Loyalty Programs Are Quietly Profiling You. Here's What They Actually Know.
Kroger, Target, CVS, airlines, and credit-card rewards programs are explicit data exchanges. Here's what they collect, who they share with, and how to opt out.
In 2012, a New York Times Magazine story by Charles Duhigg revealed that Target had built an algorithm to identify pregnant shoppers from their purchase patterns — and assign each one a "pregnancy prediction score" accurate enough to estimate the due date (Predictive Analytics World). Fourteen years later, that story is still the canonical example of what loyalty programs actually do, because the underlying machinery has only gotten more sophisticated. Today, Kroger's data subsidiary 84.51° turns shopper data into a retail media network that "closes the loop between media exposure and store sales" (Kroger Precision Marketing). The discount is real. So is the trade.
One-sentence answer: Every major loyalty program is an explicit exchange — small discounts in return for your full purchase history, which gets used for targeted advertising and, in most cases, sold or shared with marketing partners and data brokers.
TL;DR
- Loyalty programs collect every transaction, link it to your phone or email, and use it to build a behavioral profile.
- Grocery and pharmacy chains run retail media networks that sell ad targeting based on your purchases.
- Airlines and hotels share frequent-flyer data with partner brands and, in some cases, government agencies.
- Credit-card rewards are loyalty programs in disguise — issuers and networks sell aggregated transaction data.
- You can usually keep the rewards and opt out of the sharing — but each program's process is different.
The deal you signed without reading it
When you swipe your Kroger card, you're not just buying groceries. You're handing Kroger a structured event: SKU, quantity, price, time, store, payment type, and your loyalty ID, which links the receipt to your name, address, phone, email, and history of every previous receipt. Kroger Precision Marketing, run by subsidiary 84.51°, packages those signals and sells targeted advertising back to the CPG brands whose products sit on Kroger's shelves. Per Kroger, KPM is "built to accelerate brand growth through smarter audiences, real-time optimizations, and transparent insights."
Translated: your toothpaste choice this week becomes ad inventory next week.
This is true at varying intensities across every major loyalty program. Some sell aggregated, deidentified data. Some share specific behaviors with named partners. Almost all use the data for in-house targeting at minimum, and most build segments they can rent to advertisers.
It's not a hack. It's the product. The card is the deal.
What each major program actually does with your data
Grocery
| Program | What they collect | Notable use |
|---|---|---|
| Kroger Plus / Boost | Every transaction, household, life-stage signals | 84.51° / KPM resells targeting to CPG brands |
| Albertsons For U | Transactions, online orders, app behavior | Albertsons Media Collective retail-media network |
| Safeway / Vons (Albertsons-owned) | Same as above | Same |
| Whole Foods (via Amazon) | Transactions, app behavior, Prime linkage | Fed into Amazon Ads ecosystem |
Big-box and pharmacy
| Program | What they collect | Notable use |
|---|---|---|
| Target Circle | Transactions, browsing, email, phone, birthdate, household | Target uses purchase history for "behavioral profiling" — explicitly building audience segments for on- and off-Target ads (Target privacy policy) |
| CVS ExtraCare | Prescription + retail purchases; ~78M active members | If you've enrolled, you've signed a waiver allowing certain pharmacy data uses beyond HIPAA's default — and CVS shares with service providers and partners under its privacy policy |
| Walgreens myWalgreens | ~100M members; retail + pharmacy transactions | Walgreens launched a retail media network in 2021 with the loyalty program at its core (Marketing Dive) |
Travel
| Program | What they collect | Notable use |
|---|---|---|
| Airline frequent flyer (AAdvantage, SkyMiles, MileagePlus, Rapid Rewards) | Every flight, payment method, partner activity | Shared with SkyMiles/AAdvantage partners; Airlines Reporting Corporation (jointly owned by Delta, American, United and others) runs a Travel Intelligence Program that's been selling passenger data to government agencies including CBP and ICE since 2024 (CyberGuy) |
| Hotel rewards (Marriott Bonvoy, Hilton Honors, IHG, Hyatt) | Stays, room preferences, partner spend | Shared with marketing partners, credit-card co-brand partners |
Credit cards
Card-linked rewards are loyalty programs you don't think of as loyalty programs. Issuers (Chase, Amex, Capital One, Citi) and networks (Visa, Mastercard) generate enormous aggregated transaction datasets. They share with payment processors, fraud-prevention services, analytics vendors, and in some cases marketing partners or data brokers (Cash Reasons).
Under the Gramm-Leach-Bliley Act, financial institutions must disclose information sharing and offer an opt-out for sharing with non-affiliated third parties — but the default is share-unless-you-act. The opt-out exists; it's usually buried in the annual privacy notice you didn't read.
The Target pregnancy story — why it still matters
The 2012 NYT story has been somewhat mythologized. Eric Siegel of Predictive Analytics World has pointed out that the famous "father confronts Target manager about teen daughter" anecdote was likely embellished, and Target itself started mixing pregnancy coupons with random products specifically to avoid looking creepy (KDnuggets).
But the underlying algorithm was real. Target statistician Andrew Pole built it. It worked. It assigned every shopper a pregnancy-prediction score and estimated due dates from purchase shifts (unscented lotion, certain supplements, cotton balls) before customers told anyone.
The reason the story still matters in 2026 is that the basic capability — inferring deeply personal life events from routine purchase patterns — is now standard across the industry, not extraordinary. Pregnancy, divorce, job loss, recovery from addiction, new medical diagnosis: all of these have purchase signatures. Whoever holds the loyalty data can see them.
Why this is a privacy problem, not just an ad problem
Most loyalty data lives inside the retailer's walls — which would be tolerable if it stayed there. It doesn't, reliably.
- Retail media networks explicitly resell targeting on loyalty data. Kroger's 84.51° works with the largest CPG brands in America.
- Identity graphs (LiveRamp, Acxiom) ingest loyalty signals as inputs to cross-device matching, then sell those matches into the broader ad ecosystem.
- Co-brand partners (the airline + credit-card combos) share data both directions.
- Government access — as the airline ARC story shows, even when there's no public sale, agencies can buy access to "commercial" databases that wouldn't be available without a warrant otherwise.
This is the same pattern we keep coming back to in our pillar piece on why the link between your leaks is the real risk: the harm isn't any single purchase you made, it's the merging.
A single purchase pattern is benign. The joined profile across grocery, pharmacy, airline, hotel, and card is a remarkably detailed picture of your life — health, family, travel, income, habits. Once it's joined, it can be subpoenaed, hacked, leaked, or simply rented to whoever pays. That's the structural risk.
The same logic applies to "free" tools — see our breakdown of how free VPNs sell your browsing data. Anytime a service is unusually cheap or free, you should look for the data trade.
Is the discount worth it?
Honestly: sometimes yes, often no.
Probably worth it:
- Grocery loyalty if you shop one chain religiously and use the gas points (Kroger's fuel rewards alone can be $50+/month of value for a family).
- Hotel/airline status if you actually travel enough to hit thresholds — the perks (free bags, lounge, upgrades) often outweigh the data trade.
- Credit-card rewards on cards you'd use anyway, where the rewards are 2%+ and you pay in full.
Probably not worth it:
- Programs you joined because the cashier asked, where you redeem nothing.
- Pharmacy programs that link your medication data to your retail data when you don't actually save much.
- Niche merchant rewards programs that just exist to collect emails.
Audit your wallet. Drop the ones that aren't paying you back enough to justify the data flow.
How to opt out while keeping the rewards
For most programs, you can stay enrolled AND opt out of data sharing with third parties for marketing. The process varies:
| Program | Opt-out path |
|---|---|
| Kroger | Account → Privacy Preferences → "Do Not Sell or Share" |
| Target Circle | target.com/guest-privacy → privacy choices form |
| CVS ExtraCare | Account preferences → marketing communications opt-out |
| Walgreens | myWalgreens → Communication Preferences |
| Airlines (Delta/American/United) | Account → Privacy → opt out of marketing emails and partner sharing |
| Credit cards | Annual privacy notice → mail-in or online form to opt out of "non-affiliate sharing" |
Caveats apply: these opt-outs typically only stop marketing sharing. Operational sharing (fraud detection, fulfillment, regulatory reporting) continues. And in many cases the program still uses your data internally for in-house targeting.
What you can do today
- Audit which loyalty programs you actually use. If you haven't redeemed in 12 months, unsubscribe and delete the account where possible.
- For the ones you keep, file the marketing opt-out. Use the table above. Five minutes per program.
- Use a dedicated email for loyalty signups. An alias breaks the join key between your shopping data and the rest of your identity. At minimum, use one specific email for all loyalty programs, not your primary inbox.
- Pay with a card that lets you opt out of "non-affiliate sharing." Most major issuers offer this; Chase and Amex both have an opt-out in their annual privacy notice.
- For airline travel, know that frequent-flyer enrollment doesn't change the underlying ARC sharing. That's an industry-level issue, not one you can opt out of at the program level.
If you want the broader context on the industry pulling these strings, our primer on what a data broker is walks through how loyalty signals become commercial profiles.
The CTA
Loyalty programs aren't the worst privacy offender on the internet — they're at least transparent about the trade. But the cumulative profile they build is enormous, and once it's joined with everything else, it becomes part of your data broker file. If this post made you uncomfortable, good. The fix is at leakcheckme.com.
Sources
- Predictive Analytics World — Did Target Really Predict a Teen's Pregnancy? The Inside Story
- Kroger Precision Marketing — KPM at CES 2025
- Target — Privacy Policy
- Marketing Dive — Walgreens debuts retail media network
- CyberGuy — Airlines selling passenger data to Homeland Security
- Cash Reasons — Credit card data sharing
- KDnuggets — Did Target Really Predict a Teen's Pregnancy?