Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.
We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of personal data include: full name, home address, email address, date of birth, digital identity, such as a login name or handle, information about your device, and certain metadata.
“Sensitive Personal Data” refers to a smaller subset of personal data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation. Leonardo DRS does not collect or use Sensitive Personal Data and asks that you do not provide Sensitive Personal Data to us.
We collect Personal Data in the following ways:
The technologies we use for this automatic data collection may include:
4.0 Information Collected Related to California Residents
During the last twelve (12) months, we have collected the following categories of personal information from Users.
Type of Identifiers We Collect
Name, billing address, shipping address, email, phone number, zip or postal code, unique personal identifier, Internet Protocol address, and user name and password.
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
A name, address, telephone number, financial account information, education, medical information and employment history.
Protected classification characteristics under California or federal law.
Age, racial or ethnic origin, sex, sexual orientation.
Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other similar network activity.
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement, cookies.
Professional or employment-related information
Professional or employment-related information, such as work history and prior employer, human resources data and data necessary for benefits and related administrative services.
We obtain the categories of Personal Data listed above from the following categories of sources:
5.0 How We Use Information We Collect
We use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our Company and our Users.
We use information collected from cookies and other technologies, to improve your user experience and the overall quality of our services. We may use your personal information to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it.
6.0 Our Legal Basis for Collecting Personal Data
Whenever we collect Personal Data from you, we may do so on the following legal bases:
Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
We do not share Personal Data with companies, organizations and individuals outside of the Organization unless one of the following circumstances applies:
We attempt to notify Users about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
8.0 Your Failure to Provide Personal Data
Your provision of Personal Data is required in order to use certain parts of our services and our programs. If you fail to provide such Personal Data, you may not be able to access and use our Services and/or our programs, or parts of our Services and/or our programs.
9.0 Our Retention of Your Personal Data
We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our programs and Services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
In the preceding twelve (12) months, we have disclosed the following categories of Personal Data for one or more business purposes:
We disclose your Personal Data for a business purpose to the following categories of third parties:
We may disclose your Personal Data for legal reasons. Specifically, we will share Personal Data with companies, organizations or individuals outside of Leonardo DRS if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
We attempt to notify Users about legal demands for their Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
We may disclose your Personal Data in the event of a business transfer. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. In the event that Leonardo DRS itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.
11.0 Do Not Sell Personal Data
In the preceding twelve (12) months, we have not sold any Personal Data.
You may have certain rights relating to your Personal Data, subject to local data protection law. Whenever you use our services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Data we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that Personal Data we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.
12.1 Rights Specific to California Residents
Under the California Consumer Privacy Act, California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.
Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.
Exercising Your Rights
If you are a California resident who chooses to exercise your rights, you can:
You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.
Our Response to Your Request
Upon receiving your request, we will confirm receipt of your request by sending you an email. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.
We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Data for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
12.2 Privacy Rights Specific to European Union Residents
The European Union’s General Data Protection Regulation (“GDPR”) may provide you with certain rights in connection with Personal Data you have shared with us. If you are a resident in the European Economic Area, you may have the following rights:
To make these requests, you may contact us using the contact information below, and we will consider your request in accordance with applicable laws.
Changing or Deleting Your Information
You may update or correct information about yourself by making changes in your account, or emailing us at email@example.com. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.
We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.
13.0 Our Opt-in/Opt-out Policy
We currently provide the following opt-out opportunities:
The Sites may contain links to webpages operated by parties other than Leonardo DRS. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party's website. Leonardo DRS strongly recommends that each User review the third party's terms and policies.
We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data.
If we transfer your Personal Data out of your jurisdiction, we will implement suitable safeguards and rely on legally-provided mechanisms to lawfully transfer data across borders to ensure that your Personal Data is protected. It is our policy to, where required by applicable laws, execute a Data Privacy & Data Security Addendum and Standard Contractual Clauses with third parties with whom we may share Personal Data.
EU-U.S. Privacy Shield
Leonardo DRS has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
If your complaint is not satisfactorily addressed, and your inquiry or complaint involves human resources data transferred from the EU in the context of the employment relationship, you may have your complaint considered by an independent recourse mechanism: for EU/EEA Data Subjects, a panel established by the EU data protection authorities (DPA Panel). To do so, you should contact the state or national data protection or labor authority in the jurisdiction where you work. DRS agrees to cooperate with the relevant national DPAs and to comply with the decisions of the DPA Panel. Please do not refer human resources data inquiries or complaints to the BBB EU PRIVACY SHIELD.
If your complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We will disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In addition, our organization retains liability in cases of onward transfers to third parties.
16.0 How We Protect Personal Data
Leonardo DRS maintains administrative, technical and physical safeguards designed to protect the User's Personal Data and information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.
The Site is not intended for use by children. We do not intentionally gather Personal Data about visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 16 in the applicable jurisdiction, please contact us at firstname.lastname@example.org. If we learn that we have inadvertently collected the personal information of a child under 16, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
18.0 Direct Marketing and “Do Not Track” Signals
Leonardo DRS does not track its Users over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.
California residents are entitled to contact us to request information about whether we have disclosed personal information to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of personal information to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your personal information with third parties for marketing purposes at any time by submitting a request to email@example.com. California Users may request further information about our compliance with this law by e-mailing us at the address listed in the “How to Contact Us” section.
Send e-mail to: firstname.lastname@example.org
Send mail to our address:
Leonardo DRS, Inc.
Blake M. Guy
VP, Corporate Counsel
2345 Crystal Drive, Suite 1000
Arlington, VA 22202
U.S. based covered entities: Laurel Technologies Partnership d/b/a DRS Laurel Technologies; DRS Surveillance Support Systems, Inc.; DRS C3 & Aviation Company; DRS Radar Systems, LLC; DRS Naval Power Systems, Inc.; DRS Power Technology, Inc.; Engineered Coil Company d/b/a DRS Marlo Coil; Pivotal Power Inc. d/b/a DRS Pivotal Power; DRS Environmental Systems, Inc.; DRS Sustainment Systems, Inc.; DRS Network & Imaging Systems, LLC; DRS Defense Solutions, LLC; DRS Signal Solutions, Inc., DRS Global Enterprise Solutions, Inc.; DRS Training & Control Systems; LLC, DRS Advanced ISR, LLC, DRS Unmanned Technologies, Inc.; DRS Systems, Inc.; DRS Homeland Security Solutions, Inc.; DRS Systems Management, LLC; Tech-Sym, LLC; DRS International, Inc.; T-S Holding Corporation; ESSI Resources, LLC; Engineered Support Systems, Inc.; Advanced Acoustic Concepts, LLC; Oto Melara North America, LLC; Global Network Services, LLC; Daylight Solutions. Inc. d/b/a DRS Daylight Solutions, Inc.; Daylight Defense, LLC d/b/a DRS Daylight Defense, LLC