Shopper and Prospective Shopper Privacy Notice

This privacy notice was last updated on January 25, 2024.

Scope

Shipt, Inc. (“Shipt”) is committed to protecting your Personal Information and processing it responsibly. This Privacy Notice (“Notice”) describes our general practices relating to the collection, use and disclosure of data relating to prospective shoppers and drivers, as well as current and former shoppers and drivers (collectively, “Shoppers”). “Personal Information” means any information relating to or capable of identifying a particular individual.

This Notice applies to Shipt’s collection of Personal Information during the Shopper sign up process, when communicating or engaging with the Shopper, as well as a Shopper’s use of our shopping platform and delivery services, including the Shopper mobile application, and other Shipt-related sites, mobile applications, communications, capabilities and services (“Technology Services”).

By completing your Shopper sign up, using the Technology Services, or otherwise engaging with Shipt online in your capacity as a Shopper, you signify your acceptance of this Notice. If you do not agree to this Notice, do not access or use any Shipt website, mobile application, or the Technology Services.

We may change or add to this Notice, including updating this Notice or creating additional policies in order to accurately reflect changed circumstances or new legal requirements, so we encourage you to review it periodically. Your continued participation in the sign up process or use of the Technology Services after we make changes is deemed to be acceptance of those changes.

This Notice does not apply to third-party sites linked from our Technology Services or to services offered by other companies or individuals, including products or sites that may be displayed to you. This Notice also does not cover the information practices of other companies or individuals who advertise our Technology Services.

The Shipt Privacy Notice describes our general practices relating to the processing of the Personal Information of our customers, Members and website visitors, as well as office visitors and individuals within our vendor and business partner organizations. If you are seeking employment with Shipt, please refer to the Shipt Job Applicant Privacy Notice for details on how prospective employees' Personal Information is collected, used and disclosed.

For the purposes of this Notice, “Member” or “Members” are respectively an individual or individuals who use Shipt’s services and have subscribed to the Shipt membership service and are enabled to order and receive product delivery through the use of the Shipt platform. “Retail Partners” are those organizations, businesses, and entities where individuals may order goods from their retail business, or purchase and have goods delivered, through the Shopper network.

The Personal Information Shipt Collects

Directly From You

Shipt collects the following categories of Personal Information directly from you when you complete your Shopper sign up, when you use our Technology Services, and when you otherwise interact with or communicate with Shipt (including via phone, email, online forms, or any third-party chat functionality available on our websites and mobile applications).

  • When you complete your Shopper sign up, we collect:

    • Your contact information such as first and last name, email address, mailing address and telephone number.

    • Details of your current and past employment such as name of employer, position held, and dates of employment.

    • Information that may be needed to complete a pre-sign up background check such as date of birth, driver’s license number and Social Security Number (SSN).

    • Education and training information.

    • Citizenship information.

    • The contact information of any personal references.

    • Video recording as part of the interview process.

    • Any other information you may choose to provide as part of the interview process.

  • When you create an account with Shipt, we collect authentication credentials such as username and password.

  • When you utilize any of our Technology Services, we automatically collect information about your device and use of the Technology Services such as IP address, device identifiers, device details, pages visited and accessed through cookies and similar technologies.

  • When you become an active Shopper, we collect:

    • Driver’s license, license plate and other vehicle and registration information, and insurance information

    • Passport information, including image and number.

    • Characteristics of protected classifications such as, but not limited to, age, sex, race, ethnicity, physical or mental disabilities.

    • Financial information such as salary, bank account details, corporate card usage and benefits information.

    • Performance information such as appraisals, performance reviews, disciplinary records, training records, and details of skills and experience.

    • Health-related information such as information regarding benefits programs, insurance and sick leave.

    • Both general (e.g., zip code) and precise (e.g., GPS-based functionality on mobile devices used to access the platform or specific features of the platform) geolocation information (Shoppers must enable location tracking to access and use shopping functionalities).

    • Your photograph.

    • Details of any complaints or concerns raised by you.

    • Your voice or image captured during a call or online meeting recording

    • Communications between you, Shipt and/or Shipt Members via online chat (including via third-party chat functionalities on our website or mobile applications), email, phone or text.

    • Customer ratings and other feedback.

From Other Sources

Shipt obtains Personal Information from third parties such as:

  • During the sign up process:

    • We may collect contact information such as the first and last name, email address, mailing address, and telephone numbers of eligible prospects and details of their employment, education and training experience from a third-party recruiting service.

    • We may collect information about current and past employment, education and training from publicly available sources, as permitted by law.

    • We may work with service providers to collect information in connection with background checks, such as information related to offenses or criminal proceedings or sentences and credit reports and other similar reference checks.

    • Information collected about your past employment experience from previous employers and/or personal references provided by you.

  • Retail Partners who may provide us with information related to shopping and deliveries, including images, recordings or other information related to your activities in the Retail Partner's store.

  • Contact information through referrals from other Shoppers.

  • Details regarding your interactions with Members in the course of performing your services as a Shopper.

We, and the third parties we engage, may combine information we collect from you over time, and across the Technology Services, with information obtained from other sources. This helps us improve the information’s overall accuracy and completeness, and also helps us better tailor our interactions with you.

Social Media

If you interact with us on any social media platform: (i) depending on your social media privacy settings, the Personal Information that you submit on the social media platform may be read, collected, or used by us as described in this Notice, and (ii) where we respond to any interaction with you on social media, your account name/handle may be viewable by any and all members or users of our social media accounts. Social media platforms operate independently from us and we are not responsible for the Personal Information that you choose to submit or link on any social media platform. We encourage you to review the privacy policies and settings of any social media platform with which you interact to help you understand the platform’s privacy practices.

Cookies and Similar Technologies

We and our partners use various technologies to automatically collect and store information when you interact with our Technology Services, including the use of cookies, web beacons, mobile software developments kits (“SDKs”) or similar technologies:

  • Cookies:

    • When you access our Technology Services, Shipt will issue a cookie to your device. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of the Technology Services.

  • Web beacons:

    • Certain webpages maintained by Shipt, as well as emails sent by Shipt, may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that collect information about page visits and email viewing. Information collected may include limited personal information, such as name, email address and universal ID.

  • Mobile device identifiers and SDKs:

    • Shipt collects information from its mobile application users through deployment of mobile SDKs. A mobile SDK is the mobile app version of a web beacon. The SDK is a bit of computer code that app developers can include in their apps to enable ads to be shown, data to be collected, and related services or analytics to be performed.

  • Analytics:

    • Our Technology Services may also use third-party analytics tools such as Google Analytics. Analytics are used to create reports and statistics on the performance of our website and present you with content tailored to your interests. Analytics can be used to collect information such as IP address, type of device, operating system, referring URLs, country information, date and time of page visits, and which pages you visit the most. You can find more information about how data is collected and processed in connection with the Google Analytics service. You can adjust your Google Ad Settings. You can also read Google’s privacy notice.

Personal Information and non-Personal Information may be linked together and once linked, may identify an individual person. If we do combine non-Personal Information with Personal Information, the combined information will be treated as Personal Information for as long as it remains combined.

Aggregate or Anonymized Data

In each case above, we may aggregate or anonymize the foregoing types of information in support of legitimate business purposes such that they are no longer capable of identifying you. In that event, the information is no longer considered “Personal Information” and may be used for any purpose consistent with applicable law.

When using deidentified data, Shipt does not attempt to reidentify the data. We may use and disclose deidentified or aggregated data to any third party without restriction, as permitted by applicable law. We may use and disclose non-Personal Information for any purpose without restriction.

Public Data

Shipt may collect data about you that we have a reasonable basis to believe is lawfully made available to the general public by you. We do not consider such data to be “Personal Information” and may use such data for any purpose consistent with applicable law.

How Personal Information is Used

Shipt (or service providers acting on our behalf) may use Personal Information to:

  • Manage all parts of the sign up administration process such as interviewing, verifying references, selecting and onboarding Shoppers and conducting background check investigations.

  • Manage the Shopper relationship with Shipt from the sign up process through termination.

  • Communicate with Shoppers and prospective Shoppers, including communications that may be made via third-party chat functionality on our website or mobile applications.

  • Provide you with access to our Technology Services.

  • Administer pay.

  • Provide you access to perks offered to you or that you signed up for.

  • Perform and record certifications.

  • Verify your location to connect you with shopping and delivery opportunities in your area and track the progress and completion of the delivery.

  • Facilitate communication between Members and Shoppers concerning order and delivery details and status updates.

  • Send service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by Shoppers, with such messages being conveyed via telephone, SMS, email, and other electronic message channels.

  • Conduct research and analysis, including focus groups and surveys.

  • Maintain, improve and optimize our Technology Services as well as develop new features and functionality for the Technology Services through research, development, analytics and business intelligence.

  • Ensure compliance with Shipt’s requirements, policies and procedures.

  • Process Shopper-related claims.

  • Conduct investigations, including in connection with Shipt’s legal obligations and regulatory requirements.

  • Engage in advertising and site/application analytics, including by collecting and storing information from cookies, pixels, tags, and similar technologies when you interact with our Services or the services offered by our partners and third-party advertising platforms.

    • We may use your Personal Information in connection with certain technologies to deliver or help our partners deliver interest-based advertising (also known as behavioral advertising) through mobile applications and browsers based on how you browse and shop online.

    • If you’d like to opt out of ads tailored to you in this way, please follow the instructions in the “Your Choices” section below.

  • Manage network security, which includes disaster recovery and business continuity.

  • Prevent fraud, theft, violations of this Notice and misuse of our Technology Services.

  • Comply with privacy laws, information security requirements and other legal requirements.

  • Please note further instances of Personal Information use may be set forth in the applicable agreement between each Shopper and Shipt.

How and to Whom Personal Information is Disclosed

Parent Companies, Subsidiaries and Affiliates

Shipt may disclose Personal Information within Shipt, its parent companies, affiliates and subsidiaries.

Within Shipt

Shipt allows access to Personal Information of Shoppers and prospective Shoppers to people within Shipt who have a “need to know” that information to manage the shopper relationship and for other legitimate business purposes.

Service Providers

We disclose Personal Information to companies or individuals that provide us or you with services. These service providers provide services such as background checks and office security. We may also disclose your Personal Information to our IT and system administration providers, cloud hosting providers, software providers (including those vendors providing chat functionalities and features for our websites and mobile applications), and payroll processors. We may disclose your Personal Information to our professional advisors, such as lawyers, accountants, and other similar advisors. Service providers can only process Personal Information as instructed by Shipt.

Members and Retail Partners

To facilitate shops and deliveries, we may provide information such as your contact information, vehicle information, location information, ratings and other information to Members and Retail Partners.

Shipt may also disclose your contact information to our Retail Partners, in connection with providing customer service, addressing any concerns raised by you, a Member, or a Retail Partner, or otherwise assisting the Retail Partner in investigating any illegal or unauthorized activity occurring in its stores or in connection with Shipt’s services. Shipt may also disclose your Personal Information to our Retail Partners as part of our agreement with the Retail Partner. Please review the “Your Choices” section of this Notice to learn more about what rights you may have with respect to the disclosure of your Personal Information to our Retail Partners.

Business Transition

In the event that Shipt, or any portion of our assets or business, are acquired, sold, merged, or transferred, whether as a result of or in the event of an acquisition, divestiture, reorganization, restructuring, or dissolution, or as a going concern or as a part of bankruptcy, liquidation, or similar proceeding, or otherwise, Shipt will disclose Personal Information to the company involved to complete the business transition, including at the negotiation stage and including where the Personal Information is among the assets being transferred.

Applications and Tools

We offer tools, widgets and applications on our website such as search engine functionalities, that are powered by third parties. If you use those applications or tools, any Personal Information that you provide will be disclosed to the third party that provides that functionality. The third party’s use of that Personal Information is subject to their Privacy Notice.

Law Enforcement

We may report to law enforcement agencies any activities that we reasonably believe to be unlawful, or that we reasonably believe will aid a law enforcement investigation into unlawful activity. In addition, we reserve the right to release your Personal Information to law enforcement agencies if we determine, in our sole judgment, that either you have violated our policies, or the release of your Personal Information will protect the rights, property or safety of Shipt, or another person.

Legal Process

We may disclose your Personal Information to others as required or permitted by law. This includes sharing your Personal Information with governmental entities or third parties in response to subpoenas, court orders, other legal process, or as we believe is necessary to comply with applicable laws, to exercise our legal rights, to defend against legal claims that have been brought against us, or to defend against possible legal claims that we determine in our sole discretion might be brought against us.

With Your Consent

We will disclose Personal Information when we have your consent or when you have directed us to do so. Please note further instances of Personal Information disclosure may be set forth in the applicable agreement between each Shopper and Shipt.

How Personal Information is Protected

Shipt uses commercially reasonable administrative, organizational, and physical safeguards designed to protect Personal Information from loss, theft, and unauthorized use, disclosure or modification. Please be aware that no data transmission over the internet is 100% secure. While we strive to protect your Personal Information, we cannot ensure or warranty the security of any information you transmit to us, and you do so at your own risk.

Retention of Personal Information

Shipt will retain your Personal Information for as long as is reasonably necessary to fulfill the purpose for which it was disclosed or as required to comply with legal obligations. The precise periods for which we keep your Personal Information vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or to fulfill the purpose(s) for which the Personal Information was collected. At the end of that period, Shipt will securely delete the Personal Information. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

Geolocation Information/Tracking

As indicated above, to provide services as a Shopper, Shipt requires location tracking for Shoppers using the Shopper Application. Each time you access or use the Shopper Application, we collect the precise geolocation of your device when the Shopper Application is running in the foreground (app open and on screen) or background (app not on screen). This includes when you access the app to check for available offers or otherwise access the app or use the app for any portion of the shopping process. Note, we may also activate these features as your planned work window is approaching for the purpose of ensuring you receive relevant offers for potential deliveries. We use precise geolocation information from Shoppers’ devices to:

  • Present Shoppers with offers for specific deliveries proximate to their location;
  • Coordinate the fulfillment of, and track the progress and completion of, deliveries by Shoppers;
  • Ensure accurate payment for Shoppers’ deliveries;
  • Prevent, detect and combat the fraudulent use of our Services, including preventing the use of our Services by unauthorized Shoppers; and
  • For internal analytics purposes and to improve the Shopper Application’s functionality.

We do not sell Shoppers’ geolocation information or share it for the purposes of cross-contextual behavioral advertising. We retain geolocation information for as long as a Shopper maintains an account with Shipt and for any additional periods necessary for us to comply with our legal obligations. Shoppers may be able to turn off geolocation tracking through the settings in their devices. Doing so, however, will prevent those Shoppers from using the Shopper Application and, thus, providing services as Shoppers.

Biometric Information

Shipt, through third-party service providers, uses technology to collect biometric identifiers or information for the purposes of verifying your identity, your Shopper sign up, your shopper account, and preventing and protecting against fraud. In particular, technology used by Shipt’s service provider analyzes your ID, including the photo on your ID, to verify its authenticity and your identity. Such information is retained for only so long as is necessary to fulfill the initial purpose for collecting or obtaining such information, and in any event, for no more than 3 years from the date of your last interaction with Shipt. Once such period has expired, the information is permanently deleted or destroyed in accordance with Shipt’s retention and security policies.

In connection with your shopper account, you may be provided further notices regarding the collection or storage of biometric identifiers or biometric information and be asked to provide your written release. We recommend you review such notices carefully, as well as any service provider privacy notices made available to you at the time of such notice.

Your Choices

Email Marketing

At any time, you can opt out of marketing emails by clicking on the unsubscribe link in the footer of the marketing email. You may still receive operational emails related to orders or other service-related emails. In some cases, we may provide an unsubscribe link within an operational email (e.g., surveys).

Online Ad Choices

You may find more information about entities involved in online advertising and additional choices you may make, including opting out of having your information used for Internet-based advertising, through the Network Advertising Initiative (NAI) at the NAI Service, and the Digital Advertising Alliance (DAA) at the DAA consumer choice service. Shipt is a participant in the online industry’s self-regulatory program administered by the DAA and has agreed to adhere to the DAA’s principles applicable to interest-based ads. The tools provided at the DAA opt out page and the NAI opt out page are provided by third parties, not Shipt. Shipt does not control or operate these tools, or the choices advertisers and others provide through these tools.

Analytics

Analytics services such as Google Analytics provide services that analyze information regarding visits to our websites and mobile apps. They use cookies, web beacons and other tracking mechanisms to collect this information. Learn more about Google's privacy practices, or to opt out of Google Analytics, install the Google Analytics Opt-out Browser Ad-on.

Jurisdiction-specific Choices

Choices relating to the rights afforded consumers under the California Consumer Privacy Act (CCPA) are described in the “Information for California Residents” section below.

Declining to Provide Information

You can choose not to provide us with information we may request from you, including in connection with your Shopper application, Shopper engagement, or use of the Technology Services, but that may result in you being unable to perform your duties as a Shopper and use our Technology Services in full.

Shipt’s platforms, including its website and mobile apps, may contain links to webpages created by parties other than Shipt. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links does not imply any endorsement of the material on such websites or any association with their operators. These websites and services may have their own privacy notices, which the user will be subject to upon linking to the third party’s website. Shipt strongly recommends that users review the third party’s terms and conditions and privacy policies.

Do Not Track Disclosure

Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not respond to “do not track” signals.

Information for California Residents

This section supplements the other information in this Notice and applies solely to “consumers” as defined by the California Consumer Privacy Act of 2018, as amended from time to time, and its related regulations (the “CCPA”). Specifically, this Notice applies to our processing activity when we are acting as a “business” under the CCPA—meaning that we control the purposes and means of processing your personal information. This section explains Shipt’s collection, processing, and disclosure of “personal information” (as defined by the CCPA) relating to California consumers in their capacities as Shoppers at Shipt.

As defined by the CCPA, “personal information” includes any information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include information:

  • That is lawfully made available from government records.

  • That Shipt has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media, or by the consumer.

  • Made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience.

  • That is lawfully obtained, truthful information that is a matter of public concern.

  • That is deidentified or aggregate consumer information.

  • Excluded from the CCPA’s scope, personal information is covered by certain sector-specific privacy laws such as the Fair Credit Reporting Act.

In the past 12 months, Shipt has collected the following categories of personal information from consumers and disclosed such information to the following categories of third parties for the business purposes further described below.

Categories of PI Collected Examples Categories of Third Parties to Whom Disclosed
Identifiers Real name, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

  • Service providers conducting background checks or assisting with the sign up process

  • IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants

  • Online analytics and marketing/advertising service providers and third-party marketing platforms

  • Financial institutions and payment processors

  • Shopper support contact centers

  • Professional advisors (accountants, lawyers, and auditors)

  • Retail Partners who use our services

  • Members receiving deliveries
Internet or other similar network activity Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

  • IT and cloud/hosting service providers

  • Online analytics and marketing/advertising service providers

  • Retail Partners who use our services
Personal information types listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, or employment information.

  • Service providers conducting background checks or assisting with the sign up process

  • IT and cloud/hosting service providers, such as our email providers, business application providers, hosting providers, managed services providers, and IT consultants

  • Online analytics and marketing/advertising service providers

  • Professional advisors (accountants, lawyers, and auditors)

  • Retail Partners who use our services

  • Members receiving deliveries
Sensory data Audio recordings, voicemail, or similar information.

  • IT and cloud/hosting service providers, such as our email providers, business application providers, hosting providers, and telephone communication providers

  • Retail Partners who use our services
Legally protected classification characteristics Race, color, national origin, citizenship, marital status, sex, age (40 years or older), gender

  • Service providers conducting background checks or assisting with the sign up process

  • IT and cloud/hosting service providers, such as our email providers, business application providers, hosting providers, and telephone communication providers

  • Professional advisors (lawyers and auditors)
Geolocation information Information regarding physical location, movement, and movement patterns.

  • IT and cloud/hosting service providers
Professional or employment-related information Prior employment history, performance information, resume or similar information

  • Service providers conducting background checks or assisting with the sign up process

  • IT and cloud/hosting service providers, such as our email providers, business application providers, managed services providers and IT consultants

Please note that we may also use, disclose, or transfer your information in connection with the sale, merger, dissolution, restructuring, divestiture, or acquisition of our company or its assets. We may also disclose your personal information in response to a court order, subpoena, search warrant, law, or regulation.

Applicable Retention Periods

Shipt determines the retention period for each category of personal information based on the criteria set forth above in the section titled “Retention of Personal Information.”

How Your Information is Collected

Shipt collects these categories of personal information from the following sources:

  • Direct collection: We collect information directly from you when you choose to provide it to us by filling out forms on our website, mobile application, or Technology Services, completing Shopper sign up, signing up to receive promotional or information communications from us, communicating with us about our Shopper positions, or otherwise directly providing the information to us as described above.

  • Third parties: We collect information about you from third parties who support our sign up efforts, including sign up agencies, vendors that support our performance of background checks and reference checks, and advertising vendors.

  • Indirect and technology-based collection: We also collect certain information from you indirectly when you visit, use, or navigate our Technology Services. Shipt collects certain identifiers (such as IP addresses) and internet and similar network activity (such as website usage data) from you indirectly using cookie, pixels, and passive tracking technologies, as described above.

Purpose for Collecting or Disclosing Personal Information

We collect or disclose the Personal Information we collect for the following business or commercial purposes (as well as any other purposes as set forth in our Notice above).

  • Providing and optimizing your experience on our Technology Services, applications, and website and ensuring that our content is presented to you in the most effective manner.

  • Managing our relationship with you, including processing payments to you for services rendered.

  • Communicating with you, including processing your Shopper sign up, to provide you with communications regarding your role as a Shopper, informing you about new services or features to our Technology Services we are offering, updating you about changes to your role as a Shopper, and investigating any concerns you have about our Technology Services or your deliveries.

  • Developing, updating, and improving our Technology Services, Shopper experience, and potential Shopper marketing efforts, and otherwise improving our knowledge and insights regarding Shoppers and prospective Shoppers.

  • Preventing and detecting fraud, financial crime, hacking activities, security breaches, and other unlawful activities in connection with the Technology Services or our delivery services.

  • Enforcing our agreements with customers and complying with our legal or regulatory obligations.

  • Performing other functions as otherwise described to you at the time of collection or to which you otherwise consent.

Sale of Personal Information

In the past 12 months, Shipt has not sold any Shopper personal information of any category. Likewise, Shipt does not have actual knowledge of any sales of personal information regarding minors under 16 years of age.

Sharing of Personal Information

As noted elsewhere in this Notice, Shipt discloses personal information to its third-party analytics, advertising and marketing vendors to assist such vendors in delivering interest-based advertisements on Shipt’s and others’ behalf to consumers when they interact with various websites or mobile applications. This activity may qualify as a “share”, as defined by the CCPA. Often, the personal information that is shared is collected and disclosed via the use of cookies, pixels, tags, and similar technologies. You can learn more about these technologies in the “Cookies and Similar Technologies” section above.

In the past 12 months, Shipt shared with marketing/advertising service companies, the following categories of Shopper/prospective Shopper personal information for the purposes of cross-context behavioral advertising:

  • Identifiers: First and last name, mailing address, email address, telephone number, Internet Protocol address, online or device identifier (including device ad ID).

  • Internet or other similar network activity: Cart additions, completed purchases, products browsed, ads interacted with, pages clicked on or through.

Shipt shared such personal information for the purposes of allowing such third parties to provide targeted advertising and cross-context behavioral advertising services, including on behalf of Shipt.

Additional information regarding how you may exercise your right to opt-out of the sharing of your personal information is located in the section titled, “How to Exercise Your Rights,” below.

Shipt does not have actual knowledge of any sharing of personal information regarding minors under 16 years of age.

Sensitive Personal Information

Shipt does not collect or process “sensitive personal information” (as defined by the CCPA) for the purposes of inferring characteristics about California consumers. For example, Shipt does not collect or process geolocation information for the purposes of inferring characteristics about California consumers. Accordingly, Shipt treats any such information as “personal information” consistent with applicable provisions of the CCPA.

How to Exercise Your Rights

The CCPA provides California residents with the following rights relating to their personal information, subject to certain exceptions:

  • Access/Data Portability: the right to request access to the personal information that Shipt collects, uses, discloses, sells, or shares (including that personal information collected and used in the past 12 months) and the right to request that we provide copies of the specific pieces of personal information we collected about you.

    • If a verifiable consumer request is made, and subject to any exceptions or limitations under the CCPA, we will take steps to deliver the personal information to you electronically in a portable and readily useable format, to the extent technically feasible. Consistent with the CCPA and our interest in the security of your personal information, we will not provide copies of sensitive personal information we may receive from you (e.g., driver’s license number, other government-issued identification number, financial account number, account password, or security questions or answers) in response to a CCPA request, to the extent any of those items are in our possession.

  • Deletion: the right to request that Shipt delete personal information we have collected from you subject to certain exceptions permissible by the applicable law.

    • We may retain an archived copy of your records as permitted or required by law.

  • Do Not Sell: the right to request that Shipt opt you out of the sale of your personal information. Because Shipt does not engage in this activity with the personal information it collects about you as a Shopper, this right is not available.

  • Do not Share: the right to request that Shipt opt you out of the sharing of your personal information for the purposes of cross-context behavioral advertising

  • Correction: if we maintain inaccurate personal information about you, the right to request that Shipt correct that inaccurate personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.

How to Submit a Request

You can submit a request using the methods listed below:

Process Used for Do Not Share My Personal Information Requests

To exercise your right to opt-out of the sharing of your personal information, you—or someone authorized to act on your behalf—must submit a request to us by contacting Shipt at 877-557-1484 or shopper.privacyrequest@shipt.com.

The CCPA requires us to comply with a consumer request to opt-out of sharing as soon as feasibly possible, but no later than fifteen (15) business days from the date the request is received. No verification is required; however, we may deny a request to opt-out of sharing if we have a good-faith, reasonable, and documented belief that the request is fraudulent. In the event we deny a request for this reason, we will inform the consumer that we are not complying with the request and provide an explanation of why we believe the request is fraudulent.

Requests may be made using an authorized agent, if the consumer provides the agent with written permission signed by the consumer to act on the consumer’s behalf. We may deny a request if the applicable agent does not submit proof that it has been authorized by the consumer to act on the consumer’s behalf.

Once a consumer makes an opt-out request, we will honor such request for at least twelve (12) months before asking the consumer to reauthorize personal information sharing.

Additionally, if a consumer initiates a transaction or attempts to use a product or service that requires the sharing of the consumer’s personal information, we may inform the consumer that the transaction, product or service requires the sharing of the consumer’s personal information and provide the consumer instructions on how to opt-in to sharing.

Process for an Access/Data Portability, Deletion or Correction Request

You will be required to provide at least 4 pieces of information which may include your name, mailing address, email address and phone number. Shipt will use this information to search our systems and determine if we have information about you. If we are able to locate information about you, we will fulfill your request. If we are not able to match the 4 pieces of information you submit, we may only be able to provide you with a report that includes the categories of personal information we collect, use, or disclose.

A link to your access report will be sent to you by email, which will be sent to the email address you provided at the time you submitted your request.

If you are an authorized agent, you will be required to submit your name, mailing address, email address and phone number as well as the name, mailing address, email address and phone number of the individual you are making a request on behalf of. Shipt will use the individual’s information to search our systems and determine if we have information about the individual. If we are able to locate the information about the individual, we will fulfill the request. As an authorized agent you will receive an email confirming that we received the request along with a second email asking you to fill out a certification form confirming your information and certifying that you have the right to make this request on behalf of the individual. Once the report is ready, it will be sent to the email address you have given us.

The CCPA requires us to respond to a verifiable consumer request within forty-five (45) days of its receipt; however, we may extend that period by an additional 45 days. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our written response via e-mail. Any disclosures we provide will only cover the twelve (12)-month period preceding the receipt of the verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. You may only make a verifiable consumer request for access twice within a twelve (12)-month period, provided that you may request disclosure beyond the 12-month period as permitted by the CCPA. We will not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing the request.

Our Commitment Not to Discriminate

We will not discriminate or retaliate against a Shopper for exercising their rights under the CCPA, including by denying you benefits or services that we make available or providing a different level or quality of services or benefits.

How to Contact Shipt

If you have questions about this Notice, you can contact us in one of the following ways:

Send an email to: privacy@shipt.com

Write to:

Shipt

Attn: Legal Department

420 20th St. N, Suite 100

Birmingham, AL 35203

Changes to this Privacy Notice

Shipt will update this Notice periodically to reflect changes to our privacy practices. We will provide notice online when we make any material changes to this notice.