Plaid · Plaid Terms of Use

Third-Party Developer Data Sharing

High severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Plaid sends your financial data — including your bank transactions and account details — to the app developer and to Plaid's own service providers whenever you authorize a connection.

Consumer impact (what this means for users)

When a consumer connects their bank account through Plaid, their transaction history and account data is transmitted to the requesting app developer and potentially to multiple downstream service providers, significantly expanding the surface area of financial data exposure beyond what a consumer likely anticipates.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Export Your Data
    Visit my.plaid.com to view which applications and services currently have access to your financial data through Plaid, and revoke access to any apps you no longer authorize.

Cross-platform context

See how other platforms handle Third-Party Developer Data Sharing and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Your sensitive financial data doesn't just go to the app you're using — it's shared with Plaid's network of service providers as well, multiplying the number of entities that hold your banking information.

View original clause language
Plaid shares your financial information with the app or service that you've directed us to connect to your financial accounts. Plaid also shares your information with service providers that perform services on our behalf, and in other circumstances described in our privacy policy.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: GLBA §6802 requires financial institutions to provide notice and opportunity to opt out before sharing nonpublic personal information with nonaffiliated third parties. CCPA/CPRA §1798.115 grants consumers the right to know the categories of third parties to whom their personal information is disclosed. GDPR Art. 13 requires disclosure of recipients or categories of recipients at time of data collection. FTC Act Section 5 prohibits sharing beyond disclosed purposes. FCRA §1681b restricts permissible purposes for sharing consumer financial data.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • CFPB
    CFPB has jurisdiction over third-party sharing of nonpublic personal financial data under GLBA and has issued guidance on consumer financial data rights relevant to Plaid's data sharing architecture.
    File a complaint →
  • State AG
    State attorneys general, particularly in California, have enforcement authority over CCPA/CPRA violations involving unauthorized sharing of consumer financial data with third parties.
    File a complaint →

Provision details

Document information
Document
Plaid Terms of Use
Entity
Plaid
Document last updated
April 29, 2026
Tracking information
First tracked
April 27, 2026
Last verified
April 27, 2026
Record ID
CA-P-003485
Document ID
CA-D-00170
Evidence Provenance
Source URL
https://plaid.com/legal/
Wayback Machine
View archived versions →
SHA-256
d237d1c00462e75d5d533b760cfa67756e21b1bc9ca5a561b65efe42daabe732
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Plaid | Document: Plaid Terms of Use | Record: CA-P-003485
Captured: 2026-04-27 13:43:06 UTC | SHA-256: d237d1c00462e75d…
URL: https://conductatlas.com/platform/plaid/plaid-terms-of-use/third-party-developer-data-sharing/
Accessed: May 2, 2026
Classification
Severity
High
Categories
Unknown

Other provisions in this document