If Acorns is sold, merges with another company, or goes through a major restructuring, your personal and financial data may be transferred to the new owner as part of the deal.
This analysis describes what Acorns's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
A change of ownership could result in your sensitive financial data, including your Social Security number, bank credentials, and investment history, being controlled by an entity whose data practices you never agreed to.
In a sale or merger, your complete Acorns data profile including investment history, banking data, and identity documents could be transferred to a third-party acquirer without your individual consent, subject only to the acquirer's own privacy policy.
How other platforms handle this
In connection with any reorganization, restructuring, merger or sale, or other transfer of assets, we will transfer information, including personal information, provided that the receiving party agrees to respect your personal information in a manner that is consistent with our Privacy Policy.
We may access, preserve, and share information with regulators, law enforcement, or others if we believe it is reasonably necessary to: detect, prevent, and address fraud and other illegal activity; protect ourselves, you, and others, including as part of investigations; and prevent death or imminen...
Where required by law, we provide adequate protection for the transfer of personal data in accordance with applicable law, such as by obtaining your consent, relying on the European Commission's adequacy decisions, or executing Standard Contractual Clauses. Where relevant, you may request a copy of ...
Monitoring
Acorns has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.— Excerpt from Acorns's Acorns Privacy Policy
REGULATORY LANDSCAPE: Business transfer data provisions are standard in consumer-facing privacy policies but carry heightened significance for financial services companies given the sensitivity of data involved and regulatory change-of-control requirements. GLBA requires that acquirers of financial institution customer data continue to provide equivalent privacy protections. The CPRA does not prohibit business transfer data sharing but does require that consumers be notified if the acquirer intends to use data in ways materially different from the original policy. The CFPB and SEC may also have change-of-control notification obligations applicable to Acorns' registered entities. GOVERNANCE EXPOSURE: Medium. The provision is standard boilerplate but operationally significant given the volume and sensitivity of financial data Acorns holds. Regulatory change-of-control approval requirements for registered investment advisers and broker-dealers add compliance complexity not reflected in this privacy provision alone. JURISDICTION FLAGS: California residents retain CPRA rights against any successor entity. Successor obligations under GLBA Regulation P apply regardless of the acquirer's original privacy framework. Cross-border transactions may trigger additional data transfer obligations under non-US privacy frameworks if Acorns serves international users. CONTRACT AND VENDOR IMPLICATIONS: M&A due diligence teams reviewing an Acorns transaction should assess the full scope of personal data assets, regulatory change-of-control requirements for the RIA and broker-dealer registrations, and GLBA Safeguards Rule obligations that transfer to the acquirer. The privacy policy's framing of transfer during negotiations is also notable, as it permits data disclosure before a transaction is complete. COMPLIANCE CONSIDERATIONS: Compliance teams should ensure that any transaction agreement includes explicit data protection obligations on the acquirer and a process for notifying affected consumers of material changes to data use practices post-acquisition, consistent with CPRA requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
A change of ownership could result in your sensitive financial data, including your Social Security number, bank credentials, and investment history, being controlled by an entity whose data practices you never agreed to.
In a sale or merger, your complete Acorns data profile including investment history, banking data, and identity documents could be transferred to a third-party acquirer without your individual consent, subject only to the acquirer's own privacy policy.
ConductAtlas has identified this type of provision across 5 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Acorns.