What can I do about this clause?

{'method': 'IN_APP', 'recipient': "Your device's app location settings (iOS: Settings > Privacy > Location Services > PayPal; Android: Settings > Apps > PayPal > Permissions > Location)", 'difficulty': 'EASY', 'action_type': 'OPT_OUT_ARBITRATION', 'instructions': "Revoke PayPal's access to precise location data by going to your phone's settings, finding the PayPal app under Location permissions, and changing the setting to 'Never' or 'While Using'. Note PayPal may still use your address for approximate location.", 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'FTC', 'reason': 'The FTC has recently taken enforcement action against companies for deceptive or unlawful precise geolocation data collection and sharing practices.', 'complaint_url': 'https://reportfraud.ftc.gov/'}, {'agency': 'State_AG', 'reason': "California's CPPA and state attorneys general in California and Washington have enforcement authority over unlawful precise geolocation data collection under CCPA/CPRA and the My Health MY Data Act.", 'complaint_url': 'https://www.naag.org/find-my-ag/'}

What is the severity of this clause?

ConductAtlas classifies this Precise Geolocation Collection from Financial Account Users clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Precise Geolocation Collection from Financial Account Users — PayPal

Share 𝕏 Share in Share 🔒 PDF

What it is

PayPal collects your exact GPS location whenever you are logged into your financial account, and uses this data for both security and advertising purposes.

Change history

modified Apr 18, 2026

Severity increased from 'medium' to 'high', and the ending excerpt changed from describing personalization benefits to explicitly stating that precise geolocation data is collected while users are logged into financial accounts.

View full change record →

Consumer impact (what this means for users)

PayPal tracks your precise physical location whenever you are logged into your account — not just for security, but also for personalized advertising — and this data is classified as sensitive personal information requiring opt-in under California law.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Opt Out of Arbitration

Revoke PayPal's access to precise location data by going to your phone's settings, finding the PayPal app under Location permissions, and changing the setting to 'Never' or 'While Using'. Note PayPal may still use your address for approximate location.

Cross-platform context

See how other platforms handle Precise Geolocation Collection from Financial Account Users and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Precise geolocation is classified as sensitive personal information under CCPA/CPRA and GDPR, and its collection while you are logged into a financial account goes beyond what many users would expect from a payment service.

View original clause language

Send you locally relevant options and for security. If you agree to let us track your precise geolocation, we can customize our Services by personalizing language and content such as providing location-based options, functionality or offers, ads and search results. Even if you don't allow us to track your precise location, we may still use your address to send you location-based options recommended by businesses that are near your address. In addition, we will use precise geolocation to enhance the security of the Sites and Services. We collect precise geolocation data from Users while they are logged into their financial account.

Institutional analysis (Compliance & legal intelligence)

1. REGULATORY FRAMEWORK: Precise geolocation is classified as sensitive personal information under CCPA/CPRA §1798.121 (requiring opt-in consent for collection), GDPR Art. 9 context (special category adjacent data with heightened risk), and Washington My Health MY Data Act. The FTC Act Section 5 applies to deceptive geolocation collection practices. Illinois and other state laws may impose additional restrictions on location data use for advertising. 2.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

FTC

The FTC has recently taken enforcement action against companies for deceptive or unlawful precise geolocation data collection and sharing practices.
File a complaint →
State AG

California's CPPA and state attorneys general in California and Washington have enforcement authority over unlawful precise geolocation data collection under CCPA/CPRA and the My Health MY Data Act.
File a complaint →

Provision details

Document information

Document

PayPal Privacy Statement

Entity

PayPal

Document last updated

April 29, 2026

Tracking information

First tracked

April 18, 2026

Last verified

April 28, 2026

Record ID

CA-P-002719

Document ID

CA-D-00045

Evidence Provenance

Source URL

https://www.paypal.com/us/legalhub/privacy-full

Wayback Machine

View archived versions →

SHA-256

88e15ed1ee29a80c15e1f44d4a7a869e4f68a15049f8669d6949ec87c64d86cb

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: PayPal | Document: PayPal Privacy Statement | Record: CA-P-002719
Captured: 2026-04-18 08:48:00 UTC | SHA-256: 88e15ed1ee29a80c…
URL: https://conductatlas.com/platform/paypal/paypal-privacy-statement/precise-geolocation-collection-from-financial-account-users/
Accessed: May 2, 2026

Classification

Severity

High

Precise Geolocation Collection from Financial Account Users