Hewlett Packard Enterprise Global Master Privacy Policy

The HPE Global Master Privacy Policy articulates the privacy and data protection principles followed by HPE around the world with regards to the personal information of its customers, including product, outsourcing and other services clients, partners, employees, former employees, applicants and current or former members of the Board of Directors ("covered individuals"). These principles support the highest privacy standards in international trade and commerce and human resource management.

0

Introduction

HPE respects and is committed to protecting the personal information of our covered individuals. We follow privacy policies and data protection practices to comply with the law and to earn trust and confidence in HPE and its business practices. HPE privacy policies and data protection practices extend by contract to our supplier and partner relationships. HPE board members, employees, and those working on behalf of HPE are informed about these policies and practices and are expected to follow them. HPE privacy policies and practices reflect and reinforce the HPE company values of trust, integrity, and quality.

1

Scope

This HPE Global Master Privacy Policy applies to the collection, storage, processing, transfer, and use of personal information concerning covered individuals except where the contract with a covered individual defines different requirements. Personal information includes any data by which a person can be identified or located, as well as any data to which HPE has access in customer systems.


Personal information may be collected from covered individuals through a variety of means, including, as examples, websites, other ordering channels, and service or employment processes. HPE may also obtain personal information about covered individuals from other publicly or commercially available sources we deem credible.


This global master policy governs customer and employee data protection policies; implementation standards; rulebooks; business processes; applications; web, product, and service developments; and technology roadmaps.


All HPE employees, board members, and contracted parties working on behalf of HPE must comply with these policies, even if local law is less restrictive. Specific practices are tailored to meet the legal, regulatory, and cultural requirements of the countries and regions where HPE operates.


2

Global Policy Fundamentals

Our privacy policies reflect current global principles and standards on handling personal information. These principles include notice of data use, choice of data use, data access, data integrity, security, onward transfer, and enforcement/oversight. We abide by the privacy laws in the countries where we do business.


We use the definitions of personal data and sensitive personal data as definedin the Madrid Resolution. Briefly this is:


  • Personal data means any information relating to an identified natural person or a person who may be identified by means reasonably likely to be used.
  • Sensitive personal information is that which, in cases of misuse, may cause unlawful or arbitrary discrimination or other serious risk to the data subject. In particular, personal data that reveals aspects such as racial or ethnic origin, political opinions, or religious or philosophical beliefs will be considered sensitive data.

3

Master Policy Principles

HPE recognizes that the personal information it receives is held in a position of trust. We seek to fulfill that trust by adhering to the following general principles regarding personal data.


Notice and Choice of Data Use


  • HPE does not sell, rent or lease personal information of covered individuals.
  • HPE provides notice and choice to individuals regarding the type of personal information collected and its intended uses.
  • HPE reviews the purposes for which data is to be collected from covered individuals to ensure that our data collection supports reasonable business requirements.
  • HPE does not use personal information obtained from covered individuals for purposes that are incompatible with the purposes stated in our notices.

Data Access


  • HPE provides individuals with reasonable access to the personal information they provided to HPE and the ability to review and correct it, as applicable.

Data Integrity


  • HPE takes reasonable steps to ensure that all applicable personal information is accurate, complete and current.

Data Security


  • HPE is committed to protecting personal information against unauthorized use or disclosure.
  • HPE provides additional levels of protection for data considered to be sensitive personal data.

Onward Transfer


  • HPE does not transfer personal information provided by covered individuals to third parties unless those third parties promise to give the data the equivalent level of protection that HPE provides.
  • As a global company operating in many locations around the world, HPE may use Global Delivery Centers located outside of the country where the data is collected.

Enforcement/Oversight


  • HPE uses best commercial practices to obtain personal information by lawful and fair means.
  • HPE complies with relevant privacy and data protection laws in the locations in which HPE operates.

HPE addresses complaints or disputes regarding personal information promptly and courteously.

4

Contacts

Online: Feedback form
Offline:

Canada, Most of Latin American, and US:
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
3000 Hanover Street
Palo Alto, California 94304
USA

Mexico:
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
Prolongación Reforma No. 700
Colonia Lomas de Santa Fe
México, D.F., C.P.01210

Europe, Middle East, Africa, Asia Pacific and Japan:
Hewlett Packard Enterprise
Office of General Counsel– ATTENTION PRIVACY
MS 250 1 Avenue du Canada
Les Ulis -91947 – France


Version date: November 2015

5

Related Privacy links: