What are the institutional and regulatory implications of this document?

REGULATORY LANDSCAPE: This policy engages the Gramm-Leach-Bliley Act (GLBA), which governs the sharing of nonpublic personal information by financial institutions and requires notice and opt-out rights for sharing with nonaffiliated third parties. The California Consumer Privacy Act (CCPA) and its amendment under the California Privacy Rights Act (CPRA) are also engaged, given explicit references to California resident rights including the right to know, delete, correct, and opt out of sale or …

How does Chime's Chime Privacy Policy affect users?

Under this policy, users' financial account data, transaction history, device identifiers, and in-app behavioral activity are subject to sharing with bank partners, service providers, and third-party advertising platforms for marketing and analytics purposes. The policy discloses integrations with identity resolution services such as LiveRamp, which connects Chime activity to broader advertising profiles. California residents may submit requests to opt out of the sale or sharing of personal inf…

How often is Chime's Chime Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Chime updates this document?

Yes. Watcher subscribers ($9.99/month) can add Chime to their watchlist and receive same-day email alerts whenever this document or any other Chime document changes.

CA-D-000078

Chime Privacy Policy

Chime

Last change detected May 11, 2026 Privacy policy

SHA-256: ac892b8cd6fbafc0340… 3 versions captured 3 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Chime ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

0 High severity

5 Medium severity

3 Low severity

Summary

This document establishes Chime's data collection, use, and sharing practices for users of its banking application and website. Chime collects transaction history, location data, device activity, and behavioral information, and discloses that such data is shared with bank partners, service providers, and advertising platforms including Facebook, TikTok, and Google. The policy authorizes California residents to submit opt-out requests regarding the sale or sharing of personal information through Chime's privacy portal or by contacting privacy@chime.com.

Technical / Legal Breakdown

This document is Chime's consumer-facing privacy policy governing the collection, use, and sharing of personal information in connection with its financial technology products and services, operating under a stated framework that includes the federal Gramm-Leach-Bliley Act (GLBA) and applicable state privacy laws. The policy states that Chime collects a broad range of personal data including financial account information, government-issued identification, transaction history, device identifiers, location data, and behavioral data derived from app and website usage; the terms authorize sharing this information with service providers, bank partners (The Bancorp Bank and Stride Bank), marketing partners, and in certain cases third-party advertisers. Notably, the policy discloses use of an extensive array of third-party tracking technologies on its website (including Facebook Pixel, TikTok Pixel, Google Tag Manager, Taboola, Reddit Ads, and LiveRamp identity resolution), which represents a materially broad advertising data ecosystem for a financial services provider; the intersection of financial data and behavioral advertising tracking may warrant evaluation under GLBA's limits on information sharing and FTC Act standards for unfair or deceptive practices. The policy references California Consumer Privacy Act (CCPA) rights for California residents, including the right to know, delete, and opt out of the sale or sharing of personal information; the GLBA's notice and opt-out framework applies to nonpublic personal information shared with nonaffiliated third parties, and the breadth of third-party integrations observed in the page source creates compliance surface area requiring careful mapping of data flows against these frameworks. Material compliance considerations include whether behavioral and device-level data collected through advertising pixels constitutes nonpublic personal information subject to GLBA opt-out requirements, and whether the extent of cross-context behavioral advertising disclosures satisfies CCPA's opt-out of sale or sharing obligations.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

3 important changes detected

3 versions captured · Last updated: May 2026

May 11, 2026

medium

What changed Chime removed detailed sharing disclosures and opt-out question-and-answer format from their privacy policy, replacing it with a single line directing users to update Privacy Settings via their account or mobile app. Previously, the policy explicitly stated whether The Bancorp shared personal information for various purposes and whether customers could limit sharing; the updated version consolidates this into a single instruction to login and adjust settings.

Why this matters The updated policy no longer explicitly discloses whether Chime or its banking partner The Bancorp shares personal information for specific purposes such as marketing, joint marketing, or affiliate use. Previously, each sharing scenario included a 'Yes' or 'No' answer and stated whether customers could limit sharing. The revised policy directs users to login to chime.com or the Chime Mobile application and update their Privacy Settings to control sharing. You can adjust sharing preferences through your account settings, but the policy no longer itemizes which sharing practices are subject to customer limits.

View full change record →

April 20, 2026

medium

What changed Chime updated its privacy notice with mostly minor edits, but made one material change: it now states it does NOT share information with other financial companies for joint marketing purposes, where it previously indicated it did. The notice also removed language stating that The Bancorp does share personal information with affiliates for everyday business purposes. These changes narrows what data The Bancorp says it shares with third parties.

Why this matters The updated notice states Chime no longer shares your personal information (such as transaction history and creditworthiness) with other financial companies for joint marketing purposes. This is a narrowing of third-party data sharing compared to the prior language. The notice also clarifies that Chime does not share certain affiliate information, which may further limit how your data is used by related companies. These changes reduce the scope of data sharing disclosed in the privacy notice.

View full change record →

April 19, 2026 medium

Chime's updated Consumer Privacy Notice (revised February 2025) contains several substantive changes to data sharing disclosures. Most significantly, the policy now states that Chime shares customer information for joint marketing …

View change record →

Medium — 5 provisions

Third-Party Advertising and Tracking Technologies Compare →

Chime and its advertising partners use tracking tools like cookies and pixels to collect your browsing and app behavior, which may be used to show you targeted ads.

Added May 11, 2026 Standard Seen across 251 platforms
GLBA Nonpublic Personal Information Sharing with Bank Partners

Chime shares your financial and personal information with its partner banks (The Bancorp Bank and Stride Bank) and service providers as part of operating its financial services.

Added May 11, 2026 Rare
CCPA Rights for California Residents

If you live in California, you have legal rights to see, delete, correct, and opt out of the sale or sharing of your personal information held by Chime.

Added May 11, 2026 Rare
Broad Personal Information Collection Scope

Chime collects a wide range of personal and financial data from you directly, including your Social Security number and transaction history, as well as automatically collected technical data like your device ID and location.

Added May 11, 2026 Rare
LiveRamp Identity Resolution Integration

Chime uses LiveRamp, an identity resolution service, to link your activity across different devices and platforms for marketing purposes.

Added May 11, 2026 Rare

Low — 3 provisions

Data Retention and Deletion Rights Compare →

Chime keeps your personal information for as long as it needs to, including for legal and business reasons, even after you request deletion.

Added May 11, 2026 Standard Seen across 223 platforms
Children's Privacy and Age Restriction Compare →

Chime's services are not intended for children under 13 and the company states it does not knowingly collect data from minors under that age.

Added May 11, 2026 Standard Seen across 262 platforms
Contact and Privacy Rights Exercise Mechanism Compare →

You can contact Chime about privacy questions or to exercise your rights by emailing privacy@chime.com or writing to their San Francisco address.

Added May 11, 2026 Standard Seen across 262 platforms

Monitoring

Chime has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Types of Personal Information Collected and similar clauses.

Compare across platforms →

Mapped Governance Frameworks

CCPA/CPRA

California, USA

View official text ↗

FTC Act Section 5

United States Federal

View official text ↗

Archival ProvenanceSource & Archival Record

Last Captured May 11, 2026 18:33 UTC

Capture Method Automated scheduled archival capture

Document ID CA-D-000078

Version ID CA-V-002453

Source URL https://www.chime.com/privacy-policy/

Wayback Machine View external archival references →

SHA-256 ac892b8cd6fbafc034099a7e11a8c3f8379c552abaecee3fa67df1aa3ffb7ea3

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

Chime Privacy Policy

May 11, 2026

April 20, 2026

Mapped Governance Frameworks

Monitor governance changes across the platforms you rely on.