1. Why this page exists
Running a modern app means relying on a small number of trusted third-party partners — to host servers, deliver email, accept payments, run AI features, and so on. We list ours here so you always know who else, beyond Marvin, has access to a slice of your data while we run the Service for you. Many privacy laws require transparency around service providers and data handling; we publish this page because we believe users deserve clarity.
2. Our principles
Three commitments that shape every decision we make:
You stay in control
Upload what you want, delete what you want, export everything anytime — receipts, transactions, chat history — as CSV, PDF, or JSON, on every plan including Free.
No bank credentials
We never ask for your online-banking username or password. No screen-scraping providers in the stack. You decide what data Marvin sees by uploading receipts, statements, or manual entries.
Encrypted by default
Encrypted in transit and at rest. Personal fields like your name and email get an additional layer of encryption on top, so they aren't readable in plaintext even in worst-case scenarios.
3. What we promise about every partner
To run Marvin securely and reliably, we work with a small number of carefully chosen partners — for hosting, payments, AI features, market data, and communications. Whoever they are, four promises always hold:
- No ads, ever. None of our partners are advertising networks. Marvin doesn't run ads, so we have no business sharing your data with anyone who does.
- No bank scraping. No partner connects to your bank or asks for your online-banking credentials.
- No AI training on your data. Every partner is contractually barred from using your data to train their own AI or machine-learning models.
- Minimum data, only what's needed. We share only the data each partner needs to do its specific job for Marvin — never the whole picture, never more than necessary.
4. Who helps us run Marvin
Below are the categories of trusted third-party providers we work with to deliver the Service, what each category does for Marvin, and what data each touches in order to do it. The mix will change over time as our stack evolves.
| Category | What it does for Marvin | Data accessed |
|---|---|---|
| Cloud hosting & infrastructure | Hosts the application, database, and encrypted backups on enterprise-grade infrastructure. | Your data at rest (encrypted) and in process. |
| AI model providers | Powers select AI features such as receipt reading, statement understanding, transaction categorisation, and conversational assistance. | Only the minimum data required for the specific request, such as uploaded documents, transaction text, or chat prompts. Not used for training under applicable commercial terms. |
| App-store distribution & in-app purchases | Distributes the iOS and Android apps and processes mobile subscription payments via the relevant app store. | Account identifiers and payment-related identifiers from the relevant app store. |
| Web payment processing | Handles card and local-payment-method checkout for web subscriptions. | Email, billing-tax fields where required, and payment-instrument tokens. Card numbers never touch our servers. |
| Push notifications | Delivers in-app push notifications when you've opted in (via platform-mandated channels). | Anonymous device push tokens. Notifications never include account numbers or balances. |
| Transactional email | Sends operational email — sign-up, password reset, billing receipts, security alerts. We don't run a marketing programme. | Your email address and the message content for that email. |
| Market data (FX rates) | Provides reference exchange rates for currency conversion. | No personal data — only currency-pair codes (e.g., "USD→INR"). |
| Application monitoring & error reporting | Captures application errors and performance metrics so we can fix bugs. | Stack traces, anonymised user IDs, and request metadata. Request bodies and credentials are stripped. |
We share specific sub-processor names with enterprise customers and their data-protection officers under NDA. To request the named list, email legal@marvinmoney.com.
5. Who's not on our list — and never will be
- No screen-scraping providers (Plaid, Yodlee, MX, Tink, Salt Edge, Finicity). Marvin does not connect to your bank.
- No advertising or attribution networks (Meta pixel, Google Ads, AppsFlyer, Adjust, etc.). We don't run ads.
- No data brokers, identity-graph vendors, or "wellness score" platforms.
- No third-party AI training pipelines. Your receipts and statements are never available to anyone for model training.
6. Want to dig deeper?
- Privacy page — what we hold, why, and how, in plain English.
- Terms of Service — the contract behind the Service, including liability, AI disclosures, and country-specific rights.
- Compliance & vetting details — notification of changes, your right to object, vetting standards, cross-border transfer mechanisms.
- Enterprise & DPA requests — email legal@marvinmoney.com for a Data Processing Addendum, security questionnaire, or vendor review.
Mars Enterprises Inc. · India · © 2026. Last updated April 26, 2026.