Well, if you live in the US, or anywhere outside of the EU, God only knows. But for customers in the European Union, PayPal is legally required to disclose which data it shares with which companies or organisations, and for which purpose. I noticed the list because a visualization by Rebecca Ricks was shared on Twitter.
When I enlarge the visualization to make the text readable, the whole thing becomes too big to display on my widescreen monitor. It's not her fault.
I wanted an easier way to go through the whole list. So I made a spoken version. This is only the list of third parties. IT LASTS 41 MINUTES.
The text is spoken by http://www.fromtexttospeech.com/ (British English voice - Emma - medium speed). This tool works incredibly well for normal text. Of course it trips up over some of the foreign names and abbreviations here, but the result is still better than you'd expect.
The source of the data is https://www.paypal.com/ie/webapps/mpp/ua/third-parties-list (where /ie/ stands for Ireland - change this part of the URL to /de/ for a German version, /fr/ for French, /nl/ for Dutch etc.)
The list includes well-known names like Equifax, Coinbase, Snap, Spotify, Vodafone, Adyen, Google, Facebook, Amazon, Apple, Microsoft, Oracle, Deloitte, Visa, Deutsche Bank, Bank of America and BNP Paribas. And much more. It makes me wonder: do these partners return the favor and share their customers' data with PayPal?
It looks like the list doesn't even cover government agencies like tax authorities. And the data shared isn't just your name and e-mail address. Customer service vendors, PayPal and eBay subsidiaries, credit and fraud information agencies and ad networks receive basically any data they could wish for.
Don't trust PayPal or banks to keep your data safe. Use Monero whenever possible, so that nobody can track your payments. You can use XMR to pay any merchant that accepts Bitcoin or Australian dollars.