Revolut collects data from your phone or computer including your location and IP address, as well as information about how you use the Revolut app.
This analysis describes what Revolut's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Location and device data can reveal sensitive information about your daily habits, movements, and financial activity patterns, and this data is used in profiling and fraud detection processes.
Interpretive note: The document describes location and device data collection at a high level without specifying the granularity of location tracking, frequency of collection, or exact downstream uses in profiling systems, creating uncertainty about the full practical scope.
Revolut collects your device location, IP address, and behavioural data from app usage, which may be used to build a profile of your patterns and inform automated decisions about fraud detection or product eligibility.
How other platforms handle this
The right to notice. You have the right to be notified which categories of Personal Data are being collected and the purposes for which the Personal Data is being used.
In certain circumstances, the right to data portability, which means that you can request that we provide certain Personal Data we hold about you in a machine-readable format
If you want to see what information we have collected about you, you can request a copy of your data in the Data & Privacy section of your User Settings. You should receive your data packet within 30 days.
Monitoring
Revolut has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"information from your device (like location or IP address)— Excerpt from Revolut's Revolut Privacy Policy (Superseded URL)
(1) REGULATORY LANDSCAPE: Collection of location data and device identifiers engages UK GDPR and PECR. Location data is treated as sensitive in many regulatory contexts given its capacity to reveal information about health, religion, political views, and personal relationships. PECR requires consent for certain cookie and device data collection. The ICO has specific guidance on location data and device tracking. (2) GOVERNANCE EXPOSURE: Medium. Location and behavioural data collection is standard in mobile financial services for fraud prevention and security purposes, which are legitimate use cases. However, the use of this data for profiling beyond fraud detection, such as for product eligibility or marketing, requires a clear lawful basis and proportionality assessment. (3) JURISDICTION FLAGS: UK GDPR and PECR apply in the UK. Illinois BIPA does not typically cover location data but device biometric features used for authentication may be in scope for US operations. California CCPA includes geolocation data in its definition of sensitive personal information with heightened protections. (4) CONTRACT AND VENDOR IMPLICATIONS: Location and device data shared with analytics or advertising vendors requires data processing agreements and, where the vendor acts as a controller, controller-to-controller agreements. The data minimization principle requires that only location data necessary for the specific purpose be collected and retained. (5) COMPLIANCE CONSIDERATIONS: Legal teams should confirm that location data is only collected with appropriate consent or under a clearly documented legitimate interests basis, that retention periods for location and device data are minimized, and that the use of this data in profiling systems is disclosed with sufficient clarity to satisfy UK GDPR transparency requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 3 platforms + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Location and device data can reveal sensitive information about your daily habits, movements, and financial activity patterns, and this data is used in profiling and fraud detection processes.
Revolut collects your device location, IP address, and behavioural data from app usage, which may be used to build a profile of your patterns and inform automated decisions about fraud detection or product eligibility.
ConductAtlas has identified this type of provision across 287 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Revolut.