Webull can share your personal data with its related companies — including its parent company and subsidiaries — for various business purposes.
Your personal and financial data may be shared with Webull's parent company and affiliated entities, which may include companies based in or connected to China, potentially exposing your data to foreign access or surveillance.
Cross-platform context
See how other platforms handle Data Sharing with Affiliates and Subsidiaries and similar clauses.
Compare across platforms →Given Webull's corporate structure involving China-linked entities, sharing personal and financial data with affiliates raises national security and regulatory concerns that go beyond standard privacy considerations.
REGULATORY FRAMEWORK: Regulation S-P (17 CFR §248.11) permits broker-dealers to share NPI with affiliates under the financial holding company framework, subject to the Gramm-Leach-Bliley Act (15 U.S.C. §6801 et seq.). CCPA/CPRA defines 'business' broadly to include affiliated entities, and sharing data within a corporate family for non-operational purposes may constitute 'sharing' requiring an opt-out. GDPR Art. 26 and Art. 28 apply to intra-group data sharing within EU-accessible entities. The Committee on Foreign Investment in the United States (CFIUS) and emerging DOJ regulations under Executive Order 14117 may restrict bulk data flows from US persons to Chinese-affiliated entities. Enforcement authority: SEC, FINRA, CPPA, DOJ (national security), FTC.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.