Square collects sensitive personal information such as financial account details, government IDs, and precise geolocation, and uses it for service delivery and compliance purposes.
Collection of sensitive data like government IDs and financial account numbers increases privacy risk, and under California law you have the right to limit how this data is used.
CPRA establishes a separate right to limit use of sensitive personal information, requiring businesses to provide a 'Limit the Use of My Sensitive Personal Information' link; compliance teams should verify Square's consent mechanisms and data minimization practices align with CPRA and sector-specific requirements under GLBA.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Square collects extensive personal and financial data, including transaction history, device identifiers, and inferred characteristics, and shares this with affiliates, service providers, and advertising partners. Your financial and behavioral data may be used for targeted advertising and cross-context behavioral profiling, which can feel intrusive and may affect what products and services you are shown. You can opt out of the sale or sharing of your personal information for targeted advertising by visiting Square's privacy preferences page or submitting a request through their privacy portal.