Skip to content
Inherent Privacy Logo Inherent Privacy

Delivery Services

Introduction

Food and package delivery services have become ubiquitous since the rise of smartphones in the late 2000s. While these platforms offer convenience by connecting us with restaurants, stores, and couriers, they also collect extensive data about our locations, eating habits, shopping patterns, and payment information. This data collection has expanded significantly, especially since the COVID-19 pandemic increased our reliance on delivery services.

Providers

DoorDash

The leading food delivery platform tracks extensive user data, including order history, location, and device information. In 2019, DoorDash experienced a data breach affecting 4.9 million users, exposing names, addresses, and partial payment information. The company’s privacy policy allows broad data sharing with marketing partners.

Uber Eats

As part of Uber’s ecosystem, Uber Eats combines delivery data with ride-sharing information to build comprehensive user profiles. In 2021, researchers found that the app tracked user location even when not actively ordering, though this was later modified after public criticism.

Instacart

The grocery delivery service collects detailed shopping habits and dietary preferences. In 2020, reports emerged of scraped Instacart customer data being sold on dark web markets, highlighting the risks of extensive data collection. The platform shares user data with retailers and advertisers for targeted marketing.

Amazon Fresh/Whole Foods

Amazon’s delivery services integrate shopping data with their broader ecosystem. The company combines delivery preferences, purchase history, and Alexa interactions to create detailed customer profiles, raising concerns about the scope of data collection and use.

Recommendations

  1. Use guest checkout when possible to minimize stored data
  2. Limit the number of saved addresses and payment methods
  3. Regularly review and delete order history
  4. Be cautious about linking accounts with other services
  5. Use privacy-focused payment methods when available
  6. Consider using different services for different types of deliveries

Actions

  • Review privacy settings on all delivery service accounts
  • Delete saved addresses you no longer use
  • Clear old order history and saved items
  • Remove unused payment methods
  • Enable two-factor authentication on accounts
  • Opt out of marketing and data sharing where possible
  • Review and revoke third-party app access