Public collects highly sensitive personal information when you sign up and use its platform, including your Social Security number, government ID, and financial account details.
This analysis describes what Public.com's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This is some of the most sensitive personal and financial data that exists, and its collection creates significant obligations for Public and meaningful risks for users if it is mishandled or exposed.
When you open a Public account, the platform collects your SSN, government-issued ID, and full financial account details. If this data is involved in a breach or shared inappropriately, the consequences for your financial and personal identity can be severe.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Public.com has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We collect information you provide directly to us, such as when you create an account, make a transaction, or contact us for support. This information may include your name, email address, postal address, phone number, date of birth, Social Security number, government-issued identification, financial account information, and other information you choose to provide.— Excerpt from Public.com's Public.com Privacy Policy
REGULATORY LANDSCAPE: Collection of Social Security numbers, government IDs, and financial account information by a registered broker-dealer implicates SEC Regulation S-P, the GLBA Safeguards Rule (as updated by the FTC's 2023 amendments for non-bank financial institutions), and state data breach notification laws. The FTC and SEC are primary enforcement authorities. CCPA/CPRA classifies SSNs and government IDs as 'sensitive personal information' subject to heightened disclosure and opt-out obligations under California law. GOVERNANCE EXPOSURE: High. The collection of government IDs and SSNs creates obligations under both federal financial privacy law and state breach notification statutes in all 50 states. A data incident involving this category of data would trigger mandatory notification obligations across multiple jurisdictions and potential regulatory scrutiny from the SEC and FTC. JURISDICTION FLAGS: California residents have CCPA/CPRA rights specific to sensitive personal information including SSNs and government IDs. New York's SHIELD Act imposes data security obligations for any business handling NY residents' private information including SSNs. Illinois, Texas, and other states have independent breach notification timelines that may be shorter than federal guidance. CONTRACT AND VENDOR IMPLICATIONS: Any vendor receiving or processing SSNs or government ID data on behalf of Public must be assessed against the updated GLBA Safeguards Rule's vendor oversight requirements, including written contracts specifying appropriate safeguards. Procurement teams should confirm that data processing agreements with identity verification and KYC vendors meet these standards. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that the data minimization and retention schedules for SSNs and government IDs are documented and consistent with both FINRA recordkeeping rules and applicable deletion obligations under CCPA. A periodic review of access controls for this data category is recommended given its heightened regulatory classification.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This is some of the most sensitive personal and financial data that exists, and its collection creates significant obligations for Public and meaningful risks for users if it is mishandled or exposed.
When you open a Public account, the platform collects your SSN, government-issued ID, and full financial account details. If this data is involved in a breach or shared inappropriately, the consequences for your financial and personal identity can be severe.
ConductAtlas has identified this type of provision across 3 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Public.com.