How much are loyalty schemes earning from your data?

Loyalty schemes earn big money from the data they collect about us.

16nov loyalty schemes hero1

Loyalty schemes lure us with the promise our spending will be handsomely rewarded. However, these programmes aren’t just about getting customers in the door. The real prize is the personal data they collect every time you swipe your card.

Not only does this information tell retailers about your shopping habits but onselling it can also prove lucrative. Across the Tasman, some schemes are estimated to be making millions of dollars a year from selling the data they collect.

Down the data mine

As soon as you sign up for a loyalty scheme, it begins collecting information. It typically starts with your name, age, gender, address and household size. As soon as you start swiping or scanning your membership card, the programme operator starts building a profile of you and your shopping habits.

This includes what you buy, when, how much you spend and how you pay.

Some schemes, such as Fly Buys, also offer apps that collect even more information. The company’s privacy policy says that if you download the Fly Buys app, the information collected can include data about your location, device type, device identifier (IP address) and user activity, such as the website links you click on.

This data is added to your profile, which companies use to target you with tailored ads designed to get you spending.

There’s also money to be made from data sales. A 2019 report by the Australian Competition and Consumer Commission (ACCC) found some loyalty schemes were earning as much as $374 million a year from selling customer data.

As soon as you sign up for a loyalty scheme, it begins collecting information.

Schemes are also earning money from customer data on this side of the ditch. Fly Buys, which boasts 2.8 million members, said it sells customer data to companies in its programme and gets revenue from data analytics services provided to these companies. However, it declined to tell us how much.

Petrol loyalty scheme AA Smartfuel also earns revenue from selling aggregated data to its partners, though director Ian Sutcliffe said the amount was “less than $40,000” in the past financial year.

Mr Sutcliffe said AA Smartfuel also shares personally identifiable information with Countdown – where Countdown Onecard members participate in the AA Smartfuel scheme – and “non-identifiable, high-level programme information with most of our partners”.

Other major loyalty schemes we contacted also shared data with their business partners as well as undisclosed third parties (see “Loyalty scheme profiles”).

The fine print

Loyalty schemes should be telling you what data they’re collecting and what they do with it. But this information is usually buried in lengthy terms and conditions that are difficult to read and may not give you the full picture.


Combined, Fly Buys’ terms and conditions, and privacy policy run to 4868 words (see our Table). The privacy policy gets a rating of “fairly difficult to read” using the Flesch Reading Ease Test Score (calculated on the average number of words in a sentence and the average number of syllables in each word).

Air New Zealand has a 62-page privacy statement that applies to all services, including the Airpoints scheme. It gets a rating of “fairly difficult to read”.

Information on who your data is shared with is also vague. Our review of schemes’ terms and conditions found most refer to “third parties” but don’t name them. When we asked major loyalty schemes for a full list of third parties that received data, none would provide this information.

In its 2019 report, the ACCC noted the “power imbalance” between consumers and loyalty scheme operators. While schemes require consumers to give broad consent to the use of personal information, they provide hard-to-understand disclosures about how they use and share this data.

The ACCC has put loyalty schemes on notice to clean up their act and give customers clear information about what they’re doing with the data. Loyalty schemes here need to do the same. Customers should also be asked if they want to opt-in to their data being shared and sold, rather than it happening automatically.

What are the risks?

Even if you don’t mind your data being dished out to advertisers or sold to the highest bidder, data sharing increases the chances your information will fall into the wrong hands.

A major risk is data re-identification, which is where a third party crunches the numbers on “anonymous” information and matches different datasets to identify you. This can open the door for hackers to access your private information, such as email or bank details.

20jan loyalty schemes body
In July 2019, the data of 112,000 Air New Zealand Airpoints customers was hacked.

Hacking isn’t just a theoretical risk. In July 2019, the data of 112,000 Air New Zealand Airpoints customers was hacked. Information ranging from contact details to possible passport details was exposed.

Data architect Michelle Burke said the chances of your data being hacked are increasing.

“The risks come down to how much information you share. When the data is aggregated, you likely wouldn't be identifiable. However, depending on the methods used to de-identify [or] anonymise data, you could be easily identifiable.”

Ms Burke cited a 2016 study in Australia where de-identified medical records were easily re-identified by researchers at the University of Melbourne.

These risks will only increase as data collection companies are bought up by bigger operators, she said. “[As] data sets are put together, more and more information is put together about us. [In November 2019], Google purchased FitBit.”

Are they worth it?

Given customer data provides the big value for loyalty schemes, it’s little surprise the rewards they offer are frequently underwhelming.

With Fly Buys, the standard conversion rate is one Fly Buys point for every $25 spent. To earn the 1660 points needed for a pair of Apple’s $280 AirPod headphones, you’d need to spend $41,500.

Countdown’s Onecard requires you to spend $2000 to earn 200 Onecard points, which gets you a $15 supermarket voucher.

New World’s Clubcard programme requires customers to pick either Fly Buys or Airpoints as a reward programme. You can earn one Fly Buys point for every qualifying $25 you spend at New World in a single transaction.

During advertised redemption periods, customers can choose to convert their Fly Buys points to New World Dollars (one New World Dollar = NZ$1). You would need to spend $2125 to earn enough for 15 New World Dollars.

If you pick Airpoints, every qualifying $25 spent at New World will earn $0.185 Airpoints Dollars.

To earn one Airpoints Dollar at Mitre 10, you need to spend $115 (one Airpoints Dollar also equals NZ$1). A $335 Samsonite suitcase in the Airpoints store costs 469 Airpoints, so you’d need to spend $53,935 at Mitre 10 to rack up enough points.

What about fuel schemes? They’re not much better. In 2019, using the Gaspy app that compares fuel prices, we found retailers in Hastings with loyalty discounts (BP, Caltex, Mobil, New World, Pak’nSave and Z) offered the same price for regular 91 petrol, which was 13¢/L higher than the local Gull.

Our advice: you’ll usually be better off shopping by price rather than spending more just to earn points.

Data collection

It’s not just loyalty schemes collecting your data. Social media and apps also require personal information in exchange for you using them. “Free” online services, such as Facebook and Twitter, or fitness and health apps, such as Fitbit, may monetise your data by letting it be used for targeted advertising or data analytics.

Loyalty scheme profiles

Want to read the full article?

  • Heaps of buying advice so you can choose with confidence
  • Independent reviews of thousands of products and services
  • Personal advice an email or phone call away on our advice line (members only).

Member comments

Get access to comment