This analysis describes what Cash App's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The GLBA consumer privacy notice establishes the regulatory framework governing Cash App's handling of nonpublic personal financial information and defines the scope of permissible disclosures to affiliates and nonaffiliated third parties. This disclosure requirement ensures consumers receive standardized notice of financial data practices and available opt-out mechanisms.
The updated policy establishes that children under 13 may use Cash App services if a parent or guardian signs up for or authorizes the account on their behalf. Previously, the policy explicitly prohibited any use by children under 13. The revised language clarifies that data deletion obligations apply when Cash App learns an account belongs to an unauthorized child under 13, but does not specify what happens to data from authorized child accounts or how parental oversight operates. A separate Privacy Notice for Children is referenced but not included in the change summary.
View change record →The revised policy shifts from prohibiting all children under 13 from using Cash App to permitting use when a parent or guardian explicitly authorizes or signs up for the service on the child's behalf. This creates a new lawful use path for families, but also establishes a distinction between authorized and unauthorized child accounts. The policy states that if a child under 13 operates an unauthorized account, Cash App will delete collected data upon discovery. Parents or guardians who authorize services should review the new Privacy Notice for Children for details on how child data is processed.
View change record →The updated terms state that children under 13 can no longer use Cash App, eliminating a path that previously existed for parents to authorize accounts on behalf of younger children. The revised language no longer references a separate Privacy Notice for Children, consolidating all child data handling disclosures into the main policy. If Cash App collects data and later learns it came from a child under 13, the policy requires deletion of that data, though the updated language broadens this obligation by removing the phrase 'for an unauthorized account', potentially extending deletion requirements beyond accounts that were never authorized.
View change record →The provision requires Cash App to disclose its financial data practices and identify categories of third parties that may receive consumer information, including service providers, affiliates, and other nonaffiliated entities. Consumers may have rights to limit sharing of certain information categories pursuant to GLBA opt-out provisions, subject to the specific limitations and exceptions stated in the notice.
How other platforms handle this
We may share information about you and your transactions with Card Networks and our financial services partners. By accepting this agreement, you authorize Stripe to share your information with these entities for purposes including facilitating your use of the Services, complying with applicable law...
We may share your personal information with: Service providers who perform services on our behalf. Financial partners, such as banks, payment processors, and financial institutions. Professional advisors, such as lawyers, auditors, and insurers. Business partners with whom we jointly offer products ...
We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.
Monitoring
Cash App has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"U.S. Consumer Privacy Notice— Excerpt from Cash App's Cash App Privacy Policy
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The GLBA consumer privacy notice establishes the regulatory framework governing Cash App's handling of nonpublic personal financial information and defines the scope of permissible disclosures to affiliates and nonaffiliated third parties. This disclosure requirement ensures consumers receive standardized notice of financial data practices and available opt-out mechanisms.
The provision requires Cash App to disclose its financial data practices and identify categories of third parties that may receive consumer information, including service providers, affiliates, and other nonaffiliated entities. Consumers may have rights to limit sharing of certain information categories pursuant to GLBA opt-out provisions, subject to the specific limitations and exceptions stated in the notice.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Cash App.