Rakuten is a popular platform for earning cashback on purchases, but like many online services, it comes with some privacy concerns. The platform collects and shares user data, which could raise questions for those who prioritize privacy. While the savings are appealing, it is important to weigh the potential risks associated with data collection and sharing, which are common in many similar services.
Rakuten is a global e-commerce and online retail company based in Japan, known for its cashback program that allows shoppers to earn rewards on their purchases from a wide range of retailers. Often referred to as the “Amazon of Japan,” Rakuten offers services that go beyond just shopping, including travel bookings, credit cards, and digital content. Its most popular service in the U.S., however, is Rakuten Rewards (formerly Ebates), which partners with thousands of stores to provide users with a percentage of their purchase back in the form of cash or gift cards.
The concept is simple: users sign up for free, shop through Rakuten’s website or app, and earn cashback on their purchases. Rakuten makes money through affiliate commissions from partnered retailers, sharing a portion of that revenue with shoppers. While it provides an easy way to save money, Rakuten’s model also involves collecting and sharing consumer data with its partners, raising potential concerns about privacy. Despite these concerns, the platform remains popular for its ability to deliver real savings to shoppers across a variety of brands and categories.
Cashback services like Rakuten collect a significant amount of data, and while it might seem harmless if kept within the company, there are concerns that this information is often shared with other entities.
Rakuten’s privacy policy highlights several points that could raise concerns for privacy-conscious users. One of the key concerns is the extensive collection of personal data, which includes not only identifiers like names, email addresses, and payment information but also browsing activity, transaction history, and even precise location data when enabled. This data is gathered from various interactions with their services, including mobile apps, browser extensions, and third-party platforms.
Another area of concern is the disclosure of personal information to third parties, including affiliate partners, financial institutions, and digital advertising providers. While Rakuten states they do not "sell" sensitive data, they share information with business partners for targeted advertising and marketing, which could be considered a "sale" under certain privacy laws. Users can opt out of this sharing, but it requires proactive steps. Additionally, data collected is used to build personalized profiles, which some argue could lead to price discrimination or targeted marketing based on inferred preferences.
Lastly, the policy’s retention of data for extended periods, even possibly after account deletion requests, and sharing within the broader Rakuten Group, which includes global affiliates, may also raise privacy concerns for users who prioritize stricter control over their personal information.
While these privacy concerns may seem worrisome, it is important to note that Rakuten’s terms are not drastically different from those of other major online platforms that many users already trust and use. Companies like Amazon, Google, and Facebook also collect vast amounts of personal data and share it with third parties for advertising and marketing purposes. Most cashback services, loyalty programs, and other popular online platforms operate under similar privacy frameworks. As with any online service, it is essential for users to understand the trade-offs between convenience, rewards, and privacy, but Rakuten’s policies align closely with industry standards.
In January 2021, Rakuten USA, Inc. (Rakuten Americas) discovered a data security incident involving the personal information of employees. An employee, who was in the process of voluntarily leaving the company, transferred files from their Rakuten-issued computer to a personal device. An internal investigation revealed that some of these files contained sensitive personal data, including names, Social Security numbers, and dates of birth. While Rakuten took immediate action to delete the files from the personal device and account, they could not confirm whether the data had been further transferred or copied. Rakuten notified law enforcement and offered affected employees complimentary credit monitoring and identity theft protection services. Rakuten USA, Inc. is the U.S. subsidiary of Rakuten Group, Inc., and oversees a variety of Rakuten’s operations in North America. This entity includes not only Rakuten Rewards but also other Rakuten businesses and services, such as advertising, marketing, and e-commerce solutions.
Linking your credit card to Rakuten appears to be generally safe, as the platform takes significant measures to protect user data. Rakuten stores your credit card information in a secure, encrypted environment that complies with the Payment Card Industry Security Standards Council (PCI), a trusted framework for handling sensitive payment information. The company also partners with stores that use Secure Socket Layer (SSL) connections, ensuring secure transactions. However, like with any online platform, even the most secure systems carry some level of risk. While there is no immediate cause for concern, it is always wise to regularly monitor your statements and use strong passwords to add an extra layer of protection.
While Rakuten offers the appealing benefit of earning cashback on everyday purchases, there are potential downsides to consider. One of the main concerns is related to privacy. As with many online services, Rakuten collects a significant amount of personal and transactional data, including browsing history, purchase behavior, and potentially location data. Although the platform does not sell this data, it does share it with third parties like affiliate partners and advertisers, which could lead to targeted marketing or even price discrimination based on user profiles.
Additionally, users may find that not all purchases qualify for cashback, and some retailers or offers may have specific restrictions. There can also be delays in receiving cashback, with some users experiencing issues in tracking rewards accurately. While these drawbacks do not outweigh the benefits for many, users should be aware of the trade-offs in privacy and potential service limitations when using Rakuten.
Despite these potential downsides, many users happily use Rakuten and enjoy the savings it provides. The platform has a large and loyal user base, with millions of shoppers taking advantage of cashback rewards on a wide variety of purchases. For most, the convenience of earning Rakuten cash back on everyday shopping far outweighs any privacy concerns or minor inconveniences. Positive reviews often highlight how easy it is to use, with many users praising Rakuten for offering real savings with little effort. Overall, for those looking to save money, Rakuten remains a popular and trusted choice.
In conclusion, Rakuten remains a popular and trusted platform for earning cashback on everyday purchases, offering users significant savings with minimal effort. While the platform does raise some privacy concerns, particularly related to data collection and sharing, these practices are not unlike those of other major online services. For users asking, "Is Rakuten legit?" or "Is the Rakuten app legit?" the answer is yes—Rakuten is a reputable company that takes steps to protect user data while delivering real financial benefits. Like any online service, it is important to understand the balance between privacy and convenience, but overall, Rakuten continues to be a reliable choice for millions of satisfied shoppers.
Compass IT Compliance, a consulting firm specializing in IT security and compliance, provides expert insights on a variety of security and privacy issues, helping organizations safeguard their applications. However, it is important to note that Compass IT Compliance has no affiliation with Rakuten. The advice and recommendations shared in this blog are the result of independent research and analysis, aimed at informing users about data privacy and security concerns related to the Rakuten app. For the most reliable information, always conduct your own research and consult official sources.