You have the right to ask Plaid to delete your financial data, and you can do this through the dedicated portal at my.plaid.com.
This analysis describes what Plaid's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Plaid's provision of a dedicated data portal is a notable consumer protection that allows you to see and delete the financial data Plaid holds, which is particularly important given how broadly Plaid's data collection reaches across the fintech ecosystem.
Interpretive note: The verbatim deletion rights language was not available in the truncated document; this characterization is based on Plaid's publicly documented privacy portal and deletion process.
End consumers may see their financial data accessed by a broader range of people under developer accounts, but Plaid now requires developers to formally designate and manage these 'Authorized Users' and take responsibility for their conduct. The introduction of session replay and activity monitoring means developer interactions with your financial data may be recorded for audit or security purposes. The policy does not specify what data is covered by monitoring or how long recordings are retained, which creates operational uncertainty for developers handling sensitive consumer financial information.
View change record →Plaid's updated terms establish a new direct relationship with you through the Plaid Account and introduce a monitoring service that operates through a web app. The terms now authorize Plaid to share financial information needed for third-party apps to initiate payments to or from you, which is a broader statement of data-sharing scope than the previous language. This means Plaid's role shifts from primarily facilitating connections to third-party apps toward directly providing account services, including monitoring. The effective date is April 14, 2026, though the change was detected on April 19, 2026. Review your Plaid Account settings to understand what data Plaid holds and how the monitoring service works.
View change record →The updated terms clarify that Plaid may request and collect phone numbers, email addresses, and other contact information when you connect financial accounts or verify your identity through a Plaid-connected application. The terms no longer describe a separate Plaid Monitoring Service or Plaid Web-App. The Plaid Account is now framed primarily as a tool to accelerate onboarding and use of third-party applications rather than as a standalone service for monitoring and alerts. The updated language authorizes Plaid to store identity verification data within your Plaid Account if you choose to do so.
View change record →Consumers have a direct mechanism to request deletion of their financial data from Plaid's systems at my.plaid.com, which can limit the secondary use of transaction data for Plaid's analytics and product development.
How other platforms handle this
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We may also collect your personal data from other people or companies.
We keep information for as long as we need it to provide our products, comply with legal obligations, or for other legitimate purposes, such as to maintain safety, security, and integrity.
Monitoring
Plaid has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"You may request that Plaid delete personal information we have collected from you. To submit a deletion request or to view the information Plaid holds about you, you may visit my.plaid.com. We will respond to verifiable consumer requests within the timeframes required by applicable law.— Excerpt from Plaid's Plaid End User Privacy Policy
REGULATORY LANDSCAPE: The consumer deletion right reflects obligations under CCPA/CPRA for California residents and GDPR Articles 17 and 18 for EU and UK users. The FTC consent order may also impose deletion obligations independent of state law. Applicable law requirements for response timeframes vary: CCPA requires response within 45 days (extendable by 45 days with notice), and GDPR requires response within one month (extendable by two months for complex requests). GOVERNANCE EXPOSURE: Medium. The existence of the portal is a positive compliance feature. The exposure risk lies in implementation: whether deletion requests result in complete deletion across Plaid's systems including analytics databases and model training sets, and whether the verification process for deletion requests is appropriately calibrated to avoid both over-disclosure to non-account holders and unnecessary friction for legitimate requesters. JURISDICTION FLAGS: California residents have specific rights under CPRA that include the right to correct inaccurate personal information in addition to deletion, and the right to limit use of sensitive personal information. EU and UK users have access rights under GDPR Article 15 and portability rights under Article 20. Compliance with all applicable jurisdiction-specific rights through a single portal requires careful implementation to ensure jurisdiction-appropriate responses. CONTRACT AND VENDOR IMPLICATIONS: Downstream developer partners who have received financial data through Plaid's API may receive deletion requests from consumers that require coordination with Plaid's deletion processes. Data processing agreements should address deletion request propagation obligations to ensure that consumer deletion rights can be honored across the full data sharing chain. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that the deletion process at my.plaid.com covers all data stores where personal information may be held, including backup systems, analytics databases, and trained model weights derived from personal data. The verification mechanism should be reviewed to ensure it meets identity verification standards without creating disproportionate barriers for legitimate consumer requests.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Plaid's provision of a dedicated data portal is a notable consumer protection that allows you to see and delete the financial data Plaid holds, which is particularly important given how broadly Plaid's data collection reaches across the fintech ecosystem.
Consumers have a direct mechanism to request deletion of their financial data from Plaid's systems at my.plaid.com, which can limit the secondary use of transaction data for Plaid's analytics and product development.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Plaid.