SHIPT, INC. CONSUMER HEALTH DATA PRIVACY POLICY


Last Updated: June 26, 2025


Shipt, Inc. and its affiliates (“Shipt,” “we,” “us,” or “our”) is committed to safeguarding your privacy and maintaining your trust. This Consumer Health Data Privacy Policy (“Policy”) explains how we collect, use, disclose, and protect “consumer health data” as that term is defined below and under applicable U.S. consumer health data laws, including but not limited to Washington’s My Health My Data Act (collectively, “U.S. Consumer Health Data Laws”). This Policy supplements our general Privacy Notice, which can be found here and applies solely to “consumer health data.” Capitalized terms used but not defined in this Policy have the meanings assigned to them in our general Privacy Notice. By engaging with or accessing our platforms, websites, mobile applications, through social media, via email or other contact methods, or any other online or offline services that reference or link to this Policy (collectively, the “Services”), you confirm that you have read, understand, and acknowledge this Policy.


1. SCOPE OF CONSUMER HEALTH DATA

For purposes of this Policy, “consumer health data” means personal information that is reasonably capable of being linked to an individual and that identifies the individual’s past, present, or future physical or mental health status.



2. CATEGORIES OF CONSUMER HEALTH DATA WE COLLECT

We (and the vendors and other parties we use to perform Services on our behalf) may collect the following categories of consumer health data from you, depending on the context of your interactions with Shipt and the choices you make:


  • Information about health conditions, symptoms, diagnoses, treatments, testing, procedures, medications, or medical devices.

  • Social, psychological, behavioral, and medical interventions.

  • Health-related surgeries or procedures.

  • Use or purchase of prescribed medication.

  • Measurements of bodily functions, vital signs, symptoms, or characteristics.

  • Biometric or genetic information that could identify you (for example, facial scans, palm scans, or DNA-related data) where permitted by law.

  • Reproductive or sexual health information (for example, pregnancy status, menstrual cycle details, or fertility-related data).

  • Precise geolocation data that could reasonably indicate an attempt to obtain health services or supplies.

  • Information that reveals a consumer’s attempt to seek or obtain health care services (for example, search queries or appointment scheduling information).

  • Inferences derived from any of the above categories that relate to your health status.


3. SOURCES OF CONSUMER HEALTH DATA

We may collect consumer health data from the following sources:


  • Directly from you. This includes when you create an account, place an order, participate in a survey, or communicate with us online, offline, or by phone.

  • Passively through online tracking tools over time and across different websites and mobile applications. These tools include cookies and pixels. To learn more about cookies visit the FTC’s Online Tracking page. We may also do this on our Services and in emails that we or our vendors send to you. For more information about how we use information that is collected passively, please read the “What Are Your Privacy Choices” section of our general Privacy Notice.

  • From other sources, such as service providers, business partners, health care professionals, social networks, and publicly available sources.

  • By derivation or inference from other data we already hold about you or your device.

  • We may also combine information about you that we receive from other parties with other information about you that we collect when you use the Services or that you choose to share with us, and this combined information may in some instances be considered consumer health data.


4. PURPOSES FOR COLLECTING AND USING CONSUMER HEALTH DATA

We may collect and use consumer health data for the following purposes:


  • To provide, maintain, personalize, administer, and improve the Services, including any health-related features you request.

  • To fulfill and comply with our contractual and other obligations.

  • To fulfill or process transactions and deliver products or samples to you.

  • To administer loyalty, rewards, promotional, or research programs.

  • To provide support and respond to your inquiries, fulfill orders, contact and communicate with you when necessary.

  • To provide you with information, newsletters, promotional materials, and other marketing communications from Shipt and, or on behalf of, our marketing partners and affiliates.

  • To conduct analytics, research, product development, and quality assurance in order to review and improve our Services.

  • To detect, investigate, prevent, or respond to security incidents, fraud, illegal activities, or violations of our terms.

  • For security, safety, compliance, and due diligence purposes.

  • To comply with applicable laws, regulations, legal processes, and governmental requests.

  • To protect our rights, property, and the safety of our users, employees, and the public.

  • For any other purpose disclosed to you at the time of collection or with your consent.



5. HOW WE DISCLOSE CONSUMER HEALTH DATA

We may disclose consumer health data for the purposes described above in the following circumstances:


  • With your consent or as reasonably necessary to complete any transaction or provide any product or service you have requested or authorized.

  • Internally. Among our parent company, subsidiaries, and affiliates where necessary.

  • Service Providers / Processors. With vendors and contractors who perform services on our behalf (for example, cloud hosting, customer service, payment processing, research, analytics, or marketing support) and who are bound by contractual obligations to use the data only as instructed by us.

  • Business Partners. With co-branded partners or other third parties when you use a service, feature, or promotion offered jointly.

  • Your Healthcare Professionals or Others at Your Direction. With third parties when you instruct us to do so.

  • Corporate Transactions. In connection with a merger, acquisition, bankruptcy, reorganization, or sale of assets.

  • Legal or Safety Reasons. As required or permitted by law or to protect the rights, safety, security, or property of Shipt, our users, or others.

  • Other Disclosures. For other purposes for which we provide notice or obtain consent.

We do not sell consumer health data under any circumstances and we do only share consumer health data with third parties for their independent marketing purposes where we have obtained your prior consent.



6. YOUR RIGHTS REGARDING CONSUMER HEALTH DATA

Subject to certain limitations and exceptions under U.S. Consumer Health Data Laws, you may be able to exercise some or all of the following rights:


  • Right to Know/Confirm. You may request to confirm whether we collect, share, or sell your consumer health data.

  • Right to Access. You may request a copy of your consumer health data in a portable and technically feasible format, including a list of all categories of third parties and specific affiliates with whom we have shared or sold your consumer health data and an active email address or other online mechanism that you may use to contact these third parties.

  • Right to Delete. You may request that we delete any of your consumer health data we have collected and retained about you.

  • Right to Withdraw Consent. You may request to withdraw consent or require Shipt to stop collecting, sharing, or selling your consumer health data.


7. HOW TO EXERCISE YOUR RIGHTS

To exercise your rights, please contact us using one of the methods below:


  • Online: https://www.shipt.com/privacy/intake-form

  • Phone: +1 877-557-1484

  • Email: privacy@shipt.com

We will take reasonable steps to verify your identity prior to responding to your requests. When you submit your request, we match the information you provide with information we already have about you to confirm your identity. This includes your name, mailing address, email, and phone number. The verification steps may vary depending on the sensitivity of the information and whether you have an account with us. We will not discriminate against you for exercising any of your rights.


These rights are not absolute. In some situations, we may not be able to process your request, and we may deny certain requests in whole or in part. This may include if a legal exception or obligation applies. If we deny your request, we will explain why your request was denied and how to appeal our decision, as required by applicable law. After receiving our explanation, if you would like to appeal our decision, you may do so as further detailed in our communication back to you. For questions, you may also contact us by calling or emailing us at the contact information below. If you appeal a denial and remain dissatisfied, you may contact your state attorney general or other applicable regulatory authority.



8. SECURITY OF CONSUMER HEALTH DATA

We use administrative, technical, and physical safeguards designed to protect consumer health data from unauthorized access, disclosure, alteration, or destruction. While we strive to secure the data entrusted to us, no security system is perfect, and we cannot guarantee absolute security. If we become aware of a breach involving consumer health data, we will notify you as required by applicable law.



9. RETENTION OF CONSUMER HEALTH DATA

We retain consumer health data for as long as necessary to fulfill the purposes described above, comply with our legal obligations, resolve disputes, enforce our agreements, or as otherwise permitted by law. In lieu of deletion, we may choose to deidentify or anonymize data and retain it for analytics, research, or other legitimate purposes.



10. CHANGES TO THIS POLICY

We reserve the right, at our sole discretion, to change, modify, add, remove, or otherwise revise portions of this Policy at any time. When we make material changes, we will post the updated Policy on our Services and revise the “Last Updated” date. We will also provide additional notice or seek consent or valid authorization where required by law.



11. CONTACT US

If you have any questions, concerns, or complaints regarding this Policy or our practices, you can contact us in one of the following ways:


Send an email to:

privacy@shipt.com


Write to:

Shipt

Attn: Legal Department

420 20th St. N, Suite 100

Birmingham, AL 35203


home

Company

About us

Careers

Newsroom

Partners

Cities

Stores

Blog

Grocery delivery

Sitemap

Members

Delivery

Why Shipt

How Shipt works

Membership

Gift Cards

Password reset

Make money with us

Be a shopper

Be a driver

Be an affiliate

FAQs

Safety

Perks

Support

Help

FAQs

Contact us

HealthPlan Transparency

Kaiser Permanente

BCBS of Alabama

© Shipt, Inc. and its services are not necessarily affiliated or endorsed by the retailers on this site. Shipt does not operate in Alaska, Wyoming, and West Virginia.

Terms of service
Privacy
CA privacy rights
Your privacy choices
Health Data Privacy
Interest-based ads