Wealthfront collects a selfie photograph from Clients to verify their identity, and in some states this counts as biometric data under privacy law. The company requires its identity verification vendors to delete this data within 90 days.
This analysis describes what Wealthfront's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Biometric data carries heightened legal protection in several states, and the 90-day vendor destruction timeline is a contractual commitment rather than a statutory minimum, meaning enforcement depends on Wealthfront's vendor contracts rather than direct regulatory obligation in all jurisdictions.
Interpretive note: The adequacy of the consent mechanism ('where required by law') varies by jurisdiction; Illinois BIPA requires affirmative written consent before collection, and the policy's conditional framing may not satisfy this standard uniformly.
Provision expanded with specific details about vendor destruction requirements and conditional consent mechanisms for biometric data.
View full change record →Clients must submit a selfie photograph for identity verification, which may be treated as biometric data under laws like Illinois BIPA; this data is held by third-party vendors and is contractually required to be destroyed within 90 days, but consumers have no direct mechanism to request earlier deletion from those vendors.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If we collect health information from these integrations (such as heart rate), we will not sell or use it for advertising or other similar purposes; we do not disclose it to third parties without your prior consent; and we will only use it for the specific purposes described in this Policy.
We collect your personal data when you use our Services, create a new eBay account, provide us with information via a web form, add or update information in your eBay account, participate in online community discussions or otherwise interact with us.
Monitoring
Wealthfront has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may use third-party vendors for identity verification. These vendors analyze whether the Client's "selfie" matches the government-issued identity document. The information collected from Client photographs may constitute biometric information in some jurisdictions. Where required by law, we will seek consent from you prior to any such collection. We require our third-party vendors who support identity verification to agree to destroy any potential biometric data that is created or gathered for purposes of verifying your identity no more than ninety (90) days after its collection.— Excerpt from Wealthfront's Wealthfront Privacy Policy
(1) REGULATORY LANDSCAPE: This provision directly engages Illinois BIPA (740 ILCS 14), which requires informed written consent before collecting biometric identifiers and mandates a retention and destruction schedule, and Texas and Washington biometric privacy statutes. The FTC has also issued guidance on biometric data practices under its unfair or deceptive practices authority. State AGs in Illinois, Texas, and Washington are primary enforcement authorities. The policy's conditional language ('where required by law, we will seek consent') may be insufficient in BIPA-governed contexts, which require affirmative written consent before collection, not merely where legally mandated. (2) GOVERNANCE EXPOSURE: High. BIPA carries a private right of action with statutory damages of $1,000 to $5,000 per violation, and Illinois courts have applied this broadly. The policy's formulation that consent will be sought 'where required by law' rather than uniformly may create exposure if Illinois residents are subject to collection without jurisdiction-specific consent workflows. (3) JURISDICTION FLAGS: Illinois creates the highest exposure due to BIPA's private right of action. Texas and Washington have similar statutes with AG enforcement. California's CCPA treats certain biometric data as sensitive personal information requiring opt-in consent, creating an additional compliance layer for California Clients. The 90-day destruction timeline should be verified as compliant with applicable state statutory destruction schedules, which vary by jurisdiction. (4) CONTRACT AND VENDOR IMPLICATIONS: The 90-day destruction commitment is a contractual obligation imposed on vendors, not a self-executing regulatory requirement. Vendor contracts should be audited to confirm this language is present, enforceable, and that vendors have deletion certifications. Procurement teams should assess whether identity verification vendors operate in jurisdictions with independent biometric data obligations that could conflict with the 90-day schedule. (5) COMPLIANCE CONSIDERATIONS: Consent workflows should be reviewed to ensure that jurisdiction-specific BIPA and CCPA consent requirements are met before biometric collection occurs, rather than relying on a general 'where required by law' standard. A vendor audit should confirm adherence to the 90-day destruction requirement, and deletion certifications should be documented for regulatory defensibility.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Biometric data carries heightened legal protection in several states, and the 90-day vendor destruction timeline is a contractual commitment rather than a statutory minimum, meaning enforcement depends on Wealthfront's vendor contracts rather than direct regulatory obligation in all jurisdictions.
Clients must submit a selfie photograph for identity verification, which may be treated as biometric data under laws like Illinois BIPA; this data is held by third-party vendors and is contractually required to be destroyed within 90 days, but consumers have no direct mechanism to request earlier deletion from those vendors.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Wealthfront.