Last Updated: May 21, 2018
Privacy statement table of contents
- Scope of This Privacy Statement
- The Personal Data We Collect
- How We Use (Process) Your Personal Data
- How We Disclose Your Personal Data
- Cookies and Other Technology
- Your Rights and Choices
- Social Media, Public Forums and Links to Other Websites
- Children’s Online Privacy
- Data Transfers and Privacy Shield Frameworks
- Changes to This Privacy Statement
- EEA Data Protection Authority
- How to Contact Us
Scope of This Privacy Statement
Red Hat, Inc. and its affiliated companies and subsidiaries (collectively, “Red Hat”) respect your privacy. This Privacy Statement applies to personal data collected by Red Hat through the redhat.com website, and other websites which we operate and on which we post a direct link to this Privacy Statement. For some websites managed by Red Hat affiliates, the affiliate may act as a controller for data collected from the website. This Privacy Statement may not apply to open source project websites sponsored by Red Hat. Such project websites may have their own privacy statements, which we encourage you to review.
Please also note that co-branded websites (websites where Red Hat presents content together with one or more of our business partners) may be governed by additional or different privacy statements. Please refer to the privacy statement on those websites for more information about applicable privacy practices.
Red Hat’s obligations with respect to personal data that may be held on behalf of customers in connection with cloud services Red Hat provides, such as personal data stored by customers using our OpenShift Online offering, are defined in our agreements with our customers and are not governed by this Privacy Statement.
As used in this Privacy Statement, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
The Personal Data We Collect
Red Hat collects personal data directly from you when you interact with us through our websites, including, without limitation, when you:
- Create a user account (individual or corporate);
- Make online purchases or register products;
- Request support;
- Register for a webcast or other event;
- Request information or materials (e.g., whitepapers);
- Participate in surveys or evaluations;
- Participate in promotions, contests, or giveaways;
- Apply for employment;
- Submit questions or comments; or
- Submit content or posts on our customer portal pages or other interactive webpages.
To the extent permitted by applicable law, the types of personal data collected directly from you may include, without limitation:
- Information used to communicate with you, such as name, title, company name, email address, telephone number, postal address and language;
- Information that Red Hat maintains in association with your account, such as your username, password, payment information, purchase records, credit and billing status and support inquiries; and
- Information contained in your job inquiries or applications, such as resume, cover letter, age, education, professional history and contact details.
We may also collect information relating to your use of our websites and response to our emails through the use of various technologies. Collecting information in this manner allows us to analyze the effectiveness of our websites and our marketing efforts, personalize your experience and improve our interactions with you. For more information about the technologies we employ for these purposes, see the “Cookies and Other Technologies” section below.
We may also supplement the personal data we collect from you with additional personal data we receive from third parties, such as your employer, our customers, and our business partners where you purchase any of our products or services through such business partners. We do this to help us improve the overall accuracy of the information and its completeness and to help us better tailor our interactions with you.
How We Use (Process) Your Personal Data
Red Hat uses personal data in an effort to enhance your experience on our websites. In addition, we may use personal data we collect about you to:
- Identify and Authenticate You. We use your personal data to verify your identity when you access and use our Services and to ensure the security of your personal data. This includes your creation of an account that is associated with your personal data. The personal data that may be collected and processed for this purpose includes: name, title, company name, email address, telephone number, postal address, language, username, and password. We process this information in order to comply with our contractual obligations to you.
- Fulfill Your Requests. If you request something from Red Hat, such as a product or service, a call back, a newsletter subscription, or specific marketing or other materials, we use the personal data you provide to respond to your request. We or our representatives may also contact you as part of customer satisfaction surveys or for market research purposes. Where required by applicable law, we will obtain your consent before sending marketing messages. The personal data that may be collected and processed for this purpose includes: name, title, company name, email address, telephone number, postal address, language, username, payment information, purchase records, credit and billing status, and support inquiries. We process this information in order to comply with our contractual obligations to you when responding to your requests. In other cases it is in our legitimate business interests to be able to provide customers and prospective customers with information, goods, or services they request.
- Provide You with Information About Our Products, Services and Events. Red Hat may use your personal data to notify you about product and service offerings as well as events that we believe may be of interest to you. Red Hat also may use your personal data to respond directly to your requests for information, including registrations for newsletters or other specific requests. The personal data that may be collected and processed for this purpose includes: name, title, company name, email address, telephone number, postal address, language, username, payment information, purchase records, credit and billing status, and support inquiries. It is in our legitimate business interests to be able to provide customers, prospective customers, and the public with information about our products, services, and events.
- Provide Support and Customer Service. We use your personal data to provide support for products or services you have obtained from us and answer other questions. In the course of providing technical support to you, we may sometimes have incidental access to data that you have provided to us or data that is located on your systems. This data may contain information about you, or your organization’s business, employees, customers, partners, or suppliers. This Privacy Statement does not govern our access to or handling of this information. The conditions regarding the handling and processing of that data is covered by the applicable agreement between you and Red Hat, such as our Enterprise Agreement. The personal data that may be collected and processed for this purpose includes: name, title, company name, email address, telephone number, postal address, language, username, payment information, purchase records, credit and billing status, and support inquiries. We process this information in order to comply with our contractual obligations to you.
- Process Your Job Application. When you apply for a position at Red Hat, we use the personal data you provide for the purpose of assessing your application, considering you for future positions and carrying out human resources functions in accordance with applicable law. Red Hat will share the personal data you supply during the application process with internal human resources professionals as well as professionals in our business functions who are participating in the application and interview process. The personal data that may be collected, shared, and/or processed for this purpose includes: name, title, company name, email address, telephone number, postal address, language, resume, cover letter, age, education, professional history and contact details. It is in our legitimate business interests to be able to review the qualifications of prospective employees and perform human resources functions with regard to our employees.
We will not use your personal data in a manner that is inconsistent with the purpose of its original collection, unless you have consented.
How We Disclose Your Personal Data
Red Hat will not sell, rent or lease your Personal Data to others without your consent.
Red Hat discloses Personal Data in the following ways:
- Red Hat may disclose personal data to business partners and service providers in order to support our business operations, such as (but not limited to) fulfilling your orders, following up on requests, providing support and assisting Red Hat with sales, marketing and communication initiatives. These business partners and service providers include distributors, resellers, payment processors, financial service providers and institutions, materials production and shipping companies, postal or government authorities, market intelligence and consulting service providers, and information technology service providers. Business partners and service providers are required by contract to keep the information received on behalf of Red Hat confidential and secure and not use it for any purpose other than the purpose for which it was provided to them.
- Red Hat may disclose personal data as required by law or legal process, such as responding to a duly authorized and lawful request of a police or public authority (including to meet national security or law enforcement requirements), to enforce or protect the rights of Red Hat, when such disclosure is necessary or appropriate to prevent physical harm or financial loss as permitted by applicable law, or in connection with an investigation of suspected or actual illegal activity.
- Red Hat may also disclose personal data in the context of a business transaction involving part or all of Red Hat, such as a merger, acquisition, consolidation, or divestiture. Such a transaction may involve the disclosure of personal data to prospective or actual purchasers, or the receipt of it from sellers. It is Red Hat’s practice to seek appropriate protection for information in these types of transactions. Following such a business transaction, you may contact the entity to which we transferred your personal data with any inquiries concerning the use of that information.
Cookies and Other Technologies
Red Hat uses some cookies that are strictly necessary for the delivery of services on our websites. Cookies that are strictly necessary allow us to improve the safety and security of our websites, authenticate account users, allow you to access your private accounts on our websites, allow you to sign into different portions of our websites with the use of only one login, balance the traffic on our websites, and remember items in your shopping cart. Cookies that are strictly necessary are not used for marketing purposes.
In addition, we may use remarketing technology to advertise on other websites you may visit. In doing so, a third party may place or read a unique ad-serving cookie on your device and use technical information about your browser and your activity at a Red Hat website to serve advertisements to you on non-Red Hat websites.
If you do not want your information to be stored by cookies, you can configure your browser so that it always rejects these cookies or asks you each time whether you want to accept them or not. However, you must understand that choosing to reject cookies may reduce the performance and functionality of our websites. Your browser documentation includes instructions explaining how to enable, disable or delete cookies at the browser level (usually located within the “Help”, “Tools” or “Edit” facility). While Red Hat websites at this time generally do not recognize automated browser signals regarding tracking mechanisms, such as “do not track” instructions, you can generally express your privacy preferences regarding the use of most cookies and similar technologies through your web browser.
Red Hat also uses web beacons alone or in conjunction with cookies to compile information about usage of our websites and interaction with emails from Red Hat (e.g., open rates, click through rates). Web beacons are clear electronic images that can recognize certain types of information on your device, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon. For example, Red Hat may place web beacons in marketing emails that notify Red Hat when you click on a link in the email that directs you to one of our websites. Red Hat uses web beacons to operate and improve our websites and email communications.
Your Rights and Choices
In accordance with the laws of certain countries, you may have certain rights and choices regarding the personal data we collect and maintain about you, and how we communicate with you.
Where the EU General Data Protection Regulation 2016/679 (“GDPR”) applies to the processing of your personal data, especially when you access the website from a country in the European Economic Area (“EEA”), you have the following rights, subject to some limitations, against the respective Red Hat Company responsible for the website you are using:
- The right to access your personal data;
- The right to rectify the personal data we hold about you;
- The right to erase your personal data;
- The right to restrict our use of your personal data;
- The right to object to our use of your personal data;
- The right to receive your personal data in a usable electronic format and transmit it to a third party (also known as the right of data portability); and
- The right to lodge a complaint with your local data protection authority;
If you would like to exercise any of these rights, you may do so via our Personal Data Request Form.
Where the GDPR applies, you also have the right to withdraw any consent you have given to uses of your personal data. If you wish to withdraw consent that you have previously provided to us, you may do so via our Feedback Form. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Where the GDPR does not apply, Red Hat grants you the ability to access, modify, or update some of your personal data online at any time. You may log in and make changes to your information, such as your password, your contact information, your general preferences, and your personalization settings. If necessary, you may also contact us via our Feedback Form and describe the changes you want made to the information you have previously provided. However, note that changing or deleting information necessary for Red Hat to assist with support, services, and purchases may result in a delay or interruption in processing your requests.
You will be given an opportunity to tell us whether you would like to receive information, special offers, and promotional materials by email from Red Hat or our business partners when you create a redhat.com account, when you register for a service, when you provide us with your personal data, or when we send you a marketing email. Where required by applicable law, we will obtain adequate consent to provide you with these marketing materials. You also have the ability to opt out of receiving marketing emails from Red Hat at any time without cost by clicking on the relevant link contained in our marketing emails or by contacting us via our Feedback Form. You can also exercise your rights and choices by contacting us as described below under “How to Contact Us.”
Red Hat intends to protect your personal data. We have implemented appropriate physical, administrative and technical safeguards to help us protect your personal data from unauthorized access, use and disclosure. For example, we encrypt certain personal data such as payment information when we transmit such information over the Internet. We also require that our business partners and service providers protect such information from unauthorized access, use and disclosure.
Social Media, Public Forums and Links to Other Websites
Red Hat may provide social media features that enable you to share information with your social networks and interact with Red Hat on various social media websites. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We encourage you to review the privacy policies and settings on the social media websites with which you interact to make sure you understand the information that may be collected, used, and shared by those websites.
Our websites may make chat rooms, forums, blogs, message boards, and/or news groups available to its users. Remember that your comments and posts become publicly available, and we urge you to exercise discretion when submitting such content.
Our websites may contain links to other websites. Red Hat does not control and is not responsible for the information collected by websites that can be reached through links from our websites. If you have questions about the data collection procedures of linked websites, please contact the organizations that operate those websites directly.
Children’s Online Privacy
Red Hat’s products and services are not directed to children and Red Hat does not knowingly collect online personal data from children under the age of 16. If you are a parent or guardian of a minor under the age of 16 and believe that he or she has disclosed personal data to us, please contact us via our Feedback Form or as described below under “How to Contact Us.”
Data Transfers and Privacy Shield Frameworks
Red Hat is a global organization, with legal entities, business processes, and technical systems that operate across borders. Red Hat may transfer your personal data to other Red Hat entities in the United States and elsewhere. The United States and other countries may not have the same data protection laws as the country from which you initially provided the information.
Where required by applicable law, we have put in place appropriate safeguards (such as standard contractual clauses approved by the European Commission) in accordance with applicable legal requirements to ensure that your data is adequately protected. When transferring your personal data internationally, Red Hat will protect your personal data as provided in this Privacy Statement. If you wish to obtain a copy of the relevant safeguards that are in place to protect the international transfer of your personal data, please contact us as described below under “How to Contact Us.”
If you are located in the European Economic Area (“EEA”) or Switzerland, Red Hat and its controlled United States subsidiaries have certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks for the transfer of personal data from the EEA and Switzerland to the United States, as described in our Privacy Shield Privacy Notice. To learn more about the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and to view our certification, please visit www.privacyshield.gov.
Changes to This Privacy Statement
Red Hat reserves the right to make corrections, changes or amendments to this Privacy Statement at any time. The revised Privacy Statement will be posted on this website. A notice will be posted on our homepage for 30 days whenever this Privacy Statement is changed in a material way, and the date of last update will be indicated at the top of the Privacy Statement. If you do not refuse the changes in writing within that notice period, this shall mean that you have consented to the Privacy Statement as changed, including with respect to personal data provided to us prior to the changes in the Privacy Statement. We encourage you to periodically review this Privacy Statement for any changes or updates.
EEA DATA PROTECTION AUTHORITY
If you are a resident of the European Economic Area and wish to raise a concern about our use of your personal data, you may direct questions or complaints to the Irish Data Protection Commissioner, which is Red Hat’s lead supervisory authority, at:
Irish Data Protection Commissioner
Office of the Data Protection Commissioner
Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland
Phone: +353 57 8684800
+353 (0)761 104 800
Fax: +353 57 868 4757
Alternatively, you may contact your local supervisory authority.
How to contact us
Red Hat, Inc.
Corporate Legal Group
100 East Davie Street
Raleigh, North Carolina 27601
Red Hat Representative Contact Information in the European Economic Area:
Red Hat Limited
6700 Cork Airport Business Park
Phase II 1st Floor