NetApp’s response to third-party requests for data
Third-party requests for data are generally categorized into two types: legal orders and nonlegal requests. Legal orders are those requests for data that are required by law, such as law enforcement warrants, civil subpoenas, and orders adjudicated by a court of competent jurisdiction. Nonlegal requests are all other requests.
Legal orders for data
When NetApp is served with a legal order for customer data, we review it for both scope and legality. Unless prohibited by law, we take steps to either (1) verify that the individual or entity to whom the data pertains or belongs has been notified or served with a copy of the legal order; or (2) notify the individual or entity to whom the data pertains or belongs that NetApp has received a legal order seeking their information. If we determine that we are obligated by law to comply with the legal order; we comply. We endeavor to minimize or exclude confidential information unless a protective order or court order commands otherwise.
Nonlegal requests for data
NetApp does not voluntarily produce customer data without a legal order. When possible, we instruct third parties requesting such data to contact the customer directly with the request.