Uber collects bank account or payment account details from drivers and delivery people to facilitate earnings payments and manages this financial information as part of its payment processing infrastructure.
Your banking details are highly sensitive financial data, and understanding how Uber stores, protects, and shares this information is critical to assessing fraud and identity theft risk.
REGULATORY FRAMEWORK: Gramm-Leach-Bliley Act (GLBA, 15 U.S.C. Β§6801 et seq.) may apply if Uber is engaged in financial activities covered by the Act, though Uber's primary status as a technology platform creates regulatory ambiguity. PCI DSS standards apply to payment card data handling. CCPA/CPRA Β§1798.140 classifies financial account numbers as sensitive personal information requiring opt-in for new uses. GDPR Article 9 does not specifically enumerate financial data, but Articles 5 and 32 require appropriate security for all personal data including financial details. Enforcement: CFPB (if GLBA-covered), FTC, CPPA.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Uber collects highly sensitive data from drivers and delivery people including continuous GPS location (even in background), facial images, government ID documents, vehicle telematics, and financial account details, and shares this data with insurers, background check providers, law enforcement, and research partners. Drivers have limited ability to restrict data collection tied to core platform functionality, meaning much of this data collection is a condition of using the platform. You can submit a data access, deletion, or portability request through the Privacy Settings section of the Uber Driver app or at Uber's dedicated privacy portal.