Brick’s Privacy Policy

(Last Updated October 29, 2020)

About this Privacy Policy

This Privacy Policy (the “Policy”) describes the information Brick Labs Inc. or any of its subsidiaries or affiliates (collectively, “Brick”, “we”, “us”, or “our”) collects about you (“Personal Information”), how we protect, use and share that information, and the privacy choices we offer. This Policy applies to information we collect when you register for Brick, access or use our website or any of our affiliated sites or mobile applications, products or services (collectively, the "Services"), or when you otherwise interact with us.  “You” or “your” means an individual who visits the Site or uses our Services. The term "Site" includes (1) all websites and all devices or mobile applications operated by Brick that collect personal information from you and that link to this Privacy Policy; (2) pages within each such website, device, or mobile application, any equivalent, mirror, replacement, substitute, or backup website, device, or mobile application; and (3) all pages that within each such website, device, or mobile application.  

By using or submitting information through the Site or the Services, you are indicating that you agree to be bound by the terms of this Policy. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services. Also, please note that, unless we define a term in this Privacy Policy, all capitalized terms used in this Privacy Policy have the same meanings as in our Terms of Use. So, please make sure that you have read and understand our Term of Use.

Revisions to this Privacy Policy

Any information that is collected via our Site or Services is covered by the Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Site or Services or by sending you an email or other notification, and we’ll update the “Last Updated” date above to indicate when those changes have become effective.

Information Collected or Received from You

When you use the Site or the Services, we may collect Personal Information and other information from you as further described below.

Brick Account Information

If you create a Brick Account, we’ll collect certain information that can be used to identify you, such as your name, email address, social security number, and confirm information such as your postal address and phone number, which is Personal Information.

Bank Account Information

If you want to link a bank account that you hold with a U.S. financial institution (“Bank Account”) to your Brick Account, we will collect certain information from you about your Bank Account, such as your online login credentials, for the purposes of providing the Services to you. If you give us access to your Bank Account, you acknowledge and agree that we will have access to your transaction information, amount of funds, and other information about you and your Bank Account that may be available through the online settings for your Bank Account or otherwise through the relevant financial institution (“Financial Information”) that we require in order to provide the Services to you.

Verification Information

For compliance purposes and in order to provide the Services to you, we may obtain from you or from third party documentation that helps us to verify your identity and Bank Account details. For example, we may ask you to provide a copy of your government-issued photo ID, a copy of a utility bill or bank statement, or such other documentation that contains Personal Information. We may also obtain information about you from the financial institution providing your Bank Account (such information, together with Personal Information and Financial Information, “User Information”).

Information Obtained from Third Parties

We may collect Personal Information and/or Financial Information about you from third parties such as consumer credit reporting agencies like TransUnion, Experian or Equifax or entities that enable access to the same.

Information Collected Using Cookies and other Web Technologies

Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.

“Cookies” are small text files that are placed on your device by a Web server when you access our Site or Services. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Site or Services and to tell us how and when you interact with our Site or Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Site or Services and to customize and improve our Site or Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Site or Services. Some third-party services providers that we engage may also place their own Cookies on your hard drive. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Site or Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Site or Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

Information Related to Use of the Services

Our servers automatically record certain information about how our users (each, a “User”) use our Site or Services (we refer to this information as “Log Data”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the web page that a User was visiting before accessing our Site or Services, the pages or features of our Site or Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Site or Services that a User clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Site or Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to generate aggregate, non-identifying information about how our Site or Services are used. We may use third party data collection tools to provide us with analytics data regarding Users’ interactions with our Site or Services.

Information Sent by Your Mobile Device

We collect certain information that your mobile device sends when you use our Site or Services. For example, we may collect a device identifier, user settings and the operating system of your device, as well as information about your use of our Site or Services.

How We Use Information

Our primary goals in collecting information are to provide you a secure, smooth, and customized experience, to administer your use of the Site and Services, to enable you to enjoy and easily navigate our Site and Services, to fulfill your requests for our products, programs and Services, to respond to your inquiries about our Site or Services, and to offer you other products, programs, or services that we believe may be of interest to you.

For example, we may use your information to verify your identity, allow you to register with Brick, improve content on the Site or Services, provide notices, communicate with you via text message or email, monitor against fraud, or provide customer support at your request. We may use your information to complete transactions you request, to verify the existence and condition of your Brick Account, or to assist with a transaction. For example, we may use the account information you provide or that we collect from Third-Party Services to confirm your accounts are valid and to access funds from your accounts in connection with fulfillment of the Services.  We may use your information to improve and personalize the Services. For example, we may use your information to pre-fill form fields on the Sites for your convenience.

Information that We Share with Third Parties

We will never sell User Information to any third parties. We will not share any User Information that we have collected from or regarding you except as described below:

Information Shared with Our Services Providers

We may engage third-party services providers to work with us to administer and provide the Site and Services. These third-party services providers have access to your Personal Information and Financial Information only for the purpose of performing services on our behalf or to fulfill your requests for certain products, services or transactions through the Site or Service. We use third-party service providers, such as Plaid Inc. (“Plaid”) and Dwolla, Inc. (“Dwolla”), to obtain this information.  By using our Site or Services, you grant Brick, Plaid and Dwolla the right, power, and authority to act on your behalf to access and transmit your information from and to the relevant financial institution(s).  With respect to Plaid, you agree to your Personal Information and Financial Information being transferred, stored, and processed by Plaid in accordance with Plaid's privacy policy.

Information Shared with our Marketing Partners

We will never share your Financial Information with our marketing partners without your express consent, but we may use your Financial Information to generate offers for financial products and services from our marketing partners that may be of interest to you. It is always your choice whether or not to apply for an offered product or service and we will never submit an application for a financial product or service on your behalf without your express consent. If you choose to pursue any of the offers that the Site or Services present to you, you will be asked if you would like the Site or Services to pass on your Personal Information and relevant Financial Information to the third party marketing partner as a convenience. For example, if the Site or Services generate an offer from a third party loan provider for you, the Site or Services will give you the option of moving forward with that offer within the Site or Services, and if you agree to do so, the Site or Services will pass your Personal Information and relevant Financial Information to that third party loan provider to speed up the process of your application.

Information Shared with Other Third Parties

We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes. For example, we may use aggregated and non-identifying information to derive statistics about the spending habits of our users, our users’ home financing or home equity, performance of Brick Accounts, and to publish blog posts, articles, or other communications on our Site and social media channels.

Information Disclosed in Connection with Business Transactions

Information that we collect from our users, including Personal Information, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your Personal Information, may be disclosed or transferred to a third party acquirer in connection with the transaction.

Information Disclosed for Our Protection and the Protection of Others

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

Your Choices

We offer you choices regarding the collection, use and sharing of your Personal Information and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Information that we request, you may not be able to access all of the features of the Site or Services.


We may periodically send you free newsletters, e-mails and notifications on your computer or mobile device that directly promote our Site and Services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive. We do need to send you certain communications regarding the Site or Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Use or this Privacy Policy.

Modifying Your Information

You can access and modify the Personal Information associated with your Brick Account through your Brick profile settings in the Site and Services. If you want us to delete your Personal Information and your Brick Account, please email us at with your request. We’ll take steps to delete your information as soon we can from our servers, but some information may remain in archived/backup copies for our records, with third parties to whom it has been passed as permitted by this Privacy Policy, or as otherwise required by law.

Responding to Do Not Track Signals

Our Site and Services do not have the capability to respond to “Do Not Track” signals received from various web browsers.

The Security of Your Information

We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your Personal Information) from unauthorized access, use or disclosure. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. Examples of measures we have taken to protect your information include, but are not limited to:

•        The use of industry standard encryption while transmitting and storing information.

•        Site and mobile application session timeouts to ensure your information is protected when you put down your device without logging out.

•        Passwords are only known by you. No employee, contractor or Third-Party Service has access to your Brick password. We will never ask for your password through our customer service teams.

•        Our systems are periodically audited for security flaws.

Links to Other Sites

Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-Party Service”). Any information that you provide on or to a Third-Party Service or that is collected by a Third-Party Service is provided directly to the owner or operator of the Third-Party Service and is subject to that owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-Party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-Party Services that you access.

International Transfer

Your Personal Information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your Personal Information to us, we may transfer your Personal Information to the United States and process it there.

Our Policy Toward Children

Our Site and Services are not directed to children under 13 and we do not knowingly collect Personal Information from children under 13. If we learn that we have collected Personal Information of a child under 13 we will take steps to delete such information from our files as soon as possible.

California Privacy Rights

The California Consumer Privacy Act (“CCPA”) allows California residents, upon a verifiable consumer request and subject to applicable exemptions, to request that we give you access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of Personal Information that we have collected about you, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Brick will not discriminate against you for exercising your rights, such as by denying you services, charging you different prices for services, or providing you a different level or quality of services. Please note that you must verify your identity and request before further action will be taken. As part of this process, we may require you to provide government identification. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government issued identification, and the authorized agent’s valid government issued identification.

We do not sell your Personal Information to third parties. We do, however, share Personal Information with third parties for the business purposes described in this Policy.

California law also permits our customers who are California residents to request and obtain from us once a year, free of charge, information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year.

If you are a California resident and would like to exercise your data protection rights, where applicable, you can submit a request to us by email at

We will consider all requests and provide our response within a reasonable period of time (and within any time period required by applicable law). Please note, however, that certain information may be exempt from such requests, for example if we need to keep the information to comply with our own legal obligations or to establish, exercise, or defend legal claims.

Here is a summary of the CCPA-related categories of Personal Information we may have collected about you over the past 12 months as well as how we use it and with whom we may have shared it.

Categories of Personal Information we collect:

How we use Personal Information:

Parties with whom your information may be shared:

  • Personal identifiers
  • Financial information
  • Contact information
  • Transaction information
  • Geolocation information
  • Device information
  • Internet or other electronic network activity information
  • Professional or employment related information
  • Bank account and debit card information
  • Commercial information, such as products or services purchased, obtained, or used
  • Identity verification
  • Compliance, risk, and fraud detection
  • Providing, personalizing, and improving our products
  • To fulfill your requests for certain products, services, or transactions
  • Contacting you to resolve disputes and help with our Site or Services
  • Conducting investigations, complying with and enforcing any applicable laws, regulations, legal requirements, and industry standards
  • Responding to lawful requests for information
  • To perform other business purposes
  • Affiliate partners
  • Marketing partners
  • Financial institutions
  • Payment networks
  • Payment card associations
  • Service providers to facilitate:
  • Bank account aggregation
  • Fraud detection
  • Identity verification
  • Payment processing
  • Law enforcement or other third parties in response to a legal request

Email Communications

We comply with the CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out penalties for violations. In accordance with CAN-SPAM, we agree to:

• Not use false or misleading subjects or email addresses

• Identify the message as an advertisement in some reasonable way

• Include the postal address of our business or site headquarters

• Monitor third-party email marketing services for compliance, if one is used

• Honor opt-out/unsubscribe requests quickly

• Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you can email us at or follow the instructions at the bottom of each email and we will promptly remove you from all correspondence.

Communication via SMS text

In addition to email, we may send SMS text messages to phone numbers associated with your Brick Account for various types of alerts or other communications. Recipients of SMS text messages can opt out at any time by contacting or responding "STOP" to the generated SMS text message.

Federal Privacy Notice




Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do.


The types of personal information we collect and share depend on the product or service you have with us. This information can include:

  • Social Security number
  • Employment information and income
  • Account balances
  • Account transactions and transaction history


All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reason Brick chooses to share; and whether you can limit this sharing.

Reasons we can share your personal information

Does Brick share?

Can you limit this sharing?

For our everyday business purposes – such as to process your transactions, maintain your account(s), respond to court orders and legal investigations



For our marketing purposes– to offer our products and services to you



For joint marketing with other financial and nonfinancial companies



For our affiliates' everyday business purposes –information about your transactions and experiences



For our affiliates to market to you



For nonaffiliates to market to you



To limit our sharing

Email us at

Please note: If you are a new customer, we can begin sharing your information 30 days from the date you sent this notice. When you are no longer our customer, we continue to share your information as described in this notice. However, you can contact us at any time to limit our sharing.


Email us at

Who we are

Who is providing this notice?

Brick is providing this Privacy Policy and it applies to all products and services offered in connection with the Site and Services.

What we do

How does Brick protect my personal information?

To protect your personal information from unauthorized access and use, we use security measures that comply with industry standards. These measures include computer safeguards and secured files and buildings.

How does Brick collect my personal information?

We collect your personal information, for example, when you

  • Register and provide information for a Brick Account
  • Apply for Services
  • Give us your income information
  • Connect a linked Bank Account to tell us where to send money

Why can't I limit all sharing?

You have the right to limit only

  • affiliates from using your information to market to you
  • sharing for nonaffiliates to market to you
  • for joint marketing with other financial companies

State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law.

What happens when I limit sharing for an account I hold jointly with someone else?

Your choices will apply to everyone on your account.



Companies related by common ownership or control. They can be financial and nonfinancial companies.

  • Brick Labs Inc.
  • Brick Advance LLC


Companies not related by common ownership or control. They can be financial and nonfinancial companies.

  • Nonaffiliates we share with can include realtors, consumer loan brokers, lenders and direct marketing companies, insurance companies and home service providers.

Joint marketing

A formal agreement between nonaffiliated financial or nonfinancial companies that together market products or services to you.

  • Our joint marketing partners can include institutions such as consumer lenders, real estate agencies, marketers or home service providers.  It can also include individuals such as realtors, brokers, and home service contractors.

Other important information

FOR VERMONT RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by Vermont law, such as to process your transactions or to maintain your account.

FOR CALIFORNIA RESIDENTS: We will not share information we collect about you with nonaffiliated third parties, except as permitted by California law, such as to process your transactions or to maintain your account. We will limit sharing among our companies to the extent required by California law.

FOR NEVADA RESIDENTS: We are providing this notice to you pursuant to Nevada law. If you prefer not to receive marketing calls from us, you may be placed on our internal Do Not Call List by emailing us at Nevada law requires that we also provide you with the following contact information: Bureau of Consumer Protections, Office of the Nevada Attorney General, 555 E. Washington Street, Suite 3900, Las Vegas, NV 89101, phone number (702) 486-3132, email

State laws may also provide you with specific privacy protections. We will comply with applicable state laws with respect to our use of your information.


Please email us at if you have any questions about our this Policy.