Target may collect sensitive categories of personal information, including biometric data (such as facial geometry in certain states), precise geolocation, and financial information, depending on how you interact with their services.
Biometric and sensitive data carries heightened privacy risks because it is difficult or impossible to change if compromised, and its collection may be subject to strict state laws like Illinois' BIPA.
Collection of biometric identifiers triggers obligations under the Illinois Biometric Information Privacy Act (BIPA), Texas CUBI, and Washington's My Health MY Data Act. CPRA also requires a higher standard of care for sensitive personal information. Legal teams should audit specific biometric data collection practices and consent mechanisms.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Target collects extensive personal data — including purchase history, location, browsing behavior, and inferences about your preferences — and shares it with advertising partners and third parties for targeted marketing purposes. This means your shopping habits may be used to build a detailed profile of you that is shared beyond Target itself. You can opt out of the sale and sharing of your personal information by visiting Target's privacy preferences page at https://www.target.com/c/target-privacy-policy/-/N-4sr7p or by using the 'Do Not Sell or Share My Personal Information' link on Target's website.