Last Updated December 16, 2022
This Privacy Policy tells you about NetApp, Inc.’s and its subsidiaries' policies and practices for the collection, use, processing, storage, transfer, and disclosure of Personal Information that we may collect or observe. NetApp collects or observes information through a variety of difference contexts (collectively referred to as the “NetApp Platform”), and how we use, process, store, transfer, and disclosure Personal Information varies based on the context through which it was collected.
NetApp collects personal information in a variety of contexts, each of which is defined below. The categories of information, types of information, sources of information and our purposes for collecting, processing, using, and sharing such information is determined based on this context.
“Personal Information” is information relating to, directly or indirectly, an identified or identifiable natural person or household. This includes things like your name, postal address, telephone number, and email address, as well as less obvious information, which are included in the following defined categories. We plan to collect, and have collected within the preceding 12 months, the following categories of Personal Information:
“Other Information” means any information that does not reveal your specific identity or does not directly relate to an identifiable individual, such as: browser and device data, App usage data, data collected through cookies, pixel tags and other technologies, demographic information and other data provided by you that does not reveal your specific identity, or other types of information that has been aggregated in a manner such that it no longer reveals your specific identity.
NetApp does not sell Personal Information collected in any Context under this Privacy Policy
The following disclosures reflect our treatment of personal information collected in the defined Contexts in which we do business
NetApp products and services send a variety of information to NetApp in accordance with the product documentation and contracts for sales. This information is classified as follows, and as further defined in the sales contracts:
Personal Information may be included in any of these data classifications. However, NetApp only collects Functional Data and Support Information because Functional Data and Support Information are necessary for us to provide the products and services to you. We will process Customer Content in accordance with the applicable service terms, but this data is not specifically collected by NetApp.
Categories and Types of Personal Information We Collect We collect Personal Information about you when you use the Products or Services, including Individual Identifiers, Customer Records, Electronic Network Information, Inferences, and Commercial Information.
Categories of Sources of Personal Information Personal Information collected in the Products and Services context is collected from Original Sources, Customer Sources, Product Sources, Services Sources, and Third-Party Sources.
Purpose for Collecting and Basis for Processing Personal Information NetApp collects and processes Personal Information collected through the Products and Services solely for the purpose of providing the services and commercial purposes ancillary to providing the products or services, and NetApp will not retain, use, or disclose Personal Information collected through the Products or Services except as stated in this Privacy Policy.
Categories of Third Parties with Whom We Share Personal Information NetApp uses third-party service providers and subprocessors to provide services on our behalf and may share Personal Information collected by the Products and Services with them to assist them in providing these services. These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services. We also may share Personal Information with channel partners or resellers if you inquire about our products or services typically fulfilled through channel partners or resellers. These channel partners or resellers may also use this information to inform you about third-party products or services that may be of interest.
NetApp uses third-party service providers and subprocessors in the provision of the Products and Services.
Third Party Advertisement Personal Information collected through the Products and Services is not used for advertisement purposes.
Categories and Types of Personal Information We Collect We collect Personal Information about you in Social Media context including Individual Identifiers, Customer Records, Inferences, Electronic Network Information, Geolocation Data, Professional and Employment Information, and Sensitive Information Protected under the Law.
Categories of Sources of Information Personal Information collected in the Social Media context is collected from Original Sources, Third-Party Sources, and Customer Sources.
Third Party Advertisement In addition to the third-party advertising companies we use to serve advertisements regarding goods and services that may be of interest to you when you access and use social media, a third-party social media provider may provide further advertising. Please review third party social media privacy policies for their advertisement and privacy policies.
Retention The criteria used to determine our retention periods for job applicants’ Personal Information are: (i) the duration of the application process; (ii) as long as we have an ongoing working relationship with you; (iii) as required by a legal obligation to which we are subject; (iv) as advisable in light of our legal position (such as in regard of applicable statutes of limitations, litigation, or regulatory investigations). Your Personal Information will be added to NetApp’s international candidate database and can be retained and used to consider you for opportunities at NetApp and its affiliates other than the one(s) for which you apply. If you do not wish us to do this, please contact us at dataprotection@netapp.com.
Law Applicable to Job Application The Careers Site allows you to apply for jobs worldwide, as a benefit of NetApp’s centralized global recruitment function. This Careers Site is operated from the United States. Accordingly, any Personal Information you submit to the Careers Site will be collected in the United States and will be subject to U.S. laws. However, if we share your Personal Information with an affiliate located in another country in the Interactions with Job Applicants context, the affiliate will handle your personal information in accordance with this Policy. Any hiring or other employment-related decisions will be made by the hiring affiliate in accordance with the law of the country where the job will be located.
Minors The Careers Site is not intended for minors under the age of 18.
Categories and Types of Personal Information We Collect We collect Personal Information about you when you interact with NetApp or our service providers or contractors in the context of exploring or applying for job openings at jobs.netapp.com, submitting applications for employment, attending job fairs or recruiting events, or otherwise engaging in employment and job application activities with NetApp, including Individual Identifiers, Inferences, Employment Records, Education information, Electronic Network Information, Geolocation Data, audio, electronic, visual, or similar information, Professional and Employment Related Information, Protected Class Information, and Sensitive Information Protected under Law.
We will only collect this information where permitted by law.
Categories of Sources of Information Personal Information collected in the Interactions with Job Applicants context is collected from Original Sources and Third-Party Sources (such as LinkedIn and Indeed Career Builders), as well as from your prior employers and educational institutions you attended.
Third-Party Sources & Potential Candidates. We may use automated systems to enable us to find and recruit job candidates. These automated systems use personal information collected from Original and Third-Party Sources to determine whether an individual meets the requirements that apply for a specific job vacancy. Based on this analysis, our recruiters will be provided with an overview of the profiles that are potentially qualified for the relevant job and they will assess these recommendations and make individualized assessments as to applicant engagement and hiring.
Candidate Database. We may keep your Personal Information in our candidate database, including updating the database from linked Third Party Sources, even if you are not hired from your original application. If you do not wish us to retain your Personal Information for future job opportunities, please contact us at dataprotection@netapp.com.
Other sources may include your references, prior employers and educational institutions you attended.
Purpose for Collecting and Basis for Processing of Personal Information Personal Information collected in the Interactions with Job Applicants context is used solely for the purposes of identifying, evaluating, screening, recruiting, and hiring candidates for employment and for business and commercial purposes ancillary to those purposes, as permitted by applicable law. This may include:
If a Job Applicant’s application is successful and results in hiring, Personal Information we collect in connection with the individual’s application can be incorporated into our human resources system and used to manage the new-hire process; any such information can become part of the individual’s employee file and used for other employment-related purposes.
As discussed below, in certain cases we will ask questions about Sensitive Personal Information Protected under Law for monitoring equal opportunity. We can also inquire about criminal records. We will do so only where permitted by applicable law. Otherwise, we ask that you avoid submitting data which may qualify as Sensitive Personal Information protected under Law, except where such data is legally required.
NetApp is an equal opportunity employer, which means we offer equal treatment to all applicants. NetApp does not discriminate, either directly or indirectly, on legally protected grounds: race, color, sex, gender identity, sexual orientation, nationality, national origin, ethnic origin, religion, beliefs or creed, age, disability, marital status, veteran status, or genetic information in any area or recruitment.
We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose.
Third Party Advertisement NetApp does not use Personal Information collected in the Interactions with Job Applicants context to provide advertisements regarding goods and services.
New York City Residents—Automated Employment Evaluation. NetApp may use an automated employment evaluation tool as one of several tools and methods to help NetApp screen and select candidate applications for further consideration. The automatic employment evaluation tool highlights and may rank candidates for further consideration based on experience and skills identified by NetApp and found in candidates’ application and supporting documentation. You may request an alternative selection process or accommodation by contacting us at careers@netapp.com.
Categories and Types of Personal Information We Collect We may collect or otherwise observe Personal Information from individuals in the market research context, including Individual Identifiers, Inferences, Employment Records, Education information, Geolocation Data, Audio, electronic, visual, or similar information, Professional and Employment Related Information, Protected Class Information, and Sensitive Information Protected under Law.
Categories of Sources of Information Personal Information collected in the Market Research context is collected from Original Sources, Third-Party Sources, and Customer Sources.
Categories and Types of Personal Information We Collect We may collect or otherwise observe Personal Information from individuals offline, including Individual Identifiers, Inferences, Employment Records, Education information, Geolocation Data, Audio, electronic, visual, or similar information, Professional and Employment Related Information, and Sensitive Information Protected under Law.
Categories of Sources of Information Personal Information collected in the Offline context is collected from Original Sources, Third-Party Sources, and Customer Sources.
Third Party Advertisement We do not use third-party advertising companies to serve advertisements based on Personal Information we collected Offline.
Unless otherwise limited by the context in which it was collected, Personal Information collected by NetApp is used for our legitimate business purposes, including:
Accomplishing our business purposes
We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or because we have a legitimate interest.
Providing the functionality of the NetApp Platform and fulfilling your requests
We will engage in these activities to manage our contractual relationship with you and to comply with a legal obligation.
Providing you with our newsletter and/or other marketing materials and facilitating social sharing
We will engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, or with your consent.
Analysis of Personal Information for business reporting and providing personalized services
We will provide personalized services either with your consent or because we have a legitimate interest.
Allowing you to participate in surveys, contests, or other promotions
We use this information to manage our contractual relationship with you.
Aggregating and/or anonymizing Personal Information
Sensitive Personal Information: We may use sensitive personal information (as defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act) for purposes of performing services for our business, providing goods or services as requested by you, ensuring security and integrity, short term transient use such as displaying first party, non-personalized advertising, order processing and fulfilment, servicing accounts, providing client service, verifying client information, processing payments, providing financing, and activities relating to quality and safety control or product improvement.
Unless otherwise limited by the context in which it was collected, Personal Information collected by NetApp can be disclosed to our subsidiaries for the purposes described in this Privacy Policy. NetApp, Inc. is the party responsible for the management of the jointly-used Personal Information.
NetApp uses third-party service providers and subprocessors to provide services on our behalf and may share Personal Information with them to assist them in providing these services. These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services. We also may share Personal Information with channel partners or resellers if you inquire about our products or services typically fulfilled through channel partners or resellers. These channel partners or resellers may also use this information to inform you about third-party products or services that may be of interest.
If you use communities, blogs, or chat rooms on NetApp Services, you should be aware that any Personal Information you submit there can be read, collected, and used by other users of these forums, and could be used to send you unsolicited messages. You may also elect to disclose Personal Information through your social sharing activity.
The following chart details the categories of Personal Information we have collected and disclosed for our operational business purposes in the preceding 12 months. The chart also details the categories of personal information that we “share” for purposes of cross-context behavioral advertising, including within the preceding 12 months.
Categories of personal information | Disclosed to which categories of third parties for operational business purposes | “Shared” with which categories of third parties for cross-context behavioral advertising |
Individual identifiers | Our subsidiaries; third-party service providers; channel partners | Ad networks |
Inferences | Our subsidiaries; third-party service providers | Ad networks |
Customer records | Our subsidiaries; third-party service providers; channel partners | None |
Education information | Our subsidiaries; third-party service providers | None |
Commercial information | Our subsidiaries; third-party service providers; channel partners | Ad networks |
Electronic network information | Our subsidiaries; third-party service providers; channel partners | Ad networks |
Geolocation data | Our subsidiaries; third-party service providers; channel partners | Ad networks |
Audio, electronic, visual, or similar information | Our subsidiaries; third-party service providers | None |
Protected class information | Our subsidiaries; third-party service providers | None |
Professional and employment related information | Our subsidiaries; third-party service providers; channel partners | None |
Sensitive information protected under law | Our subsidiaries; third-party service providers | None |
Personal Information may be accessed, changed/corrected, or deleted directly by through the context it was collected. For example, Personal Information collected in the Products and Services context can be accessed, changed, or deleted through the features and functionality of the Products and Services, and Personal Information collected in the Interactions with Job Applicants context may be accessed, changed, or deleted through the job application tools. In the event, however, you cannot access, change/correct, or delete Personal Information through the context in which it was collected, or if you would like to restrict the use of your Personal Information, object to the processing of your Personal information or request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact us at dataprotection@netapp.com write to us at the address at the end of this document, or via our Site Feedback form. We will respond to your request consistent with applicable law.
In your request, please make clear what Personal Information you would like to have changed, whether you would like to have your Personal Information suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Information. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to respond to your request as soon as reasonably practicable.
Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase, you may not be able to change or delete the Personal Information provided until after the completion of such purchase).
We may exempt certain Personal Information from requests pursuant to applicable data protection laws or other laws and regulations.
Pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (collectively, the “CCPA”), if you are a California resident, you have the right to make the following requests:
To make a Request to Know, Correct or Delete, please contact us at dataprotection@netapp.com, +1 877 263 8277 or through any of the other methods listed under the Questions and Comments resources.
We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as email address, state of residency, or mailing address, in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information. If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.
To request to opt out of any future “sharing” of your Personal Information for purposes of cross-context behavioral advertising, click on the “Do Not Share My Personal Information” options for the applicable webpage containing your Notice of Right to Opt-Out and enabling consumers to opt out.
You have the right to be free from unlawful discrimination or retaliation for exercising your rights under the CCPA.
We do not sell and have not sold Personal Information, including Sensitive Personal Information, within the preceding 12 months, as “sale” is defined in the CCPA. Without limiting the foregoing, we do not sell or “share” the Personal Information, including the Sensitive Personal Information, of minors under age 16.
Authorized Agents
If you want to make a request as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable:
If you are making a Request to Know, Correct or Delete on behalf of a California resident and have not provided us with a power of attorney from the resident pursuant to Probate Code sections 4121-4130, we may also require the resident to:
Unless otherwise limited by the context in which it was collected, we use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you, including when you access and use social media.
You may receive advertisements based on information relating to your access to and use of the Websites and other websites or online services, including social media platforms, on any of your devices, as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. This is in addition to any advertisement that a third-party social media provider may provide. Please review third party social media privacy policies for their advertisement and privacy policies.
If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit optout.aboutads.info and optout.networkadvertising.org.
We also use and disclose your Personal Information as necessary or appropriate, especially when we have a legal obligation or legitimate interest to do so:
If we are required to treat Other Information as Personal Information under applicable law, then we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Privacy Policy.
A cookie is a piece of Electronic Network Information that is stored on your computer’s hard drive by your Web browser. When you revisit www.netapp.com, our server recognizes the cookie, giving us information about your prior visits. Most browsers accept cookies automatically, but you can alter the settings of your browser to prevent automatic acceptance. If you choose not to receive cookies, you can still use most of the features of the NetApp Platform, including ordering items. We do not currently respond to browser do-not-track signals.
We work with companies, such as Adobe, that use third-party cookies and Web beacons to collect anonymous information that helps us measure and improve our content and advertising effectiveness. Adobe collects and analyzes anonymous usage and volume statistical information from our users. We also use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the NetApp Platform and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by viewing their Privacy & Terms, and exercise the opt out offered by NetApp Cookie Policy.
We employ a software technology called clear gifs (also known as Web beacons or Web bugs) along with other technologies such as e-tags, and JavaScript that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies that are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs, which are about the size of a period, are embedded invisibly on Web pages. For detailed information regarding NetApp’s use of Clear Gifs and other technologies, please refer to the NetApp Cookie Policy.
We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.
We will retain your Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.
The criteria used to determine our retention periods include:
No services on the NetApp Platform are directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under sixteen (16).
NetApp uses reasonable and appropriate technical and organizational security measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Questions and Comments” section below.
The NetApp Platform may contain links to other Web sites or services. NetApp is not responsible for the privacy, information or other practices of third parties, including any third party operating any website or service to which the NetApp Platform links, or for the content of other Web sites. The inclusion of a link on the NetApp Platform does not imply endorsement of the linked site or service by us or by our subsidiaries.
Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the NetApp Platform you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information
If you are located in the EEA: Some of the non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures such as Binding Corporate Rules and/or Standard Contractual Clauses to protect your Personal Information. You may obtain a copy of these Binding Corporate Rules by viewing them online or by contacting dataprotection@netapp.com
Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
As the Internet, technology and our systems mature, so will our Privacy Policy. We will post changes to our Privacy Policy on this page. Your use of the NetApp Platform following these changes means that you accept the revised Privacy Policy. Please check this page regularly to keep up-to-date.
NetApp, Inc., located at 3060 Olsen Drive, San Jose, CA 95128, is the company responsible for collection, use and disclosure of your Personal Information under this Privacy Policy.
If you have any questions or comments about this Privacy Policy, or would like to request information required to be disclosed under global privacy laws, please send us your questions and feedback. You can contact us at dataprotection@netapp.com or at the following address:
NetApp, Inc.
3060 Olsen Drive
San Jose, CA 95128
We can be reached via the Web, by telephone at +1 877 263 8277
If you are located in the EEA, you also may lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection law occurs