​Coles flybuys and Woolworths rewards programs under privacy scrutiny

Australia’s Privacy watchdog has released a new report recommending both Coles and Woolworths make enhancements to their customer loyalty programs to ensure consumers’ personal information is looked after appropriately.

Privacy Commissioner, Timothy Pilgrim, released two privacy assessment reports this week on the loyalty programs of grocery giants, looking at whether they’re being handled in accordance with the Privacy Act.

While the Coles’ flybuys assessment indicated that the supermarket giant fosters a privacy aware culture and treats personal information as a valuable business asset, the report suggested it could improve the navigability of its privacy policy by using a layered approach to assist an individual’s understanding of the information in the policy.

This means providing a condensed version of the full policy to outline key information, with direct links to the more detailed information in the full policy.

And while assessors considered the flybuys privacy policy is generally clearly expressed, they suggested the program should provide greater detail around the meaning of some broad terms such as ‘identification information’, ‘household details’, ‘information service providers’ and the circumstances in which it ‘exchanges’ and ‘combines’ personal information with partner entities.

On top of this, the report recommended flybuys update its privacy policy to include information about how it will deal with a privacy complaint, the handling process, and the reasonable response time a customer would expect.

The Woolworths’ rewards program was also found to be generally compliant with privacy requirements, but assessors recommended the supermarket consider layering the terms and conditions by providing a condensed or summary version of key matters, with a link to more detailed information. The navigability of the terms and conditions could also be improved by including a hyperlinked table of contents to assist individuals locate relevant information, the report found.

Woolworths was also advised to make the rewards program's privacy-related information more prominent by featuring this section earlier in the terms and conditions, separating the privacy related information from the broader terms and conditions and providing as a separate document at the point of registration.

Pilgrim said it was encouraging to see Coles’ flybuys and Woolworths Rewards each had appropriate privacy notices consistent with their practices. However, he noted it’s important all Australians understand the bargain we strike with a retailer when we join a loyalty program.

“There’s no such thing as a free lunch, nor a free flight,” he said. “The data that loyalty programs collect is valuable and personal. So in this case, there is a price for the rewards from these programs.”

While details collected in these programs might seem insignificant on their own, when merged together they paint a picture of who we are, what we do and how we behave.

“This information is worth a lot to organisations,” Pilgrim said. “It’s important we understand the terms of the programs we join — especially what privacy protections they include.

“I’d ask Australians to think about how many loyalty cards they have right now, and ask themselves if they know what can happen to the personal information they have handed over to get the card. A way of knowing this is to read privacy policies before signing up so you can make an informed decision about what will happen to your personal information.

Loyalty programs are increasing in popularity, with Pilgrim highlighting a study by First Point Research and Consulting revealing 88 per cent of Australians are now a member of some form of program that rewards individuals for their purchases, while in return retailers collect data about individual buying habits.

Following the assessment of Coles and Woolworths, the OAIC will be assessing several other popular loyalty programs in Australia in the coming year.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, join us on Facebook: https://www.facebook.com/CMOAustralia, or check us out on Google+: google.com/+CmoAu