Hewlett Packard Enterprise Privacy Statement
HPE respects your privacy
HPE and its subsidiaries respect your privacy. This Privacy Statement informs you of our privacy practices and of the choices you can make about the way information about you, including from your online activity is collected and how that information is used by HPE. This statement is readily available on our HPE.com home page and at the bottom of every HPE web page. Please use the links below to access translations of this statement and any applicable country specific or service specific supplements to the statement.
In the development of HPE’s privacy policies and standards, we respect and take into account the major principles and frameworks around the world, including the OECD Guidelines on the Protection of Privacy and Transborder Flows, EU Directive 95/46/EC, APEC Privacy Framework, and the Madrid Resolution on International Privacy Standards and the Australian Privacy Principles under the Privacy Act 1988 (Cth).
HPE complies with the U.S. – E.U. Safe Harbor framework and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. HPE has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view HPE's certification, please visit http://www.export.gov/safeharbor/.
HPE has also established a set of binding corporate rules (“BCR”), which have been approved by the majority of Data Protection Regulators in the EEA and Switzerland, effective June 2011. The BCRs ensure that personal data from the EEA is adequately protected while being processed by any of HPE’s global entities.
HPE has received TRUSTe's APEC Privacy Seal signifying that this privacy statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal. HPE’s privacy practices described in this Statement comply with the APEC Cross Border Privacy Rules System, including transparency, accountability, and choice regarding the collection and use of your personal information. The CBPR certification does not cover information that may be collected through downloadable software on third party platforms.
If you have an unresolved privacy or data use concern related to HPE’s APEC Certification that we have not addressed satisfactorily, please contact TRUSTe.
1. Scope of this Privacy Statement
Links to non-HPE websites
We may also provide social media features that enable you to share information with your social networks and to interact with HPE on various social media sites. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We encourage you to review the privacy policies and settings on the social media sites with which you interact to make sure you understand the information that may be collected, used, and shared by those sites.
2. Collection of personal information
Personal information is any information that personally identifies you or from which you could be identified. This may include your name, address, telephone number, email address and profession or occupation.
HPE collects, exports, and uses personal information to manage your relationship with HPE and better serve you by personalizing your experience and interaction with HPE. Such collection is done with appropriate notice and consent, along with required filings with data protection authorities, where required.
HPE may collect your personal information through your access and use of website, web-based applications, or mobile applications, during conversations or correspondence with HPE representatives, when you purchase goods or services or complete an online application form.
HPE may collect personal information from you in connection with:
- product or service orders, activations, and registrations
- profile creation and user verification for online services
- information requests or complaints
- marketing, newsletter or support subscriptions
- contest entries or survey participation
- instant credit applications
- job applications
- event registration
- visits or browsing on HPE websites
The types of personal information HPE may collect from you includes:
- personal and business contact information, such as name, address, telephone number, and email address
- in some cases, your business contact data may be provided to HPE by a designated entity within your business or enterprise (such as a member of your IT department)
- financial information, such as your credit/debit card number or other billing information
- other unique information such as user IDs and passwords, product functionality, product and service preferences, contact preferences, educational and employment background, and job interest data
- geo-location data such as your IP address or physical location when you request location based services
- details of the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries
- any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise
- information you provide to us through our service center, customer surveys or visits by our representatives from time to time
If you apply for instant credit, we may ask you to provide additional personal information such as salary, government issued identification number, banking/financial account information, and other information (for example from credit reporting agencies) to authenticate you and verify credit worthiness. This information will be used by our financial services providers in determining whether to extend you credit and how much to extend.
If you post, comment, indicate interest or complaint, or share personal information, including photographs, to any public forum on an HPE site, social network, blog, or other such forum, please be aware that any information you submit can be read, viewed, collected, or used by other users of these forums, and could be used to contact you, send you unsolicited messages, or for purposes that neither you nor HPE have control over. HPE is not responsible for the personal information you choose to provide in these forums.
In addition to the information you provide, HPE may also collect information during your visit to an HPE website, web-based application, or a website “powered by” another company on behalf of HPE, through our Automatic Data Collection Tools, which include Web beacons, cookies, and similar technologies, as well as embedded Web links. These tools collect certain traffic information that your browser sends to a website, such as your browser type and language, access times, and the address of the website from which you arrived. They may also collect information about your Internet Protocol (IP) address, unique device identifier, clickstream behavior (i.e., the pages you view, the links you click, and other actions you take in connection with HPE websites or “powered by” websites) and product information. HPE may also use some of these Automatic Data Collection Tools in connection with certain emails and communications sent from HPE and therefore may collect information using these tools when you open the email or click on a link contained in the email. To learn more, read How HPE uses automatic data collection tools.
HPE also collects information from publicly or commercially available sources that it deems credible. Such information may include your name, address, email address, preferences, interests, and demographic/profile data. The information HPE collects from its public or commercial sources may be used along with the information HPE collects when you visit HPE’s sites. For example, HPE may compare the geographic information acquired from commercial sources with the IP address collected by Automatic Data Collection Tools to derive your general geographic area.
Where necessary, HPE may also use information provided by you or your employer, together with information from publicly available and other online and offline sources, to conduct due diligence checks on business contacts as part of HPE’s anti-corruption program.
HPE may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our websites, products or services.
3. How we use your information
HPE may use your information to:
- manage our relationship with you
- assist you in completing a transaction or order
- prevent and detect security threats, fraud or other malicious activity
- communicate with you about HPE products, services or support and send marketing communications
- provide products, services and support to you
- improve and develop products, services and support including through quality control, research and data analysis activities
- update you on new services and benefits
- provide personalized promotional offers
- measure performance of marketing initiatives, ads, and websites “powered by” another company on HPE’s behalf
- allow you to participate in contests and surveys
- answer enquiries, provide information, support or advice about existing and new products or services
- personalize some HPE websites
- provide you with access to protected areas of our website
- assess and improve the performance and operation of HPE websites
- to keep your contact details up to date and provide updated details to HPE service providers and suppliers where necessary
- to process and respond to any complaint made by you
We will give you the opportunity to choose your privacy preferences regarding the marketing communications we send (see Your choices and selecting your privacy preferences).
Credit card information is used only for payment processing and fraud prevention. Salary information, government issued identification number and other sensitive personal information is not used for any other purpose by our financial services providers or HPE and will not be kept longer than necessary for providing the services, unless you ask us to retain your credit card information for future purchases.
4. How we share your information
HPE will not sell, rent or lease your personal information to others except as described in this Statement. HPE shares personal information in the following ways:
HPE retains service providers and suppliers to manage or support its business operations, provide professional services, deliver complete products, services and customer solutions and to assist HPE with marketing and communication initiatives. These providers and suppliers may be located in the US or other overseas locations and include, for example, credit card processors, debt collectors, providers of customer support and live-help, marketing and communications, hosting and IT service providers, email service providers, automated data processors, shipping agents, management and support of HPE websites, order fulfilment and delivery. Suppliers and service providers are required by contract to keep confidential and secure the information received on behalf of HPE and may not use it for any purpose other than to carry out the services they are performing for HPE.
HPE may also transfer your personal information to other HPE-owned business entities in the US and Worldwide. By accessing HPE websites, registering for an account or service, or otherwise providing HPE with your personal information, you consent to this transfer of your personal information throughout the global HPE network of entities.
Except as described in this Statement, HPE will not share the personal information you provide to HPE with non-HPE third parties without your permission, unless to: (i) respond to duly authorized information requests of police and governmental authorities; (ii) comply with any law, regulation, subpoena, or court order; (iii) investigate and help prevent security threats, fraud or other malicious activity; (iv) enforce/protect the rights and properties of HPE or its subsidiaries; or (v) protect the rights or personal safety of HPE, our employees, and third parties on or using HPE property when allowed and in line with the requirements of applicable law.
Circumstances may arise where, whether for strategic or other business reasons, HPE decides to sell, buy, merge or otherwise reorganize businesses in some countries. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is HPE’s practice to seek appropriate protection for information in these types of transactions.
5. Children's privacy
HPE does not knowingly collect information from children as defined by local law, and does not target its websites or mobile applications to children under these ages. We encourage parents and guardians to take an active role in their children’s online and mobile activities and interests.
6. Your choices and selecting your privacy preferences
HPE gives you the choice of receiving a variety of information that complements our products and services. You can subscribe to receive certain product- and service-specific information and also choose to receive HPE general communications. We give you a choice regarding delivery of HPE general communications by postal mail, email, telephone, or mobile device.
You can make or change your choices about receiving either subscription or general communications at the data collection point or by using other methods, which are listed in the following sections. This option does not apply to communications primarily for the purpose of administering order completion, contracts, support, product safety warnings, driver updates, or other administrative and transactional notices where the primary purpose of these communications is not promotional in nature.
Subscription communications include email newsletters, software updates, etc. that may be expressly requested by you or which you consented to receive. After you request such communications, you may opt out of receiving them by using one of the following methods:
- Select the email "opt out" or "unsubscribe" link, or follow the opt-out instructions included in each email subscription communication.
- To unsubscribe from messages delivered to mobile devices, reply to the message with the words “STOP” or “END.”
- Return to the Web page(s) where you originally registered your preferences and follow the opt-out instructions. Access to many HPE subscriptions is available at the Subscriber's Choice web page.
- Write to the HPE Privacy Office (contact details below). Be sure to provide your name, relevant contact information, and specific relevant information about the HPE subscriptions that you no longer wish to receive.
HPE general communications
HPE general communications provide information about products, services, and/or support. This may include new product or services information, special offers, or invitations to participate in market research or compliance reviews.
If you are unable to use HP Passport, you may opt out of receiving these general communications by using one of the following methods:
- Select the email "opt out" or "unsubscribe" link, or follow the opt-out instructions included in each email communication.
- To unsubscribe from messages delivered to mobile devices, reply to the message with the words “STOP” or “END.”
- Write to the HPE Privacy Office (contact details below). Be sure to provide your name, relevant contact information, and specific relevant information about your privacy preferences.
7. Access to and accuracy of your information
HPE strives to keep your personal information accurately recorded. We have implemented technology, management processes and policies to help maintain data accuracy. HPE provides individuals with reasonable access to personal information that they provided to HPE and the reasonable ability to review and correct it or ask for anonymization, blockage, or deletion, as applicable. To protect your privacy and security, we will also take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your data. To view and change the personal information that you directly provided to HPE you can return to the web page where you originally submitted your data and follow the instructions on that web page, use HP Passport where enabled, or contact the HPE Privacy Office. HPE will respond to access requests within 30 days.
8. Keeping your personal information secure
HPE takes seriously the trust you place in us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, HPE utilizes reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process. HPE retains data only as required or permitted by local law and while it has a legitimate business purpose.
When collecting or transferring sensitive information such as credit card information we use a variety of additional security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. The personal information you provide us is stored on computer systems located in controlled facilities which have limited access. When we transmit highly confidential information (such as credit card number or password) over the internet, we protect it through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
Credit card numbers are used only for processing payments and are not used for other purposes. As part of real-time payment processing, HPE subscribes to fraud management services. This service provides HPE with an extra level of security to guard against credit card fraud and to protect your financial data.
9. Changes to this statement
10. Contacting us and how to make a complaint
We value your opinions. If you have comments or questions about our Privacy Statement, any concerns or a complaint regarding our collection and use of your data or a possible breach of your privacy, please send them to the HPE Privacy Office or write to us at the appropriate address below. We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to address your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.
HPE has also committed to refer unresolved privacy complaints from E.U. citizens or residents regarding transfers of their personal data under the Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU Safe Harbor, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if HPE does not satisfactorily address your complaint, you may contact BBB EU Safe Harbor at: http://www.bbb.org/us/safe-harbor-complaints.
Canada, Most of Latin American, and US:
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
3000 Hanover Street
Palo Alto, California 94304
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
Prolongación Reforma No. 700
Colonia Lomas de Santa Fe
México, D.F., C.P.01210
Europe, Middle East, Africa, Asia Pacific and Japan:
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
1 Avenue du Canada
Les Ulis -91947 – France
11. How HPE uses automatic data collection tools
The following sections provide additional information about commonly-used web technology tools.
A “cookie” is a small data file transferred by a website to your computer’s hard drive. HPE or its service providers send cookies when you surf our site or sites where our ads appear, make purchases, request or personalize information, or register yourself for certain services. Accepting the cookies used on our site, sites that are “powered by” another company on HPE’s behalf, or sites where our ads appear may give us access to information about your browsing behavior, which we may use to personalize your experience. Cookies are typically classified as either “session” cookies or “persistent” cookies.
- Session cookies do not stay on your computer after you close your browser.
In certain countries you may also adjust your HPE.com and associated cookie preferences by using a preference manager tool in this Statement which is available from the site you are visiting.
You can find information on popular browsers and how to adjust your cookie preferences in the help and support section of your browser.
From time to time, HPE and third parties with whom we partner will use Flash local shared objects (LSOs) and similar technologies to store Flash content information and preferences. LSOs perform similar functions to HTML browser cookies and deposit small files on your computer, which are commonly called Flash cookies. Flash cookies are different from browser cookies and cookie management tools provided by your browser may not remove Flash cookies. To learn more about Flash Cookies and how to manage the related privacy and storage settings, please visit the Adobe Systems website.
Some HPE.com and third-party web pages, applications, and HTML-formatted email use Web beacons alone or in conjunction with cookies to compile information about your website usage and your interaction with email, as well as to measure performance on HPE.com, applications, and websites “powered by” another company on HPE’s behalf. A web beacon is an electronic image, called a single-pixel (1x1) or clear GIF. Web beacons can recognize certain types of information on your computer such as cookies, the time and date of a page viewed, and a description of the page where the web beacon is placed. Depending on the context, web beacons may also refer to content on a third-party server, and may be used by service providers to deliver relevant advertising to you.
You may be able to disable web beacons in email messages by not downloading images contained in the message you receive (this feature varies depending on the email software used on your personal computer). However, doing this may not always disable a web beacon or other automatic data collection tools in the email message due to specific email software capabilities. For more information about this, please refer to the information provided by your email software or service provider.
If you choose to receive marketing emails or newsletters from HPE as specified in Your choices and selecting your privacy preferences, HPE may automatically collect personal information about you. For example, through web beacons and personalized URLs embedded in these emails or newsletters, HPE can track whether you’ve opened those messages and whether you’ve clicked on links contained within those messages. For more information on embedded web links, see below.
Embedded Web links
Emails from HPE, Internet keyboard keys preconfigured by HPE, and promotional icons preinstalled on your PC desktop often use links designed to lead you to a relevant area on the Web, after redirection through HPE’s servers. The redirection system allows HPE to change the destination URL of these links, if necessary, and to determine the effectiveness of our marketing initiatives.
In emails, such web links may also allow HPE to determine whether you have clicked a link in an email, and this information about the interaction may be connected to your personal identity. If you do not want HPE to collect information about the links that you click, you can:
- change your choice about how you receive communications from HPE (i.e. choose a text-based version of the message where available) or choose not to click links in an email that HPE sends
- delete the promotional icons preinstalled by HPE on your PC desktop or choose not to click on those
- reconfigure the Internet keyboard keys on certain PC models to launch a destination URL of your choice by using the instructions provided with your PC
HPE ads and offerings on third-party websites
HPE contracts with service providers to place ads on websites owned by third parties. In addition, some websites may be “powered by” a service provider to provide HPE offers on HPE’s behalf. These service providers may send cookies from and use web beacons on these third-party websites and on HPE.com. The cookies and web beacons may enable HPE to collect information about the pages you viewed and the links you clicked.
Most web browsers offer you the ability to inform websites and ad networks that you do not want your online activities tracked through a “Do Not Track” feature.
You can learn more about network advertising and how to opt out by visiting http://www.aboutads.info .