Credit card data sharing has been around for a while. Fortunately, financial institutions appear to be marginally less pathological about allowing people to control how their personal data is used than certain large social media companies, and there are opt-outs for pretty much all of the major financial institutions.
According to the article, users can also opt out of the tracking on Google's side using Google's privacy controls. However, I think it's probably best to opt out of that data being collected in the first place, since the financial companies are probably selling that data to other companies.
Here's the link for Mastercard: https://www.mastercard.us/en-us/about-mastercard/what-we-do/... (the language is kind of strange - "To opt-out from our anonymization of your personal information to perform data analyses" - I'm hoping it refers to opting out of sharing your anonymized personal info, not opting out of the anonymization so they can sell your un-anonymized personal info, but someone should confirm this by sending them a letter).
Amex seems to be somewhat better about this, saying "We only share your personal data with third parties where it is necessary to provide you with products or services or as part of the nature of our relationship with you, where we have previously informed or been authorized by you, in connection with our efforts to reduce fraud or criminal activity, or as permitted by law." (source: https://www.americanexpress.com/us/content/customer-privacy-...). Whether anonymized data is considered 'personal data' isn't clear, though - the definition given is "any information that relates to an identified or identifiable individual." Whether the "relates to" property persists after anonymization is not specified.
It's also worth noting that opting out of data sharing by a credit card network does not limit data sharing by the bank that issues the card - for that, you probably have to contact them separately (Chase, for instance, has a privacy number you need to call to opt out of data sharing https://www.chase.com/digital/resources/privacy-security/que...).
According to the article, users can also opt out of the tracking on Google's side using Google's privacy controls. However, I think it's probably best to opt out of that data being collected in the first place, since the financial companies are probably selling that data to other companies.
Here's the link for Mastercard: https://www.mastercard.us/en-us/about-mastercard/what-we-do/... (the language is kind of strange - "To opt-out from our anonymization of your personal information to perform data analyses" - I'm hoping it refers to opting out of sharing your anonymized personal info, not opting out of the anonymization so they can sell your un-anonymized personal info, but someone should confirm this by sending them a letter).
Visa users can opt out here: https://usa.visa.com/legal/privacy-policy-opt-out.html (actual opt-out page is https://marketingreportoptout.visa.com/OPTOUT/request.do).
Amex seems to be somewhat better about this, saying "We only share your personal data with third parties where it is necessary to provide you with products or services or as part of the nature of our relationship with you, where we have previously informed or been authorized by you, in connection with our efforts to reduce fraud or criminal activity, or as permitted by law." (source: https://www.americanexpress.com/us/content/customer-privacy-...). Whether anonymized data is considered 'personal data' isn't clear, though - the definition given is "any information that relates to an identified or identifiable individual." Whether the "relates to" property persists after anonymization is not specified.
It's also worth noting that opting out of data sharing by a credit card network does not limit data sharing by the bank that issues the card - for that, you probably have to contact them separately (Chase, for instance, has a privacy number you need to call to opt out of data sharing https://www.chase.com/digital/resources/privacy-security/que...).