The Royal Canadian Mint and Privacy
The Royal Canadian Mint (the "Mint") is an institution of the Government of Canada and its dealings with personal information are governed by the federal Privacy Act and by related policies, directives, standards and guidelines produced by Treasury Board of Canada Secretariat. All personal information controlled by the Mint is protected under the Privacy Act.
At the Mint, we are committed to protecting the privacy of our visitors to this website (www.mint.ca). This Website Privacy Notice ("Notice") explains how we will collect, use, retain, disclose, dispose of and secure personal information about website visitors. It also explains the purposes for which personal information is collected from our visitors and how they can exercise their right of access to that information.
Subsection 4(1) of the Royal Canadian Mint Act constitutes the general authority for the conduct of the Mint's operations, including the collection of personal information from visitors to the website. Pursuant to the terms of the Privacy Act, you have a right to access, and where appropriate to correct, any of your personal information that is under the Mint's control.
How We Collect and Use your Personal Information
We collect your personal information through this website when you visit any of its pages, open or update your mint.ca account, purchase our products, enter our contests, subscribe to our electronic newsletters/alerts, provide us with a product review, respond to our surveys or direct enquiries to us.
The personal information that we collect directly includes:
- Your Internet Protocol ("IP") address;
- Your user ID and passwords: To provide you with access to your mint.ca account and user profile;
- Your mint.ca account information: Includes your name, email address, mailing or business address, telephone number, account number, user name and password, and payment details. This information tells us who you are, how to contact you, where to ship your purchases and how you will pay for them. Your account information also contains other personal information that you have provided to us, such as your language of choice and gender;
- Your feedback: Consists of insights that you have provided on how we may improve our products and services to meet your needs;
- Your email correspondence through this website: Used to respond to your enquiries of all kinds. With your permission and otherwise in accordance with Canada's anti-spam legislation, this information may also be used to communicate with you about the Mint and our products and services; and
- Your transaction data: Shows us which products and services you have purchased or requested and the manner in which you paid for them.
Indirect Collection by our Agents
To help prevent fraud and identity theft, we use a third party service provider to validate the identity of site visitors wishing to make purchases through a limited online authentication process.
ForeSee Results Inc. collects customer satisfaction data on behalf of the Mint through random online customer satisfaction surveys directed to approximately one in ten site visitors. This information is used to compile reports for the Mint on customer satisfaction and is treated in a confidential manner.
Limited personal information may be collected on the Mint's behalf from site visitors via product review functionality on mint.ca screens maintained by PowerReviews Inc.
Use of Personal Information
Statistical Analysis and Program Evaluation
Any personal information obtained from emails or completed feedback or survey forms may be used to produce statistical reports as well as for program evaluation purposes and is included in the Standard Personal Information Bank PSU 914 (Public Communications).
We use the services of Google Inc. ("Google") for a variety of web advertising-related purposes, some of which may involve sharing your personal information with Google:
- We use the Google AdWords "Customer Match" service to advertise our products to some mint.ca customers when they are signed in to Google Search, YouTube, or Gmail. In order for Customer Match to function, we provide Google with a list of email addresses of those mint.ca customers who we would like to receive our product information. That list is matched against Google's own records to identify individuals that have customer relationships with both companies. These individuals receive our advertising, subject to the terms of Google's Customer Match policy. Email addresses shared by the Mint with Google are only used by Google for the purposes of the Customer Match, are retained by Google in a secure manner throughout the matching process, and are deleted within seven days of the completion of the matching process and Google's related policy compliance checking. You can opt out of personalized ads in your Ads Settings. Your opt-out will apply across both Google ads services and the 2+ million websites and apps that partner with Google to show ads. Additional information regarding the opt-out process is available from Google.
- We produce advertisements that are linked to Google keywords. If the search terms that you type in Google match our keywords, our ad may appear above or next to the displayed search results. This form of advertising does not involve any sharing of Mint-derived personal information with Google.
We use Facebook, Inc.'s cloud-based Custom Audiences service target ads to Facebook users by uploading customized lists of visitor emails or telephone numbers derived from our website (or Mint App users) to Facebook. We upload "hashed" data (the original characters in the email addresses or telephone numbers have been transformed into a usually shorter fixed-length value or key that represents the original string of characters) to Facebook and it matches that data against hashed data that it has produced from its own data holdings. Hashed data is used because it is a form of encryption that helps to protect the personal information being transmitted. The matches are added to Custom Audience and Mint-related ads are delivered to those individuals the next time that they use Facebook. Thereafter, the matched and unmatched hashes are deleted by Facebook. Individuals that wish to limit the Facebook advertisements directed to them can adjust their Facebook ad preferences.
We use Twitter's Tailored Audiences service to target ads to Twitter users by:
- uploading a file containing a list(s) of email addresses, mobile phone numbers, Twitter IDs (user IDs or usernames), or mobile advertising IDs of our existing users/ customers to Twitter in order to have them matched against a file provided by Twitter that lists individuals who are active on Twitter, in order to target the matched individuals. To enhance user privacy, lists submitted for matching must include enough entries to result in at least 500 matches;
- employing a website "tag" to place a "cookie" on the browser of each individual that visits this website. The unique ID of that cookie is recorded so that it can be included in the audience for remarketing on Twitter. As our users visit tag-containing web pages, Twitter conducts a match to determine whether the user is also a Twitter user. The targetable audience that is made available to advertisers in their Twitter Ads account is the subset of visitors who both visited the tag-containing web page and are Twitter users; and
- tracking audiences that use the Mint App to participate in mobile app events, and targeting ads to some or all of those users.
Twitter users who do not wish to receive our Twitter-generated advertisements while online can simply uncheck the box next to "Promoted content" in their Twitter privacy settings. Additionally, because Twitter supports "Do Not Track" (DNT), Twitter does not match browser-related information to accounts of online users who have DNT enabled to tailor ads for them. On mobile, Twitter also supports "Limit Ad Tracking" (iOS) and "Opt out of interest-based ads" (Android). For devices with either of these settings enabled, Twitter will not tailor ads by matching those devices to app information from ad partners such as the Mint.
If you provide your email address on any online Mint subscription, registration or contest form, and you have made a purchase within the last 24 months, your name will be added to our mailing list and we will, from time to time, use your email address or regular mailing address to send you information on our products.
Please notify the Mint at any time by return email, regular mail or telephone if you wish to be removed from our mailing list. If you use the "Unsubscribe" function included in every email, your email address will be removed from the Mint's database as soon as possible, but no later than 10 business days after receipt of your direction. We may also invite you to tell us your reasons for termination, so that we can better understand how our products might be improved. Choosing to unsubscribe from the Mint's customer mailing list will not affect other email communications that you may receive from the Mint. For example, if you have subscribed to another Mint newsletter, you would need to unsubscribe directly from those emails if you no longer wish to receive them.
The Mint does not knowingly solicit or collect personal information, via this website, from children under the age of thirteen (13).
Third Party Social Media
The Mint's use of social media serves as an extension of our presence on the Web. Social media accounts are public and are not hosted on our servers. Users who choose to interact with us via social media should read the terms of service and privacy policies of these third-party service providers and those of any applications used to access them. The Mint uses Facebook, Twitter, YouTube, Google+ and Pinterest.
Internet Protocol (IP) Address
The IP address is used to connect your computer to the Internet. The Mint uses software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage, to or on this website. This software receives and records the IP address of each computer that contacts this website, the date and time of the visit and the pages visited. We make no attempt to link these addresses with the identities of individuals visiting this site unless an attempt to damage the site has been detected. The aforementioned information may be shared with appropriate law enforcement authorities if suspected criminal activities are detected. This information is included in Personal Information Bank PSU 939 (Security Incidents and Privacy Breaches). Such information may be used to report and investigate security incidents and to ensure that vulnerabilities are identified and the risk of future occurrences reduced.
Web analytics is the collection, analysis, measurement, and reporting of data about Web traffic and visits for purposes of understanding and optimizing web usage. Information in digital markers may be used for the purpose of web analytics to remember your online interactions with our website. For instance, when your computer requests a page on our website, we collect the following types of information for Web analytics purposes:
- the originating IP address;
- the date and time of the request;
- the type of browser used; and
- the page(s) visited
We use Adobe Analytics and the information collected is disclosed to Adobe Systems Incorporated ("Adobe"), an external third party service provider. Your IP address is anonymized prior to being stored on Adobe's servers in order to help safeguard your privacy. As data collected for Web analytics purposes may go outside of Canada to Adobe's servers in the United States of America, it may become subject to the governing legislation of that country, including the USA Patriot Act.
Any personal information used on the Mint's behalf for the purpose of Web analytics may be used for communications and information technology statistical purposes, audit, evaluation, research, planning and reporting. Personal information collected in relation to Web analytics is not used by the Mint to profile identifiable individuals or in decision making processes that directly affect individuals. For more information on how your privacy is safeguarded in relation to web analytics, see the Standard on Privacy and Web Analytics.
On-line Orders, Payment and Shipment
When you place an order with the Mint, some of your personal information is collected and stored on our servers. You will choose a password, which we will use to protect your account's privacy. Should you forget your password, just follow the prompt to receive a new one. During the check-out process, we will collect payment information, your billing and shipping addresses and information on the products you wish to purchase. We will also ask for your telephone number and email address so that we can contact you should there be a problem with your credit card or order.
When making online payments by credit cards for any Mint products offered online, we use the services of third parties to process online credit-card authorizations and payments on our behalf. Personal information pertaining to your purchases and means of payment may be used to compose a list of purchasers of coins for future solicitation through a direct mail campaign and is included in Personal Information Bank RCM PPU 015 (Order Fulfillment Processing).
As well, we may share elements of your personal information with a third party shipper. In such a case, we will share only your name and shipping address with the shipper in order to ensure the accurate delivery of your order. We select our service providers very carefully and insist that they have privacy and security standards that meet our strict requirements. Shippers are prohibited from using your personal information for any purpose other than to ship your product to you, and they may not share or resell this data.
With respect to customer purchases, we share limited personal information relating to sales completed in the United States with service providers that calculate sales taxes owing and facilitate our processing of transactions that are tax exempt.
Disclosure, Retention and Disposal of Your Personal Information
Personal information collected by the Mint for website security purposes may be disclosed to appropriate law enforcement authorities if suspected criminal activities are detected.
Limited customer personal Information relating to sales taxes incurred will be disclosed to relevant taxation authorities upon request in accordance with applicable law.
Any personal information collected by the Mint in relation to Web analytics will be retained for a limited period and then disposed of in a secure fashion. We will retain all other personal information collected via the www.mint.ca website for a somewhat longer period on our servers. When the retention period for a record containing personal information has expired, we will dispose of it in a secure and permanent manner that accords with the requirements of applicable legislation and policy.
Updating Your Account Information
By logging in at www.mint.ca with your password you will be able to review or modify your account information at any time. We can also do this on your behalf if you contact the Mint's Customer Support Centre at:
- 1-800-267-1871 (Canada)
- 1-800-268-6468 (US)
- 613-954-2626 (International)
Our agent will ask for information from you to confirm your identity before modifying any account information.
The security of your personal information is a high priority for the Mint. We use industry best practices to protect and maintain the security of our systems and your personal information.
The payment mechanism for processing purchases on the mint.ca website is secured using industry standard technology. However, please note that emails and other electronic methods used to communicate with this website may not be secure unless they are specifically stated to be by the Mint. Therefore, we recommend that you do not send sensitive personal information, such as your date of birth or payment information, through non-secure electronic means.
Encryption is a way of "scrambling" electronic information for transmission. We use Secure Socket Layer (SSL) 128-bit encryption to protect your personal information during data transport.
McAfee Secure Certification Seal
We use the services of McAfee Secure to perform daily, intensive security scans, and the result is displayed within the McAfee Secure logo on our website to help you shop will full confidence.
This website, www.mint.ca, contains links to other websites. While the Mint takes measures to ensure that the links on our website are to reputable and well-established companies, we are not responsible for the privacy practices of other organizations. We encourage you to read and become familiar with the privacy policies of those websites before you volunteer any personal information.
Modifications to this Website Privacy Notice
The Mint reserves the right to change this Notice at any time, without notice or liability to you or any other person, by posting a revised version on this website. Our collection, use and disclosure of your personal information will be governed by the version of the Notice that is posted and in effect at that time. We recommend that you visit our site to periodically review this Notice.
Right of Access and Right to Request Correction of Your Personal Information
In accordance with the Privacy Act, you have the right to request access to all the personal information that the Mint keeps about you as well as the right to request the correction of that personal information if it contains errors. You can do so by completing the Personal Information Request Form (Personal Information Request Form (TBC/CTC 350-58)) and sending it to:
Royal Canadian Mint
Access to Information and Privacy Coordinator
320 Sussex Drive
Ottawa, Ontario K1A 0G8
The Mint has 30 days to respond in writing to your request, subject to a time extension in certain specific circumstances, and there are no fees for requesting access to your personal information. The Privacy Act establishes a complaint mechanism whereby individuals can ask the Office of the Privacy Commissioner of Canada ("OPCC") to investigate any concerns that they may have regarding alleged non-compliance by a federal government institution with any of the provisions of that Act. Should you wish to avail yourself of this right, you may contact the OPCC at the following address:
Office of the Privacy Commissioner of Canada
30 Victoria Street
Gatineau, Quebec K1A 1H3
Telephone: 1-800-282-1376 (toll free)
Facsimile: (819) 994-5424
Do You Have Any Questions?
We invite you to contact us with any questions that you may have related to this Notice or regarding our privacy protection program by writing to us at the address indicated in the preceding section.