Best Buy states it may collect your precise location through its mobile app and draws inferences from your data to build a profile of your preferences and behavior, which qualifies as sensitive personal information under California law.
This analysis describes what Best Buy's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy discloses collection of precise geolocation and financial account details, both of which are classified as sensitive personal information under CPRA and trigger additional rights including the right to limit use, which must be operationally distinct from general opt-out mechanisms.
Interpretive note: The full scope of how precise geolocation data is used for advertising versus operational purposes, and the specific opt-in or opt-out mechanisms available for mobile app location permissions, were not fully confirmed in the available document text.
The policy states Best Buy may collect precise geolocation data from mobile app users who grant location permissions and may use this data to build behavioral profiles, meaning consumers who use the Best Buy app may have their location tracked and used for personalization and advertising.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
We may display advertisements on our Services and those advertisements may be targeted to your interests based on your personal information. We may share your personal information with advertising partners for interest-based advertising purposes. You may opt out of interest-based advertising by visi...
We collect information about your location, such as data from your device's GPS or IP address, when you use our products.
Monitoring
Best Buy has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may collect precise geolocation data when you use our mobile applications and have granted location permissions. We also collect inferences drawn from your personal information to create a profile about you reflecting your preferences, characteristics, and behavior. Sensitive personal information, including financial account details and precise geolocation, is collected and used for the purposes described in this policy. You may have the right to limit our use of sensitive personal information to that which is necessary to perform the services you request.— Excerpt from Best Buy's Best Buy Privacy Policy
1. REGULATORY LANDSCAPE: Precise geolocation and financial account information are classified as sensitive personal information under CPRA, triggering the right to limit use and heightened disclosure obligations. The California Privacy Protection Agency enforces sensitive personal information rights. State laws in Illinois (BIPA, for biometric data), Virginia, Colorado, and Connecticut also treat geolocation and financial data as sensitive categories requiring enhanced protection. The FTC's guidance on location data practices is also relevant. 2. GOVERNANCE EXPOSURE: High. Collection and use of precise geolocation data for advertising or profiling purposes beyond what is necessary to provide requested services may conflict with the right to limit sensitive personal information use under CPRA. The FTC has taken enforcement action against companies that shared precise location data with third parties without adequate consent. 3. JURISDICTION FLAGS: California creates the most immediate exposure given CPRA's explicit sensitive personal information framework. Illinois does not directly regulate geolocation under BIPA but may create exposure if geolocation data is combined with biometric data. States with comprehensive privacy laws generally classify precise geolocation as a sensitive category requiring opt-in consent for collection or heightened disclosure. 4. CONTRACT AND VENDOR IMPLICATIONS: Vendors and advertising partners that receive precise geolocation data should be subject to written agreements restricting use to disclosed purposes. The classification of geolocation data recipients as service providers versus third parties under CCPA/CPRA should be confirmed in vendor agreements. 5. COMPLIANCE CONSIDERATIONS: The mobile app's location permission request should be reviewed to ensure it provides sufficient context for informed consent. The policy should be audited to confirm that the right to limit sensitive personal information use is operationally implemented and accessible to consumers. Data retention limits for precise geolocation data should be documented and enforced.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy discloses collection of precise geolocation and financial account details, both of which are classified as sensitive personal information under CPRA and trigger additional rights including the right to limit use, which must be operationally distinct from general opt-out mechanisms.
The policy states Best Buy may collect precise geolocation data from mobile app users who grant location permissions and may use this data to build behavioral profiles, meaning consumers who use the Best Buy app may have their location tracked and used for personalization and advertising.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Best Buy.