Finicity is part of the Mastercard family. Our open banking platform provides the financial data you need.

General Privacy Policy

Last updated: April 29, 2021


This General Privacy Policy (the “Privacy Policy”) is provided by Finicity Corporation, a wholly-owned subsidiary of Mastercard International Inc. (“Finicity,” “we,” and/or “us”).

This Privacy Policy applies to the Personal Information you provide to us or that we collect through our websites, including, (the “Site”) and through our other online services, websites, applications, and related services that link to this Privacy Policy (collectively with the Site, the “Services”). By accessing or using our Services, you agree to the collection, use, and processing of your Personal Information as set forth in this Privacy Policy.

In this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual.

Note that the Services are often accessed or connected through other third-party service providers and their related applications and services (“Service Provider Application”), and this Privacy Policy only covers the information that Finicity collects, uses, and shares to provide the Services, and does not explain what a Service Provider Application does with any Personal Information we provide to them (or any other information they may collect about you separately from Finicity). This Privacy Policy also does not cover any websites, products, or services provided by others. We encourage you to review the privacy policies, terms of use, or notices of any Service Providers for information about their practices.


Information you provide to Finicity. When you connect your account from your relevant bank, financial institution, payroll provider, or other entity that provides your financial account (“Financial Account”) through the Services or when you request the Services directly from us, you may provide (and we may collect) the following categories of Personal Information:

Information we collect from your Financial Account. After you have successfully connected your Financial Account(s) through the Services, we will access and collect information from your Financial Account on your behalf. The information we will collect from your Financial Account will vary depending on the specific third-party services you are using (e.g., income verification or financial management applications), the information available from the Financial Account, and other factors. We will collect the following categories of Personal Information from your Financial Account, which includes information from all accounts accessible through a single set of credentials to a Financial Account (e.g., checking, savings, and credit card):

Information we collect from your devices. When you use the Services on your device (e.g., computer, phone, tablet) we may automatically collect information about your use of the Services, including via cookies and similar technologies (collectively “cookies”), such as internet protocol (IP) address, device location, time zone setting, hardware model, operating system, the features within our Services you access, browser data, and other technical information about the device. Please review our Cookie Policy for more information about how we use cookies and your options related to cookies.

Information we receive about you from other sources. When you use the Services in connection with a Service Provider Application or in the process of connecting your Financial Accounts to our financial institution partners, we may receive identifiers and commercial information about you directly from a Service Provider Application, our financial institution partners, or other third parties including our service providers and identity verification services. For instance, Service Provider Applications (e.g., lenders or payment processors) may provide information to Finicity such as your full name, social security number, date of birth, email address, phone number, or information about your financial accounts and account transactions, and our financial institution partners or service providers may provide information such as the status of a transaction you have initiated.


We will use your Personal Information in a manner consistent with this Privacy Policy. Specifically, we will use the Personal Information we collect from you:

How We Share Your Information

We provide services to or utilize third-party services that may have access to your Personal Information for a variety of business purposes. We only provide your Personal Information to a third party after such third party has a signed a confidentiality contract with us, and we provide your Personal Information to such third parties only for our business purposes. The Personal Information you provide to us will be shared in the following circumstances:

We may use, share, or publicly disclose or otherwise process your information that has been de-identified, anonymized and/or, aggregated (so that it does not identify you personally) for any purpose permitted under applicable law, including for research and the development of new products.

How We Handle / Secure Your Information

Because we are trusted with your Personal Information, we have implemented administrative, technical, and physical security controls that are designed to safeguard your Personal Information. We maintain physical, electronic, and procedural safeguards that comply with applicable state and federal standards to guard your Personal Information held by us relative to the Services.

Please recognize that protecting your Personal Information is also your responsibility. We urge you to take every precaution to protect your Personal Information when you are on the internet and when you communicate with us and with other parties through the internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser. If you have reason to believe that your interaction with us or our partners is no longer secure, please let us know immediately by contacting us as indicated in the Contact Us section below.

By using our Services, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security breach involving your Personal Information, we may attempt to notify you electronically by sending an email to you. If you have any questions about the security of your Personal Information, please email us at

Our Legal Basis for Handling Your Information

Some jurisdictions require us to disclose the legal basis on which we rely to use or disclose your Personal Information. To the extent those laws apply, our legal bases are as follows:


Our Services are hosted in the United States. If you choose to use the Services from or other regions of the world with laws governing data collection and use that may differ from United States law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing. Also, we may transfer your Personal Information from the United States to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services.

European Visitors

If you are located in the European Economic Area, Switzerland or the United Kingdom (“Europe”), we will comply with applicable data protection laws when transferring your Personal Information outside of your jurisdiction. Specifically, we may transfer your Personal Information to countries which have been found to provide adequate protection according to the competent authorities (such as the European Commission), rely on Binding Corporate Rules (“BCRs”) or use contractual protections for the transfer of Personal Information. For more information about how we transfer Personal Information outside of Europe, or to obtain a copy of the contractual safeguards we use for such transfers, you may contact us as specified below.


You may decline to share certain Personal Information with us, in which case we may not be able to provide to you some of the features and functionalities of our Services. Where required by applicable law, we will indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. Depending on your country or state, you may have the right or choice to access, amend, or delete any Personal Information we hold about you, opt out of, object to, or restrict some uses of your Personal Information, and withdraw any consent provided. To exercise these rights, you may contact us using the contact details at the end of this Policy.

California Residents

If you are a resident of California, additional disclosures required by the California Consumer Privacy Act may be found in our California Privacy Policy.

Canadian Users

If you are located in Canada, you have choices and opportunities under Canadian law regarding the types of Personal Information we collect, how we collect it, to whom we might disclose it, and why it might be shared. The information in this policy applies to these requirements as stated above. Furthermore, your Personal Information is maintained on our servers or those of our service providers and will be accessible by authorized employees, representatives, and agents. You may request access to or correction of your Personal Information in our custody or control, or ask questions about our Personal Information handling practices (including our use of service providers outside of Canada) by writing to our Privacy Officer using our contact details specified at the end of this Privacy Policy:

European Users

If you are located in Europe, you may have the rights described below:

You may exercise these rights by contacting us using the contact details at the end of this Privacy Policy. Please note that there are exceptions and limitations to each of these rights.

Do Not Track

Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. We currently do not respond to browser “do not track” signals.


You must be at least 18 years old to use our Services. We do not knowingly direct our Services to individuals under 18 years old (“Minors”), nor do we knowingly collect, use, or disclose Personal Information about Minors who use our Services. If you use our Services, you represent that you are at least the age of majority under the laws of the jurisdiction of your place of residence. If you believe a Minor has provided us with Personal Information, please alert us at If we learn that we have collected Personal Information from a Minor, we will promptly take steps to delete such information.


We will retain your Personal Information for as long as necessary for the business or commercial reason(s) for which it was obtained or as specified by any ongoing retention requirements found in the law. The manner in which we review our retention requirements for our customers is: (i) the length of time and type of service with our client and provide the Services; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).


We may revise this Privacy Policy or our practices with respect to how we collect, use, and process Personal Information at any time and in our sole discretion. If we make any material changes to how we treat our customers’ Personal Information, we will attempt to notify you by email to the primary email address specified in your account, through a notice on our website’s home page, or through other means. You are responsible for ensuring we have an up-to-date, active email address by which to contact you. You are advised to review this Privacy Policy periodically for any changes. Your continued use of our Services after such modifications will constitute your acknowledgment of the modified Privacy Policy and your agreement to abide and be bound by the modified Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.


Questions regarding this Privacy Policy, our information practices or other aspects of privacy in connection with the use of our Services should be directed to our Data Privacy Officer, who can be reached by email at

Finicity Headquarters:

434 West Ascension Way, Suite 200
Salt Lake City, UT 84123
(801) 984-4200

Click here to view our Cookie Policy.

Certain open banking solutions are provided by Finicity, a Mastercard company.