Walmart Privacy Notice

This is Walmart's privacy policy covering how they collect and use your personal information when you shop at Walmart stores, on Walmart.com, or through the Walmart app. The most important thing to know is that Walmart shares your purchase history, browsing behavior, and location data with advertising partners through its Walmart Connect retail media network, meaning your shopping data is used to target you with ads — and you can opt out of this sharing. To limit how Walmart uses your data for advertising, visit walmart.com/account and adjust your privacy preferences, or submit a data rights request at walmart.com/privacy.

This document is Walmart's Customer Privacy Notice governing the collection, use, sharing, and retention of personal information across Walmart's online platforms (walmart.com, app) and physical retail stores, with legal basis rooted in consumer consent, contractual necessity, and legitimate business interests under applicable U.S. state privacy laws including CCPA/CPRA (Cal. Civ. Code §1798.100 et seq.), Virginia CDPA, Colorado CPA, and similar state frameworks. The notice obligates Walmart to provide consumers with rights to access, delete, correct, and opt out of the sale or sharing of personal data, while obligating consumers to provide accurate information; Walmart collects an expansive set of data categories including identifiers, commercial information, geolocation, biometric identifiers (e.g., facial geometry via in-store cameras in some jurisdictions), internet activity, and inferences drawn from consumer profiles. Notably, the notice discloses that Walmart operates a retail media network (Walmart Connect) that monetizes customer purchase and browsing data for targeted advertising, and shares personal data with a broad ecosystem of third-party service providers, marketplace sellers, financial partners, and advertising platforms — a scope of sharing that exceeds what many consumers reasonably expect from a grocery and general merchandise retailer. The document engages CCPA/CPRA, Illinois BIPA (740 ILCS 14), Texas CUBI, Washington My Health Data Act, and FTC Act Section 5 unfair/deceptive practices standards; material compliance considerations include biometric data handling in Illinois and Texas, the adequacy of opt-out mechanisms for data sale/sharing under CCPA, and the integration of health-related purchase data (pharmacy, OTC medications) which may implicate Washington My Health Data Act thresholds.