Skip to main content

CPSC Privacy and Security Notice

Copyright 

Providing the public with vital safety information over digital platforms is an essential part of the CPSC’s effort to carry out its mission. Web page text, brochures, and posters presented on CPSC websites are public information. You may freely distribute, copy, or link to any of this information. However, the information may not be used in a way that states or implies CPSC endorsement. If you distribute, copy or link to any of this information, please credit CPSC.

Images on this website may have been licensed for use by CPSC from a stock photography service or other copyright holder and the copyright holder may prohibit republication, retransmission, reproduction or other use of the images.

You may freely copy and distribute recall notices, including photographs of recalled items, without permission. Any other use of photographs found in recall notices and elsewhere on CPSC websites may require permission from a copyright holder.

Submit further questions about the use of specific images or other materials using this Contact Us form.

Information Collected and Stored Automatically

When you browse through our websites, we gather and temporarily store technical information about your visit. This information does not identify who you are unless you give us that information specifically.  This is explained further in the Personally Indentifiable Section of this policy. The information we collect includes:

  • The name of the domain you use to access the Internet (for example, aol.com, if you are using an American Online account, or college.edu, if you are connecting from a university’s domain);
  • The date and time of your visit;
  • The pages you visited;
  • The address of the website you came from when you came to visit;
  • The length of time of your visit;
  • The browser and operating system used in your visit.

We use this information to improve our website and provide a better user experience for our visitors. We use analytics tools including Google Analytics and Webtrends to collect and aggregate this information. This information is available only to web managers and other designated staff who require this information to perform their duties. It is retained only for as long as needed for proper analysis. The log files used to store this information are destroyed after three years. Neither CPSC nor Google ever have access to the specifics of your particular site visits. CPSC’s designated staff can only see the aggregate data from all users for a particular time period.

Web Measurement and Customization

We use web measurement and customization technologies, such as cookies, to help our website function better for visitors and to better understand how the public is using our website.

  • We use session cookies to gather data for technical purposes, such as generating aggregated statistics through analytics tools about how our websites are used. We also use session cookies in the following instances:

    The information collected from this cookie is a random, computer-generated number for use regarding session continuity and website troubleshooting and is captured in CPSC web logs, which are accessible only by CPSC Information Technology staff. The cookie does not contain any Personally Identifiable Information (PII). Session cookies are temporary text files that expire when you leave our website. When cookies expire, they are automatically deleted from your computer. Web logs containing information collected from the cookie are maintained for three years. Our use of session cookies is defined as "Tier 1" usage in accordance with the OMB Memorandum (M)-10-22 Guidance for Online Use of Web Measurement and Customization Technologies.  

    1. Online Form Submissions, including Section 15 reports, contact forms, Email subscription forms and query forms.
    2. SaferProducts.gov’s Online Reporting Form to identify that a registered user has logged onto the site and to note that an email has been sent to a registered user who saves the report for the first time to avoid the issuance of duplicate e-mails when a report is continually saved. 
    3. SaferProducts.gov’s Business Portal to identify which company a registered user would like to represent when the user is associated with more than one company.
    4. Slideshare Presentations may set a session cookie as a result of the embedded content. CPSC use of any possible information provided to us through this embedded content will be consistent with the stated usage of session cookies. If there is any more specific use that falls outside of the stated one on this page, that information will be listed directly alongside the embedded content.
  • We use multi-session cookies, a.k.a. persistent cookies for the following:
    1. To perform Web measurement and analytics on all CPSC websites: This allows us to differentiate between new and returning visitors to CPSC websites.
    2. On SaferProducts.gov to continue to display search results and Web pages based upon the search and settings selected by the user. Search result preferences will be retained for 30 days from the last time the user utilized the search functionality. Site settings are retained for 30 days from the last time the user accessed the site.
    3. Embedded Flickr® slideshows. CPSC use of any possible information provided to us through this embedded content will be consistent with the stated usage. If there is any more specific use that falls outside of the stated one on this page, that information will be listed directly alongside the embedded content.

Multi-session cookies are cookies that are stored over more than a single session on your computer. We do not use multi-session cookies to collect PII, and we do not share data collected from multi-session cookies. Our multi-session cookies are set to expire two years after your last visit to our website. After two years, they are automatically deleted from your computer. Our use of multi-session cookies is defined as "Tier 2" usage in accordance with the OMB Memorandum (M)-10-22 Guidance for Online Use of Web Measurement and Customization Technologies.   

Since disabling this web measurement technology requires modifying individual browser settings, it is enabled by default. You may opt-out of this technology by modifying your individual browser settings. Instructions for changing your settings are located at http://www.usa.gov/optout_instructions.shtml. Google also provides a browser plug-in that will allow you to opt-out of Google Analytics measurements, which you can find at http://tools.google.com/dlpage/gaoptout. Please note that opting-out in no way affects your access to content on any CPSC website.

Visiting CPSC Pages on Third-Party Websites

We maintain accounts on third-party websites, such as social media sites, as tools to better interact with the public. Your activity on those third-party websites is governed by the security and privacy policies of those sites. Users of third-party websites are often sharing information with the general public, user community, and/or the third-party operating the website. These actors may use this information in a variety of ways. You should review the privacy policies of third-party websites before using them and ensure that you understand how your information may be used. You should also adjust privacy settings on your account on any third-party website to match your preferences.

CPSC uses the following third-party websites:

As part of the services on these third-party sites, anonymous usage statistics that do not contain PII are made available to users to understand the amount of traffic and use of the content. Designated CPSC staff reviews this data to help improve our efforts on these websites.

Third-Party Applications on CPSC Websites

CPSC’s websites use some third-party applications to enhance visitor accessibility of information and to maintain website security. No PII will become available to the CPSC as a result of your use of any of these applications.

CPSC uses the following third-party applications on its websites:

  • Long-Tail Ad Solutions Inc’s JW Video Player (Privacy)
  • ClearSpring Technologies Inc.’s AddThis Sharing Tool (Privacy): Clearspring will have access to PII only if you explicitly provide it with this information, such as asking the company to send an e-mail on your behalf. In this instance, Clearspring will use the e-mail addresses to deliver that message. Clearspring will not share this information with anyone, including CPSC, and the information will be removed automatically from its site after a short period.
  • Yahoo’s® Flickr Embedded Slide Show (Privacy)
  • Slideshare Embedded Slide Show (Privacy)
  • Adobe Flash Player: This tool is in use on SaferProducts.gov to give an individual the option of uploading supporting documents or photos associated with a Report of Harm. If you upload a file that contains PII, that PII will become available to CPSC staff. Only authorized CPSC personnel will have access to this information and may utilize it in investigations and other legally-authorized agency activities. This PII will not be shared outside of the agency, unless you provide explicit consent to share your name and contact information with the manufacturer or private labeler that you identified in your Report. The CPSC’s secure Consumer Product Safety Risk Management System maintains this PII for an indefinite period of time.
  • CPSC Adventures of Splish & Splash Mobile App
    CPSC does not collect, utilize or store any data entered into the Adventures of Splish & Splash App. Any and all information entered into the App is stored on an individual’s personal device and not on CPSC’s website or server. As such, CPSC is not responsible for the loss or theft of that information.
  • Children's Privacy - Adventures of Splish & Splash Mobile App
    Certain areas of CPSC’s website or mobile app provide educational safety content for children, including those under the age of 13. CPSC is committed to complying with the Children’s Online Privacy Protection Act and does not use any portion of its website or any CPSC mobile app, including this app, to collect personal information from children under the age of 13 years old.

Links Policy

CPSC recognizes that an open Internet policy, with respect to the dissemination of information via its website, is an ideal way to deliver safety information to the widest possible audience.

In accomplishing its safety mission, CPSC also recognizes the importance of the global marketplace and, therefore, does not preclude links from international sites.

Links IN: Other Organizations' Links To CPSC's Website

CPSC welcomes links to any part of its websites from all who wish to do so. However, no link may present or display a product or activity in a way that states or implies CPSC endorsement.

Links OUT: CPSC's Links To Other Organizations

CPSC's websites have links to other government sites, business websites that are required to post recall information, CPSC pages on social media websites, and nongovernmental websites that support the agency’s mission and that do not contradict CPSC policies or regulations. CPSC will not consider requests to "out-link" to private, commercial or other non-government websites.

From time to time, CPSC may decide on its own, not based on any request, to out-link to a non-Federal website. This would be an agency decision made based on two criteria:

  • The link would clearly support the agency's mission of preventing deaths and injuries from consumer products and
  • It is clearly determined that the link would not contain information that contradicts CPSC policies or regulations.

CPSC does not control links to other government or business websites or their privacy policies and cannot attest to the accuracy of the information they contain. You may wish to review the privacy policies of any external sites linked to via the CPSC site as their information collection practices may differ from ours. Linking to external sites does not constitute an endorsement of the sites or the information they contain by CPSC or any of its employees.

Such a link may be short- or long-term, at the discretion of the Commission.

 

Privacy Policy

We will not collect personal information about any visitor to this site unless it is voluntarily given to us.

 

Legal

All materials on the site are presented by the CPSC for general informational purposes only. These materials do not, and are not intended to, constitute legal advice.

 

Privacy Impact Assessments

CPSC is responsible for ensuring the privacy and confidentiality of the information it collects on members of the public, business partners, and its own employees. These people have a right to expect CPSC will collect, maintain, use and disseminate identifiable personal information only as authorized by law and as necessary to carry out agency responsibilities.

Privacy Impact Assessments (PIAs) are performed on computer systems and applications to evaluate any risks these systems may pose to personally identifiable information.

 

Personally Identifiable Information

We do not attempt to identify individual users of the website. If you identify yourself by sending an e-mail to CPSC, filling out a form on a CPSC website or submitting a comment to CPSC, any personal information that you provide is used only to respond to your message. It will not be disclosed outside of the agency without explicit permission.

If you join one of the CPSC's email subscription lists, your email address will be used for that purpose only and will not be disclosed outside of the agency. If you submit a report of harm through SaferProducts.gov, via the CPSC Hotline, or by fax or postal mail, the report will be processed and placed on SaferProducts.gov if it meets the minimum requirements for publication. Your name and contact information will never appear on SaferProducts.gov. You will be given the option of allowing CPSC to provide your name and contact information to the manufacturer or private labeler that you identified in your report. By law, we can provide this information to the manufacturer only if you give us written permission to do so.

Personally Identifiable Information (PII) Privacy Notice

The following privacy notice describes how the U.S. Consumer Product Safety Commission (CPSC) may use and disclose your Personally Identifiable Information (PII), for its business purposes.

Definition of Personally Identifiable Information (PII)

Personally Identifiable Information (PII) is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individuals’ identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

Obligations and Activities of CPSC

CPSC shall:

  1. Not use or disclose PII other than as permitted or required by law; except as otherwise limited, CPSC may use or disclose PII to perform functions, activities, or services for, or on behalf of the covered entity, provided that each use or disclosure would not violate an individual’s privacy rights. CPSC must obtain reasonable assurances from any person to whom the information is disclosed that it will remain confidential and used or further disclosed only as required by law or for the purpose for which it was disclosed to the person. The individual will notify CPSC of any instances of which it is aware in which the confidentiality of the information has been breached.
  2. Use appropriate safeguards to prevent use or disclosure of PII other than as permitted or required by law. CPSC must implement administrative, physical and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of PII that it creates, receives, maintains or transmits on behalf of the consumer.
  3. Notify the CPSC Privacy Officer via email, PrivacyOfficer@cpsc.gov, of a breach of unsecured PII as soon as possible within the discovery of such breach.
  4. In the event of an unauthorized use or disclosure of PII or a breach of unsecured PII, CPSC shall mitigate to the extent practicable, any harmful effects of disclosure that are known to it.
  5. If applicable, ensure that any contractors that create, receive, maintain, or transmit PII on behalf of CPSC agree to the same restrictions, conditions, and requirements that apply to the agency with respect to such information and have been properly vetted to handle this information.

II. Your Rights to Information CPSC Collects About You

  1. Individuals may obtain access to any information collected by the agency about them. The Privacy Act allows an individual or authorized representative access to their own records. See 5 U.S.C. § 552a(b). An individual may request copies of these CPSC records that contain:
    1. Information that was collected about that individual; and
    2. Information that can be retrieved by that individual’s name or a personal identifier (such as their Social Security Number);
    3. You may also ask CPSC to correct records that are inaccurate, incomplete, untimely, or irrelevant.
  1. A request for this information (also known as a Privacy Act request) must include:
    1. A description of the record sought;
    2. The approximate date of the record;
    3. Identification of the document that might contain the information you are seeking;
    4. The name or other description of the record system containing the record;
    5. proof of identity; and
    6. Any other information required by the notice describing the record system; See 16 CFR § 1014.3(d);
    7. Further, if seeking a record by mail, it must include a statement signed by the individual that is properly notarized, proving that he or she appeared before a notary public and submitted proof of identity acceptable to the notary public. See 16 CFR § 1014.4(b).

Please find a full list of all of CPSC’s Systems of Records, including a description of the kinds of records kept in each system at System-of-Records. Lastly, if you have any questions, please contact the Assistant General Counsel for FOIA, Privacy and Records at cpscfoiarequests@cpsc.gov .

Systems of Records

The Privacy Act requires agencies to publish in the Federal Register notices of new or substantially altered systems of records, that is, systems from which personal information, confidential or not, is retrieved by personal name or identifier.

CPSC reviews each system of record notice biennially to ensure it accurately describes the system of records. All systems containing PII are reviewed on an annual basis to ensure that holdings are accurate, relevant, timely and complete and necessary for the proper performance of a documented agency function.

Security

To ensure the security of the site and to ensure that the service remains available to all users, this government security system employs software programs to monitor network traffic so we can identify unauthorized attempts to upload or change information, or otherwise cause damage.

Unauthorized attempts to upload information or change information on this service are strictly prohibited. Such attempts may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

Questions

For any questions about this policy, please use this Contact Form.

Senior Agency Official for Privacy

Bryan Burnett
4330 East West Highway, Room 839A
Bethesda MD 20814
privacy@cpsc.gov

Report an unsafe product