Your ability to control your data depends heavily on where you live — EU users have the strongest protections under GDPR, California users have CCPA rights, but users in many other jurisdictions have far fewer enforceable rights.
Consumer impact
Coinbase collects a wide range of sensitive personal data — including government-issued identity documents, Social Security numbers, financial account details, transaction history, biometric data, IP addresses, and device identifiers — as a condition of using its platform, and this data may be retained long after account closure due to regulatory obligations. Users' financial transaction data may be shared with blockchain analytics companies, advertising networks, and government agencies without individual notification in many circumstances, creating meaningful privacy and surveillance risks. You can review, download, or request deletion of your personal data by visiting the Coinbase Privacy Center at coinbase.com/settings/privacy.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Export Your Data
Log into Coinbase, go to Settings > Privacy, and submit a Data Access Request or Data Portability Request. You will receive a downloadable copy of your personal data, typically within 30 days.
Delete Your Data
Go to the Coinbase Privacy Center, select 'Delete My Data', and follow the prompts. Note that regulatory retention obligations will prevent deletion of some financial records even after account closure.
Applicable agencies
State AG
California's AG and Privacy Protection Agency enforce CCPA/CPRA consumer rights requests; other state AGs enforce equivalent rights under state privacy laws.