WalmartOne Privacy Notice

12 February 2020

At Asda we recognize the value of our colleagues. Therefore, we place great importance in managing your information in accordance with our basic belief of respect for the individual.

This notice applies to all users of WalmartOne and describes the collection, use, and sharing of information on WalmartOne as well as the choices you have with respect to your information. Read this notice in conjunction with Asda’s Colleague Privacy Notice and Collaboration Tools Notice available on WalmartOne.  

What is Personal Information?

Personal Information (also known as personal data) is any information that identifies someone and any information that relates to that identified person. For example, if you are an Asda Colleague, your name and email address are information that identifies you, and your length or service is information that relates to you

Who is the Controller of your Personal Information?

The Controller of your Personal Information is Asda Stores Limited (with registered address at Asda House, Great Wilson Street, Leeds, LS11 5AD) unless we tell you otherwise. Contact Us for details on how to contact our Data Protection Officer if you have any questions or concerns about our handling of your Personal Information, or if you wish to make a complaint

What Personal Information do we collect about you and how do we use it?

Processing Purpose

Categories of Personal Information

Legal Basis for Processing

Registering your account and enabling your access

-          Name

-          Email Address

-          User credentials

Necessary for performance of the contract between you and us.

Enabling business communications & engagement through WalmartOne

-          Messages, comments, feedback, opinions or other content you provide

Your Consent


Online identifiers for analytics purposes, to help us understand our colleagues better, to find out more about the kind of things they like or are not so keen on and help the improvement of services, websites and communications.

-          IP address

-          device ID

-          session ID

-          cookie information


To meet our legitimate interests to run our business effectively by understanding how you are using our products and services and interacting with our communications and how to improve this offering


Collection of online identifiers such as your interaction history and website feedback to maintain, develop and test our computer systems

Online identifiers such as:

-          Interaction history

-          Website feedback


To meet our legitimate interests to run our business effectively by ensuring our colleagues get the best experience online

WalmartOne also gives you access to a secure online portal where you can manage the information held by Asda on your colleague record – for more information on the ways Asda uses your information to manage your employment please see the colleague Privacy Notices on WalmartOne

Where do we collect your Personal Information from?

We collect nearly all the Personal Information on WalmartOne directly from you, based on information held on your colleague record (such as your name), from your application to work with us, or from updates to your colleague record which you have made. 


Who do we share it with?

We have controls to limit access to your Personal Information to:

a)       Individual colleagues who need it to do their job, such as managing your WalmartOne account.

b)      Business partners and our parent company Walmart Inc., who need it to provide services to us, such as maintaining our computer systems, website & tools, or who deliver this process on our behalf.  

Information you post to WalmartOne will be visible to all WalmartOne users, including Walmart employees and contractors. Please see our Policy on Collaboration Tools, the WalmartOne Terms of Use and Community Guidelines for guidance on the type of information you may choose to post.  

If requested, and where it is required or permitted by law, we may provide Information to:

a)       Official bodies, such as government agencies, local authorities, regulators and the police, who are authorised to request Information where it is necessary for their lawful purposes;

b)      Asda’s advisers, including lawyers, insurers, accountants and auditors;

c)       Other organisations such as law firms or insurance companies acting on behalf of individuals, who may request evidence containing Personal Information, to support a claim.


Where is your Personal Information kept, processed and accessed from?

Some of our computer systems, including our websites, are operated by our parent company Walmart Inc. in the United States or by other companies contracted to provide services to Asda that operate in countries outside the UK or EU. So some of your Personal Information is stored and processed overseas, in the following countries: United States of America (USA), India and Turkey.

Because the law in some of these countries does not provide the same level of protection as UK and EU law, we put in place data transfer agreements (which are considered appropriate safeguards) with Walmart and each company that processes Personal Information outside of the UK.

These agreements require that, wherever your Personal Information is held, it is protected to the same high standard as required by law in the UK. You can request a copy of a data transfer agreement from our Data Protection Officer by emailing us at

How long will we keep your Personal Information for?

Information on WalmartOne is regularly refreshed and information which is no longer relevant or required is regularly deleted. Your personal information relating to your employment will be kept for no longer than 7 years beyond the end of your employment with us unless otherwise stated. 


How do we protect and secure your Personal Information?

We use security measures, including physical, administrative, and technical safeguards to protect the confidentiality of your Personal Information. These measures include encryption, security certificates, access controls, information security technologies, policies, procedures and other information security measures to help protect your Information.

When designing or implementing new computer systems and processes we look at ways to identify and mitigate potential security risks and then monitor and test our security systems to help protect your Personal Information.

How can I exercise my Privacy Rights?

This Privacy Notice tells you all about how we collect and process your Personal Information, and why we are allowed to do so. If you want to know more about your Privacy Rights and how to make a Rights Request, get in touch with the Privacy Team at