Instacart Corporate Privacy Policy
Last updated: February 27, 2026
This Corporate & B2B Privacy Policy (“Privacy Policy”) describes how Maplebear Inc. d/b/a Instacart (“Instacart”, “we”, or “us”) collects, uses, and discloses personal information of individuals who interact with Instacart in a business context, such as representatives of retailer partners, advertisers, suppliers, or investors and other business contacts and prospects (collectively, “Business Contacts”, “you” or “your).
This Policy applies globally. It describes your data protection rights, including the right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the “Your Privacy Rights” and “Regional Disclosures” sections.
In this Privacy Policy, “personal information" refers to information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to you.
When this Privacy Policy Applies
This Privacy Policy applies to you when you:
Visit an Instacart website that links to this Privacy Policy (“Site(s)”);
Interact with Instacart as a representative of a company that has (or is considering) a business relationship with Instacart (e.g., you are our customer or our supplier);
Participate in our business development or marketing activities; and
Participate in any other of our offline and business interactions.
Table of Contents
Marketing Communications
Third Party Websites
We may “sell” or “share” personal information as those terms are defined under applicable U.S. state privacy laws. “Sell” and “share” may include disclosing personal information to third parties for monetary or other valuable consideration or for cross-context behavioral advertising purposes. Depending on your jurisdiction, you may opt out of data selling and sharing here.
We do not use or disclose sensitive personal information for the purpose of inferring characteristics about you or for any purpose. To the extent that we use or disclose “sensitive personal information” or "sensitive data" as those terms are defined in applicable privacy laws, we limit our use or disclosure of the sensitive personal information for permitted business purposes. We only use or disclose sensitive personal information as necessary to provide the Sites; resist malicious, deceptive, fraudulent, or illegal actions directed at our business; ensure the physical safety of natural persons; and verify, maintain, and improve the quality of our Sites.
1. Information We Collect
Depending on the nature of your interaction with us, we may collect the following types of personal information from you:
Identification and contact information: name, company affiliation, job title, email, phone number, postal address, online identifiers, Internet Protocol (“IP”) address, social media account handles, and other similar identifiers.
Commercial and transaction information: Instacart services purchased, obtained, considered, or used.
Account information: name, telephone number, email address, and your Entity’s name, address, location, username and password.
Payment information. When you make a payment through the Sites, we may collect payment information from you through a payment service provider in order to facilitate the payment process, including the name on your card, your card number, billing address, expiration date and security code.
Communications data: contents of business correspondence, meeting notes, and chat and customer support interactions, including call recordings where permitted by law.
Information you provide about others. In some cases, you may provide personal information to us about other people within your Entity. When you provide someone else’s personal information to us you are responsible for ensuring that you have permission to share their information with Instacart. You may not provide personal information about children under the age of 18.
Usage and technical information: device identifiers, IP address, browser type, operating system, and analytics data collected through cookies or similar technologies. You can find more information about how we use cookies or similar technologies in our Cookie Statement.
Internet or other electronic network activity information: including browsing history, search history, and information regarding individuals’ interactions with the Sites, emails, chatbots and/or advertisements.
Inferences, meaning inferences drawn from any of the information in the categories listed above to create a profile about individuals reflecting their preferences and/or behavior.
Sensitive personal information, including government identification, account log-in and password information, and location data. We do not intentionally collect special categories of personal information (such as health, racial or ethnic origin, or union membership) from Business Contacts.
Some of the information above may be collected directly from you by service providers and other vendors engaged to provide services on our behalf.
We may also receive personal information about you from third parties, including:
Parties acting on our behalf. We collect personal information about you from certain affiliates and service providers that provide information to help us manage and operate our business.
Third party services. If you log in to the Sites through a third-party service, or if our Site is hosted by a third party, we may receive some information about you and your use of that third-party service.
Instacart partner sites. Partners who have implemented certain Instacart Services on their websites may also let us collect information about your use of their sites or applications or share such information with us.
Other parties. We also may collect or receive information relating to you from:
Partners who assist us in credit checks, sanctioned party screening, fraud prevention or in connection with claims or disputes;
Other individuals if they refer you to our Site;
Partners we engage for for business-to-business contact information verification or updates;
Partners with whom we engage for analytics;
Companies that offer co-branded services or products;
Law enforcement, public health, and other governmental authorities; and
Publicly available sources.
2. How We Use Personal Information
We process personal information for the following purposes:
Conducting our business. We may use your personal information to conduct business with you, such as processing transactions and orders for you, and to provide customer support.
Onboarding. We may use your personal information to onboard and enroll your Entity as a business partner.
Providing and managing the Site. We use your personal information in connection with the provision, administration, and management of the Sites. This includes to register you and provide you, or manage your access to, the materials available on the Site.
Payments. If applicable, to facilitate payment processing in connection with any service or other orders you place through our Sites (excluding Instacart marketplace orders).
Providing you with user support and responding to your inquiries. We use your personal information to respond to your inquiries and assist you in your use of the Sites. We may also use your personal information to communicate with you when you engage with our chat functionality.
Communicating with you. We use your personal information to provide you with relevant information about us or our Sites or to request information or feedback. These communications include sending you updates about the Sites, and communications about changes to this Privacy Policy or other applicable terms and policies.
Marketing our Services. We (and our partners) may use your personal information to send you marketing and promotional materials and communications, and to analyze and measure their effectiveness, and deliver targeted or cross-context behavioral advertising.
Customizing and personalizing the Sites. We use your personal information to help us understand which parts of the Sites and our Services are of most interest to you and customize or personalize your experience.
Identifying usage trends and improving the Sites. We use your personal information to help us (or our service providers and partners) conduct research and analytics about your use of the Sites and identify usage trends. We also use your personal information to identify issues, test new features or changes in our features, to improve Instacart’s Service. and to support advertising, marketing, and audience measurement activities.
Maintaining security and preventing fraud. We use your personal information to (a) help maintain the security and integrity of the Sites, (b) detect, prevent, investigate, and protect you, our business, our users, and others from fraud, unauthorized transactions, and other unsafe activity, and (c) protect the safety, rights, or property of any person, the public, or Instacart.
Satisfying our legal obligations. We use your personal information to comply with applicable laws and regulations, respond to legal process, and/or respond to requests and communications from law enforcement authorities or other government officials.
Facilitating communications between you and our other partners. Only if you choose to, we will use your personal information to connect you with our relevant partners.
Corporate restructuring. We may use your personal information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred.
As otherwise necessary or appropriate. We will use your personal information for other purposes at your direction or with your consent.
3. Information Disclosure
We may disclose your personal information to the categories of recipients listed below.
Affiliates and subsidiaries. We may disclose your personal information to our affiliates and subsidiaries.
Service providers and third-party partners. With service providers and vendors who process information on our behalf under appropriate contracts.
Advertising, marketing, analytics and related partners. We may disclose your personal information to our marketing and other partners who assist with our marketing and related efforts. These disclosures may constitute a “sale” or “sharing” of personal information under applicable U.S. state privacy laws when made for monetary or other valuable consideration or for cross-context behavioral advertising purposes.
In connection with legal matters. We may share your information when we believe that the disclosure is reasonably necessary to comply with applicable laws, regulations, legal processes, or legal requests.
Professional advisers. We may disclose your personal information to manage risks, obtain professional advice, perform investigations, and exercise or defend against legal claims.
Third parties in connection with a sale or business transaction. We may sell or purchase assets during the normal course of business. If another entity acquires us or any of our assets, information that we have collected may be transferred to such entity and its advisors following the transaction. In addition, if any bankruptcy or reorganization proceeding is brought by or against us, information that we hold may be considered an asset of ours and may be sold or transferred to third parties.
We may disclose your personal information for other reasons that we will describe at the time of information collection or prior to sharing your information.
4. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights:
Opt-out of Sale or Sharing - you may opt out by clicking the “Opt-out of cookies” link in our Cookie Banner or by adjusting your Cookie Settings, You may also exercise your opt out rights by enabling a browser-based opt-out preference signal that complies with applicable laws, such as the Global Privacy Control (“GPC”). We listen for and honor GPC signals as required under applicable laws. To learn more about GPC, please click here.
- Opt-out of marketing messages - you may opt out of marketing communications at any time by clicking the “unsubscribe” link in our emails or contacting us at privacyrequests@instacart.com.
- Access / Portability – to obtain a copy of your information
Correction– to correct inaccurate data.
Deletion – to request deletion
Restriction / Objection – to limit or object to processing based on legitimate interests.
Withdrawal of consent – where processing is based on consent.
- Lodge a complaint – with your local data‑protection authority.
The exact scope of these rights may vary by state and include certain exceptions. To exercise one or more of these rights, please contact us by email at privacyrequests@instacart.com. Please insert “Data Privacy Rights Request” in the subject line of your email, as well as your location. To protect the confidentiality of your personal information and that of others, we may only process your request for access, deletion and correction when your identity has been verified, as permitted. If you believe there has been a violation of your privacy rights, please contact us or your applicable supervisory authority.
To the extent applicable, you may designate an authorized agent to exercise your privacy choices on your behalf. To designate an authorized agent to exercise choices on your behalf, please provide evidence that you have given such agent power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. We will respond to your request consistent with applicable law and subject to proper verification. We will verify your request by asking you to send it from the email address associated with your account or to provide information necessary to verify your account.
5. Retention
We keep personal information only for as long as necessary to fulfill the purposes for which we have collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information; the potential risk of harm from unauthorized use or disclosure of the personal information; the purposes for which we use the personal information; whether we can achieve those purposes through other means; and the applicable laws that require us to retain information for regulatory purposes or permit us to retain the information to preserve our legal rights.
7. Children’s Privacy
The Sites are not designed for or intentionally directed to children under the age of 18, and we do not knowingly collect personal information from children under the age of 18.
9. Information Security
We employ and maintain reasonable administrative, physical, and technical measures designed to safeguard and protect personal information under our control from unauthorized access, use, and disclosure. Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your Information, we cannot guarantee the security of your information transmitted through the Sites or over email; any transmission is at your own risk.
10. Cross-border Transfers
Your information collected through the Sites may be stored and processed in the United States, Canada or any other country in which Instacart or its affiliates, partners or service providers maintain facilities, which may result in the transfer of your personal information outside of the country or region in which you reside.
If personal information is transferred out of the jurisdiction in which it was collected, we will do so in accordance with applicable law, however, please note that the privacy laws of those countries may not offer the same level of personal information protection as privacy laws from which the personal information was collected. However, this does not change our commitment to safeguard your privacy and we will comply with all applicable laws relating to the cross-border data disclosure. Where information In relation to data being transferred outside the EEA, and UK, for example, a transfer may be done in one of the following ways:
• the country that we send the data to might be approved by the European Commission as offering an adequate level of protection for personal information;
• the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal information; or
• in other circumstances the law may permit us to otherwise transfer your personal information outside of the EEA and UK.
11. Changes to this Privacy Policy
We may occasionally update this Privacy Policy to reflect changes in our practices with respect to the collection, use, and disclosure of personal information and/or changes in applicable law.
The “Last updated” date at the top of this page indicates when this Privacy Policy was last revised. If we make changes, we will revise the date at the top of this Privacy Policy and, in the case of material changes to this Privacy Policy, we may provide you with additional notice (such as a notice posted on the Services or a message delivered to the email address that we have on file for you).
We encourage you to review this Privacy Policy periodically to remain informed about our information handling and privacy practices.
12. Contact Information
If you have questions or comments about this Privacy Policy or our information handling practices, Please contact Instacart’s Global Privacy Team at:
Instacart
50 Beale Street, Suite 600
San Francisco, California 94105
1-888-246-7822
If you have a disability and would like to access this Privacy Policy in an alternative format, please contact us at (888) 317-8968. Instacart is committed to making its electronic and information technologies accessible to individuals with disabilities.
If you have comments concerning this website’s accessibility, please contact us at the email address accessibility-feedback@instacart.com.
13. Regional Disclosures
Europe (EU/UK)
How We Use Personal Information: Additional Information on the Legal Bases for Processing
Purpose | Legal Basis |
Conduct our business
| Our legitimate interest in managing our business, providing services to our clients, and continuously improving those services. |
Onboarding
| |
Provide and manage the Site | |
Payments | |
Provide you with user support and respond to your inquiries | |
Communicate with you | |
Accommodate communications between you and our retail partners | |
Corporate restructuring | |
Maintain security and prevent fraud | Necessary for compliance with a legal obligation (Art. 6.1(c) GDPR) in respect of compliance with EU law, member state law, and UK law, and legitimate interest (Art. 6.1(f) GDPR) in respect of compliance with other laws. If a legal obligation does not apply, we rely on our legitimate interest in ensuring the security and integrity of our organisation.
In the UK, this is a recognised legitimate interest when we do this to prevent, detect, or investigate a crime.
|
Satisfy our legal obligations | |
Customize and personalize the Sites | Consent where required under EU or UK data protection law. If consent is not required, we rely on our legitimate interests in tailoring our products, services, and communications to align with business contact preferences, keeping business contacts informed about our offerings, managing our business relationships, delivering services to our clients, and continuously improving those services. |
Identify usage trends and improve the Sites | |
Market our Services | |
As otherwise necessary or appropriate | Consent |
There are instances where we have a legitimate interest to use your data. Our legitimate interest will vary depending on what we are using your data for, and we explain above what the interest is and how it relates to the processing operations that we are carrying out. Where we process personal data on the basis of a legitimate interest, then – as required by data protection law – we have carried out a balancing test to document our interests, to consider what the impact of the processing will be on individuals and to determine whether individuals’ interests outweigh our interests in the processing taking place. In the UK, we do not need to conduct a balancing test if we process personal data for a “recognised legitimate interest.” You can obtain more information about this balancing test by using the contact details at the end of the notice.
For security purposes, fraud prevention and to comply with our legal obligations the provision of information is mandatory: if relevant data is not provided, then we will not be able to ensure security of your information and comply with applicable laws. The provision of all other information is optional. If you choose not to provide optional information, this may limit our ability to personalize your experience or provide certain features and services.
Cross-border transfers: Additional Information
Where we transfer personal information outside the EU or UK, we ensure appropriate safeguards are in place to protect the transfer of your personal data to these countries.
We transfer personal information to countries that have been approved by the European Commission or the UK Secretary of State as offering an adequate level of protection for personal information. We also transfer personal information to business partners and service providers who rely on approved standard contractual clauses (module 1 or 2 depending on nature of relationship) and to business partners and service providers who rely on other approved transfer mechanisms.
Privacy Rights: Additional Information
In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out above.
If you have unresolved concerns, you have the right to complain to us or a data protection authority in the country that you reside in or, the country of your place of work or the country where the alleged infringement took place:
Country | Details |
UK | The ICO. Contact details available here. |
EU member states | See list of data protection authorities and their contact details here. |