If you find that ads for products you saw in a physical store are following you around online, you are experiencing Offline-to-Online (O2O) Retargeting. This sophisticated technique links your real-world movements to your digital identity. The good news is that you can significantly limit this tracking by adjusting a few settings and adopting stronger privacy habits.

Step 1: Shut Down Location and Proximity Tracking

Your smartphone constantly sends out signals that stores and data brokers can intercept to determine your location, often without your explicit awareness or permission.

Disable Wi-Fi and Bluetooth When Outdoors: The most effective defence is to turn off Wi-Fi and Bluetooth when you are out shopping. Stores use sensors and network devices to detect your phone’s unique fingerprint if these services are enabled.

Restrict Location Services: Go into your phone’s settings and restrict location access for all non-essential apps (e.g., games, photo editors). For apps you do use, set permissions to “Only While Using” or “Ask Next Time” instead of “Always.”

Check Background Activity: Phone apps, including weather, shopping, or loyalty programs, can track your location even when closed. Review your phone’s settings to disable Background App Refresh for non-essential apps.

Disable Always-On Connectivity on Smartwatches: Turn off features like “Find My Watch” if you don’t actively use them, as they require persistent location access.

Step 2: Manage Microphone and Listening Devices

While major companies generally deny actively using your microphone to listen to casual conversations for ad targeting, the risk of background and ambient data collection from your devices is real.

Audit Microphone Permissions: Review which apps have microphone permissions (found under your phone’s privacy settings) and disable any unnecessary ones. Be wary of apps that request microphone or audio access without a clear, justifiable reason.

Mute Smart Speakers: Smart speakers and virtual assistants (e.g., Siri, Alexa, Google Home) are always listening for their “wake word.” Keep these devices on mute unless you are actively using them to prevent accidental activation.

Step 3: Block Online and Identity Matching

A key part of retargeting is linking your physical visit to your digital profile, often using identifiers you have provided. Breaking this link is essential.

Use a Throwaway Email for In-Store Services: Never give your primary email address or phone number for in-store Wi-Fi access, loyalty programs, or e-receipts. Watch out for “lucky draws” in malls that ask for your email address. Use a dedicated, secondary “spam” email address that you do not use for any work, social media or shopping purposes.

Limit Ad Personalisation (LAT): Enable your device’s built-in privacy setting. On iOS, this is “Limit Ad Tracking” or “Ask Apps Not to Track.” On Android, it’s “Opt out of Ads Personalization.” This instructs ad networks not to use your unique device ID for retargeting.

Reset Your Ad ID: Regularly resetting your unique advertising ID on both Android and iOS breaks the link between your device and past behavioural data, forcing advertisers to start building a profile for you from scratch.

Opt Out of Data Brokers: Many data brokers and ad networks allow you to manually opt out of targeted advertising. Search for “opt out” pages at companies like LiveRamp and Experian. In the U.S., use services like optout.aboutads.info; in the EU, use your rights under the GDPR to request data deletion.

Audit Installed Apps: Look for apps with vague privacy policies or excessive permissions. Consider using a tool like Exodus Privacy (for Android) to scan apps for embedded trackers, and delete apps that offer no meaningful privacy controls.

Step 4: Reclaim Browser Privacy

Your browser is ground-zero for cookie-based tracking, which allows advertisers to follow your habits across the web.

Use Privacy-Focused Browsers: Switch to browsers like Brave, Firefox, or DuckDuckGo Browser, which block trackers by default.

Install Anti-Tracking Extensions: Use tools like uBlock Origin, Privacy Badger, or Ghostery to block trackers and fingerprinting scripts.

Disable Third-Party Cookies: Set your browser settings to Block third-party cookies or use the “Strict” tracking protection setting.

Clear and Rotate: Regularly clear your cookies and site data. For sensitive browsing, use incognito mode. Use more than one browser, perhaps specific ones for favourite sites.

Control Cross-Device Data: Avoid using the same email or phone number for every service across your phone, laptop, and smart TV – these shared identifiers are what allow advertisers to connect your devices and serve ads across all of them. If I think a company has no need for my phone number, I make a deliberate typo in it.

Note that some websites will refuse to show you their content if they detect your ad blocker. I disable mine to view the content, but I also remove their domain and session cookies.

By adopting these digital hygiene habits, you build a strong privacy fence around your devices, making yourself significantly harder to follow and limiting the intrusive retargeting that follows a physical store visit.

See the companion article: Offline to Online Retracking