California Supplemental Privacy Statement

Last Updated: December 16, 2022

Effective Date: June 24, 2020

If you are a California consumer, you have rights under the California Consumer Privacy Act of 2018 (the “CCPA”), as amended by the California Privacy Rights Act of 2020 (together, we refer to them as “the CCPA/CPRA”). The Red Hat Privacy Statement describes Red Hat’s general privacy practices, provides an explanation of “Your Rights and Choices” and addresses the required disclosures about your personal data under the CCPA/CPRA. This supplement to the Red Hat Privacy Statement is to provide you with information specifically on the CCPA/CPRA provisions related to the “sale” and “sharing” of personal data and on the collection, use and disclosure of sensitive personal information.

SALE OF PERSONAL DATA UNDER CALIFORNIA LAW

We do not sell personal data as the term “sell” is commonly understood. Under the CCPA/CPRA, a “sale” is defined to include disclosures of personal data to a third party for monetary or valuable consideration. When you use Red Hat websites, Red Hat’s authorized partners may collect cookies and similar technology and use this data for their own purposes. This activity may qualify as a “sale” under the CCPA/CPRA. You can make choices to allow or prevent such uses (see the section below on how to opt-out). Depending on your choices, during the past twelve months, we may have “sold” information to advertising networks, data analytics providers, social networks and advertising partners within the following categories defined by the CCPA/CPRA:

• Internet or other similar network activity relating to your interactions with Red Hat websites
• Identifiers and location information, such as your IP address
• Inferences about your interests

For more information on Red Hat’s use of cookies and similar technology, please see the section entitled “Cookies and Other Technology” in the Red Hat Privacy Statement.

SHARING OF PERSONAL DATA UNDER CALIFORNIA LAW

Under the CCPA/CPRA, “sharing” is defined to include disclosures of personal data to a third party for cross-context behavioral advertising. When you use Red Hat websites, Red Hat’s authorized partners may collect cookies and similar technology and use this data for cross-context behavioral advertising. This activity may qualify as “sharing” under the CCPA/CPRA. You can make choices to allow or prevent such uses (see the section below on how to opt-out). Depending on your choices, during the past twelve months, we may have “shared” information to advertising networks, data analytics providers, social networks and advertising partners for cross-context behavioral advertising within the following categories defined by the CCPA/CPRA:

• Internet or other similar network activity relating to your interactions with Red Hat websites
• Identifiers and location information, such as your IP address
• Inferences about your interests

For more information on Red Hat’s use of cookies and similar technology, please see the section entitled “Cookies and Other Technology” in the Red Hat Privacy Statement..

OPT-OUT OF SALE AND SHARING OF PERSONAL DATA UNDER CALIFORNIA LAW

In addition to the rights described under the “Your Rights and Choices” section of the Red Hat Privacy Statement, as a California resident, you have the right to opt-out of the sale or sharing of personal data by Red Hat to third parties. To opt-out of sales or sharing, you can click on the "Cookie Preferences and Do Not Sell or Share My Personal Information" link in the footer of the website (or a similarly named link at the bottom of the website) and set your cookie preferences to "Required" or you can configure your browser so that it always rejects cookies or asks you each time whether you want to accept them or not. If you have set your browser’s global privacy settings, then we recognize the global privacy settings from your browser to signal your choice to opt-out of the sale and sharing of your personal data. You may also contact us via our Personal Data Request Form.

Red Hat does not knowingly sell or share the personal data of children under the age of 16. For more information please see our disclosures under the “Children’s Online Privacy” section of the Red Hat Privacy Statement,.

SENSITIVE PERSONAL INFORMATION UNDER CALIFORNIA LAW

As stated under “The Categories of Personal Data We Collect” section of the Red Hat Privacy Statement, we generally do not collect sensitive personal information. In certain situations, Red Hat collects driver’s license, state identification card, passport number or other government issued identification for the purpose of verifying your identity such as for an event, office or exam.

If we collect sensitive personal information as that term is defined by the CCPA/CPRA, we use or disclose your sensitive personal information only for the permitted purposes set forth in the CCPA/CPRA, such as to perform the services, ensure the physical safety of persons and to prevent, detect and investigate security incidents. We do not collect or process sensitive personal information with the purpose of inferring characteristics about you.

How to contact us

If you have any questions about Red Hat’s privacy practices or use of your personal data, please feel free to contact us at privacy@redhat.com, or by mail at:

Red Hat, Inc.
Corporate Legal Group
100 East Davie Street
Raleigh, North Carolina 27601
United States

You may also exercise your privacy rights via our Personal Data Request Form or submit requests, or access the information provided in the Red Hat Privacy Statement or this California Supplement in an alternative format, by calling Red Hat’s U.S. toll free number at 1-800-546-7274.

For a PDF version of this California Supplement, please click here.