When we collect information
We collect personal information about you if you visit one of our facilities, request access to our network and/or computing assets apply for a job with us, or have a type of business relationship with us. We will collect your personal information via the following methods:
- By recording details you provide to us (communications with us through emails, calls, or via our websites);
- By visiting one of our facilities; and/or
- By engaging in a consulting, customer, vendor or other type of business agreement with us.
Information We Collect
The types of personal information users of our Sites may submit include:
- contact information (such as name, postal address, telephone number and email address);
- visitor information (such as full name, home address, email address, personal telephone number, company name, business contact information, citizenship/U.S. person status, government ID number, security clearance information, date of birth, passport and/or photograph);
- employment/consultant information (such as name, title, division, personal and business address, fax number, phone number, email address, W-8BEN form, W-9 form, biography with work history, photo, banking information provided with invoices, business reference information including name and contact information and employer);
- login credentials for the Sites (such as IP address of the computer/personal device that you use to access our network, approximate location information from where you access our network and information about your device and browser);
- other personal information submitted by current or prospective suppliers and subcontractors, such as Social Security number, diversity-related information (such as ethnicity), federal tax ID number, disability status, and civil and criminal court history;
- other personal information submitted by job applicants, such as a résumé or C.V., work authorization information, salary history, education history, information about security clearances, citizenship information and, for jobs with U.S.-based Arconic entities, ethnicity, race and gender; and
- other personal information found in content that users provide.
Information We Collect by Cookies and Other Related Technology
The Legal Basis for Using Your Personal Data
We will only collect, use and share your personal data where we are satisfied that we have an appropriate legal basis to do this. This may be because:
- you have provided your consent to us using the personal data;
- our use of your personal data is in our legitimate interest as a commercial organization (for example our legitimate interests in communicating with you – in these cases we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the “Your Rights and Choices” section below);
- our use of your personal data is necessary to perform a contract or take steps to enter into a contract with you (for example where you are one of our consultants, customers or vendors); and/or
- our use of your personal data is necessary to comply with a relevant legal or regulatory obligation that we have for example fulfilment of a court order.
If you would like to find out more about the legal basis for which we process personal data please contact us at GDPR@arconic.com.
|Personal Data Processed||Reason for Processing||Legal Justification|
|Personal data processed for visitors may include: Full name, home address, email address, personal telephone number, company name, business contact information, citizenship/U.S. person status, government ID number, number, security clearance information, date of birth, and/or passport number||To provide you with physical access to a Lockheed Martin facility or logical access to our network, and/or checking security clearance status;||Consent, our legitimate interests, or necessity for performance of a contract|
|Still photograph or video via CCTV.||Facility security||Legitimate interest|
|Name, personal and business address, fax number, phone number, email address, W-8BEN form, W-9 Form, biography with work history, photo, banking information provided with invoices, business reference information including name and contact information||Communicate with you in the context of a contractual agreement which we have with you; facilitate payments to you; fraud prevention; and/or communicate with you regarding our products and services||Performance of a contract, our legitimate interests|
How We Use the Information We Collect
We may use the information described above to:
- provide products and services;
- send you promotional materials or other communications;
- communicate with you about, and administer your participation in, special events, programs, offers, surveys and market research;
- respond to your inquiries;
- process employment applications, including by assessing qualifications, verifying information, and conducting reference or other employment-related checks;
- evaluate potential suppliers and subcontractors and manage our relationships with them;
- provide and administer human resources services for Arconic employees;
- perform data analyses (including anonymization and aggregation of personal information);
- operate, evaluate and improve our business (including developing new products and services; enhancing and improving our products and services; managing our communications; analyzing our products, services and communications; and performing accounting, auditing and other internal functions);
- protect against, identify and prevent cybersecurity and other security events, espionage, fraud and other unlawful activity, claims and other liabilities; and
- comply with and enforce applicable legal requirements, relevant industry standards and our policies.
We also may use the information in other ways for which we provide specific notice at the time of collection.
Information We Share
We do not sell or otherwise disclose personal information we collect about you, except as described in this Online Privacy Notice. We share your information in the manner and for the purposes described below:
- within Arconic, where such disclosure is necessary to provide you with our services or to manage our business;
- with third parties who help manage our business and deliver services. These third parties have agreed to confidentiality restrictions and use any personal data we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us. These include IT service providers; and/or
In addition, we may disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government entities, and (iii) when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual espionage, cybersecurity or security events or other fraudulent or illegal activity. We also reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, spin-off, dissolution or liquidation).
Transferring Personal Information Globally
Arconic operates on a global basis. Accordingly, your personal data may be transferred and stored in countries outside the EU (including Canada, the United States, Mexico, China, Brazil, South Korea, Japan, Australia and Russia) that are subject to different standards of data protection. Arconic will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
- we ensure transfers within Arconic will be covered by an agreement entered into by members of Arconic (an intra-group agreement) which contractually obliges each member to ensure that personal data receives an adequate and consistent level of protection wherever it is transferred within Arconic;
- where we transfer your personal data outside Arconic or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal data. Some of these assurances are well recognized certification schemes like the EU – US Privacy Shield for the protection of personal data transferred from within the EU to the United States; or
- where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal data are disclosed.
If you are located in the European Economic Area (“EEA”), we will comply with applicable legal requirements providing adequate protection for the transfer of personal information to recipients in countries outside of the EEA. With respect to transfers of personal information to the U.S., Arconic is certified under the EU-U.S. Privacy Shield framework developed by the U.S. Department of Commerce and the European Commission regarding the transfer of personal information from the EEA to the U.S. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov. For more information about the Privacy Shield Principles, please visit the Arconic U.S.-EU Privacy Shield Privacy Notice by clicking the following link: https://www.arconic.com/global/en/pdf/Arconic-Privacy-Shield-Privacy-Principles.pdf.
You have a right to contact us at GDPR@arconic.com for more information about the safeguards we have put in place to ensure the adequate protection of your personal data when this is transferred as mentioned above.
Your Rights and Choices
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal data. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us at GDPR@arconic.com . Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Right to access personal data
You have a right to request that we provide you with a copy of your personal data that we hold and you have the right to be informed of; (a) the source of your personal data; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal data may be transferred.
Right to rectify or erase personal data
You have a right to request that we rectify inaccurate personal data. We may seek to verify the accuracy of the personal data before rectifying it. You can also request that we erase your personal data in limited circumstances where:
- it is no longer needed for the purposes for which it was collected; or
- you have withdrawn your consent (where the data processing was based on consent), and where there is no other legal ground for the processing; or
- following a successful right to object (see right to object); or
- it has been processed unlawfully; or
- to comply with a legal obligation to which Lockheed Martin Corporation is subject.
We are not required to comply with your request to erase personal data if the processing of your personal data is necessary:
- for compliance with a legal obligation; or
- for the establishment, exercise or defense of legal claims; or
- for performance of a contract.
Right to restrict the processing of your personal data
You can ask us to restrict your personal data, but only where:
- its accuracy is contested, to allow us to verify its accuracy; or
- the processing is unlawful, but you do not want it erased; or
- it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
- you have exercised the right to object, and verification of overriding grounds is pending.
We can continue to use your personal data following a request for restriction, where:
- we have your consent; or
- to establish, exercise or defend legal claims; or
- to protect the rights of another natural or legal person.
Right to transfer your personal data
You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
- the processing is based on your consent or on the performance of a contract with you; and
- the processing is carried out by automated means.
Right to object to the processing of your personal data
You can object to any processing of your personal data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
Right to object to how we use your personal data for direct marketing purposes
You can request that we change the manner in which we contact you for marketing purposes. You can request that we do not transfer your personal data to unaffiliated third parties for the purposes of direct marketing or any other purposes.
Right to obtain a copy of personal data safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Union. We may redact data transfer agreements to protect commercial terms.
Right to lodge a complaint with your local supervisory authority
You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal data. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
How We Protect Personal Information
We have implemented and maintain appropriate technical and organizational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to such information appropriate to the nature of the information concerned. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect User IDs and passwords please take appropriate measures to protect this information.
Storing your personal data
We will store your personal data for as long as is reasonably necessary for the purposes for which it was collected, as explained in this notice. In some circumstances we may store your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.
In specific circumstances we may store your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.
Links to Other Websites
Our Sites may provide links to other websites for your convenience and information. These websites may operate independently from us. Linked sites may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for the websites’ content, any use of the websites, or the privacy practices of the websites, even though you may enter that site directly from visiting ours.
Updates to Our Online Privacy Notice
This Online Privacy Notice may be updated periodically and without prior notice to you to reflect changes in our personal information practices. We will post the updated version on our Sites and indicate at the top of the notice when it was most recently updated.
How to Contact Us
If you have any questions or comments about this Online Privacy Notice, or if you would like us to update information we have about you or your preferences, please contact us by writing to us at:
Attn: Corporate Communications/Privacy
201 Isabella Street
Pittsburgh, PA 15212
Because Arconic offers a wide range of online business opportunities for its customers, the amount of information Arconic needs to collect in order to serve you in a particular business transaction will sometimes vary from case to case. Regardless of the amount of information collected, the principles listed above will apply. Wherever Arconic collects personal information, you will find a link to an Arconic privacy statement. If you choose not to provide some information, for example to enable confirmation of credit status or contact information to permit sending you requested information, it may not be possible for you to proceed with your chosen business activity with Arconic.
ARCONIC COOKIE NOTICE
What Are Cookies and Similar Technologies?
A cookie is a small text file that a website places on your browser. Cookies are used by most websites for security, to learn about and improve upon how users navigate a website, or to enable various features. For example, cookies can allow the website to save your password, determine whether it is your first visit to the website and how long you stayed on each page, determine if you were brought to the website from another website, and other similar information.
Similar technologies, such as web beacons or pixel tags typically function through the use of small files, such as a GIF or PNG, which are opened on a page, ad, or in an email. The request for these files from a server reveals certain information, such as your browser type, IP address, and other information. Tracking pixels (sometimes referred to as web beacons) are electronic tags with a unique identifier embedded in websites, online ads and/or email, and that are designed to provide usage information such as ad impressions or clicks, measure popularity of the Digital Sites and associated advertising, and to access user cookies. We may also use these automated technologies to collect, analyze, and correlate with other tracking technologies certain information related to the devices you use to access the Digital Sites, such as IP addresses, browser type and version, browser language, OS version, unique device identifiers, and other information about your computer(s) and/or mobile device(s), to the extent made available by your device, OS, or your chosen configuration or choices. In certain cases, these technologies may be used to identify your device or browser through a common process known as “device fingerprinting.”
Other tracking technologies also include locally shared objects (also known as ‘Flash cookies,’) HTML cookies, or other tracking software that stores data on your device on behalf of third parties. These files may be installed through your browser or other software on your computer that is used by your browser. These files may be installed by us or a third party. To control the storage of data through such software, users may be required to change their preferences in the software itself, through a browser, or through the use of specialized add-ons or plug ins.
What Is the Difference Between Session And Persistent Cookies?
All cookies have a time limit for which they will be stored. Cookies are typically classified as “session cookies” or “persistent cookies” depending on how long they will be stored. Session cookies remain on your browser while you are logged on to a particular website and typically ‘expire’ or are deleted from your device when or shortly after you leave the website, close the browser, or when you delete them. Persistent cookies remain on your device for longer periods of time, sometimes indefinitely, or until you delete them.
How Can These Technologies Affect My Privacy?
What cookies/technologies do you use and how do you use/share them?
Please note, the specific cookies and technologies we use are subject to change without notice. We may use third-party analytics providers who use tools, such as Google Analytics, to enhance our website analytics. See your browser’s settings menu for a list of the cookies currently in use on our Sites. You may contact us using the information below if you have questions about any specific cookie or other technology.
We generally use the following types of cookies and similar technologies on our Sites:
Essential and functional cookies/technologies
Our Sites typically use certain cookies, web beacons and tracking technologies that enable various operations on the webpage. For example, our browser-based Sites request the installation of essential cookies to maintain an active session, or keep you logged in to your account. Our browser-based Sites may similarly request the installation of a cookie for various functions, for example, if you would like your browser to remember your username or password, or stay logged in after a session has ended. Our use of essential technologies may occur regardless whether you have provided your consent. Our functional technologies may be used without your consent, or you may consent implicitly through your use of a particular feature or browser configuration. Please note, if your browser does not accept cookies, these features may not work properly or your experience may suffer.
These cookies, web beacons and tracking technologies are generally used in order to improve the performance of our Sites, and to learn how users arrive at and interact with the features of our Sites or other Sites. These cookies or technologies may be provided or controlled by us or our trusted third-party service providers. For example, we currently work with certain analytics providers (such as Google) who the analysis of the usage of our Sites. This information may be analyzed in the aggregate by our third-party partners, or linked by us to other information we hold about you.
Advertising and targeting-related cookies/technologies
This collection and ad targeting takes place both on our Sites and on third-party websites that participate in the ad network, such as websites that feature advertisements delivered by the ad network. We may also share information about your use of our Sites with our advertising and analytics partners, and we may link data derived from these technologies with other information we hold about you (for example, if you are a guest with us or have an account). This process also helps us track the effectiveness of our marketing efforts, and learn more about the products and services that are of interest to our guests and customers. We and third-party vendors use third-party technologies together to report how your ad impressions, uses of advertising Sites, and your interactions with these ad impressions and/or ad Sites are related to visits to our Sites.
How Can I Delete Cookies or Withdraw My Consent?
You can control cookies, web beacons and tracking technologies or withdraw your consent to information collection in several ways. First, many browsers allow you to change the settings such that the browser will either allow or block the installation of cookies. You may delete all cookies stored by your browser using your browser’s privacy menu.
If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp or if you are located in the EU, at http://www.youronlinechoices.eu/. For more information about how to control cookies or other choices online, please visit http://www.allaboutcookies.org/manage-cookies.
Please note, most modern browsers include a “do not track” feature that may help protect your privacy, however our Sites do not currently respond to do-not-track requests (although third party policies may vary).
Updates to This Policy