What are the institutional and regulatory implications of this document?

1. REGULATORY LANDSCAPE: This policy engages the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), which grants California residents rights to know, delete, correct, and opt out of the sale or sharing of personal information; the relevant enforcement authority is the California Privacy Protection Agency (CPPA). The policy also implicates state biometric privacy laws, most notably the Illinois Biometric Information Privacy Act (BIPA), given the disclo…

How does Target's Target Privacy Policy affect users?

The policy establishes that Target collects personal data across physical stores, digital channels, and loyalty programs, and authorizes the sharing of this data with advertising and analytics partners to deliver personalized advertising. Users who do not modify their privacy settings operate under a default collection and sharing arrangement. Opt-out mechanisms are available to residents of jurisdictions with applicable data privacy laws through target.com/c/target-privacy-policy or the Target…

How often is Target's Target Privacy Policy updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when Target updates this document?

Yes. Watcher subscribers ($9.99/month) can add Target to their watchlist and receive same-day email alerts whenever this document or any other Target document changes.

CA-D-000260

Target Privacy Policy

Target

Last change detected May 16, 2026 Privacy policy

SHA-256: 9b69ef16f12c45f0ccc… 12 versions captured 12 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at Target ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

8 Total

2 High severity

5 Medium severity

1 Low severity

Summary

Target's privacy policy establishes the company's practices for collecting, using, and sharing personal information obtained through in-store transactions, online shopping, mobile applications, and loyalty programs. The policy authorizes Target to collect purchase history, browsing behavior, precise location data, and biometric information, and to share this data with advertising partners for the purpose of delivering targeted advertising on Target platforms and third-party digital properties. The policy provides residents of California and other states with the ability to opt out of the sale or sharing of personal data for advertising purposes through designated privacy preference mechanisms.

Technical / Legal Breakdown

This document is Target's consumer-facing privacy policy governing the collection, use, sharing, and retention of personal information across Target's digital and physical retail touchpoints, including target.com, the Target app, physical stores, and affiliated programs such as Target Circle, RedCard, and Shipt. The policy states that Target collects a broad range of personal data including identifiers, purchase history, financial data, precise geolocation, biometric data in certain states, health and wellness information, inferences drawn from consumer behavior, and data obtained from third-party sources including data brokers; the terms authorize sharing this data with service providers, advertising partners, data analytics companies, and affiliated brands for targeted advertising and operational purposes. Notably, the policy asserts rights to use consumer data for a Target-operated advertising network (Roundel), to share data with third-party advertising platforms, and to draw behavioral inferences for marketing, which represents a broad but not unusual scope for a major omnichannel retailer; the policy also discloses that precise geolocation and biometric information are collected in some contexts, which creates heightened obligations under state biometric privacy laws and consumer protection frameworks. The policy engages the California Consumer Privacy Act (as amended by CPRA), state biometric privacy statutes including the Illinois Biometric Information Privacy Act, and the FTC Act; California residents, Illinois residents, and residents of other states with comprehensive privacy laws (Virginia, Colorado, Texas, Connecticut) have specific rights documented in the policy, including opt-out of sale or sharing of personal data for cross-context behavioral advertising. Material compliance considerations include Target's operation of an in-house retail media network using consumer purchase and behavioral data, its data sharing practices with advertising technology partners, and its collection of biometric and precise geolocation data, each of which may require jurisdiction-specific review.

Institutional Analysis

Institutional analysis available with Professional

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.

Start Professional free trial

12 important changes detected

12 versions captured · Last updated: May 2026

May 16, 2026

low

What changed Target updated its privacy policy on May 16, 2026, by modifying footer navigation and promotional content. The previous version included links to 'Gift Ideas for Mom', 'Last update: March 5, 2026', and references to updated privacy categories and retention information. The updated version replaces these with different promotional categories including 'Gift Ideas for Dad' and 'Back to School', and removes the explicit update date reference and summary of what was changed. This appears to be a navigation and content reorganization rather than a substantive change to Target's privacy rights, practices, or obligations.

Why this matters This change is a formatting and navigation update to Target's privacy policy footer and does not modify the substantive privacy rights, data collection practices, or consumer obligations stated in the policy. The removal of the 'Last update: March 5, 2026' date reference means the policy footer no longer explicitly displays when the document was last revised, though the policy content itself remains operative. The reorganization of promotional categories in the footer has no effect on how Target collects, uses, or protects consumer data.

View full change record →

May 11, 2026

low

What changed Target's privacy policy homepage was updated on May 11, 2026 to add a timestamp and navigation links. The policy now displays 'Last update: March 5, 2026' and includes explicit references to updated categories of information collected, state-specific privacy information, and retention information, with a 'Back to Top' navigation option. This change appears to be a transparency and navigation update rather than a material change to substantive privacy rights or data handling practices.

Why this matters The updated policy homepage now displays a last-updated timestamp and provides clearer navigation to sections describing what information Target collects, state-specific privacy rights, and data retention practices. This is a structural and transparency change to the policy document itself rather than a change to data handling practices or user rights. You can access these sections directly through the new navigation links provided on the policy page.

View full change record →

May 6, 2026 low

Target's privacy policy was updated on May 6, 2026 with minor changes to webpage content and formatting. One sentence was added and one was modified in the policy document. These …

View change record →

May 2, 2026 low

Target's privacy policy was updated on May 2, 2026 with minor editorial changes: one sentence was removed and one sentence was modified. The document now contains 290 sentences. Based on …

View change record →

April 19, 2026 low

Target updated the promotional content examples in their privacy policy's introductory section on April 19, 2026. The change replaced references to 'Easter Basket Ideas' and 'Health & Wellness' with 'Gift …

View change record →

April 13, 2026 low

Target modified one sentence in its privacy policy on April 13, 2026. The specific language change was not detailed in the change summary provided. Without visibility into the exact text …

View change record →

April 8, 2026 low

Target removed the word 'Health &' from a navigation menu in their privacy policy on April 8, 2026. The section previously read 'Health & Wellness' and now reads 'Wellness'. This …

View change record →

April 7, 2026 low

Target removed two promotional gift-idea categories (Easter Basket Ideas and Gift Ideas for Grads) from the navigation menu in their privacy policy document. This appears to be a formatting or …

View change record →

April 6, 2026 low

Target's privacy policy navigation menu was updated on April 6, 2026 to include a new shopping category link for 'Gift Ideas for Grads' in the page header. This is a …

View change record →

April 1, 2026 low

Target's privacy policy was updated on April 1, 2026, but the detected change appears to be a formatting or navigation element addition rather than a substantive policy modification. The update …

View change record →

March 20, 2026 low

Target's privacy policy update on March 20, 2026 involved removing a line of unrelated marketing content (Easter, Gift Ideas, Deals promotions) and modifying how sponsored content appears in the document. …

View change record →

March 19, 2026 low

Target's privacy policy was updated on March 19, 2026 with minor editorial changes to the policy interface. One sentence was removed from a 'Loading' placeholder section, and new content describing …

View change record →

High — 2 provisions

Biometric Data Collection Compare →

Target may collect biometric data, such as facial geometry, when you use features like virtual try-on. In some states, Target must notify you and get your consent before collecting this data.

Added May 10, 2026 Standard Seen across 251 platforms
Roundel Retail Media Advertising Network Compare →

Target uses your purchase history and browsing data to serve you personalized ads not only on Target's own platforms, but also across other websites and apps through its Roundel advertising business. Third-party ad companies can also track your online behavior across the internet for the same purpose.

Added May 10, 2026 Standard Seen across 189 platforms

Medium — 5 provisions

Precise Geolocation Collection Compare →

If you have location services enabled on your phone, Target may collect your precise real-time location through the Target app to show you nearby stores, check inventory, and serve location-based ads.

Added May 10, 2026 Standard Seen across 251 platforms
Third-Party Data Sources and Data Brokers

Target buys or receives information about you from outside sources like data brokers and social media platforms, and combines it with what it already knows about you to build a more detailed profile for marketing and advertising.

Added May 10, 2026 Rare
California and State-Specific Opt-Out Rights Compare →

If you live in California or certain other states, you have the legal right to stop Target from selling or sharing your personal data for targeted advertising. You can do this by clicking 'Your Privacy Choices' on the Target website or app, or by using a browser tool called Global Privacy Control.

Added May 10, 2026 Standard Seen across 262 platforms
Data Retention Practices Compare →

Target keeps your personal information for as long as it considers necessary for business, legal, or operational reasons, without specifying a defined maximum retention period for most data types.

Added April 27, 2026 Standard Seen across 223 platforms
Target Circle Loyalty Program Data Use

Joining Target Circle means Target tracks your purchases and how you interact with offers, and uses that data not just for rewards but also for personalized advertising purposes.

Added May 10, 2026 Rare

Low — 1 provision

Children's Privacy and Age Restrictions Compare →

Target states its online services are not aimed at children under 13 and claims it does not knowingly collect data from this age group. Parents can contact Target if they believe their child's data was collected.

Added May 10, 2026 Standard Seen across 262 platforms

Monitoring

Target has updated this document before.

Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.

Start Watcher free trial Or create a free account →

Professional Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Professional free trial

Cross-platform context

See how other platforms handle Biometric Data Collection and similar clauses.

Compare across platforms →