The policy states that Target shares personal information with financial partners to operate the Target RedCard program, which includes credit and debit card products.
This analysis describes what Target's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
RedCard data sharing with financial partners may engage federal financial privacy obligations under the Gramm-Leach-Bliley Act (GLBA) and associated regulations, which impose notice, opt-out, and data security requirements for financial institutions sharing nonpublic personal information with nonaffiliated third parties.
Interpretive note: The policy does not identify the specific financial institution(s) operating the RedCard or specify the categories of data shared, creating uncertainty about the full scope of financial data sharing and applicable GLBA obligations.
This provision establishes that Target shares consumer personal information with financial partners for RedCard program operation; RedCard holders may be subject to separate financial privacy notices under the Gramm-Leach-Bliley Act issued by the financial institution that issues the card.
How other platforms handle this
We may share information about you and your transactions with Card Networks and our financial services partners. By accepting this agreement, you authorize Stripe to share your information with these entities for purposes including facilitating your use of the Services, complying with applicable law...
We may share your personal information with: Service providers who perform services on our behalf. Financial partners, such as banks, payment processors, and financial institutions. Professional advisors, such as lawyers, auditors, and insurers. Business partners with whom we jointly offer products ...
We may share your personal information with our affiliates, meaning entities that control, are controlled by, or are under common control with Consensys. We also share information with service providers who assist in operating our services, subject to confidentiality obligations.
Monitoring
Target has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"RedCard. We share information with our financial partners to operate the Target RedCard program.— Excerpt from Target's Target Privacy Policy
1. REGULATORY LANDSCAPE: RedCard credit products are issued through TD Bank or similar financial institution partners, making the Gramm-Leach-Bliley Act (GLBA) and its implementing Regulation P applicable to the financial institution's data practices. The CFPB has enforcement authority over GLBA compliance for financial institutions. The FTC has enforcement authority over non-bank entities. Target's own data practices related to RedCard are governed by its privacy policy but the financial institution partner's practices are governed by GLBA and its own privacy notices. 2. GOVERNANCE EXPOSURE: Medium. The policy does not specify the financial institution partner(s) operating the RedCard, the categories of nonpublic personal information shared, or the opt-out rights available under GLBA Regulation P. RedCard holders may receive separate GLBA privacy notices from the issuing financial institution that govern different data sharing rights than Target's general privacy policy. 3. JURISDICTION FLAGS: GLBA applies federally across all U.S. jurisdictions. California's CCPA/CPRA has a GLBA exemption that may limit CCPA rights for data governed by GLBA. RedCard holders in California should evaluate which rights framework applies to their financial data. 4. CONTRACT AND VENDOR IMPLICATIONS: Target's data sharing agreement with the RedCard issuing financial institution should specify the categories of data shared, permissible uses, and compliance with both GLBA and applicable state privacy statutes. Cross-use of RedCard transaction data for advertising targeting requires careful evaluation under both GLBA and CCPA/CPRA. 5. COMPLIANCE CONSIDERATIONS: Compliance teams should evaluate whether: GLBA privacy notices issued by the RedCard financial partner are consistent with Target's privacy policy disclosures; RedCard transaction data used for Target Circle loyalty benefits or advertising targeting is permissible under both GLBA and CCPA/CPRA; and the CCPA GLBA exemption is correctly applied to limit or extend consumer rights as applicable.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
RedCard data sharing with financial partners may engage federal financial privacy obligations under the Gramm-Leach-Bliley Act (GLBA) and associated regulations, which impose notice, opt-out, and data security requirements for financial institutions sharing nonpublic personal information with nonaffiliated third parties.
This provision establishes that Target shares consumer personal information with financial partners for RedCard program operation; RedCard holders may be subject to separate financial privacy notices under the Gramm-Leach-Bliley Act issued by the financial institution that issues the card.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Target.