United States Privacy Notice
Last updated: February 26, 2026
This United States Privacy Notice (“Notice”) is for people living in the U.S., and describes how we collect, use, and disclose your personal information. This Notice supplements our Global Privacy Policy.
For purposes of the Notice, the terms “personal information” and “sensitive personal information” encompass the terms “personal data” and “sensitive personal data” and have the meaning provided under applicable U.S. state privacy laws. Please note that the Gramm-Leach-Bliley Act (GLBA) applies to contexts where you are applying for or obtaining certain financial products or services for personal, family, or household purposes. U.S. state privacy laws do not. For more information about your rights under the GLBA and how we collect, disclose, and secure information online when you apply for or obtain those financial products and services, review our U.S. Financial Privacy Notice.
Purpose for Collection and Disclosure of Personal Information. We’ve collected and disclosed the below categories for personal information to create, develop, operate, deliver, and improve our Services, to communicate with you, to ensure the safety, security and integrity of our Services, and for the business and commercial purposes outlined in Section 2. How We Use Your Information and Section 3. How and Why We Share Your Information, respectively. We do not collect, use, or disclose sensitive personal information for purposes other than those specified in this privacy policy, to provide the Services, or as permitted under applicable law. In addition, to the extent that Coinbase de-identifies personal information, we take reasonable measures to maintain and use the information in a de-identified manner and do not make any attempts to re-identify such information, except as permitted under applicable law.
Collection and Disclosure of Personal Information. In the past 12 months, we’ve collected the below categories of personal information, and disclosed the specific types of personal information below (as that data is further referenced and outlined in Section 1. What Information We Collect) with the following categories of recipients:
Category of Personal Information | Information Collected and Disclosed | Categories of Recipients |
|---|---|---|
Identifiers | Basic User Information Supplemental Identification Information Electronic Identification Information Institutional Information Informazioni finanziarie | Third party identity verification services Financial institutions Service providers Professional advisors Our Affiliates |
Protected classifications under California and federal law, including gender, age, and citizenship | Supplemental Identification Information Electronic Identification Information | Third party identity verification services Professional advisors |
Commercial information such as records of services purchased, obtained, or considered | Informazioni sulle transazioni | Third party identity verification services Financial institutions Service providers Professional advisors Our Affiliates |
Internet or other electronic network activity information | Informazioni sull'uso del prodotto Informazioni su app, browser e dispositivo Informazioni provenienti da cookie e tecnologie simili | Third party identity verification services Service providers Professional advisors Our Affiliates |
Geolocation data | Informazioni su app, browser e dispositivo | Third party identity verification services Service providers Professional advisors |
Audio, electronic, visual, thermal, olfactory, or similar information | Call and video recordings Comunicazioni | Third party identity verification services Service providers Professional advisors Our Affiliates |
Professional or employment related information | Institutional Information Deposito diretto Stipendio | Third party identity verification services Service providers Professional advisors Our Affiliates |
Inferences about preferences, characteristics, predispositions, etc. | Information derived from other information about you, which could include your preferences, interests, and other information used to personalize your experience or provide you Services | Service providers Professional advisors Our Affiliates |
Collection and Disclosure of Sensitive Personal Information. In the past 12 months, we’ve collected and disclosed the following categories of sensitive personal information, with the following categories of recipients. We have limited our collection, use and disclosure of sensitive personal information to only those purposes which are permitted under applicable U.S. state privacy laws.
Category of Sensitive Personal Information | Information Collected and Disclosed | Categories of Recipients |
|---|---|---|
Government identifiers | Supplemental Identification Information Electronic Identification Information | Third party identity verification services Professional advisors |
A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account | Basic User Information | |
The contents of a consumer’s mail, email, and text messages (unless the business is the intended recipient of the communication) | Comunicazioni | Service Providers Professional Advisors |
Biometric information (via our service providers) | Electronic Identification Information | Third party identity verification services Financial institutions Professional advisors |
Sources of Personal Information. We gather various types of personal information from our customers and individuals who access or use our Services from a range of sources, such as:
information you give us when you sign up for, or otherwise use our Services;
information we receive from our Affiliates and third parties; and
information we collect automatically through cookies and similar technologies (see our Cookie Policy for more information on this type of information).
Selling or Sharing of Personal Information. In the past 12 months, we’ve disclosed identifiers with third party analytics providers, advertising partners, and ad networks for analytics and targeted advertising purposes, which may constitute a “sale” / ”share” (as those terms are defined in the CCPA).
We do not have actual knowledge that we sell or share the personal information of individuals under 16 years of age.
How Long We Retain Your Personal Information.
We retain your information as needed to provide our Services, comply with legal obligations, or protect our or others’ interests. We decide how long we need information on a case-by-case basis.
Here is what we consider:
When the information was collected or created;
Whether it is necessary in order to continue offering you our Services; and
Whether we are required to hold the information to comply with our legal obligations, including AML/KYC compliance or other financial regulatory obligations, or information preservation requirements. We also keep certain information where necessary to protect the safety, security and integrity of our Services, Customers, and Users.
Privacy Rights. Residents of specific states have the following rights with respect to personal information collected and processed under U.S. state privacy laws, subject to certain exceptions and limitations. For example, U.S. state privacy laws do not apply to all personal information that we collect and process, including personal information that is governed instead by federal financial privacy laws, such as the GLBA. For information about your rights under the GLBA, please review our U.S. Financial Privacy Notice.
Right to Know. You have a right to request the following information about our collection, use and disclosure of your personal information, and ask that we provide you with a copy in a portable, usable format of the following:
categories of and specific pieces of personal information we have collected, sold, or shared about you;
categories of sources from which we collect personal information;
the business or commercial purposes for collecting personal information;
categories or specific third parties to whom the personal information was disclosed for a business purpose; and
categories of personal information disclosed about you for a business purpose.
Right to Correct. You have a right to request that we correct inaccurate personal information maintained about you.
Right to Delete. You have a right to request that we delete personal information, subject to certain exceptions.
Right to Opt Out. You have the right to opt out from the “sale” / “sharing” of your personal information, including the processing of your personal information for purposes of targeted advertising.
Right to Non-Discrimination. We will not discriminate against you for exercising any of these rights.
Exercising Your Rights. You may exercise your privacy rights by going to your Privacy Rights Dashboard, which also allows you to make individual rights requests relating to your personal information after verifying your identity. If you cannot access the Dashboard, you can contact us via our Support Portal or email dpo@coinbase.com. We may take steps to verify your identity before complying with your request to protect your privacy and security, and may decline your request if we are unable to verify your identity. To verify your identity, we may collect information such as your email address, government issued ID, or date of birth, before providing a substantive response to the request.
You can exercise your right to opt out of the “sale” / “sharing” of your personal information, including the processing of your personal information for purposes of targeted advertising by visiting the Do Not Sell or Share My Personal Information link at the bottom of this page and disabling the “Share My Personal Info with third party partners for Advertising” toggle. In addition, you may also be able to set your browser to transmit a “global privacy control” ("GPC”) signal or another approved “universal opt-out mechanism” to opt out of “sharing” and “targeted advertising” (as defined under applicable U.S. state privacy laws). If you notify us of your preference through GPC, we will honor your request for the browser or device that sends the GPC signal. If you do not have an account or are not logged into your account, your request to opt out through the GPC will not apply to any account information. Please note that if you return to our website from a different device, or from a different browser on the same device, you may need to apply the GPC or other signal for that browser and/or device as well.
Authorized Agent. Under certain U.S. state privacy laws, you may designate an authorized agent to exercise privacy rights on your behalf. To do so, you must: (1) provide that authorized agent written and signed permission to submit such a request; and (2) verify your own identity directly with us. Please note, we may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf.
Appeal. Under certain U.S. state privacy laws, you may appeal Coinbase’s decision regarding a privacy right request. In order to appeal a declined request, please email dpo@coinbase.com.
Profiling: We do not process consumer’s personal data for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects, as those terms are defined under U.S. state privacy laws.
Questions. If you have questions or concerns regarding this Notice, or if you have a complaint, please contact us on our Support Portal, at dpo@coinbase.com, or by writing to us at the address of your Coinbase service provider (provided in Section 11. Our Relationship With You). Additionally, information about the specific Coinbase entity (or entities) that are responsible for your personal information (known as the “data controller” in certain countries) is provided in Section 11. Our Relationship With You.
