Draft System of Records Notice

System name:

Exchange Retail Sales Transaction Data.

System location:

Headquarters, Army and Air Force Exchange Service, 3911 S. Walton Walker Boulevard, Dallas, TX 75236-1598; Exchange Regions and Area Exchanges at posts, bases, and satellites worldwide. Official mailing addresses are published as an appendix to the Army's compilation of systems of records notices.

Categories of individuals covered by the system:

Customers or potential customers of the Army and Air Force Exchange Service.

Categories of records in the system:

individual’s name; address(es); zip code, ship-to address(es); telephone number(s); date of birth; social security number; Department of Defense Identification Number (DoD ID Number), and ID card bar code value; internet and mobile ordering web login username and password; financial transaction information; store and point-of-sale terminal number, date of transaction, transaction number, merchandise purchased, universal product codes (UPCs), global trade item numbers (GTINs) quantity, unit price, total purchase, on-line orders, name and address of recipient of order, description and price of item ordered, method of shipment, amount of order/refund, returned check identifier, claim data for returns/damages to shipments, and similar relevant data; method of payment information; account/card holder name, check number, financial institution information, e.g. routing number, bank account number, Magnetic Ink Character Recognition Number (MICR), Credit and Debit/ATM card number, expiration date, Card Verification Value 2 (CVV2), Card Validation Code (CVC), or Card Identifier (CID); smart card and other chip-based card payment information; issuer, card holder name, bank, credit or debit accounts and account limits; other similar methods of payment information initiated by mobile device applications; electronic benefit transfer card (Women, Infants and Children Programs (WIC) and Supplemental Nutritional Assistance Program (SNAP) information; issuer, account/card holder name, account number, purchases and refunds, account balance; prepaid/preloaded/stored value card information; issuer, account number, account limits, and account balance; gift card/certificate information; gift card/certificate number, amount, limits, and balance; coupon information; brand, product and value; loyalty card, rewards card, points card, advantage card or club card information; card holder name, card number, digital coupons available, buying preferences, and demographic data concerning the patron; Near Field Communications (NFC); Exchange patron demographic information, age, military status (active, reserve, retired, civilian, officer, enlisted, family member, survivor, foreign, etc.), military rank, branch of service, household size and income, distance from nearest Exchange, frequency of shopping trips, income range; shopper preference information; preferred brand names; price, quality, size; availability of discounts, promotions or coupons; and Exchange profile information; social media (e.g. Facebook, Twitter, Flickr, YouTube) username; compilation of Exchange patron comments, inquiries, complaints, and feedback concerning Exchange merchandise and the patron’s Exchange shopping experience posted by the Exchange patron in the social media environment; and the Exchange patron’s publically viewable social media profile information.

Authority for the maintenance of the system:

10 U.S.C. 3013, Secretary of the Army; 10 U.S.C. 8013, Secretary of the Air Force; 10 U.S.C. 2481, Defense Commissary and Exchange Systems: Existence and Purpose; and Army Regulation 215-8/Air Force Instruction 34-211(I), Army and Air Force Exchange Service Operations; and E.O. 9397 (SSN), as amended.

Purpose(s):

To enable the Army and Air Force Exchange Service to carry out its mission to enhance the quality of life for authorized patrons, to include members of the uniformed services, retired members, and dependents of such members; and to support military readiness, recruitment and C, by providing a world-wide system of Exchanges with merchandise and household goods similar to commercial stores and services.

To authenticate authorized patrons, record purchases and purchases prices, account for and deduct coupons and other promotional discounts, calculate the total amount owed by the customer, and accept payment by various media, such as cash, credit card, debit/ATM card, smart card and other chip-based cards, electronic benefits transfer payments, prepaid/preloaded and stored value cards, gift cards/certificates, and other similar methods of payments initiated through mobile device applications.

To locate order information to reply to customer inquiries, complaints; to create labels for shipment to proper location; to refund customer remittances or to collect monies due; to provide claim and postal authorities with confirmation/ certification of shipment for customer claims for damage or lost shipments.

To record customer transactions/payment for layaway and special orders; to determine payment status before finalizing transactions; to identify account delinquencies and prepare customer reminder notices; to mail refunds on canceled layaway or special orders; to process purchase refunds; to document receipt from customer of merchandise subsequently returned to vendors for repair or replacement, shipping/delivery information, and initiate follow up actions; to monitor individual customer refunds; to perform market basket analysis; to improve efficiency of marketing system(s); and, to help detect and prevent criminal activity, and identify potential abuse of exchange privileges.

To collect debts due the United States in the event a patron’s medium of payment is declined or returned unpaid.

To monitor of purchases of restricted items outside the United States, its territories and possessions, as necessary to prevent black marketing in violation of treaties or agreements, and to comply with age restrictions applicable to certain purchases by minors or those under allowable ages.

To create, maintain and enhance system and mobile device shopping capability allowing authorized patrons to order Exchange retail products online through their home computer, mobile device or other method through which the patron can access the internet, and to pay for such purchases electronically either at the time of ordering or at the time of pick up.

To create Exchange patron profiles for the purposes of determining aggregate patron demographic data (age, military status, household size, income group, and distance to the nearest Exchange, etc.), patron shopping preference information (preferred brand names, price, quality, size, availability of discounts, promotions, coupons, and enabling the compilation of individual patron comments, inquiries, complaints, requests, and feedback posted to social media pages, for use in responding to individual patron inquiries, assessing aggregate patron satisfaction with the delivery of the Exchange benefit, and in determining the appropriate product availability meeting the Exchange customers’ current and future needs and wants, to aid the Exchange management in determining needs of customers and action required to settle customer complaints and to notify potential customers who voluntarily provide their e-mail address and other personal information to receive information about special events, sales, and other information about shopping at the Exchange, and to improve the efficiency and effectiveness of the Exchange’s marketing programs.

Routine uses of records maintained in the system, including categories of users and the purposes of such uses:

In addition to those disclosures generally permitted under 5 U.S.C. 552a(b) of the Privacy Act of 1974, as amended, these records or information contained therein may specifically be disclosed outside the DoD as a routine use pursuant to 5 U.S.C. 552a(b)(3) as follows:

The DoD 'Blanket Routine Uses' set forth at the beginning of the Army's compilation of systems of records notices apply to this system.

To a contractor to validate potential patrons’ authorization, and to verify and update/supplement customer information for authorized patrons, for the purpose of communicating to them their Exchange benefits and improving the efficiency and effectiveness of the Exchange’s programs.

To an incentive (such as loyalty card, rewards card, points card, advantage card or club card or digital coupon program, etc.) contractor which will use the information to verify an Exchange patron’s enrollment in the incentive program, and to provide the incentive (discounts, digital coupons, rebates, etc.) to the customer for application towards purchases or customer’s account. To the on-line ordering fulfillment contractor to allow for the confirmation by e-mail of orders received, fulfilled and closed.

Disclosures pursuant to 5 U.S.C. 552a (b)(12) may be made from this system to “consumer reporting agencies” as defined in the Fair Credit Reporting Act (15 U.S.C. 1681a(f)) or the Federal Claims Collection Act of 1966 (31 U.S.C. 3701(a)(3)). The purpose of this disclosure is to aid in the collection of outstanding debts owed to the Federal government, typically to provide an incentive for debtors to repay delinquent Federal government debts by making these debts part of their credit records. The disclosure is limited to information necessary to establish the identity of the individual, including name, address, and SSN, DoD ID Number, DoD barcode value, credit card or debit/ATM card number, the amount, status, and history of the claim; and the agency or program under which the claim arose for the sole purpose of allowing the consumer reporting agency to prepare a commercial credit report.

Policies and practices for storing, retrieving, accessing, retaining, and disposing of records in the system:

Storage:

Paper records in file folders and on electronic storage media.

Retrievability:

By individual’s name, store, point-of-sale terminal number, transaction date, order date, merchandise purchased, transaction number, customer order information, social security number, or insurance number assigned to shipment, military card identification number, DoD ID Number, financial institution account number, MilStar account number, Magnetic Ink Character Recognition Number (MICR); incentive account number (such as loyalty, rewards, points, advantage club, digital coupon card number, rebate program, etc.)credit or debit/ATM card number; military status, military rank, family size, income group, shopping preferences, and any other customer information or combinations thereof, such as customer name, customer name and zip code, e-mail address or phone number.

Safeguards:

Records are maintained in a controlled facility. Physical entry is restricted by the use of locks, guards, and is accessible only to authorized personnel. Access to records is limited to person(s) with an official “need to know” who are responsible for servicing the record in performance of their official duties. Persons are properly screened and cleared for access. Access to computerized data is role-based and further restricted by passwords, which are changed periodically. Credit card information is also subject to the Data Security Standards (DSS) promulgated by the Payment Card Industry (PCI) Security Council.

Retention and disposal:

Information on shipments is maintained in computer files for 180 days following completion of shipment. Microfilm and microfiche are retained for 2 years for postal claim purposes; destroyed after 6 years.

Cancelled or completed layaway tickets are held for 6 months after cancellation or delivery of merchandise; purchase orders are retained for 2 years; transaction records are retained for 2 years; refund vouchers are retained for 6 years; returned merchandise slips are retained for 6 years; cash receipt vouchers are retained for 3 years; repair/replacement order slips are held 2 years. All records are destroyed by shredding, all electronic records are destroyed by erasing/reformatting the media.

Paper records for customer comments, solicitations and complaints are destroyed by shredding after 3 years. Electronic surveys and customer comments are destroyed three years after receipt. Customer records are kept continuously until obsolete or superseded, at which point paper records are shredded, and electronic records are destroyed by erasing/reformatting the media.

System manager(s) and address:

Director/ Chief Executive Officer, Army and Air Force Exchange Service, 3911 S. Walton Walker Boulevard, Dallas, TX 75236-1598, and local managers at Exchanges worldwide.

Notification procedure:

Individuals seeking to determine whether information about themselves is contained in this system should address written inquiries to the Director/ Chief Executive Officer, Army and Air Force Exchange Service, 3911 S. Walton Walker Boulevard, Dallas, TX 75236-1598.

Individuals should provide their full name, current address and telephone number, case number that appeared on correspondence received from the Exchange if applicable, and signature.

In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States:

‘I declare (or certify, verify, or state) under penalty of perjury under the laws of the United State of America that the foregoing is true and correct. Executed on (date). (Signature)’.

If executed within the United States, its territories, possessions, or commonwealths: ‘I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature)’.

Record access procedures:

Individuals seeking access to information about themselves contained in this system should address written inquiries to the Director/ Chief Executive Officer, Army and Air Force Exchange Service, Attention: FOIA/Privacy Manager, Teresa Schreurs, 3911 S. Walton Walker Boulevard, Dallas, TX 75236-1598.

Individuals should provide their full name, current address and telephone number, case number that appeared on correspondence received from the Exchange if applicable, and signature.

In addition, the requester must provide a notarized statement or an unsworn declaration made in accordance with 28 U.S.C. 1746, in the following format:

If executed outside the United States:

‘I declare (or certify, verify, or state) under penalty of perjury under the laws of the United State of America that the foregoing is true and correct. Executed on (date). (Signature)’.

If executed within the United States, its territories, possessions, or commonwealths: ‘I declare (or certify, verify, or state) under penalty of perjury that the foregoing is true and correct. Executed on (date). (Signature)’.

Contesting record procedures:

The Army’s rules for accessing records and for contesting contents and appealing initial agency determinations are contained in Army Regulation 340-21; 32 CFR part 505; or may be obtained from the system manager.

Record source categories:

From the individual, other DoD Systems of Records and/or contractor/vendor.

Exemptions claimed for the system:

None.