Which regulatory agencies enforce this type of clause?

{'agency': 'CFPB', 'reason': 'The CFPB enforces GLBA, Regulation P, and FCRA standards governing collection and use of SSNs, credit data, and personal financial information.', 'complaint_url': 'https://www.consumerfinance.gov/complaint/'}, {'agency': 'FTC', 'reason': 'The FTC enforces the GLBA Safeguards Rule requiring data security programs protecting SSNs and financial account information held by financial institutions.', 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Types of Personal Information Collected clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Do other platforms have similar clauses?

Yes. ConductAtlas has identified similar Types of Personal Information Collected clauses across approximately 1 other tracked platforms. You can compare how platforms differ on this clause type in the cross-platform comparison view.

Types of Personal Information Collected — Chime

Share 𝕏 Share in Share 🔒 PDF

Monitor governance changes for Chime Create a free account to receive the weekly governance digest and monitor one platform for governance changes.

Create free account No credit card required.

Document Record

What it is

The Bancorp Bank collects highly sensitive financial data about you including your Social Security number, income, account balances, payment history, credit history, and credit scores.

ⓘ

This analysis describes what Chime's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The scope of data collected is extensive and includes your most sensitive identifiers — a Social Security number breach or misuse creates serious risk of identity theft and financial fraud.

Recent Activity

This document changed recently

Medium Apr 20, 2026

The updated notice states Chime no longer shares your personal information (such as transaction history and creditworthiness) with other financial companies for joint marketing purposes. This is a na…

Consumer impact (what this means for users)

Your most sensitive personal and financial identifiers — including your Social Security number, income level, account balances, payment history, and credit scores — are collected and potentially shared under the categories described in this notice, creating significant privacy and identity theft risk if data is not adequately protected.

Cross-platform context

See how other platforms handle Types of Personal Information Collected and similar clauses.

Compare across platforms →

Monitoring

Chime has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

▸ View Original Clause Language DOCUMENT RECORD

"
The types of personal information we collect and share depend on the product or service you have with us. This information can include: Social Security number and income, Account balances and payment history, Credit history and credit scores.

— Excerpt from Chime's Chime Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

1) REGULATORY FRAMEWORK: Collection and use of Social Security numbers is governed by GLBA (15 U.S.C. §6801), the Social Security Number Protection Act, and state laws (e.g., California Civil Code §1798.85, which restricts SSN display and transmission). Credit data collection and sharing is additionally governed by the Fair Credit Reporting Act (FCRA, 15 U.S.C. §1681 et seq.), which imposes permissible purpose requirements and consumer dispute rights. The CFPB enforces both GLBA and FCRA in consumer financial contexts. 2)

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Watcher free for 14 days

Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.

Applicable agencies

CFPB

The CFPB enforces GLBA, Regulation P, and FCRA standards governing collection and use of SSNs, credit data, and personal financial information.
File a complaint →
FTC

The FTC enforces the GLBA Safeguards Rule requiring data security programs protecting SSNs and financial account information held by financial institutions.
File a complaint →

Provision details

Document information

Document

Chime Privacy Policy

Entity

Chime

Document last updated

May 5, 2026

Tracking information

First tracked

May 8, 2026

Last verified

May 8, 2026

Record ID

CA-P-006623

Document ID

CA-D-00078

Evidence Provenance

Source URL

https://www.chime.com/privacy-policy/

Wayback Machine

View archived versions →

Content hash (SHA-256)

2abe49718004a1f397ca825b6b38f54ec9b89102654fa3ae82ef2e8ffea944af

Analysis generated

May 8, 2026 12:08 UTC

Methodology

summarize_document-v7

Evidence

✓ Snapshot stored ✓ Hash verified

Citation Record

Entity: Chime
Document: Chime Privacy Policy
Record ID: CA-P-006623
Captured: 2026-05-08 12:08:44 UTC
SHA-256: 2abe49718004a1f3…
URL: https://conductatlas.com/platform/chime/chime-privacy-policy/types-of-personal-information-collected/
Accessed: May 13, 2026

Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.

Classification

Severity

High

Other risks in this policy

Sharing for Everyday Business Purposes — No Opt-Out medium
Joint Marketing Partner Data Sharing medium
Limited Opt-Out for Non-Affiliated Third Party Sharing medium
Sharing with Affiliates medium
Annual Privacy Notice Delivery medium
Data Security and Protection Obligations medium

Professional Governance Intelligence

Need to monitor specific governance provisions?

Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies

Start Professional free trial

Or start with Watcher →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Chime's Types of Personal Information Collected clause do?

The scope of data collected is extensive and includes your most sensitive identifiers — a Social Security number breach or misuse creates serious risk of identity theft and financial fraud.

How does this clause affect you?

How many platforms have this type of clause?

ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.

Is ConductAtlas affiliated with Chime?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Chime.