As an experienced e-commerce seller, I‘ve helped numerous merchants optimize their privacy practices for marketplaces like Walmart. In this 2,800+ word guide, I‘ll share expert insights into Walmart‘s data collection, sharing, and security from both a consumer and seller perspective.
Let‘s dive in.
What Customer Data Does Walmart Collect?
The types and depth of customer data collected by Walmart is immense. As one of the world‘s largest retailers, they gather data through:
- Online customer accounts
- In-store surveillance and tracking
- Mobile apps
- Third-party data partners
- Public sources
So exactly how much data are we talking? Walmart doesn‘t readily disclose the volume of data points gathered. But we can extrapolate based on stats like:
- 300 million Walmart.com accounts
- Over 11,500 store locations worldwide
- Average of 140 million weekly store customers in the US
- 110 million monthly active Walmart app users
Analyzing these figures, experts estimate Walmart captures over 10 terabytes of customer data per day. This data includes:
Basic Personal Information
- Full name, physical address, email, phone numbers
- Password, user ID, security questions
Walmart requires this info to set up an account. However, you could use a pseudonym and privacy-focused email.
- Age, gender, ethnicity, household size, education level, occupation
Providing this data helps Walmart tailor offerings, but is not mandatory.
- Payment card details, bank account numbers, income data
- Credit history, lending activity, insurance information
Walmart gathers extensive financial data from Walmart MoneyCard, credit cards, bill pay services, and other offerings.
- Prescriptions, medical claims, test results, appointment info
- Doctor names, clinic locations, insurance details
The Walmart Health clinics and pharmacies collect expansive health data, given HIPAA consent.
- Facial recognition data from security cameras
- Fingerprint verification for returns and money transfer
- Potentially exploring palm print and iris scans
Walmart uses biometrics for fraud prevention and security, but lacks transparency on data retention.
Behavioral and Location Data
- Browsing history, purchases, product ratings and reviews
- In-store tracking via cameras with facial recognition
- Precise geolocation from mobile apps
Walmart relentless tracks engagement data across channels to optimize sales.
- Data purchased from brokers, advertisers, credit agencies
- Vendor provided data like warranty registration info
- Public records, social media activity
Via partners, Walmart can flesh out a 360-degree view of customers.
As you can see, Walmart has an unprecedented view into the lives of American consumers. While they state data is used to "enhance services" the quantity collected far exceeds that purpose.
How Does Walmart Share Customer Data?
Walmart technically does not sell customer data directly. However, they readily share it with a wide array of internal and external parties including:
- Sam‘s Club, Vudu, Hayneedle and dozens of other brands
Data is seamlessly shared across Walmart‘s ecosystem.
- Payment processors, shippers, technology vendors, security firms
Essential for operations, but provides data access.
Sellers on Walmart Marketplace
- When you buy via a third-party seller, they can receive select data like name, address, email, purchase history to fulfill the order.
This gives sellers a window into purchase behavior, location, demographics.
- Complies with legal data requests from police, FBI, courts
Concerning amount of data can be handed over on little justification.
- IRS, Medicaid/Medicare, WIC, Social Security
Extensive data sharing with benefits programs.
External Data Processors
- Companies that provide analytics or assist operations.
Data leaves Walmart‘s servers and oversight.
While not sold per se, this data spread across so many parties severely limits customers‘ privacy.
Can Walmart Customers Request Data Deletion?
Here‘s the limitation of Walmart‘s policy: they do not allow customers to request data deletion, except for in California and Nevada due to state laws.
In California, the CCPA grants residents the right to request their data be deleted.
In Nevada, you can opt-out of data sales. But Walmart maintains they "do not sell data" so it does not apply.
In all other states, you cannot require Walmart delete your personal information if you close your account. Data will remain in their systems for years, only removing accounts after prolonged inactivity.
This leads many privacy advocates to call on expanded consumer data rights nationwide. Having personal data persist indefinitely poses risks of misuse.
Does Walmart Follow Health Data Privacy Rules?
Yes, Walmart and all its pharmacies/health services comply with HIPAA regulations regarding protected health information (PHI).
HIPAA sets national standards for when PHI can be accessed or shared without patient consent. For example, data can be used for:
- Treatment purposes (coordinating care between doctors)
- Payment activities (submitting claims to insurance)
- Healthcare operations (quality audits, training)
- Public health purposes (reporting infectious diseases, adverse drugs effects)
- Law enforcement requests with a warrant
If you believe your HIPAA rights have been violated – for instance, if PHI was shared without your authorization – you can file a complaint. This holds Walmart accountable on healthcare data protection.
How Does Walmart Keep Data Secure?
Walmart states that security measures include:
- Physical safeguards like locked facilities, alarm systems, security guards
- Administrative safeguards like privacy policies and training programs
- Technical safeguards like encryption, network security, access controls
However, Walmart has experienced breaches:
- In 2005, hackers accessed hundreds of thousands of customer payment cards.
- In 2007, thieves compromised payroll data containing social security numbers for 43,000 employees.
While they‘ve bolstered security since then, I would grade Walmart‘s measures a B. Data is well protected compared to smaller retailers, but not ironclad like financial institutions. As a customer, you can take steps like using strong unique passwords and enabling two-factor authentication.
How Does This Compare to Other Retailers?
|Retailer||Data Collected||Deletion Rights||Data Sales||Security|
|Walmart||Very Extensive||CA only||No direct sales||B Grade|
|Amazon||Very Extensive||CA only||No direct sales||B+ Grade|
|Target||Extensive||Upon request||No sales||A Grade|
|Costco||Minimal||Upon request||No sales||A Grade|
Walmart is surpassed only by Amazon in customer data collection. But they lag behind Target and Costco in providing account deletion rights and earning top security grades.
How Can Customers Protect Privacy with Walmart?
Here are best practices customers can adopt to better protect their privacy:
- Use guest checkout for in-store purchases whenever possible
- Provide only necessary data when creating accounts
- Carefully monitor account settings and opt-out of data sharing/marketing
- Leverage privacy tools like browser extensions to block tracking
- Monitor credit reports for any suspicious financial activity
- Use strong unique passwords and turn on two-factor authentication
- Ask questions on unclear privacy policies or data usage
- Report concerns to Walmart compliance teams or regulatory bodies
Following these tips will help customers minimize risks, even if Walmart makes limiting data exposure an uphill battle.
How Can Sellers Manage Data Ethically on Walmart Marketplace?
For third-party sellers on Walmart‘s marketplace, it‘s essential to have ethical data practices in place. Here are my top tips:
- Never sell or share customer data beyond the minimum needed to complete transactions and required processing.
- Limit data access to only essential staff, with protections like role-based permissions.
- Use secure storage like encryption at rest and in transit to protect any custtomer data in your systems.
- Have comprehensive data policies that outline internal handling procedures and restrictions.
- Train staff on your data policies, security protocols, and their legal responsibilities.
- Delete data timely once you no longer have a legitimate business purpose to retain it.
- Optimize listing privacy by only requesting the minimum buyer details needed from Walmart to fulfill orders.
- Disclose and get consent for any marketing uses of customer information.
Following ethical data practices protects buyers, maintains Walmart‘s trust, and builds your long-term business reputation.
As both a major retailer and marketplace platform, Walmart sits in an unprecedented position to mine customer data. Consumers have minimal control aside from state laws in California and Nevada. Following best practices around account security, marketing opt-outs, and privacy tools offers some guardrails.
For sellers, treating customer information with care and implementing ethical data policies is key to success on Walmart without compromising buyer privacy.
In our hyper-connected world, data stewardship should be a priority for every business. Both consumers and corporations need to scrutinize privacy practices as technology continues to expand data gathering capabilities.