8 Total
0 High severity
5 Medium severity
3 Low severity
Summary

This document establishes Betterment's data collection, use, and disclosure practices for personal and financial information provided by users. Betterment collects data including Social Security numbers, account balances, investment history, and employment details, and discloses this information to third-party service providers, affiliates, and business partners. California residents are granted rights to access collected information, request deletion, and opt out of the sale or sharing of personal data.

Technical / Legal Breakdown

This document is Betterment's Privacy Policy governing how Betterment LLC and its affiliates collect, use, share, and protect personal information from users of its investment, cash management, and workplace retirement services, operating under applicable U.S. federal and state privacy frameworks. The policy states that Betterment collects a broad range of personal and financial data including Social Security numbers, account balances, transaction history, employment information, device identifiers, geolocation, and behavioral data from third-party sources, and the terms authorize sharing this data with service providers, financial partners, affiliates, and in connection with business transfers. Notably, the policy addresses California residents' rights under CCPA and asserts opt-out rights for the sale or sharing of personal information, though the breadth of data collected from third-party data aggregators and behavioral tracking tools such as Google Analytics and Google Tag Manager represents a meaningful surface area that may warrant evaluation under applicable state privacy statutes. As a registered investment adviser and fintech platform handling sensitive financial data including retirement accounts and banking information, Betterment's data practices engage the Gramm-Leach-Bliley Act, CCPA, and potentially SEC Regulation S-P governing the safeguarding of customer records; compliance teams should assess whether third-party analytics integrations and the use of tracking technologies on a financial services domain align with the data minimization and consent requirements under these frameworks.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

1 important change detected

3 versions captured · Last updated: July 2026

July 1, 2026

unknown
What changed Betterment updated their Betterment Privacy Policy on July 01, 2026. Change detected: 4 sentence(s) added, 2 sentence(s) removed, 4 sentence(s) modified. Document contained 302 sentences after update.
View full change record →

Recent Provision Changes Jul 1, 2026

Added (3)
Marketing Communications and Opt-Out Low

This provision clarifies marketing opt-out mechanisms and specifies that transactional communications remain exempt, replacing the previous 'Joint Marketing Data Sharing' provision with more user-friendly guidance.

Data Security Safeguards Medium

New provision explicitly details security implementation measures and provides liability limitation, addressing consumer expectations for financial data protection.

Children's Privacy Low

New provision adds compliance with COPPA and demonstrates commitment to child protection, a standard regulatory requirement for services handling personal data.

Removed (3)
Joint Marketing Data Sharing

Removal of this provision eliminates disclosure about joint marketing practices, replaced by more specific 'Marketing Communications and Opt-Out' provision with direct contact information.

Cross-Context Behavioral Advertising Opt-Out

Removal of this specific provision eliminates explicit mention of cross-context behavioral advertising opt-out rights, though these protections may be addressed in the expanded tracking technologies disclosure.

Financial Data Use for Service Delivery

Removal of this standalone provision's content is absorbed into more comprehensive 'Sensitive Financial Data Collection' provision that covers both collection and use of financial information.

Modified (5)
California Consumer Privacy Act Rights

Previous version had empty excerpt, current version now includes detailed enumeration of CCPA/CPRA rights with specific reference to correction rights and sensitive personal information limitations.

Third-Party Service Provider Disclosures

Previous version had empty excerpt; current version now provides detailed disclosure of third-party sharing categories including service providers, financial partners, affiliates, and transaction scenarios.

Cookies and Tracking Technologies

Severity increased from low to medium, and previous empty excerpt now includes detailed tracking technology disclosure with specific third-party tool names and data categories collected.

Data Retention Practices

Previous version had empty excerpt; current version now includes detailed retention criteria and factors considered when determining retention periods.

Sensitive Personal Information Collection

Renamed from 'Sensitive Personal Information Collection' (high severity) to 'Sensitive Financial Data Collection' (medium severity), with addition of concrete examples of identifiers and financial data collected.

View full change record →
Medium — 5 provisions
Low — 3 provisions

Monitoring

Betterment has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle Sensitive Personal Information Collection and similar clauses.

Compare across platforms →

Mapped Governance Frameworks

CCPA/CPRA
California, USA
View official text ↗
Connecticut Data Privacy Act Amendments
US-CT
View official text ↗
CAN-SPAM
United States Federal
View official text ↗
FCRA
United States Federal
View official text ↗
FTC Act Section 5
United States Federal
View official text ↗
GLBA
United States Federal
View official text ↗
Indiana Consumer Data Protection Act
US-IN
View official text ↗
Kentucky Consumer Data Protection Act
US-KY
View official text ↗
Universal Opt-Out Mechanism Expansion 2026
US
View official text ↗
Archival ProvenanceSource & Archival Record
Last Captured July 1, 2026 00:31 UTC
Capture Method Automated scheduled archival capture
Document ID CA-D-000212
Version ID CA-V-004360
SHA-256 df9007de0116b44d59a962d403db6317e4d20f0524c8a751245d816e233a75d6
✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

Governance Monitoring

Monitor governance changes across the platforms you rely on.

Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.

Create free account Compare plans