brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider

Woolworths Group Privacy Policy

brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider brand divider

Woolworths Group Privacy Policy

 

We value your trust and take the protection of your personal information very seriously. This document outlines the way in which we collect, hold, secure, use and share your personal information. We encourage you to read it, so that you are comfortable with what we do with your personal information.

You can also download a copy of our Privacy Policy to view it in a PDF.

If you have any questions regarding its contents, we invite you to contact our Privacy Office, the contact details for which are contained in Section 16 below.

Policy effective: 9 July 2024

Download our Previous policy.

View the Woolworths New Zealand Privacy Policy

 


About Woolworths Group

 

Woolworths Group (referred to as ‘Woolworths’, ‘we’ or ‘us’) includes Woolworths Group Limited ABN 88 000 014 675 and its subsidiaries.

This Privacy Policy applies to all Australian Woolworths Group businesses unless that business has adopted a separate policy. This means that this Privacy Policy applies to Woolworths Supermarkets, Metro, Everyday Rewards, Everyday Insurance, Everyday Mobile, BIG W, Cartology, Healthylife, MILKRUN and Primary Connect. However, MyDeal.com.au, PFD, Quantium and PetStock, for example, maintain their own privacy policies (accessible on their respective websites).

When we use the term “personal information” in this policy, we mean information about an identified individual, or an individual who is reasonably identifiable.

We always want to provide you with the highest level of service, so we collect and hold personal information that helps us to provide the information, goods or services you are using or that you might be looking for. If we do not collect the information, we may not be able to provide these things.

We collect your personal information directly from you when you activate or use our services, interact with us, either in person, over the telephone or electronically (e.g. via websites, apps, social media posts, chats, telephone, emails, SMS and/or push notifications). We may also collect personal information about you from third parties, as described in the ‘Other sources’ section below.

Below are some examples of personal information we may collect from you and how we collect that information:

Everyday Rewards Loyalty program: When you register to participate in Everyday Rewards or when you use your Everyday Rewards Card:

  • your contact details (including your name, email addresses, mobile number and residential and delivery addresses) and date of birth 

  • transaction details

  • information about purchases for which you earn Everyday Rewards points as well as your use of those points.

For more information about how we collect your personal information when you participate in Everyday Rewards, please see the Everyday Collection Notice.

 

Shopping with us: When you shop with us, including online, or browse our websites or apps:

  • your contact details, delivery address, and Everyday Rewards Card number

  • information about your orders and purchases, including what, how, and when you buy from us

  • we may ask for your ID, such as your driver’s licence, if you purchase alcohol or tobacco or other forms of identification so that you can use certain services we provide

  • whether you have taken up or subscribed to any of our offerings such as clubs, subscriptions or loyalty program, and services such as Mobile or Insurance

  • information about your online browsing behaviour on our websites and apps, including promotions you activated, as well as items you have added to your cart

  • information collected and held via our secure financial systems about the payment card and method you use for your purchases from us

  • like many websites, tracking technologies, such as "cookies", are used to obtain certain types of information such as application activities, current location of your device, type and version of your browser, your device ID and other device metrics when you visit our websites, apps or certain third parties’ websites or apps (see Cookies Statement for details). This information helps with functionality of the website or app and allows us to provide our services to you - for example, your device location is relevant to fulfil your Direct to Boot orders

  • images and videos that you post online to facilitate our service provision or sales promotions, for example, when you provide feedback or a review

For more information about what we collect from you when you shop with us, see our Woolworths Collection Notice or the Big W Collection Notice.

 

Participating in promotions: When you contact us or we contact you to take part in competitions, promotions, testimonials, reviews, surveys, focus groups or make other enquiries:

  • your contact details and, where relevant, your Everyday Rewards Card number

  • whether you activated a promotion

  • the content of online communications with you, including competitions, promotions, feedback, reviews, ratings, comments and images included on any of our websites, apps or social media pages or any of our other digital services

  • an electronic copy of the written communication or voice recording of the conversation.

 

At our stores and other sites: When you visit us in person, including for events:

  • your contact details and Everyday Rewards Card number for in-store services such as pick up, home delivery or special orders

  • we may ask for your ID, such as your driver’s licence, if you purchase alcohol or tobacco

  • cameras (including security and team safety cameras) or similar technology may record footage and other data which may identify you

  • your contact details if security or team members are investigating whether you may have breached any store procedures or if you are injured in any one of our stores or are witness to an incident

  • any other information that you provide to us. For example if you choose to leave your details with us for recruitment or other purposes.

For more information about how we collect your personal information when you visit our stores, please see our In Store Technology and You Privacy page.

Other sources: From time to time we may also collect personal information about you from other sources to provide you with the goods and services you want, to help us improve our records, improve the personalisation of our service to you, provide services to third parties such as Endeavour Group (the owner of BWS liquor stores) and detect fraud and scams. For example, we may collect personal information from:

  • Everyday Rewards Partners to facilitate your participation in the Everyday Rewards Program e.g. to convert Everyday Rewards points when you shop at an Everyday Rewards Partner business

  • information service providers to improve data quality. For example we validate addresses with Australia Post to improve your delivery experience
  • financial services and telecommunications organisations for fraud and scam prevention purposes.

Yes, you may provide someone else’s personal information to us, for example,

  • when you purchase a gift for others; or

  • place an order on someone else’s behalf.

You must have their consent beforehand and we may ask you to provide evidence of that consent. You should not provide someone else’s information if you don’t have their consent, or for malicious purposes.

Some of our products and services, like health-related and insurance services, require us to collect (or result in us collecting) your ‘sensitive information’ from you or from other sources. ‘Sensitive information’ is defined in the Privacy Act and includes information like health information. We only collect sensitive information when you provide consent to the collection, or if the collection is permitted by law.

Your personal information is important to us. We design our systems with your security and privacy in mind.

Any personal information we hold is generally stored electronically in computers or cloud systems operated by us or by our service providers. We implement a range of information security measures and encryption protocols when we handle your personal information to help protect it from unauthorised access, loss, misuse or wrongful alteration.

We use security measures such as physical and technical security access controls or other safeguards, information security technologies, policies, procedures and training programs as part of our security processes. 

We also use encryption and hashing methods when handling your payment card details. 

We primarily collect, hold and use your personal information to provide services, or to promote and sell goods and services that you have requested, or which we think may be of interest to you. This may also include products and services provided by third parties. 

We may also collect, hold and use your personal information for:

  • managing your online shopping accounts: to fulfil your online orders and maintain your accounts on our websites and apps

  • managing your Everyday Rewards account: to give you points and rewards for shopping with us, and to provide you customer support when needed

  • communication: to send you offers, other communications and direct marketing that may be of interest to you. This may include email, SMS, in-app messages, push notifications and ads you see on Woolworths’ digital properties and third party websites

  • personalisation and advertising on Woolworths and third party websites: to identify your preferences, to recommend and advertise features, products and services and to personalise your experiences

  • security, safety, investigations and fraud detection: to protect our team members, customers, premises and systems from violent,  malicious or dangerous activity. We may audit and monitor your transactions and verify your identity to detect suspicious activity or to assist in responding to your complaints and to undertake investigations

  • improvement of our services, technologies and customer experience: to test, review and improve the usability, functionality and effectiveness of our systems, products and services, for example by training machine learning models or reviewing call recordings for quality and training purposes

  • corporate services: to allow us to provide services, including recruitment, fraud monitoring and logistics services to specific third parties such as Endeavour Group

  • analysis and reporting: to understand the preferences and shopping patterns of our customers and to produce other insights about our trading performance and that of our suppliers. For example, this may involve grouping customers into segments with other customers who share similar demographics and shopping behaviours and the generation of product and sales insights relevant to various customer segments

  • purposes permitted or required by law.

Like most businesses, we work with third parties so we can provide you with better experiences. This means we may share personal information we hold about you. This may include sharing information:

  • with third parties who work with us to provide you products and services. For example, delivery providers; Everyday Market from Woolworths Partners who need to know your address to fulfil your online orders; insurers who underwrite Everyday Insurance, or Telstra which provides you with your Everyday Mobile service

  • with Everyday Rewards Partners (such as Qantas, Ampol and BWS) to run the Everyday Rewards Program, to correctly allocate your points, and so you can receive personalised offers from us and those partners  

  • for the purpose of marketing and advertising. We use your personal information to show you relevant advertising both from Woolworths Group and on behalf of the suppliers who provide you with grocery and everyday needs products.  For example, to help personalise the ads you see when browsing or on social media, we share certain information with digital platforms like Google and Meta to create audiences with common interests. We then use these groupings to tailor our advertising for Woolworths or our grocery and everyday needs suppliers for a given audience 

  • with related bodies, business units and brands within the Woolworths Group. This is so we can give you a seamless and personalised experience while interacting with the various businesses within the Woolworths Group  

  • with third parties who offer operational and technical services such as expert data companies (to help us and third parties understand our customers and business) or technology and software providers (who support our in-store, online and back-end systems) 

  • for security, safety, investigations, complaints and fraud prevention. We work with financial service businesses and other service providers to help detect and prevent fraud, theft, verify your identity and conduct credit checks when necessary. We also work with police and other retailers to share information relating to an investigation or legal proceedings

  • when we restructure our business. For example if we’re involved in a takeover or merger, or sell any part of our business, we may need to share your personal information as part of the restructure, takeover or merger

  • when permitted or required by law.

When you register to hold an account or become a member of any Woolworths brand or program, we may send you direct marketing messages. We may send you these messages via various channels and media (including by email, SMS, phone, in app and push notifications, chatbot and mail) where you have not opted out of receiving such electronic messages from that Woolworths brand or program in that channel.

You can unsubscribe or opt out of certain marketing messages by:

  • using the unsubscribe facility in an email or SMS; or

  • adjusting your device setting for push notifications; or

  • adjusting your account settings for advertising on certain websites and social media; or

  • updating the communications preferences in your account settings for the relevant Woolworths Group brand or program; or

  • contacting Woolworths Group and letting us know what communications you no longer want to receive. 

Further, details on commercial electronic messages in relation to each Woolworths Group brand or program, including how to unsubscribe and what is considered a service-based communication for that brand or program, are contained within the terms and conditions for the relevant brand or program. It’s important to note that unsubscribing from commercial electronic messages from any one Woolworths Group brand or program will not withdraw your consent to receive messages from other Woolworths Group brands or programs.

Regardless of whether you unsubscribe from any or all commercial electronic messages, you will still receive information we are required by law to provide to you, for example service-based communications.  Each Woolworths Group brand and program sends different service-based communications (such as communications relating to terms and conditions, your account or your orders).

When you apply for a role with the Woolworths Group, we collect the personal information that you provide during that process, including in your application, such as your education and career history. Some roles may also require your health information or a criminal history check. We also collect demographic information, if you choose to provide it, to support our diversity and inclusion goals. This information will be used in relation to your current or future employment with us or contractor engagement with us.

In some cases we work with third parties to assist with certain aspects of the recruitment process, such as candidate assessments, recruitment services, and criminal history checks. Our job advertisements and recruitment processes set out further information about relevant third parties that we work with.

For further information about how Woolworths handles personal information when you apply for a role, see the Woolworths Group Team Member Privacy Notice

Some of our service providers, including data storage and technology service providers, may be located in or use locations outside of Australia.

Where we share personal information overseas, we take steps to ensure that our service providers are obliged to protect this personal information in accordance with Australian legal requirements and that they are only permitted to use personal information for the purpose for which it is shared.

Our service providers or their data storage servers may be located, and may store your personal information from time to time, in a number of countries, including New Zealand, Switzerland, the United Kingdom, United States, India, South Africa, The Philippines and Japan. For practical and security reasons, we can’t provide an exhaustive list of the organisations and locations to which we share personal information.

We may share your personal information overseas for reasons including:

  • where we have made a business decision to engage with a service provider to assist us with certain functions, such as technology and data storage providers

  • for disclosures between our Group companies. Our main business locations are in Australia and New Zealand, but some of our Group companies may be based in other countries from time to time

  • when you are overseas browsing or ordering from our websites in Australia

  • where you are involved with public liability issues, we may share your personal information with our overseas insurer or other supplier of relevant services in the course of managing those issues.

You have a right to request access to the personal information we hold about you. 

However, before we provide you with access to your personal information we may require verification of proof of identity. 

If you would like a copy of the personal information held by us about you, please contact Woolworths Privacy Office using the details shown in Section 16 below.

If you believe that any of your personal information is inaccurate, out of date, incomplete, irrelevant or misleading, you may correct your personal information on your online profile via your online account at any time or contact our Privacy Office. It is your right to have your personal information corrected.

Please contact our Privacy Office. We may ask you to put your complaint in writing and to provide relevant details. 

We will respond to your complaint in a reasonable period of time (usually within 30 days).

If you disagree with our decision, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) (whose contact details are as set out here).

There may be additional privacy notices and terms relevant to you depending on the nature of your dealings with us and on our particular businesses. For example, there are additional privacy terms in Woolworths Group brand’s collection notices (available on their respective websites), loyalty program terms, and terms of use for our websites.

This policy does not apply to the personal information of our team members (employees and contractors) in their capacity as such, other than in the context described in Section 9.

This Privacy Policy is current from 9 July 2024. We may change it periodically. If we propose to change this policy, we will display the proposed policy on www.woolworthsgroup.com.au at least 2 weeks before any change comes into effect.

Read here for a copy of our previous Privacy Policy (that was effective 20 December 2022 to 8 July 2024).

If you have any questions about our Privacy Policy or the way in which we collect, hold, secure, use or share your personal information, please contact us:

Phone: 1300 908 631

Email: privacy@woolworths.com.au

Post: Privacy Office

Woolworths Group Limited

PO Box 8000

BAULKHAM HILLS NSW 2153

More information about privacy law and privacy principles is available from the OAIC and from their website. The OAIC may be contacted using their contact details set out here.