Track 1 platform and get the weekly governance digest. No credit card required.
This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology
This is Walmart's privacy policy for customers who shop in its stores or online, covering what personal information Walmart collects and how it uses and shares that information. The policy states that Walmart collects your purchase history, location data, browsing activity on its platforms, financial information, and in some cases biometric identifiers, and authorizes sharing this data with advertising, analytics, and financial partners, including through its Walmart Connect advertising network. If you are a California resident or resident of another state with a comprehensive privacy law, you can submit a privacy rights request to limit data sharing, opt out of data sales, or request deletion of your personal data through Walmart's privacy rights portal at https://www.walmart.com/account/privacy or by calling 1-800-925-6278.
This document is Walmart's Customer Privacy Notice (Online and In-Store), published August 1, 2025, governing the collection, use, sharing, and retention of personal information from customers who interact with Walmart's retail stores, websites, mobile applications, and related services across the United States. The notice states that Walmart collects identifiers (name, address, email, phone number, government ID numbers), financial information (payment card data, bank account details), commercial information (purchase history, product returns), geolocation data, internet and network activity (browsing history on Walmart platforms, search queries, interactions with advertisements), inferences drawn from consumer profiles, biometric identifiers in certain contexts, and audio/visual information from in-store cameras. The notice authorizes sharing of personal information with service providers, advertising and analytics partners, data brokers operating within Walmart's Connect advertising platform (Walmart Connect), and third-party financial partners, and states that certain data sharing with advertising partners may constitute a 'sale' or 'sharing' of personal information under California law, requiring opt-out mechanisms. The notice engages the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), with the California Privacy Protection Agency (CPPA) as enforcement authority, and also references state privacy laws in Virginia, Colorado, Connecticut, Texas, and other states that have enacted comprehensive consumer privacy legislation, with consumer rights varying by jurisdiction. Compliance teams should evaluate the scope of Walmart Connect's advertising data practices, the adequacy of opt-out mechanisms for data sale and sharing, and data retention schedules disclosed in the notice, particularly for biometric data subject to Illinois BIPA and similar state biometric privacy statutes.
Institutional analysis available with Professional
Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Professional.
Start Professional free trialMonitoring
Walmart has updated this document before.
Watcher includes same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
Professional Governance Intelligence
Need provision-level monitoring and regulatory mapping?
Professional includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.
Start Professional free trialCross-platform context
See how other platforms handle Biometric Data Collection and similar clauses.
Compare across platforms →Governance Monitoring
Structured alerts for policy changes, governance events, and provision updates across 318+ platforms.