Mari is a personal finance app built for individuals, couples, and households. It is operated by Mari Technologies LLC, a limited liability company registered in the State of Texas, United States.
When this policy says “Mari,” “we,” “us,” or “our,” it means Mari Technologies LLC.
Our website is themari.app. Our product, when it launches, will be at app.themari.app. This policy covers both.
If you have questions about this policy or how we handle your data, contact us at hello@themari.app.
Right now, the only information we collect is your email address when you sign up for the waitlist at themari.app. We collect nothing else — no name, no phone number, no payment information.
When we launch, creating an account will require:
To provide the core service, Mari will connect to your bank accounts through Plaid, a regulated third-party financial data provider. Through this connection, we access:
Important: Mari’s bank connection is read-only. We cannot initiate transfers, move money, or take any action on your accounts. We can only read transaction and balance data.
We do not collect or store your bank login credentials. Plaid handles authentication directly with your bank.
When you visit themari.app, our hosting provider (Vercel) may collect standard web server logs including your IP address, browser type, and pages visited. We do not use advertising tracking pixels or third-party analytics beyond what Vercel provides by default.
| Data | Purpose | Legal basis |
|---|---|---|
| Email address (waitlist) | To notify you when Mari launches and send you product updates you signed up for | Consent (you submitted the form) |
| Email address (account) | Account management, security alerts, transactional notifications | Contract performance |
| Financial transaction data | To provide the budgeting, tracking, and planning features of the Mari app | Contract performance |
| Account balances | To calculate net worth and show accurate financial summaries | Contract performance |
| Server logs | Security monitoring, debugging, abuse prevention | Legitimate interest |
We do not use your data for advertising. We do not sell your data. We do not use your financial data to train AI models outside the Mari application.
We only share your data with the following service providers, and only to the extent necessary to operate Mari:
| Provider | Purpose | Data shared |
|---|---|---|
| Formspree | Waitlist form processing | Email address |
| Vercel | Website and app hosting | Server access logs |
| Plaid (at launch) | Bank account connection and data retrieval | Bank credentials (handled directly by Plaid; we never see them) |
| Supabase (at launch) | Database and authentication | Account data, financial transaction data |
| Stripe (at launch) | Subscription billing | Payment card data (handled directly by Stripe; we never store card numbers) |
| Resend (at launch) | Transactional email delivery | Email address, email content |
| Sentry (at launch) | Error monitoring | Anonymised error logs |
We do not share your financial data with any third party for their own commercial purposes. We may disclose your data if required by law or court order.
We use Plaid to connect to your bank. When you connect your bank, you authenticate directly with Plaid — Mari never sees your banking username or password.
We request access to: transaction history, account balances, account names, and institution information. We do not request the ability to move money, your personal identification documents, or your credit score.
Transaction and account data is stored in our secure database (Supabase), scoped to your household. All data is encrypted at rest and in transit. Only members of your household can access your financial data.
You can disconnect your bank account at any time from within the Mari app or directly through your bank’s online portal via Plaid’s access management.
Note: Full Plaid integration details will be added to this policy before bank connections are made available.
| Data type | Retention period |
|---|---|
| Waitlist email address | Until you unsubscribe or ask us to delete it |
| Account data | Until you delete your account |
| Financial transaction data | Until you delete your account or request deletion |
| Server logs | 90 days |
| Backup data | Up to 30 days after account deletion |
To exercise any right, email hello@themari.app. We respond within 30 days.
Data controller: Mari Technologies LLC. Legal bases: consent (waitlist emails), contract performance (app functionality), legitimate interests (security). International transfers: Your data is stored in the United States. Right to complain: You may lodge a complaint with your local data protection authority. Contact: hello@themari.app.
To make a CCPA request, email hello@themari.app with subject “CCPA Request”. We respond within 45 days.
Mari is not directed at children under 16. We do not knowingly collect data from children under 16. Contact hello@themari.app if you believe a child under 16 has submitted data to us.
We will update this policy as Mari develops, particularly before launch and before enabling bank connections. We will notify waitlist members of material changes by email and update the “Last updated” date above.
Email: hello@themari.app
State of incorporation: Texas, United States
We aim to respond to all privacy enquiries within 5 business days and formal data subject requests within 30 days.