Which regulatory agencies enforce this type of clause?

{'agency': 'CFPB', 'reason': 'The CFPB enforces Regulation P and GLBA consumer privacy requirements for financial institutions and their banking-as-a-service partners.', 'complaint_url': 'https://www.consumerfinance.gov/complaint/'}, {'agency': 'FTC', 'reason': 'The FTC enforces the GLBA Safeguards Rule and Section 5 unfair or deceptive practices standards for data sharing with third-party service providers.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Sharing for Everyday Business Purposes — No Opt-Out clause as medium severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Sharing for Everyday Business Purposes — No Opt-Out — Chime

Share 𝕏 Share in Share 🔒 PDF

Monitor governance changes for Chime Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

The Bancorp Bank can share your personal financial information — including your account details, transactions, and credit information — with service providers and for business operations without giving you any right to opt out.

ⓘ

This analysis describes what Chime's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

This is the broadest sharing category and applies to all Chime customers — you have no ability to stop the bank from sharing your sensitive financial data for these purposes.

Recent Activity

This document changed recently

Medium Apr 20, 2026

The updated notice states Chime no longer shares your personal information (such as transaction history and creditworthiness) with other financial companies for joint marketing purposes. This is a na…

Consumer impact (what this means for users)

Your Social Security number, account balances, transaction history, and credit information can be shared with third-party service providers and used for business operations without your consent or any opt-out mechanism, meaning this data sharing is effectively non-negotiable if you use the service.

How other platforms handle this

Verizon Medium

California law gives residents the right to know what personal information we collect, use, share or sell; to delete personal information under certain circumstances; to opt-out of the sale or sharing of their personal information; to correct inaccurate personal information; to limit the use and dis...

Home Depot Medium

You have the right to opt out of the sale or sharing of your personal information. To exercise this right, please click on the 'Do Not Sell or Share My Personal Information' link available on our website, or contact us as described in the 'Contact Us' section of this policy. We will process your req...

Grammarly Medium

If you are a California resident, you have certain rights with respect to your personal information, including: The right to know about the personal information we collect, use, disclose, and sell. The right to delete your personal information. The right to opt out of the sale or sharing of your per...

See all platforms with this clause type →

Monitoring

Chime has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
Reasons we can share your personal information: For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus. Do we share? Yes. Can you limit this sharing? No.

— Excerpt from Chime's Chime Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1) REGULATORY FRAMEWORK: This provision is expressly authorized under GLBA/Regulation P (12 C.F.R. §1016.13-1016.15), which permits sharing NPI with service providers performing functions on behalf of the financial institution without requiring opt-out rights. The OCC (for national banks) and CFPB enforce these standards. However, sharing must comply with GLBA's safeguards requirements (16 C.F.R. Part 314) and data minimization principles under the FTC Act Section 5. 2)

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Watcher free for 14 days

Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.

Applicable agencies

CFPB

The CFPB enforces Regulation P and GLBA consumer privacy requirements for financial institutions and their banking-as-a-service partners.
File a complaint →
FTC

The FTC enforces the GLBA Safeguards Rule and Section 5 unfair or deceptive practices standards for data sharing with third-party service providers.
File a complaint →

Applicable regulations

CCPA/CPRA

California, USA

Connecticut Data Privacy Act Amendments

US-CT

CAN-SPAM

United States Federal

FCRA

United States Federal

FTC Act Section 5

United States Federal

GLBA

United States Federal

Indiana Consumer Data Protection Act

US-IN

Kentucky Consumer Data Protection Act

US-KY

TCPA

United States Federal

Universal Opt-Out Mechanism Expansion 2026

Provision details

Document information

Document

Chime Privacy Policy

Entity

Chime

Document last updated

May 5, 2026

Tracking information

First tracked

May 8, 2026

Last verified

May 8, 2026

Record ID

CA-P-006620

Document ID

CA-D-00078

Evidence Provenance

Source URL

https://www.chime.com/privacy-policy/

Wayback Machine

View archived versions →

Content hash (SHA-256)

2abe49718004a1f397ca825b6b38f54ec9b89102654fa3ae82ef2e8ffea944af

Analysis generated

May 8, 2026 12:08 UTC

Methodology

summarize_document-v7

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Chime
Document: Chime Privacy Policy
Record ID: CA-P-006620
Captured: 2026-05-08 12:08:44 UTC
SHA-256: 2abe49718004a1f3…
URL: https://conductatlas.com/platform/chime/chime-privacy-policy/sharing-for-everyday-business-purposes-no-opt-out/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

Medium

Other risks in this policy

Joint Marketing Partner Data Sharing medium
Limited Opt-Out for Non-Affiliated Third Party Sharing medium
Types of Personal Information Collected high
Sharing with Affiliates medium
Annual Privacy Notice Delivery medium
Data Security and Protection Obligations medium

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Chime's Sharing for Everyday Business Purposes — No Opt-Out clause do?

This is the broadest sharing category and applies to all Chime customers — you have no ability to stop the bank from sharing your sensitive financial data for these purposes.

How does this clause affect you?

Is ConductAtlas affiliated with Chime?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Chime.