Last Updated: August 30, 2018

DeCA is committed to protecting your privacy. This Privacy Policy (“Privacy Policy”) explains how we collect, use, share and protect your personal information.

This Privacy Policy governs the collection and use of your personal information by DeCA on the web site, MyCommissary, any other web site hosted by DeCA and any application, product or service made available by DeCA on behalf of itself or its customers, including its grocery retailer and consumer packaged goods clients (collectively, the “Services”). If you do not agree with any provision of this Privacy Policy, you should immediately discontinue use of the Services.

When you use the Services you may also be subject to the privacy policies of our customers or third party service providers with respect to their use and collection of your personal information.

Information we collect

We collect (i) information provided by you when you register on MyCommissary such as your name, email address, date of birth, last 4 digits of social security number (see Privacy Act Statement below), mailing address and telephone number; (ii) information we obtain from your use of our Services such as server log information (e.g., your queries, phone number and internet protocol address), device-specific information (e.g., your hardware model, operating system version, unique device identifiers and mobile network information including phone number), and physical location information collected from GPS location data and mobile wireless access points; (iii) information we collect during your grocery shopping sessions such as shopping list contents and ecommerce purchases; (iv) information provided by you when you participate in any promotions or contests offered by us or one of our affiliates; (v) information provided by you when offering feedback or completing profile forms; and (vi)  loyalty card purchase information provided to us by our retailer clients.

Privacy Act Statement

Principal Purposes: To determine if an individual is authorized commissary privileges in accordance with DoD Directive 1330.17, Military Commissaries, and DoD 1330.17-R, Armed Services Commissary Regulations (ASCR).

Authority: The DoD Identification (DoD ID) number is a primary means of identifying individuals’ eligibility to use this service through the DEERS system. Please reference the DEERS System of Records Notice (SORN) DMDC-02-DoD. This SORN includes the DoD ID as a category of record in the system and has a stated purpose, “to provide a database for determining the eligibility to DoD entitlements and privileges…” Among the various authorities authorizing the collection of personally identifiable information cited in this DEERS SORN is 10 U.S.C. Chapter 54, Commissary and Exchange Benefits.

Mandatory or Voluntary: Voluntary. However, if you fail to provide the requested information, DEERS will not be able to verify your identity. If your identity is not verified, you will be unable to gain access to the website.

How we use information we collect

We will use your information to provide, maintain and improve our Services, to develop new Services and to protect DeCA and its users.  We also use your information to personalize our Services for you such as delivering more relevant search results and targeted ads.  We will also use your contact details to communicate with you on occasion, and we may use your information to send you offers and news. We may combine personal information from one Service with information, including personal information, from other DeCA Services.  For example, when you download our mobile applications, DeCA obtains your consent to use information for pinpointing technology such as GPS and cell tower information.  DeCA may use and store this information, in combination with other location-based information such as your IP address, billing postal code provided by your carrier or registration location, to provide enhanced location based services, serve location-targeted advertising, search results or other content. In addition, we may share your personally identifiable information with third party vendors that support our Services (e.g., email services or customer support tool provider) or our retailer partners’ services.

Information we Share

Legal Disclaimer

We reserve the right to disclose your personally identifiable information as required by law and when we believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud or security incidents, situations involving potential threats to the physical safety of any person, violations of these Terms of Use, or as otherwise required by law.

Other web sites

Our web site may contain links to other web sites which are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided within the Services, the operators of these sites may collect information from you which will be used by them in accordance with their privacy policy, which may differ from ours.

Notice regarding children’s privacy (Users under the Age of 13)

In response to concerns about protecting children’s privacy online, Congress enacted the Children’s Online Privacy Protection Act of 1998 (“COPPA”), which sets forth rules and procedures governing the ways in which websites may collect, use and disclose any personal information for children under the age of 13.  In accordance with COPPA regulations, we do not (1) request or knowingly collect personally identifiable information online or offline contact information from users under 13 years of age; or (2) knowingly use or share personal information from users under 13 years of age with third parties.

It is possible that by fraud or deception we may receive information given to us or pertaining to children under 13.  If we are notified of this, as soon as we verify the information, we will immediately delete the information from our servers.

Questions regarding children’s privacy should be directed to us at the contact information provided below.


We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.  No method of transmission over the Internet, or method of electronic storage, is 100% secure, however.  Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.


We may update our Privacy Policy from time to time. When we make these updates, we will change the “last updated” date listed at the top of this Policy.  If we make material changes to this policy, we will provide a prominent notice here and/or for certain Services, email notification of changes to this Privacy Policy.

Contacting us

For any questions or concerns you may have regarding this Privacy Policy and our information and data collection and use practices, please contact us at:
Defense Commissary Agency
ATTN: Privacy Officer
1300 E Avenue
Fort Lee, Virginia 23801-1800


Requests should contain: individual’s name and address, telephone, email address, SSN, DoD ID Number, and DoD ID Bar Code value.


Defense Commissary Agency Cookie Acknowledgement

Our website uses both persistent and session cookies:

    • Persistent cookies are used to allow the website to recognize users when they return to the site and to remember certain information about their preferences. These cookies are cookies which stay on your computer permanently, until you “manually” delete them.
    • Session cookies are used in order to allow customers to carry information across pages of the website, without having to re-enter such information. These cookies delete themselves automatically when you leave a website and go to another. Or when you shut down your browser.

A cookie is a small file and holds a certain amount of data, which our website can send to your browser. It may then be stored on your computer’s hard drive and can be accessed by our web server. This cookie data can then be retrieved and can allow us to customize our web pages and services accordingly. It is important to clarify that cookies do not collect any personal data stored on your hard drive or computer. To find out more about cookies, visit The Defense Commissary Agency’s MyCommissary website uses cookies to simplify the logging on process for registered users, and to help ensure the security and authenticity of registered users using your user name. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file. You may disable cookies by following directions provided at: If you choose not to accept these cookies, you will not be able to use the Defense Commissary Agency MyCommissary functionality.