Skip to Content

We invite you to try out our new beta eCFR site at We’ve made big changes to make the eCFR easier to use. Be sure to leave feedback using the 'Feedback' button on the bottom right of each page!


Privacy Act of 1974; system of records

Document Details

Information about this document as published in the Federal Register.

Document Statistics
Document page views are updated periodically throughout the day and are cumulative counts for this document. Counts are subject to sampling, reprocessing and revision (up or down) throughout the day.
Enhanced Content

Relevant information about this document from provides additional context. This information is not part of the official Federal Register document.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble


Defense Commissary Agency, DoD.


Notice to alter a System of Records.


The Defense Commissary Agency proposes to alter a system of records, Z0035-01, entitled “Commissary Retail Sales Transaction Data” in its inventory of record systems subject to the Privacy Act of 1974, as amended.

The Commissary Retail Sales Transaction Data System of Records enables the Defense Commissary Agency to carry out its mission to enhance the quality of life of members of the uniformed services, retired members, and dependents of such members, and to support military readiness, recruitment and retention, by providing a world-wide system of commissaries similar to commercial grocery stores and selling merchandise and household goods similar to that sold in commercial grocery stores by, among other things, enable the authentication of authorized patrons, record purchases and purchases prices, calculate the total amount owed by the customer, and accept payment by various media; enable the collection of debts due the United States in the event a patron's medium of payment is declined or returned unpaid; enable the monitoring of purchases of restricted items outside the United States, its territories and possession and to comply with age restrictions applicable to certain purchases by minors or those under allowable ages; and to obtain aggregate demographic data concerning patron satisfaction with the delivery of the commissary benefit, and in determining appropriate product availability meeting the commissary customers' current and future needs and wants; and to facilitate implementation of various e-commerce initiatives.


Comments will be accepted on or before February 5, 2015. This proposed action will be effective the day following the end of the comment period unless comments are received which result in a contrary determination.


You may submit comments, identified by docket number and title, by any of the following methods:

* Federal Rulemaking Portal: Follow the instructions for submitting comments.

* Mail: Federal Docket Management System Office, 4800 Mark Center Drive, East Tower, 2nd Floor, Suite 02G09, Alexandria, VA 22350-3100.

Instructions: All submissions received must include the agency name and docket number for this Federal Register document. The general policy for comments and other submissions from members of the public is to make these submissions available for public viewing on the Internet at as they are received without change, including any personal identifiers or contact information.

Start Further Info


Mr. Thomas Rathgeb, Deputy General Counsel—Litigation, FOIA and Privacy Act, Office of the General Counsel, Defense Commissary Agency, 1300 E. Avenue Fort Lee, VA 23801-1800; telephone (804) 734-8000, extension 48116.

End Further Info End Preamble Start Supplemental Information


The Defense Commissary Agency notices for systems of records subject to the Privacy Act of 1974 (5 U.S.C. 552a), as amended, have been published in the Federal Register and are available from the address in FOR FURTHER INFORMATION CONTACT or from the Defense Privacy and Civil Liberties Division Web site at​. The proposed system report, as required by 5 U.S.C. 552a(r) of the Privacy Act of 1974, as amended, was submitted on December 17, 2014, to the House Committee on Oversight and Government Reform, the Senate Committee on Governmental Affairs, and the Office of Management and Budget (OMB) pursuant to paragraph 4c of Appendix I to OMB Circular No. A-130, “Federal Agency Responsibilities for Maintaining Records About Individuals,” dated February 8, 1996 (February 20, 1996, 61 FR 6427).

Start Signature

Dated: December 31, 2014.

Aaron Siegel,

Alternate OSD Federal Register Liaison Officer, Department of Defense.

End Signature


System name:

Commissary Retail Sales Transaction Data (May 24, 2013, 78 FR 31528).


* * * * *

Categories of records in the system:

Delete entry and replace with “Individual's name; address(es); zip code; ship-to address(es); email address(es); telephone number(s); date of birth; Social Security Number (SSN); Department of Defense Identification Number (DoD ID Number), and ID card bar code value; internet and mobile ordering web login username and password; financial transaction information; store, point-of-sale terminal number, date of transaction, transaction number, merchandise purchased, universal product codes (UPCs), global trade item numbers (GTINs), quantity, unit price, total purchase, on-line orders; method of payment information; account/card holder name, check number, financial institution routing number, financial institution bank account number, Magnetic Ink Character Recognition Start Printed Page 498Number (MICR), credit and debit/ATM card number, expiration date, Card Verification Value 2 (CVV2), Card Validation Code (CVC), or Card Identifier (CID); smart card and other chip-based card payment information; issuer, card holder name, bank, credit or debit account and account limits; electronic benefit transfer card (Women, Infants and Children Program (WIC) and Supplemental Nutritional Assistance Program (SNAP)) information; issuer, account/card holder name, account number, purchases and refunds, account balance; prepaid/preloaded/stored value card information; issuer, account number, account limits, and account balance; gift card/certificate information; gift card/certificate number, amount, limits, and balance; coupon information; brand, product, and value; loyalty card, rewards card, points card, advantage card or club card information; card holder name, card number, digital coupons available, buying preferences, and demographic data concerning the patron; other similar methods of payment information initiated by mobile device applications; Near Field Communications (NFC).

Commissary Patron Demographic Information: age, military status (active, reserve, retired, civilian, officer, enlisted, family member, survivor, foreign), military rank, branch of service, household size, distance from nearest commissary, frequency of grocery shopping trips, gender, ethnicity, race, marital status, education level, household information (sponsor, dependent, spouse, child), and income range; shopper preference information; preferred brand names, price, quality, size, availability of discounts, promotions or coupons; and commissary patron profile information; social media (e.g. Facebook, Twitter, Flickr, YouTube) username; compilation of commissary patron comments, inquiries, complaints, and feedback concerning commissary merchandise and the patron's commissary shopping experience posted by the commissary patron in the social media environment; and the commissary patron's publically viewable social media profile information.”

* * * * *

Retention and disposal:

Delete entry and replace with “Records of commissary retail transactions are maintained for 6 years and 3 months. Records of demographic information, shopper preferences and customer profiles are maintained for 3 years. Paper records containing Personally Identifiable Information (PII) are shredded to a level where the information cannot be reconstructed. Paper records not containing PII are recycled. Electronic records, including metadata, are permanently deleted by Records Managers with administrator privileges from applicable information systems upon verification of disposal status.”

* * * * *
End Supplemental Information

[FR Doc. 2014-30961 Filed 1-5-15; 8:45 am]