If you link an outside bank or financial account to Acorns, the app may collect your balance, transaction history, and other account data using third-party aggregator services.
This analysis describes what Acorns's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Linking external financial accounts extends the scope of data Acorns collects beyond its own platform, and involves third-party aggregators who may have their own data retention and sharing practices.
Interpretive note: The specific aggregator(s) used are not named in the policy, and their individual data practices are governed by separate agreements not reviewed here.
The updated policy removes explicit language describing how data flows when users sign in via Apple or Google, including what information those services share with Acorns and how it is used. Previously, the policy stated that Acorns receives information such as name and email address through third-party sign-in services solely to manage accounts and provide services. The revised language also shifts the AI chatbot from an optional feature users 'may access' to a stated service Acorns 'uses' to direct users to internal articles. Users no longer have a published explanation of third-party sign-in data practices in the privacy notice, though the terms suggest data shared through third-party services remains subject to those providers' terms.
View change record →Removal of specific data aggregator disclosure for account linking reduces transparency about third-party tools used to access external financial institutions.
View full change record →When you link a bank account or other financial account to Acorns, your full transaction history and account balances from that external account are collected and may be processed by a third-party aggregator service under terms separate from Acorns' own policy.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We may share your information with third-party vendors and service providers that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with third-party advertising p...
We may also share your personal information with third parties that assist us in providing our services, or where we are under an obligation to report to. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.
Monitoring
Acorns has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If you choose to connect third-party financial accounts to our services, we may collect information from those accounts, such as account balances, transaction history, and other financial information. We may use third-party data aggregators to facilitate these connections.— Excerpt from Acorns's Acorns Privacy Policy
REGULATORY LANDSCAPE: The collection of external financial account data via third-party aggregators engages the CFPB's data rights framework under Section 1033 of the Dodd-Frank Act, which addresses consumer access to their own financial account data and the use of that data by authorized third parties. The CFPB finalized rules on personal financial data rights in 2024 that impose obligations on data providers and third-party data recipients. Aggregator services such as Plaid or Finicity have their own regulatory and contractual frameworks that interact with this provision. GOVERNANCE EXPOSURE: Medium. The use of third-party aggregators introduces a data handling layer outside Acorns' direct control. Regulatory focus on screen scraping, data minimization, and consumer consent for account data access has increased significantly following CFPB rulemaking activity. JURISDICTION FLAGS: The CFPB's Section 1033 rulemaking applies to covered entities nationwide. California's CPRA applies to transaction data collected from linked accounts as personal information. Users in states with strong financial data protection statutes may have additional rights regarding how linked account data is stored and used. CONTRACT AND VENDOR IMPLICATIONS: Contracts with third-party aggregators should specify permissible data uses, retention limits, deletion obligations upon account unlinking, and liability allocation for data breaches involving aggregated financial data. Teams should confirm that aggregator relationships have been assessed against CFPB Section 1033 requirements. COMPLIANCE CONSIDERATIONS: Compliance teams should document which aggregator(s) Acorns uses, review those service provider agreements for CFPB and CPRA compliance, and ensure that users who unlink external accounts can request deletion of historical data collected from those accounts. Consumer-facing disclosures should clearly explain what data is collected via aggregators and how long it is retained.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Linking external financial accounts extends the scope of data Acorns collects beyond its own platform, and involves third-party aggregators who may have their own data retention and sharing practices.
When you link a bank account or other financial account to Acorns, your full transaction history and account balances from that external account are collected and may be processed by a third-party aggregator service under terms separate from Acorns' own policy.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Acorns.