What can I do about this clause?

{'method': 'WEB_FORM', 'recipient': 'https://my.plaid.com', 'difficulty': 'MODERATE', 'action_type': 'DELETE_DATA', 'instructions': "Go to my.plaid.com, log in with your credentials, navigate to the connected apps section, and submit a data deletion request to remove your stored financial data from Plaid's systems.", 'deadline_days': None, 'deadline_hours': None}

Which regulatory agencies enforce this type of clause?

{'agency': 'CFPB', 'reason': "Plaid's collection of nonpublic personal financial information including account numbers, balances, and transaction history falls within CFPB jurisdiction over consumer financial data practices under GLBA and Dodd-Frank.", 'complaint_url': 'https://www.consumerfinance.gov/complaint/'}, {'agency': 'FTC', 'reason': "FTC has direct enforcement jurisdiction over Plaid's data collection practices under FTC Act Section 5, as demonstrated by the 2022 $58M consent order for unauthorized financial data collection.", 'complaint_url': 'https://reportfraud.ftc.gov/'}

What is the severity of this clause?

ConductAtlas classifies this Financial Data Collection via Plaid Link clause as high severity. Severity reflects the magnitude of rights affected, the breadth of users impacted, and the degree of discretion the platform retains.

Financial Data Collection via Plaid Link — Plaid

Share 𝕏 Share in Share 🔒 PDF

What it is

When you connect your bank account to an app using Plaid, Plaid collects your account numbers, balances, and full transaction history, as well as personal identity information.

Consumer impact (what this means for users)

Consumers authorize Plaid to collect their bank account numbers, routing numbers, balances, and detailed transaction history, which is then transmitted to third-party app developers, creating substantial downstream data exposure beyond the consumer's immediate relationship with a single app.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.

Delete Your Data

Go to my.plaid.com, log in with your credentials, navigate to the connected apps section, and submit a data deletion request to remove your stored financial data from Plaid's systems.

Cross-platform context

See how other platforms handle Financial Data Collection via Plaid Link and similar clauses.

Compare across platforms →

Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

This provision establishes the breadth of financial data Plaid collects — including your complete transaction history and account credentials — every time you use a Plaid-powered app.

View original clause language

When you use Plaid to connect your financial accounts to an app, Plaid collects information about you, including your financial account information such as account and routing numbers, account balances, and transaction history, as well as identity information used to verify your identity.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: Collection and transmission of nonpublic personal financial information is governed by GLBA §6801-6809, requiring financial institutions to provide privacy notices and safeguard consumer financial data. CCPA/CPRA Cal. Civ. Code §1798.100-1798.199 grants California consumers rights to know what financial data is collected and to request deletion. FCRA 15 U.S.C. §1681 applies if transaction data is used to determine creditworthiness, employment eligibility, or insurance underwriting. FTC Act Section 5 prohibits collection beyond disclosed purposes, directly relevant given the 2022 FTC consent order. GDPR Art. 6 requires a lawful basis for processing; Art. 9 may apply if health-related transactions are inferred.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

CFPB

Plaid's collection of nonpublic personal financial information including account numbers, balances, and transaction history falls within CFPB jurisdiction over consumer financial data practices under GLBA and Dodd-Frank.
File a complaint →
FTC

FTC has direct enforcement jurisdiction over Plaid's data collection practices under FTC Act Section 5, as demonstrated by the 2022 $58M consent order for unauthorized financial data collection.
File a complaint →

Provision details

Document information

Document

Plaid Terms of Use

Entity

Plaid

Document last updated

April 29, 2026

Tracking information

First tracked

April 27, 2026

Last verified

April 27, 2026

Record ID

CA-P-003484

Document ID

CA-D-00170

Evidence Provenance

Source URL

https://plaid.com/legal/

Wayback Machine

View archived versions →

SHA-256

d237d1c00462e75d5d533b760cfa67756e21b1bc9ca5a561b65efe42daabe732

Verified

✓ Snapshot stored ✓ Change verified

How to Cite

ConductAtlas Policy Archive
Entity: Plaid | Document: Plaid Terms of Use | Record: CA-P-003484
Captured: 2026-04-27 13:43:06 UTC | SHA-256: d237d1c00462e75d…
URL: https://conductatlas.com/platform/plaid/plaid-terms-of-use/financial-data-collection-via-plaid-link/
Accessed: May 2, 2026

Classification

Severity

High

Financial Data Collection via Plaid Link