Privacy.com is not private and they're being dishonest calling themselves that

First I will say something nice about privacy.com:
Privacy.com is a useful tool for preventing merchants from over charging you or for free trial sign ups and the like,

but

it is not useful for preserving your privacy which is ironic because they are called privacy.com.

From their privacy policy:

We Share Personal Information Under Controlled Circumstances Only:

• With third parties who may access data about you to provide you with the Services
• With third parties who may access data about you to perform functions on our behalf
• With financial institutions, processors, payment card associations and other entities that are involved in the payment process
• With government and law enforcement where reasonably necessary to protect user or public safety or comply with applicable law, regulation, legal process, governmental request
• With others where reasonably necessary to protect the security or integrity of our Services or user safety
• In connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture or dissolution of all or a portion of our business, or
• With your consent

We may share aggregated and anonymized information that does not specifically identify you or any individual user of our Services.

These “controlled circumstances” SUCK. “Perform functions on our behalf”?

It is meaningless and gives me zero confidence that privacy dot com is doing anything to preserve the privacy of my transactions.

Even if you were to give them the benefit of the doubt and assume that privacy dot com is behaving in a way that shields privacy, it is easily disprovable that they’re not preserving privacy, but rather passing the buck to whatever bank account you have hooked up to your account. What do I mean by this? Look at my bank statement for a recent transaction I made using a privacy.com credit card:

image393×149 3.93 KB

It says GOOGLE. The merchant I used the card with is Google. Even if I were to blindly trust privacy dot com to protect this information from data brokers or whoever, GOOGLE still shows up in my bank’s transaction log and I certainly don’t trust my bank to protect the privacy of my transactions.

So unless you have a privacy respecting bank (there are none) and you trust privacy dot com to protect your transaction information, your information is getting shared no matter what.

Handy chart for when you should use privacy.com

Wait but there’s hope

There’s only one way to be certain that the financial details between you and an online merchant are private:

image1920×1920 405 KB

It’s a tool. You should use it for the proper usecases.
If you want private purchases, use cash. Online I guess monero would work

All jokes aside, I don’t think privacy.com is the main villain in this story, you don’t think the Mastercard’s and Visa’s of the world (the ones that privacy.com kinda has to use) keep track of your purchases?

I’d say it still is, just maybe not as much as many would hope. Being able to provide websites a fake name & billing address and, if you’re on a paying tier, keeping your bank from knowing where you make all your online transactions is huge.

Just to show what it looks like when you enable “private spend mode”:

Screenshot_20250716_191630395×389 19.1 KB

Oh my GOD! Thank you! This is the exact thing I was complaining about.

I retract my second statement from the original post and I think they do enhance privacy! I can’t believe this is not the default.

I still take issue with their privacy policy.

It used to be that they had several options for private spend mode. They had one that would show “NSA Gift Shop” on your bank statement and I loved it.

Does this work around the world?

Also, do they ship the card worldwide?

There’s nothing to ship, these are virtual cards.

It is a US only financial institution so not everyone can use it.

I’d say Privacy.com is still as private as any bank could be. Its not as good as cash though but online transaction dont really use cash…

Private spend mode should be the default.

I almost entirely agree with OP.

I don’t live in the US and have always wanted to try Privacy.com until I realized that they require extensive KYC.

When you use your credit card to pay for anything, you reveal your identity, but Privacy.com is way more intrusive. You can’t just purchase their service with a credit card, you gotta provide your bank account, and they need to verify your identity.

If you in live in a country where banks provide virtual credit card, why would you use Privacy.com?

They’re a faceless company with no physical office where you could interact with their customer service in person if you had any issues.

It’s my understanding that in the US you can buy VISA gift cards which require no KYC. I have done it before.

Why would one use Privacy.com when you can do that?

The only things that sucks about Visa gift cards is that they can only be used with US merchants, i.e. merchants that are in the US.

The sad truth is that if any company in any country wants to offer virtual credit cards, it makes them operate as a financial service, and hence they will have to require thorough KYC.

My dream would be for a company like Proton to do this, but legally they won’t be able to do it without requiring KYC. On top of that it would be geo-locked, in that it would only be available in Switzerland or the EU, which is something I don’t want Proton to ever do.

I don’t like it when Proton or any privacy company releases products that are exclusive to a certain part of the world, even if it’s just temporary. We should all get it at the same time, or none of us should.

For europe alternatives I do recommend something like Revolut or Wise.
Granted it does not have privacy spend mode like privacy.com but if otherwise your threat model is to not give out an actual billing address and name and have a disposable card, In my experience with Revolut, that works perfectly (however if your threat model is for those providers to not know your purchases, this isn’t it (though most likely privacy.com knows the purchases you make anyways, it just hides from the bank under the privacy.com transaction from your bank, similar could be done with those but yeah they’re (revolut, wise) still a bank themselves), and neither is a solution if you cannot have KYC)

Thank you for reminding me and everyone that threat modeling is something everyone should do when considering a virtual credit card (VCC) provider. They should also be aware of all the information that provider will have access to. Obviously, all VCC providers will know the merchants you purchase from. That is a given. But if they know little to nothing about about it helps.

Why Wise? I was not aware that they offered VCCs. Isn’t their main business, giving you the ability to make international money transfers fast and for “cheap”?

It’s important to know that all these services will require you to share your ID.
If I was going to share my ID, I would rather it be with a bank, that offers a full suite of services, than a company that is exclusively dedicated to VCCs.

I don’t know if it’s the smartest decision, but I just don’t feel comfortable sharing my ID with faceless companies that cannot be reached by phone or in person.

understandable, yes revolut, wise being a bank does require KYC but I hear so does privacy.com so what would be the difference? as I said if no KYC is in your threat, neither nor privacy themselves (<- that’s what I meant by neither) are an option. (KYC being handing your information including ID)

Yes. If I had to choose, I would rather go with Revolut. But if my only interest is a VCC, in that I’m not attracted to Revolut’s banking services, I would go personally go with neither.