Residents of certain US states (including California, Colorado, Virginia, and others) have additional rights to access, delete, correct, or opt out of the sale of their personal data.
These rights can give you meaningful control over your data — but only if you know they exist and take steps to exercise them.
The supplemental state privacy disclosures engage CCPA/CPRA (California), CPA (Colorado), VCDPA (Virginia), and equivalent statutes in other states, each with specific response timelines (typically 45-90 days), opt-out mechanisms, and non-discrimination requirements. Legal teams should confirm response workflows, authorized agent procedures, and appeal processes are operationally implemented.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Cash App collects highly sensitive personal data including biometric facial scans, Social Security numbers, bank account numbers, geolocation, and detailed transaction histories, and shares this information with affiliates, advertisers, financial partners, and law enforcement. Users have limited ability to opt out of certain data uses, particularly marketing and behavioral profiling, though state residents (e.g. California, Colorado) may have broader rights including data deletion and opt-out of data sharing. You can submit a data access, deletion, or opt-out request through Cash App's privacy request portal at https://cash.app/legal/us/en-us/privacy.