MetaMask can share your personal data with other Consensys-owned companies and with outside vendors that help run its services. These third parties are supposed to keep your data confidential, but the policy permits broad internal sharing across the Consensys corporate family.
This analysis describes what MetaMask's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Affiliate sharing means your data can move across multiple Consensys products and business lines without your specific consent for each transfer, potentially exposing your financial activity data to a wider set of internal systems and personnel than you might expect.
Interpretive note: The exact scope of affiliate entities and the specific data categories shared are not fully enumerated in the publicly available policy text, creating some uncertainty about the breadth of this provision in practice.
Personal data including wallet addresses and transaction metadata may be shared across all Consensys-affiliated entities, meaning data collected by MetaMask could inform activities at Infura, ConsenSys Mesh, and other group companies without additional notice.
How other platforms handle this
We may also share your personal information with third parties that assist us in providing our services, or where we are under an obligation to report to. But rest assured: we will only ever share your personal information in the limited circumstances described in this Policy.
We may share your personal information with third parties in the following circumstances: With service providers who perform services on our behalf, such as data analytics, marketing, customer service, and technology services. With financial partners, including banks, brokerage firms, and payment pr...
We may share your information with third parties that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your information with business partners who offer products or services that...
Monitoring
MetaMask has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.— Excerpt from MetaMask's MetaMask Privacy Policy
REGULATORY LANDSCAPE: Affiliate data sharing engages GDPR Article 6 lawful basis requirements; sharing within a corporate group does not automatically constitute a lawful basis under GDPR, and each transfer must be justified. CCPA/CPRA may treat affiliate sharing as a form of data sharing that triggers opt-out rights depending on whether the affiliate relationship qualifies as a common business purpose. The FTC Act may apply if affiliate sharing practices diverge from disclosed purposes. GOVERNANCE EXPOSURE: Medium. Affiliate sharing is common in large technology groups, but MetaMask's user base includes individuals with strong privacy expectations around financial data. The breadth of the Consensys portfolio means this provision could authorize sharing across a wide range of products. JURISDICTION FLAGS: EU users have stronger protections against intra-group sharing without documented legal basis. California users may have rights under CPRA to limit sharing with affiliates for cross-context behavioral advertising purposes. UK users face similar considerations under UK GDPR. CONTRACT AND VENDOR IMPLICATIONS: Organizations deploying MetaMask in enterprise contexts should identify which Consensys affiliates may receive employee or customer data as a result of this provision and assess whether those transfers require separate contractual protections. COMPLIANCE CONSIDERATIONS: Legal teams should review whether intra-group data sharing agreements or binding corporate rules are in place to govern affiliate transfers, particularly for cross-border flows from the EU/EEA to US-based Consensys entities.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Affiliate sharing means your data can move across multiple Consensys products and business lines without your specific consent for each transfer, potentially exposing your financial activity data to a wider set of internal systems and personnel than you might expect.
Personal data including wallet addresses and transaction metadata may be shared across all Consensys-affiliated entities, meaning data collected by MetaMask could inform activities at Infura, ConsenSys Mesh, and other group companies without additional notice.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by MetaMask.