If Acorns is sold, merges with another company, or goes through a major restructuring, your personal and financial data may be transferred to the new owner as part of the deal.
This analysis describes what Acorns's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
A change of ownership could result in your sensitive financial data, including your Social Security number, bank credentials, and investment history, being controlled by an entity whose data practices you never agreed to.
The updated policy removes explicit language describing how data flows when users sign in via Apple or Google, including what information those services share with Acorns and how it is used. Previously, the policy stated that Acorns receives information such as name and email address through third-party sign-in services solely to manage accounts and provide services. The revised language also shifts the AI chatbot from an optional feature users 'may access' to a stated service Acorns 'uses' to direct users to internal articles. Users no longer have a published explanation of third-party sign-in data practices in the privacy notice, though the terms suggest data shared through third-party services remains subject to those providers' terms.
View change record →Removal of explicit M&A data transfer language may indicate this provision was incorporated elsewhere or deprioritized, reducing transparency about business transaction disclosures.
View full change record →In a sale or merger, your complete Acorns data profile including investment history, banking data, and identity documents could be transferred to a third-party acquirer without your individual consent, subject only to the acquirer's own privacy policy.
How other platforms handle this
We may disclose certain information, in connection with or during negotiations or closing of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
By issuing a chargeback or refund request for Premium subscriptions paid for through a third party, you agree to allow Telegram to release necessary data to that third party regarding your account status and Telegram Premium purchases.
We may share your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, or dissolution, transaction, or proceeding involving all or a portion of our business.
Monitoring
Acorns has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.— Excerpt from Acorns's Acorns Privacy Policy
REGULATORY LANDSCAPE: Business transfer data provisions are standard in consumer-facing privacy policies but carry heightened significance for financial services companies given the sensitivity of data involved and regulatory change-of-control requirements. GLBA requires that acquirers of financial institution customer data continue to provide equivalent privacy protections. The CPRA does not prohibit business transfer data sharing but does require that consumers be notified if the acquirer intends to use data in ways materially different from the original policy. The CFPB and SEC may also have change-of-control notification obligations applicable to Acorns' registered entities. GOVERNANCE EXPOSURE: Medium. The provision is standard boilerplate but operationally significant given the volume and sensitivity of financial data Acorns holds. Regulatory change-of-control approval requirements for registered investment advisers and broker-dealers add compliance complexity not reflected in this privacy provision alone. JURISDICTION FLAGS: California residents retain CPRA rights against any successor entity. Successor obligations under GLBA Regulation P apply regardless of the acquirer's original privacy framework. Cross-border transactions may trigger additional data transfer obligations under non-US privacy frameworks if Acorns serves international users. CONTRACT AND VENDOR IMPLICATIONS: M&A due diligence teams reviewing an Acorns transaction should assess the full scope of personal data assets, regulatory change-of-control requirements for the RIA and broker-dealer registrations, and GLBA Safeguards Rule obligations that transfer to the acquirer. The privacy policy's framing of transfer during negotiations is also notable, as it permits data disclosure before a transaction is complete. COMPLIANCE CONSIDERATIONS: Compliance teams should ensure that any transaction agreement includes explicit data protection obligations on the acquirer and a process for notifying affected consumers of material changes to data use practices post-acquisition, consistent with CPRA requirements.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
A change of ownership could result in your sensitive financial data, including your Social Security number, bank credentials, and investment history, being controlled by an entity whose data practices you never agreed to.
In a sale or merger, your complete Acorns data profile including investment history, banking data, and identity documents could be transferred to a third-party acquirer without your individual consent, subject only to the acquirer's own privacy policy.
ConductAtlas has identified this type of provision across 6 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Acorns.