Cash App · Cash App Privacy Policy

Biometric and Facial Scan Data Collection

High severity
Share 𝕏 Share in Share

Why it matters

Biometric data is among the most sensitive personal information — it cannot be changed if compromised — and collection without explicit statutory consent violates laws like Illinois BIPA, which provides for significant per-violation damages.

Consumer impact

Cash App collects an exceptionally broad range of personal data including biometric facial scans, Social Security numbers, precise geolocation, and full financial account information, and uses this data to build behavioral and credit risk profiles — including by purchasing supplementary data from third-party data brokers. Your data is also explicitly used to train AI and machine learning models, and is shared with affiliates, credit bureaus, fraud detection partners, merchants, and advertising platforms. You can limit some data collection by disabling precise location access and contact list permissions in your device settings, and California residents can submit a data deletion or opt-out request via Cash App's in-app privacy settings.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    Navigate to the 'Your Rights and Choices' section of Cash App's Privacy Notice and follow the instructions for submitting a data deletion request. California and other eligible state residents may also use in-app privacy settings to submit a formal deletion request.

Applicable agencies

  • FTC
    FTC has authority under Section 5 of the FTC Act to take action against deceptive or unfair biometric data practices by financial technology companies.
    File a complaint →
  • State AG
    State Attorneys General in Illinois, Texas, and Washington have specific enforcement authority over biometric data collection under BIPA, CUBI, and state privacy laws respectively.
    File a complaint →

Provision details

Document information
Document
Cash App Privacy Policy
Entity
Cash App
Document last updated
March 24, 2026
Tracking information
First tracked
April 1, 2026
Last verified
April 1, 2026
Record ID
CA-P-000608
Document ID
CA-D-00076
Evidence Provenance
Source URL
https://cash.app/legal/us/en-us/privacy
Wayback Machine
View archived versions →
SHA-256
69c7c79259723420474d0d708f68242145ad8b4a4cdf694f61dcda675b7cc3f6
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Cash App | Document: Cash App Privacy Policy | Record: CA-P-000608
Captured: 2026-04-01 13:04:38 UTC | SHA-256: 69c7c79259723420…
URL: https://conductatlas.com/platform/cash-app/cash-app-privacy-policy/biometric-and-facial-scan-data-collection/
Accessed: April 4, 2026
Classification
Severity
High
Categories
Data collection

Other provisions in this document