As one of the world’s largest retailers, Walmart has immense economic power – but with that comes immense responsibility, especially towards its customers. You’d be correct if you thought Walmart collects data on its customers, but what is done with this data?
Additionally, what is Walmart’s privacy policy regarding customer data? We don’t always think about this when we’re signing up or shopping, so here is what you need to know!
What Is Walmart’s Privacy Policy In 2024?
Walmart’s privacy policy reveals that the corporation collects vast amounts of data from customers, including basic personal information, but also education, financial, demographic, location, and even biometric data in 2024. Such information may be shared or sold, but only with the customer’s consent. In the state of California, that consent may be revoked.
To learn more about all the types of data Walmart collects and what they do with it, if Walmart is bound by HIPAA laws, and just how Walmart keeps your data secure, keep reading for all the FAQs!
What Data Does Walmart Collect?
As a multinational, sprawling corporation, Walmart stores and is privy to loads of customer data.
Much of it you might not even realize you are giving away, or that it could be of any importance.
Some of the information that Walmart collects includes:
- Basic contact information, including name and address, phone number, and email address
- Internet and network activity
- Driver’s license number
- Demographics (age, etc.)
- Financial information
- Health and insurance information
- Information about protected characteristics, like gender or nationality
- Order history
- Iris/retina imagery and fingerprints
- Geolocation information
- Employment
- Education
- Your preferences and habits
This information may be provided by you or another member of your household, or it might come from a device you used.
It could also be shared by another company (e.g., Sam’s Club) that is a Walmart subsidiary or it could simply come from surveillance footage of you inside a Walmart store.
Walmart tries to stress that they mostly collect this information to optimize the customer’s shopping experience and to keep the website and other tech secure.
However, it is clear that Walmart shares the data, among its family of companies and even beyond, with third-party sellers on the Marketplace.
While they might not outright sell it, you can be sure that Walmart wouldn’t collect it in the first place if it didn’t help them profit in some way.
And unless you live in California, you cannot request that Walmart delete your personal information.
Unfortunately, only California has passed sweeping privacy protection laws that allow residents to revoke their consent to have data collected.
While Nevada has passed legislation that allows customers to request a company not sell their data, Walmart can revoke this because they only share it.
Walmart does share your information, and they may do so with affiliates, third parties, service providers, law enforcement, and financial service vendors.
Walmart seems careful in this respect not to sell customer data, as “sharing” allows them to circumvent some laws, as in Nevada.
Note the section on this page that reads Nevada Privacy Rights.
“Walmart does not sell your personal information for money,” it reads after explaining that in Nevada, consumers can request their personal info not be sold.
However, the key phrase is “for money,” which indicates some other barter system may be in effect between Walmart and the companies that mine/analyze this type of data.
Only if you live in the state of California can you request that Walmart cease collecting data on you, which should start from the date your request is received.
Unfortunately, at this time, there is no overarching federal law protecting consumers from having their very personal information sold or shared.
Does Walmart Follow HIPAA?
Walmart does comply with HIPAA laws, though you have to peruse its Notice of Privacy Practices carefully.
You will find a section that reads “If you have questions about this Notice, contact HIPAA Compliance, Walmart Inc…”
Additionally, It says that if you believe your HIPAA rights have been violated, you can contact Walmart’s compliance officer.
(You can also go straight to the Secretary of the Department of Health and Human Services.)
HIPAA, of course, states that personal health information, or PHI, can only be disclosed with the patient’s consent or without it under specific circumstances.
How Does Walmart Keep Your Data Secure?
Walmart says that they keep personal information secure by “reasonable security measures, including physical, administrative, and technical safeguards.”
They continue,
“These measures may include physical and technical security access controls or other safeguards, information security technologies and policies, procedures to help ensure the appropriate disposal of information, and training programs.”
Unfortunately, that’s as in-depth as Walmart is willing to get about its safety measures, but you can bet that a massive corporation such as this can afford the best of the best.
To that end, the customer can help protect personal information in one small but major way: Picking strong passwords and not using the same passwords over and over.
To know more, you can also read our posts on Walmart international strategy, what is Walmart, and is Walmart safe.
Conclusion
Walmart is one of the largest retailers in the world, and as such, the company has access to mountains of customer data, which are shared, but not sold.
In addition to complying with HIPAA laws where a customer’s medical information may cross with other stores, the company maintains that it stringently keeps such data safe and secure.