Binance.US collects biometric data from users as part of its identity verification process, which is required to open and maintain an account on the platform.
This analysis describes what Binance.US's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Biometric data collection during identity verification serves as a mechanism for account authentication and compliance with regulatory identity requirements. This operational practice shapes how the platform processes user enrollment and ongoing access verification.
Interpretive note: The policy discloses biometric data collection but does not specify modality, retention period, or consent mechanism, creating ambiguity about whether current practices satisfy BIPA and analogous state requirements.
The updated privacy policy now discloses that Binance.US collects information from interactions with AI chatbots, including prompts, market research, and uploaded information. The policy states this data may be shared with OpenAI, which according to the revised language may receive information about your account, portfolio, and communication contents along with associated metadata. The updated terms also broaden the stated use of personal information to include generating interactive responses through AI chatbots that provide market research and portfolio-specific analysis, as well as collecting inferences about your service use. Your continued use of the platform constitutes acceptance of these updated data collection and sharing practices.
View change record →The updated policy explicitly authorizes Binance.US to disclose user information to law enforcement, government agencies, regulators, financial institutions, and industry partners to detect and prevent fraud, money laundering, terrorist financing, and other financial crimes. This establishes a new disclosure authority that was not previously explicitly stated. Additionally, the revised language discloses that email addresses and other identifiers collected by Binance.US may be used for tailored advertising on other websites and social media platforms. The policy now provides a 'Your Privacy Rights' webform in addition to email contact as a mechanism for submitting privacy rights requests and appeals. You can submit privacy rights requests through privacy@binance.us or by using the company's 'Your Privacy Rights' webform.
View change record →The updated policy now explicitly states that Binance.US may disclose customer information to law enforcement, government agencies, regulators, financial institutions, and industry partners to detect, prevent, and report fraud, money laundering, terrorist financing, and other financial crimes. The policy also clarifies that if your email address or other identifier has been collected, it may be used for tailored advertising on external websites and social media platforms through the use of cookies and other identifiers. These disclosures formalize data-sharing practices and advertising uses that may have been operationally occurring but were not previously detailed in this language. You can exercise privacy rights by contacting privacy@binance.us or submitting a request through the company's 'Your Privacy Rights' webform.
View change record →Users of Binance.US are required to submit biometric data during the identity verification process. This data is highly sensitive and, depending on the user's state of residence, may be subject to additional legal protections that govern how long it can be retained and whether explicit written consent is required before collection.
How other platforms handle this
We may use third-party vendors for identity verification. These vendors analyze whether the Client's "selfie" matches the government-issued identity document. The information collected from Client photographs may constitute biometric information in some jurisdictions. Where required by law, we will ...
Your use of the Services is also governed by our Privacy Policy, which is incorporated into these Terms by reference. By using the Services, you consent to the data collection and use practices described in the Privacy Policy. Roblox collects information you provide directly, information collected a...
We collect information about you in a variety of ways depending on how you interact with us and our products and services. This includes information you provide directly, information we collect automatically when you use our services, and information we receive from third parties. We may collect ide...
Monitoring
Binance.US has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"This Privacy Policy describes how Binance.US and its related companies and affiliates ('BAM') collect, use, and disclose information, and your choices regarding this information. BAM collects biometric data collected during identity verification.— Excerpt from Binance.US's Binance.US Privacy Policy
REGULATORY LANDSCAPE: The collection of biometric identifiers and biometric information engages the Illinois Biometric Information Privacy Act (BIPA, 740 ILCS 14), which requires a publicly available written retention and destruction policy, written consent prior to collection, and limits on disclosure to third parties. Texas and Washington have analogous statutes. Enforcement of BIPA is by private right of action, with statutory damages of $1,000 to $5,000 per violation. The FTC Act also applies to unfair or deceptive practices relating to biometric data collection. GOVERNANCE EXPOSURE: High. The policy discloses biometric data collection but does not identify the specific biometric modalities collected, the identity verification vendor processing the data, the retention period, or the mechanism by which written consent is obtained prior to collection. This gap in disclosure creates compliance exposure under BIPA and analogous state statutes for users in covered jurisdictions. JURISDICTION FLAGS: Illinois users face the highest exposure given BIPA's private right of action and significant litigation history. Texas (CUBI) and Washington (My Health MY Data Act and biometric provisions) also create heightened exposure. California's CPRA classifies biometric information as sensitive personal information requiring enhanced disclosures and opt-out rights. CONTRACT AND VENDOR IMPLICATIONS: The identity verification vendor processing biometric data on BAM's behalf must be assessed for BIPA compliance, including whether that vendor maintains its own written retention and destruction policy and whether the BAM-vendor agreement includes appropriate data processing terms restricting downstream use, retention, and disclosure of biometric data. COMPLIANCE CONSIDERATIONS: Legal teams should confirm the existence of a publicly available biometric data retention and destruction schedule, audit the consent capture mechanism for BIPA-compliant written authorization prior to collection, and map the biometric data processing workflow to identify all third-party processors and their contractual obligations. CPRA sensitive personal information disclosures should be reviewed to confirm biometric data is correctly classified and that appropriate opt-in or opt-out mechanisms are operational.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Biometric data collection during identity verification serves as a mechanism for account authentication and compliance with regulatory identity requirements. This operational practice shapes how the platform processes user enrollment and ongoing access verification.
Users of Binance.US are required to submit biometric data during the identity verification process. This data is highly sensitive and, depending on the user's state of residence, may be subject to additional legal protections that govern how long it can be retained and whether explicit written consent is required before collection.
ConductAtlas has identified this type of provision across 18 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Binance.US.