Call 800-294-8732

Privacy Policy

Last Updated: March 29, 2026

SD Bullion ("we," "us," "our") operates the website sdbullion.co.com (the "Site"). This Privacy Policy explains what personal information we collect, how we use it, how we protect it, and your rights regarding that information. By using the Site, you agree to the practices described in this policy. If you do not agree, please do not use the Site.

1. Information We Collect

1.1 Information You Provide

When you create an account, place an order, contact customer service, submit a price match request, initiate a buyback transaction or apply for a precious metals IRA, you may provide us with the following information:

Identity and contact information: Full name, email address, phone number, billing address and shipping address.

Payment information: Credit or debit card number, expiration date, CVV, bank account information for wire transfers, PayPal account details, or cryptocurrency wallet address. Payment card data is processed by our PCI DSS Level 1 compliant payment processor and is not stored on SD Bullion's servers in unencrypted form.

Transaction information: Products purchased or sold, quantities, prices, payment method used, order dates, shipping tracking numbers and delivery confirmations.

Tax-related information: Social Security Number or Employer Identification Number, as required by law for IRS reporting on qualifying transactions (Form 1099-B and Form 8300). This information is collected only when legally required and is stored with enhanced security controls.

Communication records: Emails, phone call records, chat transcripts and any other correspondence with SD Bullion customer service.

1.2 Information Collected Automatically

When you visit the Site, we automatically collect certain technical information through cookies and similar technologies:

Device and browser information: IP address, browser type and version, operating system, device type, screen resolution and language preference.

Usage information: Pages viewed, time spent on pages, click patterns, referring URL, search queries entered on the Site, and date and time of visits.

Cookie and tracking data: Session identifiers, authentication tokens, preference settings and analytics data. See Section 5 (Cookies) for details.

2. How We Use Your Information

We use the information collected for the following purposes:

Order processing and fulfilment: To process your orders, arrange payment, ship products, provide tracking information and handle returns or exchanges.

Account management: To create and maintain your account, authenticate your identity, store order history and provide customer service.

Legal and regulatory compliance: To comply with IRS reporting requirements (1099-B, 8300), anti-money laundering (AML) regulations, Know Your Customer (KYC) requirements, state sales tax obligations and other applicable federal and state laws.

Communication: To send order confirmations, shipping notifications, account security alerts and customer service responses. We may also send promotional communications about products, sales and educational content. You may opt out of promotional communications at any time by clicking the unsubscribe link in any promotional email or by contacting us directly.

Site improvement and analytics: To analyse site usage patterns, improve navigation, optimise product listings, enhance performance and develop new features.

Fraud prevention and security: To detect, investigate and prevent fraudulent transactions, unauthorised access and other security threats.

3. How We Share Your Information

SD Bullion does not sell your personal information to third parties. We share information only in the following circumstances:

Service providers: We share information with third-party service providers who perform functions on our behalf, including payment processing, shipping and delivery (USPS, UPS, FedEx), email delivery, website hosting, analytics, fraud detection and customer service tools. These providers are contractually obligated to use your information only to perform the services we have engaged them for and to protect your information with appropriate security measures.

IRA custodians: If you establish a precious metals IRA through SD Bullion, we share necessary information with the approved custodian to facilitate account setup, metal transfer and regulatory compliance.

Legal and regulatory requirements: We disclose information when required by law, including IRS reporting (1099-B, 8300), subpoenas, court orders, or requests from law enforcement or regulatory agencies. We may also disclose information if we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

Business transfers: In the event of a merger, acquisition, reorganisation, bankruptcy or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on the Site of any change in ownership or uses of your personal information.

4. Payment Card Industry (PCI) Compliance

SD Bullion's payment processing infrastructure meets PCI DSS (Payment Card Industry Data Security Standard) Level 1 compliance, the highest level of security certification in the payment card industry. This means:

Encryption: All payment card data is encrypted in transit using 256-bit SSL/TLS encryption. Card data is tokenized by the payment processor, meaning SD Bullion's servers never store full credit card numbers, expiration dates or CVV codes in unencrypted form.

Access controls: Access to payment systems is restricted to authorised personnel only, with multi-factor authentication, role-based access controls and audit logging.

Regular audits: Our payment infrastructure is subject to annual PCI compliance audits by a Qualified Security Assessor (QSA), quarterly network vulnerability scans and penetration testing.

Incident response: We maintain a documented incident response plan for potential data breaches, including customer notification procedures in accordance with applicable state breach notification laws.

For additional information about PCI DSS standards, visit the FTC's guide to protecting personal information.

5. Cookies and Tracking Technologies

The Site uses cookies and similar technologies to enhance your browsing experience, analyse usage and deliver relevant content. Cookies are small text files stored on your device by your web browser.

5.1 Types of Cookies We Use

Essential cookies: Required for the Site to function. These include session cookies for authentication, shopping cart functionality and security features. You cannot opt out of essential cookies without losing core Site functionality.

Analytics cookies: Used to collect anonymous data about how visitors use the Site, including pages viewed, time on site, traffic sources and navigation patterns. We use this data to improve Site performance and content. Analytics data is aggregated and does not identify individual users.

Preference cookies: Remember your settings and preferences (such as payment method preference and display options) to provide a more personalised experience on return visits.

5.2 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all cookies, accept only first-party cookies, or delete cookies when you close the browser. Note that disabling cookies may affect Site functionality, including the shopping cart and account authentication. Refer to your browser's help documentation for specific instructions on managing cookies.

6. Data Retention

We retain your personal information for as long as necessary to fulfil the purposes described in this policy, comply with legal obligations, resolve disputes and enforce our agreements.

Account information: Retained for the duration of your account and for seven (7) years after account closure to comply with IRS record-keeping requirements and applicable statutes of limitations.

Transaction records: Retained for a minimum of seven (7) years as required by federal tax law (IRS) and applicable state regulations.

Tax reporting information (SSN/EIN): Retained for seven (7) years from the date of the reportable transaction, in accordance with IRS requirements.

Communication records: Customer service correspondence is retained for three (3) years.

Analytics data: Aggregated analytics data is retained indefinitely. Individual-level analytics data is retained for twenty-six (26) months.

7. Data Security

SD Bullion implements appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure or destruction. These measures include:

Encryption: 256-bit SSL/TLS encryption for all data in transit. Encryption at rest for sensitive data stored in our databases.

Access controls: Role-based access, multi-factor authentication for administrative systems, and principle of least privilege for all staff access to customer data.

Network security: Firewalls, intrusion detection systems, regular vulnerability scanning and penetration testing.

Employee training: All employees with access to personal information receive annual security awareness training covering phishing, social engineering, data handling procedures and incident reporting.

While we implement industry-standard security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information using commercially reasonable measures.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Access: You may request a copy of the personal information we hold about you.

Correction: You may request correction of inaccurate or incomplete personal information. You can also update your name, address, email and phone number directly through your account settings.

Deletion: You may request deletion of your personal information, subject to our legal obligations to retain certain records (such as transaction records required by the IRS for seven years).

Opt-out of marketing: You may unsubscribe from promotional emails at any time by clicking the unsubscribe link in any promotional email or by contacting us at support@sdbullion.co.com. Opt-out requests are processed within ten (10) business days. Note that opting out of marketing does not affect transactional communications (order confirmations, shipping notifications, security alerts).

Do Not Track: The Site does not currently respond to Do Not Track (DNT) browser signals. There is no uniform standard for how websites should respond to DNT signals, and we will update this policy if a standard is adopted.

8.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete personal information, the right to opt out of the sale of personal information (SD Bullion does not sell personal information), and the right to non-discrimination for exercising privacy rights. To exercise these rights, contact us at support@sdbullion.co.com or call 800-294-8732.

8.2 Nevada Residents

Nevada residents may opt out of the sale of covered information as defined by Nevada SB 220. SD Bullion does not sell covered information as defined by this law. To submit an opt-out request, contact us at support@sdbullion.co.com.

9. Children's Privacy

The Site is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a child under 18, please contact us at support@sdbullion.co.com.

10. Third-Party Links

The Site may contain links to third-party websites, including government agencies (IRS, FTC), mint websites, custodian websites and educational resources. These third-party websites have their own privacy policies, and SD Bullion is not responsible for their privacy practices. We encourage you to review the privacy policy of any third-party website you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email or through a prominent notice on the Site. We encourage you to review this policy periodically. Your continued use of the Site after changes are posted constitutes your acceptance of the revised policy.

12. Contact Information

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about how your information is handled, please contact us:

SD Bullion
Email: support@sdbullion.co.com
Phone: 800-294-8732
Mailing Address: SD Bullion, Buffalo, NY, United States

For general inquiries and customer service, visit the Contact Us page or the Help Centre.