NetApp Privacy Policy

    TRUSTe European Safe Harbor certification

    Last Updated May 14, 2018

    NetApp Privacy Policy

    This Privacy Policy tells you about NetApp, Inc.’s policies and practices for the collection, use, processing, storage, transfer, and disclosure of information that we may collect through our websites, including, but not limited to, the website or subdomains of www.netapp.com, (e.g., our Communities site, Training site, and Support site) (collectively, the “Sites”), through the software applications made available for us by use on or through computers and mobile devices (the “Apps”), through our social media pages and apps (our “Social Media Pages”), through HTML-formatted email messages that link to this Privacy Policy (collectively, with the Sites, Apps, and Social Media Pages, the “Services”), and offline.

    Collection of Personal Information

    “Personal Information” is information that identifies you as an individual or relates to an identifiable individual, including:

    • Name
    • Postal address (including billing and shipping addresses)
    • Telephone number
    • Email address
    • Company and job title

    We and our service providers collect Personal Information in a variety of ways, including:

    • Through the Services: We collect Personal Information through the Services, for example, when you communicate with us via email, fill out online forms or surveys, or register for an event, course, or free product trial.
    • Offline: We collect Personal Information from you offline, e.g., when you attend one of our events, place an order over the phone, or contact customer service.
    • From Other Sources: We receive your Personal Information from other sources, for example, publicly available databases, data append services, data brokers, and joint marketing partners, when they share the information with us. The information may include, for example, contact, company, and industry data, as well as title, department, address, phone number, and updated e-mail addresses.

    We need to collect Personal Information in order to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services.

    Use of Personal Information

    We and, in some instances, our service providers use the Personal Information that we collect for legitimate business purposes, including:

    Accomplishing our business purposes

    • For improving the content of our Services, for example, by incorporating information that is relevant to our clients;
    • For preventing fraud or other illegal activities, such as willful attacks on NetApp information technology systems;
    • For data analysis, for example, to improve the efficiency of our Services;
    • For audits, to verify that our internal processes function as intended and address compliance with legal, regulatory or contractual requirements;
    • For developing new products and services;
    • For enhancing, improving, or modifying our current products and services;
    • For identifying usage trends, for example, understanding which parts of our Services are of most interest to users;
    • For determining the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users;
    • For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.

    We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.

    Providing the functionality of the Services and fulfilling your requests

    • To send administrative information to you, such as changes to our terms, conditions and policies and to notify customers about updates to our Services;
    • To respond to your inquiries and fulfill your requests, when you contact us via one of our online contact forms or otherwise, for example, when you request to be registered for an event or a NetApp training course;
    • To process your orders, and provide you with related customer service;
    • To help you manage your Community, Support and/or NOW accounts, at your request;
    • To allow you to send messages to another person through the Services if you choose to do so.

    Providing you with our newsletter and/or other marketing materials and facilitating social sharing

    • To contact you for marketing and sales purposes, including notifications related to product enhancements, warranties, and renewals, that are related specifically to customer needs and interests;
    • To contact you about a NetApp offer in support of your business needs or to conduct online surveys to better understand our customers’ needs;
    • To facilitate social sharing functionality that you choose to use.

    We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation.

    Analysis of Personal Information for business reporting and providing personalized services

    • To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services;
    • To better understand you, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests;
    • To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.

    We will provide personalized services either with your consent or because we have a legitimate interest.

    Allowing you to participate in surveys, contests, or other promotions

    • To offer you the opportunity to participate in surveys, contests or other promotions. Some of these promotions have additional rules containing information about how we will use and disclose your Personal Information.

    We use this information to manage our contractual relationship with you.

    Aggregating and/or anonymizing Personal Information

    • We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.

    Disclosure of Personal Information

    We disclose Personal Information to our subsidiaries for the purposes described in this Privacy Policy. NetApp, Inc. is the party responsible for the management of the jointly-used Personal Information.

    NetApp uses third-party entities to provide services on our behalf and may share Personal Information with them to assist them in providing these services. These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services. We also may share Personal Information with channel partners or resellers if you inquire about our products or services typically fulfilled through channel partners or resellers. These channel partners or resellers may also use this information to inform you about third-party products or services that may be of interest.

    If you use communities, blogs, or chat rooms on NetApp Services, you should be aware that any Personal Information you submit there can be read, collected, and used by other users of these forums, and could be used to send you unsolicited messages. You may also elect to disclose Personal Information through your social sharing activity.

    Other Uses and Disclosures

    We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:

    • To comply with applicable law.
      • This can include laws outside your country of residence.
    • To respond to requests from public and government authorities.
      • These can include authorities outside your country of residence.
    • To cooperate with law enforcement.
      • For example, when we respond to law enforcement requests and orders.
    • For other legal reasons.
      • To enforce our terms and conditions; and
      • To protect our rights, privacy, safety or property, and/or that of our subsidiaries, you or others.
    • In connection with a sale or business transaction.
      • We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings) Such third parties may include, for example, an acquiring entity and its advisors.

    Choices and Access

    Your choices regarding our use of your Personal Information

    E-mails: If you no longer want to receive marketing-related e-mails from us, you may opt out by:

    • going to the NetApp subscription center to unsubscribe or update your subscription preferences; or
    • clicking on our “Unsubscribe” link contained in each of our marketing-related emails.

    Postal mail or telephone: If you no longer wish to receive information about new products and services or upcoming events from us by postal mail or telephone, contact us at ng-privacy@netapp.com, write to us at the postal address at the end of this document, or visit the NetApp Subscription Center.

    We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.

    How you can access, change or delete your Personal Information

    If you would like to request to review, correct, update, suppress, restrict or delete Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at ng-privacy@netapp.com, write to us at the address at the end of this document, or via our Site Feedback form. We will respond to your request consistent with applicable law.

    In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to respond to your request as soon as reasonably practicable.

    Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Information provided until after the completion of such purchase).

    Collection of Other Information

    “Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual, such as:

    • Browser and device data
    • App usage data
    • Data collected through cookies, pixel tags and other technologies
    • Demographic information and other data provided by you that does not reveal your specific identity
    • Information that has been aggregated in a manner such that it no longer reveals your specific identity

    If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.

    Communications or Utilization Information

    Through your use of telecommunications services to access our Services, your communications data (e.g. Internet protocol (“IP”) address) or utilization data (e.g. information on the beginning, end and extent of each access, and information on the telecommunications services you accessed) are technically generated. Your IP address is automatically assigned to your computer by your Internet Service Provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Services. We may also derive your approximate location and your company from your IP address.

    Information Collected Automatically Through Your Browser or Device

    When you access our Services, we may automatically collect information such as: type of Internet browser and operating system used, domain name of the Web site from which you came, number of visits, average time spent on the site, pages viewed. We use this information to ensure the Services function properly, monitor the relevancy of our Services and improve their performance or content.

    “Cookies” - Information Stored Automatically on Your Computer

    A cookie is a piece of information that is stored on your computer’s hard drive by your Web browser. When you revisit www.netapp.com, our server recognizes the cookie, giving us information about your prior visits. Most browsers accept cookies automatically, but you can alter the settings of your browser to prevent automatic acceptance. If you choose not to receive cookies, you can still use most of the features of our Services, including ordering items. We do not currently respond to browser do-not-track signals.

    We work with companies, such as Adobe, that use third-party cookies and Web beacons to collect anonymous information that helps us measure and improve our content and advertising effectiveness. Adobe collects and analyzes anonymous usage and volume statistical information from our users. We also use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by viewing their Privacy & Terms, and exercise the opt out offered by Google by downloading the Google Analytics opt-out browser add-on.

    For detailed information regarding NetApp’s use of cookies, please refer to the NetApp Cookie Policy.

    Clear Gifs (Web Beacons, Web Bugs)

    We employ a software technology called clear gifs (also known as Web beacons or Web bugs) along with other technologies such as e-tags, and JavaScript that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies that are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs, which are about the size of a period, are embedded invisibly on Web pages. For detailed information regarding NetApp’s use of Clear Gifs and other technologies, please refer to the NetApp Cookie Policy.

    Adobe Flash technology (including Flash Local Shared Objects (“Flash LSOs”)) and other similar technologies

    We may use Flash LSOs and other technologies to, among other things, collect and store information about your use of the Services. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also go to the Global Storage Settings Panel and follow the instructions (which may explain, for example, how to delete existing Flash LSOs (referred to as “information”), how to prevent Flash LSOs from being placed on your computer without your being asked, and how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications.

    Uses and Disclosures of Other Information

    We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

    Retention Period

    We will retain your Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.

    The criteria used to determine our retention periods include:

    • The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
    • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
    • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

    Minors

    The Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under sixteen (16).

    Security

    NetApp seeks to use reasonable technical and organizational security measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Questions and Comments” section below.

    Third Party Web Sites and Services

    NetApp Services may contain links to other Web sites or services. NetApp is not responsible for the privacy, information or other practices of third parties, including any third party operating any website or service to which the Services link, or for the content of other Web sites. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our subsidiaries.

    Third Party Advertising

    We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services.

    You may receive advertisements based on information relating to your access to and use of the Services and other websites or online services on any of your devices, as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop.

    If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#/.

    Cross-Border Transfers

    Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

    If you are located in the EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place measures such as Binding Corporate Rules to protect your Personal Information. You may obtain a copy of these Binding Corporate Rules by viewing them online or by contacting ng-privacy@netapp.com.

    Sensitive Information

    We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.

    Updates to this Privacy Policy

    As the Internet, technology and our systems mature, so will our Privacy Policy. We will post changes to our Privacy Policy on this page. Your use of the Services following these changes means that you accept the revised Privacy Policy. Please check this page regularly to keep up-to-date.

    Questions and Comments

    NetApp, Inc., located at 1395 Crossman Ave., Sunnyvale, CA 94089, is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Policy.

    If you have any questions or comments about this Privacy Policy, please send us your questions and feedback. You can contact us at ng-privacy@netapp.com or at the following address:

    NetApp, Inc.
    1395 Crossman Ave
    Sunnyvale, CA 94089

    We can be reached via the Web, by telephone at +1 877 263 8277

    If you are located in the EEA, you also may lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs.