Lime collects your credit card and billing information when you pay for rides, but passes the actual card processing to third-party payment companies and says it does not store full card numbers.
This analysis describes what Lime's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
While Lime states it does not store full credit card numbers, billing addresses and payment metadata are retained, and your payment data is processed by third-party processors whose security standards and data practices are governed by separate agreements.
Your payment information including billing address is shared with third-party payment processors to complete ride transactions, and while Lime states it does not store full card numbers, residual payment metadata is retained and subject to Lime's broader data practices.
How other platforms handle this
When you visit the Careers portion of our websites, we collect the information that you provide to us in connection with your job application. This includes but is not limited to business and personal contact information, professional credentials and skills, educational and work history and other in...
American does not knowingly collect personal information directly from children – persons under the age of 13, or another age if required by applicable law – other than when required to comply with the law or for safety and security reasons. Due to the nature of our Services, we may collect travel i...
We may collect information about your location, including precise geolocation information, when you use our Services. We use this information to provide location-based services, such as showing you products available in your area, and for other purposes described in this Privacy Policy.
Monitoring
Lime has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect payment information when you use our Services, including credit card numbers, billing address, and other financial information necessary to process your transactions. Payment information is processed by our third-party payment processors, and we do not store complete credit card numbers on our servers.— Excerpt from Lime's Lime Privacy Policy
REGULATORY LANDSCAPE: Payment data collection engages PCI DSS (Payment Card Industry Data Security Standard) obligations for card data handling, CPRA's treatment of financial information as personal data subject to consumer rights, and potentially state-level financial data protection laws. The CFPB has jurisdiction over payment processing practices where they relate to consumer financial products. Tokenization and non-storage of full card numbers is consistent with PCI DSS requirements. GOVERNANCE EXPOSURE: Low-Medium. The statement that Lime does not store complete credit card numbers is consistent with standard industry PCI DSS compliance and reduces direct financial data breach risk. However, the identity of third-party payment processors is not disclosed, making it difficult to assess the full data security posture for payment processing. Billing address data retained by Lime is subject to CCPA/GDPR deletion and access rights. JURISDICTION FLAGS: US (PCI DSS, state financial data laws, CFPB oversight), EU (GDPR applies to payment metadata), California (CPRA covers financial information). New York's SHIELD Act requires reasonable safeguards for financial data of NY residents. CONTRACT AND VENDOR IMPLICATIONS: Payment processor contracts should include PCI DSS compliance attestations, data breach notification obligations, and restrictions on secondary use of payment data. Audit whether processor contracts meet GDPR Article 28 requirements for EU user payment data. COMPLIANCE CONSIDERATIONS: Confirm PCI DSS attestation of compliance is current, verify payment processor DPAs include GDPR Article 28 requirements for EU users, map which payment metadata fields are retained by Lime versus the processor, and confirm breach notification procedures cover payment processor incidents.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Netflix updated its Privacy Statement on April 18, 2026, disclosing voice recording collection and expanded household ad profiling for the first time.
Google's Privacy Policy covers Search, Gmail, YouTube, Maps, and every site running Google Analytics. Here is what it actually authorizes.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
While Lime states it does not store full credit card numbers, billing addresses and payment metadata are retained, and your payment data is processed by third-party processors whose security standards and data practices are governed by separate agreements.
Your payment information including billing address is shared with third-party payment processors to complete ride transactions, and while Lime states it does not store full card numbers, residual payment metadata is retained and subject to Lime's broader data practices.
ConductAtlas has identified this type of provision across 2 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Lime.