To learn more about what kind of data Costco collects, if HIPAA laws apply to Costco, what Costco tends to do with different types of data, and other FAQs, read on!
What Data Does Costco Collect?
- Personal information, like name, contact information, social media handles, even driver’s license numbers
- Protected classifications/demographics, like age, DOB, gender, disability status
- Commercial information, including order history, payment methods, etc.
- Geolocation information, both exact and more general (ZIP)
- Information about your Internet connection
- Audio, Video, Electronic surveillance (taken in stores, may be used to aid law enforcement)
- Employment, like your current employer
- Inferences are drawn about you, such as what you’re interested in and what your preferences are
Costco can use all this information to learn more about your buying habits, to then “hack” you and get you to buy more.
However, did you know that you can opt-out of certain uses of your personal information and data?
Fortunately, even though when we sign up for a Costco membership or use the Costco website, we agree to its terms, you can also un-agree.
Additionally, Costco says you have a few options for doing this: visiting a membership counter in any location; calling Membership services, chatting on Costco.com, or even writing to them.
The Membership services number is 1-800-774-2678 and the address is Customer Service, P.O. Box 34622, Seattle, WA 98124.
However, If your household has multiple accounts linked to multiple email addresses, you will have to submit a request for each one.
Does HIPAA Apply To Costco?
The Health Insurance Portability and Accountability Act of 1996 or HIPAA, does apply to health information that Costco might collect.
You might be wondering – how would Costco get your health information? Well don’t forget, many stores have full pharmacies, that fill prescriptions and also give out vaccines.
Therefore, sensitive information that Costco cannot disclose without consent from the patient is called “PHI” or protected health information.
Examples of PHI include:
- Vision test results
- Audiogram results
- Information is given on a patient health history form
- Family member’s health history
If you feel your PIH has been disclosed unlawfully by Costco, you can contact the Privacy Officer at 42-313-8347 or email at firstname.lastname@example.org.
Does Costco Sell Your Data?
Costco does sell some of the data it collects about its customers.
You can see on the helpful chart that Personal Identifiers, Geolocation Information, and Internet Network Activity Info are all sold to “advertising, marketing, and analytics providers.”
So not only does Costco use the information to be more informed about its customers, but the data is also sold to other entities that can form analyses based on demographics.
Again, though: you can opt-out! Costco has made it your right (where governing bodies haven’t fully caught up with technology) to decide if you want your personal info sold or not.
Does Costco Record Your License Plate Number?
Costco uses Automated License Plate Recognition, or ALPR, as a security measure to keep its parking lots safe for customers.
So yes, Costco does collect information, including license plates, and they are used to “detect, prevent, investigate, report and address incidents or illegal activities…”
This is especially useful if/when theft takes place in stores, as it allows Costco to trace the criminals to their vehicle.
Then employees can collect the license plate number and turn it over to the police so that the thieves can be apprehended.
Unfortunately, if you are uncomfortable with this, you will simply have to stop visiting Costco stores or have your groceries delivered via Instacart instead.
To learn more, you can also read our posts on Costco’s shoplifting policy, Costco headquarters, and what is Costco.
Unfortunately, until federal law fully catches up to and addresses the very real privacy issues at play here, we’re reliant on companies like Costco to act in our best interests and keep its customer’s information private.