Privacy and Security Policy

Effective Date: June 24, 2021

What Types of Personally Identifiable Information do we collect?
For purposes of this Website Security Policy, "personally identifiable information" means information identifiable to and about an individual consumer collected online, such as on applications or other forms. Personally identifiable may include an individual’s first and last name, home or other physical address, e-mail address, Internet Protocol (“IP”) address, telephone number, social security number, or other identifier that permits the physical or online contacting of a specific individual. Personally identifiable information also includes information concerning a user, such as income or employment information, that we collect online from the user and maintains in personally identifiable form in combination with an identifier described in the above categories.

What personal information do we share with other entities?
We may disclose all of the information, as described above, as permitted by law. Examples of what is permitted by law include disclosing such information (a) to third parties if it is necessary or helpful in confirming the information or completing a transaction, (b) to other persons that have an interest in the financial product or service, (c) to report to consumer reporting agencies, (d) to comply with legal process such as subpoenas or court orders, (e) to respond to law enforcement agencies with respect to suspected or actual fraud, criminal activity or security risks, and (f) if you give us your consent.  We also may disclose all of the information we collect to companies that perform marketing services on our behalf (e.g., those that assist us with mailings).

This website uses the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. It could mean that we advertise to previous visitors who haven’t completed a task on our site, for example using the contact form to make an enquiry. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to our website. Any data collected will be used in accordance with our own Website Security Policy and Google’s privacy policy.
You can set preferences for how Google advertises to you using the  Google Ad Preferences page. You can also opt out of interest-based advertising entirely by cookie settings or permanently using a browser plugin.

Use of Cookies and Similar Technology
We, or our service providers, and other companies we work with may deploy and use cookies, web beacons, local shared objects and other tracking technologies for various purposes, such as fraud prevention and monitoring our advertising and marketing campaign performance. Some of these tracking tools may detect characteristics or settings of the specific device you use to access our online services.

We or our service providers who assist in operating our online services do not respond differently or limit their practices under the terms of this Online Website Security Policy when you access those online services with a browser that uses a do not track signal or similar mechanism.

Our website utilizes tracking technologies to collect and record your activities and movements across our websites throughout your browsing session, including to track button clicks, mouse movements, scrolling, resizing, touches, keystrokes, data entered, device information and orientation, browser visual elements, and screen size (“Session Data”), for purposes of our own internal analytics and improving our products, services, and user experience. Such tracking may include recorded sessions, which we may play back for these purposes. We may share Session Data with our third party analytics or service providers, which may change from time-to-time, for these purposes, who will use the Session Data solely on our behalf and for our benefit. Please review how you consent to the collection, use, and sharing of Session Data in Website Terms of Use.

Suspicious Email
It is our policy not to email you or send you electronic communications to request non-public personal information or account information (such as a username or password). If you receive an unsolicited email or other electronic communication that appears to be from us, but you suspect may be from another source and might be fraudulent, please email us at

Social Media
You may also find additional information on our products and services through social media sites such as Facebook, LinkedIn, or Twitter. Please keep in mind that any information you share is visible to all participants on these social media sites and you should never post any sensitive personal information (such as account number or tax identification). Please carefully review the terms of use and privacy policy on these social media sites as they may be different than our own policies.

Links to Other Web Sites
Our web site or online service may contain links to other web sites. As such, we are not responsible for the privacy practices or the content of such web sites.

Updating and Correcting Your Personal Information
Keeping your information accurate and up to date is very important. If your personal or account information is incomplete, inaccurate or not current, please contact us.

Children's Privacy
Our website and online services are not intended for children under the age of 13. We do not knowingly collect personal information from users in this age group.

Questions or Comments
If you would like more information regarding this Website Security Policy or you believe that the information we have on file about you is inaccurate or incomplete, you can email us at

Changes to this Website Security Policy
We may amend this Website Security Policy from time to time by posting a notice of the change (or an amended Website Security Policy) on our website. If we make changes to the Website Security Policy, we will revise the “Effective” date at the top of this Policy. We will send you a notice of the change only if required by applicable law.  Any changes to this Website Security Policy will become effective when we post the revised Website Security Policy on the site.

Your California Privacy Rights

Effective January 1, 2020, this section applies to any California residents about whom we have collected personal information from any source, including through your use of our Website(s), by buying our products or services, or by communicating with us electronically, in paper correspondence, or in person (collectively, “you”).

As a consumer financial services company, Mercury Financial applies privacy and security protections to your personal information as required by United States federal law, including but not limited to the Gramm-Leach-Bliley Act and the Fair Credit Reporting Act. As such, most of the personal information about you that we may collect and use is exempt from the California Consumer Privacy Act (“CCPA”), with only a relatively small dataset of personal information being subject to the CCPA.

For purposes of this section, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer/resident or household. Personal information does not include publicly available information or information that has been de-identified.

A. What Information We Collect

We may collect the following categories of personal information about you:

  • Identifiers, which includes real name and alias; postal address; unique personal identifier; IP address; email address; telephone number and/or other similar identifiers;

  • Commercial information, which includes products or services purchased, obtained, or considered;

  • Information relating to Internet activity or other electronic network activity, which includes cookie identifiers, clear gifs (a.k.a. web beacons/web bugs), browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, device platform, device version, and/or other device characteristics including your choice of settings such as Wi-Fi, Bluetooth, and Global Positioning System (“GPS”), and Session Data as detailed in the Use of Cookies and Similar Technology section of this Website Security Policy above;

  • Geolocation data, which includes Global Positioning System (“GPS”) data; locational information based upon your IP address; cell network data; and/or other similar locational data; and which may be collected from various devices including your mobile device(s); and

  • Inferences about you.

B. What We Do With Your Information

We may collect or use personal information from you for the following purposes:

To provide our products and services to you
Internal analytics and product development
Audit, compliance, policy, procedures, or regulation
Marketing our products and services
Website optimization and maintenance
Systems and data security
Fraud investigation and provision, and to otherwise protect ourselves, you, and others
Customer claims and dispute resolution
Customer service and communications
Financial reporting and accounting

C. Sources of Collected Information

We may collect personal information from the following categories of sources:

  • Potential credit applicants and users of our website, including via our websites, mobile applications, or other means;

  • Our service providers, which includes customer relationship management providers, marketing providers, analytics providers, website hosting providers, systems administrators, and communications delivery services;

  • Nonaffiliated companies with which we have a business relationship, such as membership organizations;

  • Other third parties, including online advertising partners and other data suppliers;

  • Things that other third parties may post publicly about you or otherwise provide to us; and

  • Employees and job applicants.

D. Who We Share Information With

We may share your personal information with the following categories of third parties:

  • Advertising and marketing companies; and

  • Nonaffiliated companies with which we have a business relationship, including those for with you have a preexisting relationship before applying for credit, such as membership organizations.

We disclose the following categories of personal information for a business purpose:

  • Identifiers, which includes real name and alias; postal address; unique personal identifier; email address; telephone number and/or other similar identifiers; and

  • Commercial information, which includes products or services purchased, obtained, or considered.

We do not sell any of your personal information to others.

E. Your Privacy Rights

If you are a California resident, subject to applicable law, you have the following rights under California law with respect to your personal information, to the extent your personal information is not already subject to federal law and the required privacy and security measures applied under federal law:

  • Right to Know. You have the right to request what personal information we collect, use, disclose, and/or sell, as applicable.

  • Right to Delete. You have the right to request the deletion of your personal information that is collected or maintained by us.

  • Right to Non-Discrimination. You have the right not to receive discriminatory treatment by us for the exercise of the privacy rights described above.

You may also authorize someone to exercise the above rights on your behalf. Please call 1 (877) 677-0982 for instructions on how to send us a Power of Attorney authorizing the third party to act on your behalf. If we have collected information on your minor child, you may exercise the above rights on behalf of your minor child.

The above rights are subject to our being able to reasonably verify your identity and authority to make these requests. These rights are also subject to various exclusions and exceptions under applicable laws. When you submit a request we require that you provide your name and address as well as three of the following pieces of information that we will use to verify your identity: phone number, email address, date of birth, and/or last four digits of your social security number.

If you are a California resident and wish to seek to exercise these rights, please reach us in one of the following ways:

  • 1 (877) 677-0982

For more information regarding this California Privacy Rights Policy, or if you have any questions or concerns, you may contact us at:

  • 1 (877) 677-0982