Cash App states it may collect the precise location of your device, including through your IP address and mobile device location data, with an option to disable precise geolocation collection in your device settings.
This analysis describes what Cash App's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Precise geolocation data is classified as sensitive personal information under the CCPA/CPRA and analogous state laws, and the policy states this data may be collected by default unless the user takes action to disable it at the device level.
The updated policy establishes that children under 13 may use Cash App services if a parent or guardian signs up for or authorizes the account on their behalf. Previously, the policy explicitly prohibited any use by children under 13. The revised language clarifies that data deletion obligations apply when Cash App learns an account belongs to an unauthorized child under 13, but does not specify what happens to data from authorized child accounts or how parental oversight operates. A separate Privacy Notice for Children is referenced but not included in the change summary.
View change record →The revised policy shifts from prohibiting all children under 13 from using Cash App to permitting use when a parent or guardian explicitly authorizes or signs up for the service on the child's behalf. This creates a new lawful use path for families, but also establishes a distinction between authorized and unauthorized child accounts. The policy states that if a child under 13 operates an unauthorized account, Cash App will delete collected data upon discovery. Parents or guardians who authorize services should review the new Privacy Notice for Children for details on how child data is processed.
View change record →The updated terms state that children under 13 can no longer use Cash App, eliminating a path that previously existed for parents to authorize accounts on behalf of younger children. The revised language no longer references a separate Privacy Notice for Children, consolidating all child data handling disclosures into the main policy. If Cash App collects data and later learns it came from a child under 13, the policy requires deletion of that data, though the updated language broadens this obligation by removing the phrase 'for an unauthorized account', potentially extending deletion requirements beyond accounts that were never authorized.
View change record →Previous version had empty excerpt; current version now provides detailed description of precise geolocation collection and mentions opt-out mechanisms.
View full change record →The policy states that Cash App may collect precise geolocation information from your mobile device; users who wish to limit this collection can disable location permissions for Cash App in their device's privacy or location settings.
How other platforms handle this
Geolocation Information
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
Monitoring
Cash App has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"Geolocation Information. The location of your device, including your IP address and location of your network provider. This may include precise geolocation information. For more information and to learn how to disable collection of precise geolocation information from your mobile device, please see below.— Excerpt from Cash App's Cash App Privacy Policy
1) REGULATORY LANDSCAPE: Precise geolocation data is classified as sensitive personal information under the CCPA/CPRA, requiring a separate opt-in consent for collection or a clear right to limit use, enforced by the California Privacy Protection Agency. The FTC Act applies to location data collection practices in financial services. The My Health MY Data Act in Washington may apply where geolocation data is used to infer health-related information. 2) GOVERNANCE EXPOSURE: Medium. The notice discloses precise geolocation collection and provides direction to disable it at the device level, which is consistent with common industry practice for mobile applications. However, the CPRA's sensitive personal information opt-out and limitation rights require that a mechanism be available at the application or service level, not solely at the device operating system level. 3) JURISDICTION FLAGS: California residents have the strongest rights under CPRA to limit the use of sensitive personal information including precise geolocation. Colorado, Connecticut, Virginia, and Texas residents may have similar rights under applicable state privacy laws. The adequacy of device-level opt-out instructions as a substitute for an in-app limitation mechanism is jurisdiction-dependent. 4) CONTRACT AND VENDOR IMPLICATIONS: Third-party analytics, advertising, and fraud detection vendors that receive or process precise geolocation data must be covered by appropriate data processing agreements. If precise location data is shared with advertising or marketing partners, this sharing should be evaluated against CCPA/CPRA opt-out and sensitive data requirements. 5) COMPLIANCE CONSIDERATIONS: Compliance teams should verify whether the in-app or service-level mechanism for limiting precise geolocation use satisfies CPRA sensitive personal information requirements, in addition to the device-level option described in the notice. Data mapping should confirm which vendors receive or process precise geolocation data and under what contractual terms.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Precise geolocation data is classified as sensitive personal information under the CCPA/CPRA and analogous state laws, and the policy states this data may be collected by default unless the user takes action to disable it at the device level.
The policy states that Cash App may collect precise geolocation information from your mobile device; users who wish to limit this collection can disable location permissions for Cash App in their device's privacy or location settings.
ConductAtlas has identified this type of provision across 7 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Cash App.