What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, fill out a form or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you turn cookies off, some of the features that make your site experience more efficient may not function properly. Some of the features that make your site experience more efficient and may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We use Google AdSense Advertising on our website.
We have implemented the following:
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Can change your personal information:
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we allow third-party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We market to: Adults 21 years or older.
We do not collect information from children under 13.
Do we let third-parties, including ad networks or plug-ins collect PII from children under 13? No.
In order to remove your child’s information please contact the following personnel:
Administration at: email@example.com
We adhere to the following COPPA tenants:
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
CAN SPAM ACT
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CANSPAM, we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at: firstname.lastname@example.org. Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
PO Box 383656
Waikoloa, HI 96738
What are cookies?
Cookies are small pieces of data, stored in text files that are stored on your computer or other devices when websites are loaded in a browser. They are widely used to remember you and your preferences, either for a single visit (through a session cookie) or for multiple repeat visits (using a persistent cookie). They ensure a consistent and efficient experience for visitors and perform essential functions, such as allowing users to register and remain logged in.
Cookies may be set by the site that you are visiting (known as first party cookies), or by other websites who serve up content on that site (third party cookies). The following describes some of the cookies used.
EU Cookie Law Banner
Cookie Name Duration Purpose
eucookielaw: 30 days - Remembers the state of visitor acceptance to the EU Cookie Law banner.
Cookie Name Duration Purpose
Registered on the site, but not connected to WordPress.com
Cookie Name Duration Purpose
tk_ai: session - Stores a randomly-generated anonymous ID. This is only used within the admin area.
Some features make use of third-party applications and services to enhance the experience of visitors. These include social media platforms, such as Facebook and Twitter (via our Sharing feature). As a result, cookies may be set by these third parties, and used by them to track your online activity. We have no direct control over or access to the information that is collected by these cookies.
Additional cookies are set for those using Website Builder and the connected GoDaddy.com account.
To find out more about how to manage and delete cookies, visit aboutcookies.org. For more details about advertising cookies, and how to manage them, visit youronlinechoices.eu (EU based), or aboutads.info (US based).
Use of Web Measurement and Customization Technologies
Office of Management and Budget (OMB) Memorandum 10-22 (M-10-22), “Guidance for Online Use of Web Measurement and Customization Technologies,” authorizes agencies to employ web measurement and customization technologies for the purposes of improving the Federal Government’s services and behavior online. OMB defines web measurement and customization technologies as technologies that are used to remember a customer’s online interactions with a website or online application in order to conduct measurement and analysis of usage or to customize the user’s experience.
OMB M-10-22 delineates the following three “tiers” of web measurement and customization technologies for the purposes of describing their functionality:
a. Tier 1—Single Session. This tier encompasses any use of single session web measurement and customization technologies.
b. Tier 2—Multiple Session Without Personally-Identifiable Information (PII). This tier encompasses any use of multi-session web measurement and customization technologies when no PII is collected (including when the agency is unable to identify an individual as a result of its use of such technologies).
c. Tier 3—Multiple Session With PII. This tier encompasses any use of multi-session web measurement and customization technologies when PII is collected (including when the agency is able to identify an individual as a result of its use of such technologies).
Proposals to use Tier 3 web measurement and customization technologies, however, must use “opt-in” functionality and are subject to a review and approval process that requires each such proposed use to—(1) be reviewed by the Senior Agency Official for Privacy; (2) be published for a 30-day public notice and comment period, unless exempted by the Chief Information Officer (CIO); (3) be reconsidered in light of any public comments received; and (4) receive explicit written approval from the CIO.
Within the Department of the Treasury, the Assistant Secretary for Management (ASM) serves as the Senior Agency Official for Privacy (SAOP) and the Deputy Assistant Secretary for Information Systems also serves as the Department’s Chief Information Officer. Additionally, under current Department of the Treasury Directive (TD) 81-08, paragraph 2, the authority to approve the use of Tier 2 and Tier 3 web measurement and customization technologies may only be granted by the Secretary of the Treasury. Because M-10-22 no longer requires an agency head to approve such uses, and because the ASM is the promulgating authority for TD 81-01, the ASM currently has the authority to grant an exception that would allow either the ASM or the CIO—rather than the Secretary of the Treasury—to approve the proposed uses herein.
At the time of this notice, the Treasury SAOP has reviewed the proposed uses of Tier 3 web measurement and customization technology.
The purpose of the web measurement and/or customization technology.
The United States Mint is replacing its Integrated Retail Information System, the system it currently uses to manage its numismatic products and services, with the Order Management System II (OMS II). OMS II is a next generation online retail sales and fulfillment system that will allow the United States Mint to continue to conduct its numismatic program in a productive, reliable and secure manner, while at the same time providing the online consumer an experience comparable to electronic commerce (e-commerce) retail industry standards. OMS II will use Tier 2 and 3 web measurement and customization technologies to maximize the marketing capabilities of the OMS II environment and to improve the functionality and shopping experience the United States Mint offers its customers.
The nature of the information collected, tracking Tier, and technology used.
To maximize the marketing capabilities of the OMS II environment and to improve the functionality and shopping experience the United States Mint offers its customers in the online store, OMS II will employ both Tier 2 and Tier 3 web measurement and customization technologies. There are four types of visitors to the United States Mint’s online store who will encounter OMS II’s web measurement and customization technologies: (1) Non registered Online Visitors; (2) Registered Online Shopping Account Customers; (3) Unregistered Online Single Transaction Customers; and (4) Online Visitors Who Subscribe to Email Communications from the United States Mint. For each type of visitor to the online store discussed below, the following information will be provided: (a) the nature of the information collected; (b) the web measurement and/or customization technology usage (Tier 2 or3); and (c) the technology used to track the visitor’s information.
(1) Non-re glistered Online Visitors (“Non-registered Visitors”). These are individuals who visit the United States Mint’s online store, but do not register for an online shopping account, make any purchases or subscribe to receive emails (e.g., newsletters) from the United States Mint.
(a) The nature of the information collected. Certain information is automatically collected from all Non registered Visitors to the online store using cookies (files that are placed on a website visitor’s computer to track and collect information). If Non registered Visitors go to the online store (without first disabling first-party cookies) solely to read or download information—and do not, for example, send e-mail to the United States Mint or complete an online form or opt-in to certain data collections and uses (by purchasing online, creating an account or subscribing to a newsletter)—the United States Mint collects and stores only the following information:
When Non-registered Visitors navigate to the United States Mint online store without first disabling first-party cookies, they are assigned an auto-generated visitor identifier to track their browsing and purchasing behavior while they remain in the online store (the tracking ends if the Non registered Visitor leaves the online store and navigates to other parts of the United States Mint site or to other sites). The United States Mint automatically collects the Geo-location data contained in the first six digits of the internet protocol (IP) address (“truncated” [not the full] IP address) and device settings. IP addresses allow a website (e.g., the United States Mint’s online store) to recognize the device when the device owner visits the site. Because the truncated IP address reveals only broad Geo-location data (i.e., a particular region), it is not PII. This information is collected whether or not an individual who navigates to the online store is a Registered Customer (see below) or has logged into his or her customer profile.
(b) The web measurement and/or customization technology usage Tier. Generally, Non-registered Visitors will only encounter Tier 2 tracking (no PII associated with their browsing and purchasing behavior). They will not encounter Tier 3 tracking (association of their OMS II stored PII with their browsing and purchasing behavior) unless they opt in to the use of these technologies by becoming Registered Customers, Single Transaction Customers, or Email Subscribers.
(c) The technology used to track the visitor’s information. A Tier 2 session cookie will be used to track the Non registered Visitor’s information. This means that as soon as the Non registered Visitor leaves the online store to navigate to another website (even other parts of the United States Mint’s website), the tracking ends (and only begins again the next time they visit the online store without first disabling first-party cookies).
(2) Registered Online Shopping Account Customers (“ Registered Customers”). The United States Mint provides customers the option of creating a registered account. These Registered Customers are individuals who visit the United States Mint’s online store, register for an account and make purchases online.
(a) The nature of the information collected. During registration, Registered Customers must provide: name (first and last), physical address,phone number, email address, login name, password, product and communication preferences, billing and delivery address (including country, city, county,state and zip code), order history and credit card payment information. In accordance with the online store’s Terms of Service, by providing this PII, the customer is also warranting that he or she is 18 years of age or older. Registered Customers are also required to select and answer one of many security questions available (the responses to which contain PII).
(b) The web measurement and/or customization technology usage Tier. Registered Customers
only encounter tier 2 web measurement and customization technologies (not linked to their PII) during their visits to the online store that predate their registration. If customers wish to register to create an online shopping account, the United States Mint also requires that they explicitly agree (i.e., opt in) to the use of their full IP address (not merely the truncated[geo- location] version collected for online store Non registered Visitors) to track their browsing and purchasing behavior within the online store using a Tier 3 persistent cookie. This Tier 3 cookie is used to associate Registered Customers’ browsing and purchasing behavior with other information they provide to the online store. The full IP address is PII because it can conceivably be traced to an individual when combined with other information (e.g., information from the Internet service provider regarding the account holder from whom the IP address originated,plus additional information from the owner of the account).
(c) The technology used to track the visitor’s information. The Registered Customer’s browsing and purchasing behaviors are tracked using a persistent cookie that associates the customer’s PII (name, billing and shipping address,phone number, email address,payment, birth month (if provided), and credit card information, product and communication preferences and order history) with his or her browsing and purchasing behavior (e.g., pages in the online store visited, products viewed and purchased etc.).
For United States Mint customers who already have an existing online shopping account when the United States Mint launches OMS II,the United States Mint will invite each of these customers to confirm his or her registration. During the confirmation process, preexisting customers will be asked to agree to become a Registered Customer in OMS II by explicitly opting in to the use of persistent cookies to monitor their online store browsing and purchasing behavior and have it associated with their other account information. They will also be required to create a new password to maintain access to their account and account services. To do this, existing customers will need the answer to their security question that they provided when they first registered for an account on the online store.
(3) Unregistered Online Single Transaction Customers (“ Single Transaction Customers”). Customers do not need to create an online shopping account to make an online purchase.
(a) The nature of the information collected. To make an online purchase of any kind (Registered Customer or Single Transaction Customer), the United States Mint requires information such as the customers’ credit card data, telephone number, name, and e-mail and postal addresses for customers or the gift recipient. In accordance with the online store’s Terms of Service, by providing this PII,the customer is also warranting that he or she is 18 years of age or older.
(b) The web measurement and/or customization technology usage Tier. Single Transaction Customers only encounter Tier 2 web measurement and customization technologies (not linked to their PII) during their visits to the online store that predate their making an online store purchase or subscribing to United States Mint email communications. When Single Transaction Customers make a purchase, they are opting-in to certain collections and uses of their browsing and personal information. Single Transaction Customers must explicitly agree (i.e., opt in) to have their full IP address (not the truncated version collected for Non- Registered Visitors) and their browsing and purchasing behavior tracked within the online store and associated with other information they provide to the online store.
(c) The technology used to track the visitor’s information. Single Transaction Customers’ browsing and purchasing behaviors are tracked using a persistent cookie that associates their PII (First name, last name, telephone number, email address, billing address, shipping address, credit card information, [including expiration date and security code] credit card data) with their browsing and purchasing behavior. A customer’s browsing and purchasing behavior will be associated with additional types of PII if the Single Transaction Customer also conducts other transactions in the online store (e.g., becomes an Email Subscriber).
(4) Online Visitors Who Subscribe to Email Communications from United States Mint (“ Email Subscribers”). Online store visitors have the option of becoming Email Subscribers to receive e- mail communications (promotional/informational newsletters) from the United States Mint with general information about its products and services. Email Subscribers can (but need not) be customers who purchase products and services from the United States Mint. Therefore,these visitors can also be Single Transaction Customers or Registered Customers.
(a) The nature of the information collected. When an online store visitor becomes an Email Subscriber, the United States Mint collects information including the Email Subscriber’s name, e-mail address, birth month, and browsing and purchasing (if any) behavior. In accordance with the United States Mint online store’s Terms of Service, by providing this PII, the customer is also warranting that he or she is 18 years of age or older.
(b) The web measurement and/or customization technology usage Tier. Email Subscribers who are neither Registered Customers nor Single Transaction Customers at the time they subscribe to email communications from United States Mint only encounter Tier 2 web measurement and customization technologies during their visits to the online store that predate their email communication subscription or online registration or purchase. Email Subscribers must explicitly agree (i.e., opt in) to allow their browsing and purchasing behavior to be tracked using a Tier 3 persistent cookie which is associated with other information they provide to the United States Mint online store.
(c) The technology used to track the visitor’s information. Email Subscribers’ browsing and purchasing behavior is tracked using a Tier 3 persistent cookie that associates their PII (name, e-mail address, and birth month) with their browsing and purchasing behavior. Email Subscribers’ browsing and purchasing behaviors will be associated with additional types of PII if the Email Subscriber also conducts other transactions in the online store (e.g., becomes a Registered Customer or Single Transaction Customer).
The purpose and use of the information collection.
31 U.S.C. sections 5111(a)(3) and5136 authorize the Secretary of the Treasury to prepare and distribute numismatic items and establishes the United States Mint Public Enterprise Fund from which the United States Mint may draw funds for the purpose of bureau operations and programs, including the production, administration,distribution, marketing, purchase, sale, and management of coinage and numismatic items. Information collected by OMS II Tier 2 and Tier 3 web measurement and customization technologies is used to support United States Mint operations and programs and will be used solely for the purposes of such operations and programs.
Information collected through the use of Tier 2 web measurement and customization technologies will provide the United States Mint with insights necessary to enhance online customers’ browsing experiences and effectively focus marketing efforts to optimize customer engagement. Information collected through the use of Tier 3 web measurement and customization technologies will improve online store navigation for customers who create a registered customer account by allowing them the opportunity to customize website settings based on interests and needs and saving them from having to provide duplicative information each time they make a purchase. In addition, it will enable the United States Mint to create market segmentation groups and perform marketing analytics that it will use to provide customers with personally-customized marketing recommendations.
Whether and to whom the information will be disclosed.
Information collected by OMS II web measurement and customization technologies will not be shared with external agencies or otherwise except with explicit permission from the individual customer and in accordance with the Privacy Act and the Freedom of Information Act.
The privacy safeguards applied to the information.
The United States Mint applied the principles of “privacy by design” to this system. This means that privacy has been addressed as a requirement throughout OMS II’s acquisition, design, and development life cycle and will remain a priority during operations. Procurement agreements require that service providers and subcontractors must comply with Federal, Department of the Treasury, and United States Mint privacy and information security policies, regulations and directives. All contractors and subcontractors working in the development and maintenance of the system and program are required to sign non-disclosure agreements requiring that they use the information related to the program only for United States Mint purposes. Pursuant to M-10-22 and TD 81-08, the United States Mint will not, under any circumstances, use OMS II web measurement and customization technologies:
a. to track individual-level user activity on the Internet outside of the United States Mint online store (i.e., no tracking is even done on other parts of the United States Mint’s website);
b. to share the data obtained through such technologies, without the user’s explicit consent,with other departments or agencies except pursuant to the routine uses stated in the system of records notice (Treasury/ United States Mint - .009 – Order Management System (OMS), replacing United States Mint .009, “Retail Sales System”);
c. to cross-reference without the user’s explicit consent, any data gathered from web measurement and customization technologies against PII in a way that will make it possible to identify a particular individual with their online browsing and purchasing behavior;
d. to collect PII without the user’s explicit consent in any fashion.
In addition to the privacy by design requirements incorporated throughout the procurement and development process, United States Mint employee and contractor employee access to OMS II information will be restricted to the least amount required to accomplish their assigned duties. Further, all such employees are required to complete annual security and privacy awareness training and sign the IT System User Rules of Behavior. The Rules of Behavior outline the appropriate and mandatory behavior of all those using United States Mint’s IT systems or systems operated on behalf of the United States Mint.
Information maintained by OMS II will be safeguarded and retained in accordance with all Federal, Department of the Treasury, and United States Mint security and privacy regulations, directives, and guidelines. For additional information about the specific privacy safeguards applied to OMS II, review the OMS II privacy impact assessment: Treasury/ United States Mint - .009 – Order Management System (OMS),replacing United States Mint .009, “Retail Sales System.”
The data retention policy for the information.
Electronic information in OMS II is being evaluated to establish the proper maintenance and disposition of records contained in the system. Information will be maintained in a secure environment to ensure that no records are destroyed until a retention schedule is officially approved by the Archivist of the United States.
Whether the technology is enabled by default or not and why.
OMS II Tier 2 web measurement and customization technologies are enabled by default and gather aggregate and anonymous data for analytical and marketing purposes. Pursuant to M-10-22, only Tier 3 web measurement and customization technologies require opt-in functionality.
OMS II Tier 3 web measurement and customization technologies are not enabled by default; they are only enabled after a Non registered Visitor explicitly opts in to become a Registered Customer, Single Transaction Customer, and/or Email Subscriber. Non registered Visitors are notified at the time they create a registered customer account, make a purchase, or subscribe to receive United States Mint marketing information via email that they are opting-in to the use of Tier 3 web measurement and customization technologies. The notification includes notices that their browsing and purchasing behavior will be tracked and that information collected will be associated with their customer profile and the email address provided.
How to opt-out of the web measurement and/or customization technology.
While OMS II Tier 2 web measurement and customization technologies are enabled by default, all visitors to the United States Mint’s online store (whether they previously opted in or not) may disable first-party browser cookies to prevent their browsing and purchasing behavior from being associated with any particular customer, IP address, or other PII during their visit to the online store. Registered Customer,Single Transaction Customer, and/or Email Subscribers, however, must enable first-party browser cookies before making a purchase in the online store (after which, they are free to, once again, disable first-party cookies until they wish to make another purchase).
In addition to disabling browser cookies before visiting the online store, visitors may opt-out of OMS II uses of Tier 3 web measurement and customization technologies by not creating a registered customer account, canceling an existing account, subscribing to newsletters and notification services, and/or refraining from using the online store to purchase United States Mint numismatic products.
Statement that opting-out still permits customers to access comparable information or services.
Declining to opt-in to OMS II Tier 3 web measurement and customization technologies will not prevent a customer from accessing information on the United States Mint’s online store. Declining to opt-in, however, will prevent customers from using the online store to place orders for United States Mint numismatic products. As an alternative to the bureau’s online store, customers who choose not to opt-in may place orders for United States Mint numismatic products by using the United States Mint’s toll-free customer service line (800-872-6468 or TTY 888-321-6468), placing a mail order (United States Mint, PO Box 71191, Philadelphia, PA 19176-6191), or visiting a United States Mint point of sale (i.e., in person) location.
The identities of all third-party vendors involved in the measurement and customization process.
OMS II is a turn-key system developed, provided, and maintained by PFSweb, Inc. Procurement agreements require PFSweb, Inc. and subcontractors to comply with Federal, Department of the Treasury, and United Stat es Mint privacy and information security policies, regulations and directives. While PFSweb, Inc.is responsible for the development and maintenance of the OMS II environment, other third-party vendor applications support OMS II web measurement and customization processes. Those third-party vendors are as follows: AgilOne, Demandware, IBM Digital Analytics, and Google Analytics. For detailed information about how each of these third-party vendors supports OMS II web measurement and customization processes, please review the OMS II privacy impact assessment entitled: eCommerce End-to-End Solution: Order Management System II (OMS II), available at
Last Edited on 2019/11/20