Target · Target Privacy Policy

Data Sharing with Third-Party Service Providers

Medium severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Target shares your personal data with numerous outside companies that help run its business — including payment processors, data analytics firms, and marketing companies — with a contractual requirement that they only use your data for Target's purposes.

Consumer impact (what this means for users)

Your personal information is shared with Target's network of service providers across payment processing, analytics, and marketing functions — the contractual 'purpose limitation' provides some protection but does not prevent broad internal use of your data across Target's vendor ecosystem.

Cross-platform context

See how other platforms handle Data Sharing with Third-Party Service Providers and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

While Target contractually limits service providers' use of your data, the sheer breadth of categories (including data analytics and marketing) means your personal information is routinely transmitted to a wide network of third-party companies.

View original clause language
We share personal information with service providers that perform services on our behalf, such as payment processing, data analytics, marketing, advertising, cloud computing, and customer service. These service providers are authorized to use your personal information only as necessary to provide services to us.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: Service provider data sharing implicates CCPA/CPRA §1798.140(ag) (service provider definition and limitations), which requires written contracts prohibiting service providers from selling or sharing data or using it for their own commercial purposes. GDPR Art. 28 requires formal Data Processing Agreements for all processors. FTC Act Section 5 applies to deceptive representations about service provider data use.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC has enforcement authority under Section 5 of the FTC Act for deceptive data sharing practices with third-party service providers and has issued guidance on vendor accountability.
    File a complaint →

Provision details

Document information
Document
Target Privacy Policy
Entity
Target
Document last updated
April 29, 2026
Tracking information
First tracked
April 27, 2026
Last verified
April 27, 2026
Record ID
CA-P-003625
Document ID
CA-D-00260
Evidence Provenance
Source URL
https://www.target.com/spot/privacy-policy
Wayback Machine
View archived versions →
SHA-256
03ccef46ce3082873d9ba2a43ad976db66be09778b35474f113cb5a73fe11416
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Target | Document: Target Privacy Policy | Record: CA-P-003625
Captured: 2026-04-27 15:13:37 UTC | SHA-256: 03ccef46ce308287…
URL: https://conductatlas.com/platform/target/target-privacy-policy/data-sharing-with-third-party-service-providers/
Accessed: May 2, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document