial data when you use their banking, lending, and expense management products. The most important thing to know is that Mercury collects extensive financial data including your transaction history, account balances, device information, and behavioral patterns, and may share this data with third-party partners, affiliates, and service providers for purposes that include marketing and analytics beyond just delivering your account services. California residents can exercise rights to access, delete, or opt out of certain data sharing by contacting Mercury directly through their privacy request portal.
This document is Mercury's Privacy Policy governing the collection, use, sharing, and retention of personal information for users of Mercury's business banking platform, operating under applicable U.S. federal and state privacy law frameworks. The policy states that Mercury collects a broad range of personal and financial data including identity information, transaction data, device and usage data, and inferred characteristics, and the terms authorize sharing this information with affiliated entities, service providers, financial partners, and in some cases third parties for marketing and analytics purposes. Notably, the policy asserts the right to collect and use inferred data and behavioral signals for product improvement and marketing, and reserves broad discretion to share data with 'business partners' beyond core service delivery, though applicable law including CCPA and Gramm-Leach-Bliley Act provisions may constrain how some of these rights apply in practice. California residents are granted specific opt-out and deletion rights under CCPA, and the policy acknowledges GLBA applicability given Mercury's financial services context, which creates a layered regulatory compliance obligation spanning FTC enforcement, CFPB oversight, and state-level consumer protection regimes. Material compliance considerations include ensuring that consent mechanisms, data retention schedules, and third-party data sharing arrangements are consistent with GLBA financial privacy requirements and CCPA's expanded rights framework, particularly given Mercury's role as a banking-adjacent platform serving business customers.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
Mercury has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle Third-Party Data Sharing with Partner Banks and Service Providers and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.