What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: This document directly engages the Gramm-Leach-Bliley Act and its implementing Regulation S-P (administered by the SEC and FINRA for registered investment advisers and broker-dealers), CCPA for California residents (enforced by the California Privacy Protection Agency and California AG), biometric privacy statutes in jurisdictions such as Illinois (BIPA) and Texas for selfie/facial recognition data collected during identity verification, and FCRA in connection with hom…

How does Wealthfront's Wealthfront Privacy Policy affect users?

Wealthfront collects personal and financial data including Social Security numbers, account credentials, identification photographs, and third-party account information. For individuals who execute a Client Agreement, the policy establishes that personal data retention is required by regulation and deletion requests generally cannot be fulfilled, whereas Users of free planning tools retain the ability to request data deletion. The policy authorizes opt-out of marketing communications via email …

How often is Wealthfront's Wealthfront Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Wealthfront updates this document?

Yes. Watcher subscribers ($9.99/month) can add Wealthfront to their watchlist and receive same-day email alerts whenever this document or any other Wealthfront document changes.

CA-D-000367

Wealthfront Privacy Policy

Wealthfront

Last change detected April 19, 2026 Privacy policy

SHA-256: 57f573b99c659d48c89… 2 versions captured 0 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Wealthfront ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

0 High severity

6 Medium severity

2 Low severity

Summary

This document establishes Wealthfront's data collection, use, and retention practices across its investment, cash account, and lending products. The policy distinguishes between Users of planning tools and Clients under a Client Agreement: Clients' personal data is retained indefinitely due to regulatory recordkeeping obligations and generally cannot be deleted upon request, whereas Users may request deletion of their data. The policy permits data sharing with service providers, affiliates, and business partners for operational purposes, and establishes opt-out mechanisms for marketing communications and location tracking through account settings or support contact.

Technical / Legal Breakdown

This Privacy Policy, effective December 19, 2025, is jointly issued by five Wealthfront entities (Wealthfront Corporation, Wealthfront Advisers LLC, Wealthfront Brokerage LLC, Wealthfront Home Lending LLC, and Wealthfront Software LLC) and governs the collection, use, retention, and disclosure of Personal Information for Users of free financial planning tools and Clients who enter into formal service agreements, with Financial Privacy-Covered Data additionally governed by the Gramm-Leach-Bliley Act and Wealthfront's separate Financial Privacy Notice. The policy states that Wealthfront will 'never rent, sell, or trade your Personal Information to anyone,' while the terms authorize sharing with affiliated entities, service providers performing business functions, business partners offering joint products, and third parties in connection with mergers or asset transfers; the terms also authorize periodic re-access of linked third-party financial account credentials for as long as an ACH link remains active, and disclose that biometric data (selfie photographs for identity verification) is collected from Clients with destruction required within 90 days by vendor contract. The policy asserts a distinction between Users (who may request data deletion) and Clients (whose data generally cannot be deleted due to regulatory recordkeeping obligations), which is operationally significant and narrows deletion rights considerably for most active account holders; the policy also states that cross-device tracking and browsing activity matching across devices is conducted, and that the site does not respond to Do Not Track signals. The policy engages the Gramm-Leach-Bliley Act (GLBA) and its implementing Regulation S-P, CCPA for California residents, biometric privacy laws in applicable jurisdictions (including Illinois BIPA), and FCRA in connection with home lending credit information; the policy's assertion that federal privacy laws may render state privacy laws inapplicable in certain situations is a legally contested area requiring evaluation under applicable state law, and the adequacy of international transfer protections is described only generally without specifying mechanisms such as Standard Contractual Clauses.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

Medium — 6 provisions

Client Data Deletion Restriction Compare →

If you have opened an account and signed a Client Agreement with Wealthfront, the company states it generally cannot delete your personal information, even if you ask, because financial regulations require them to keep records.

Added April 3, 2026 Standard Seen across 262 platforms
Ongoing Third-Party Account Credential Re-Access Authorization

When you link an outside bank or investment account to Wealthfront, you are authorizing Wealthfront to repeatedly log into that account on your behalf using your credentials, for as long as the link is active, not just once.

Added May 10, 2026 Rare
Biometric Data Collection and Vendor Destruction Requirement Compare →

Wealthfront collects a selfie photograph from Clients to verify their identity, and in some states this counts as biometric data under privacy law. The company requires its identity verification vendors to delete this data within 90 days.

Added May 10, 2026 Standard Seen across 251 platforms
Data Transfer in Merger or Asset Sale Compare →

If Wealthfront is sold, merged, or goes through bankruptcy, your personal financial data may be transferred to the new company or acquirer as part of that deal.

Added May 10, 2026 Standard Seen across 246 platforms
Cross-Device Tracking and Browsing Activity Matching Compare →

Wealthfront may track your online behavior across multiple devices and websites and try to connect your phone activity with your computer activity using location and device identifiers.

Added May 10, 2026 Standard Seen across 251 platforms
Home Lending Expanded Data Sharing Compare →

If you apply for a home loan through Wealthfront, a broader set of third parties, including underwriters and servicers, will receive your most sensitive personal information including your Social Security number, credit history, and financial data.

Added May 10, 2026 Standard Seen across 246 platforms

Low — 2 provisions

No Selling or Trading of Personal Information

Wealthfront commits, in plain terms, that it will not sell or rent your personal data to outside parties for any purpose, ever.

Added May 10, 2026 Rare
No Response to Do Not Track Signals

Wealthfront's website does not honor browser-based Do Not Track signals, meaning that browser settings asking sites not to track you have no effect on Wealthfront's data collection practices.

Added May 10, 2026 Rare