We recently explored how Amazon could use their customer’s data to move offline and open bricks and mortar stores. Below, we turn our attention to in-store loyalty programs and how retailers must comply with the Australian Privacy Principles when collecting their customers’ personal information.

What is a Loyalty Program?

Loosely speaking, a loyalty program as its name suggests is where a business cultivates loyalty by promising rewards to their returning customers. For example, the majority of airlines run frequent flyer programs, and most coffee shops offer a free drink on your tenth purchase. If you’re like me, your wallet is most likely bulging with loyalty cards!

What’s the Price?

There is, however, a trade-off when customers allow retailers to collect their personal information. Companies that collect your data through loyalty programs (i.e. Coles and Woolworths with their Fly Buys and Woolworths Card respectively) can market products to you based on your shopping preferences. Supermarkets use this information to decide what products and how much to stock in your area, and what specials to send you each week via email.

Australian Privacy Principles

With all this data collected, you might have some unanswered questions. What regulates the use of the data these businesses collect? In Australia, the Privacy Act 1998 (Cth) (Act) regulates data collection. In particular, the Australian Privacy Principles (APPs) contained in Schedule 1 of the Act sets out how organisations must deal with your data.

Under APP 1, organisations must be open and transparent about their management of customer’s personal information. This means that an organisation must disclose to its customer the reasons why they are collecting the information and its use. Businesses cannot bury this information in amongst complex terms and conditions. The information must be prominent so the average person can see and understand it. It follows that the more unusual or invasive the data use, the more transparent the organisation must make the details.

Part of transparency involves having an up to date and clearly written privacy policy available for all customers. Your policy should also include any dispute resolution procedures for an alleged breach. APP 2 also refers to the fact that an individual can deal with a company anonymously and gives people the option of dealing with a company using a pseudonym.

Key Takeaways

Undeniably, the marketing landscape is changing. Although we enjoy receiving discounts and our favourite stores tailoring their offerings to what we want, customers are increasingly more aware of their privacy. Ensure that you read the Privacy Policy and understand what data is collected, for what purposes and where it is stored. Also, look to see if you are consenting to a retailer passing on your personal information to a third party for promotional purposes.

If you are a business that collects personal information, take steps to have a clear and comprehensively drafted privacy policy. Importantly, if you have any questions about complying with the APPs and your in-store loyalty program, let our IT lawyers know on 1300 544 755.

Emma Heuston

Next Steps

If you would like further information on any of the topics mentioned in this article, please get in touch using the form on this page.