Effective as of October 15, 2012
Akamai's handling of personal data in its commercial businesses can be broadly separated into four areas:
I. Akamai's primary business is distributing content, streaming media, and delivering applications for our business customers, in which Akamai serves as a conduit for information controlled by others.
II. Like most businesses providing services to other businesses, Akamai may acquire personally identifiable information of employees of businesses considering or using Akamai services.
III. Akamai offers enhanced data services to business customers, including some that help publishers and advertisers across our customer base gather non-personally identifiable information about, and gain better insight into, their consumer end users.
IV. As Akamai's business develops, Akamai may also offer services on its own behalf or on behalf of business customers directly to consumers that could involve the collection, use or disclosure of personally identifiable information unless otherwise directed by our business customers.
Please note that if you link to a third party site from Akamai, any information you provide to that site and any use of that information by the third party are not under the control of Akamai and are not subject to this Privacy Statement. You should consult the privacy policies of each site you visit.
I.DISTRIBUTING CONTENT, STREAMING MEDIA, DELIVERING APPLICATIONS FOR OUR BUSINESS CUSTOMERS.
1. Akamai functions as an intermediary service provider to Internet businesses.
Akamai is a business-to-business provider of Internet services, providing delivery of Internet content, streaming media and applications, so that consumers can receive the Web's content and applications with enhanced performance, reliability and richness. Akamai's business customers receive access to our communication networks. Akamai then transmits the content these customers have chosen to move through Akamai's large, ever-expanding global installation of servers. In providing these services, Akamai acts purely as a conduit to enhance communications whose content is chosen by others. Akamai does not initiate these transmissions, does not select the persons receiving the transmission, and does not select or substantively modify the content of the information contained in the transmission.
2. Akamai may store data automatically in order to transmit it efficiently. The data may be stored briefly or for a longer period of time, as determined by the technical requirements Akamai develops through working with our business customers.
Akamai speeds the delivery of content and applications for customers through using automatic, intermediate, and temporary information storage to make the onward transmission of that information to other recipients more efficient. Temporary storage processes retain information only so long as is reasonably necessary to transmit the data. Intermediate storage processes retain information only so long as is reasonably necessary for continued transmission, to maintain the security of the network and the data, to permit the company to monitor and improve our performance, for related administrative purposes, or as required by our business customers. In some cases, data may be stored by Akamai for an extended period.
3. Akamai's processing of data is determined by our business customers.
When processing data on behalf of business customers as an intermediary service provider, Akamai does not collect, use, or disclose personally identifiable consumer information, except as directed by Akamai's business customers. Akamai complies with any conditions on access to information requested by Akamai's business customers, and maintains as confidential the proprietary business information of Akamai's business customers, as is set forth in our contracts with them.
4. Akamai removes data that is no longer needed, data that it has reason to believe is being used to facilitate illegal activity, or data which should legally be disabled.
Akamai routinely removes data from its system after the data is no longer needed, but may store information for a variety of administrative and systems purposes for extended periods. Akamai will act expeditiously to remove or to disable access to information it has stored upon obtaining actual knowledge that the information at the initial source of the transmission has been removed from the network and removal is now sought, or that access to it has been disabled, or that a court or an administrative authority has ordered such removal or disablement. Should Akamai become aware of facts or circumstances that make it apparent that our network is being used to facilitate illegal activity, upon obtaining such knowledge, Akamai will act expeditiously to remove or disable access to the information.
5. Akamai is primarily a business-to-business company that respects obligations to consumers to protect their privacy.
Akamai is primarily a business-to-business provider of outsourced e-business infrastructure services. Our customers include enterprise companies, major Internet portals, software companies, and business-to-consumer sites. We commit to our business customers to provide secure, outsourced e-business infrastructure services and software enabling them to reduce the complexity and cost of deploying and operating a uniform Web infrastructure. In serving our business customers, we respect the privacy and security of their consumer customers and other end users. Many of Akamai's business customers have found that counting hits, placing cookies, and dynamically generating pages are essential to their Internet businesses. Akamai may report such non-personally identifiable information to its business customers about the quantity of and delivery location of information. Such information may include historical information to run customized analyses, focusing on such data as "IP" addresses, identifying usage patterns associated with addresses owned by internet service providers, or geographic concentrations of internet usage. In processing such aggregate data, Akamai does not collect, use or disclose personally identifiable information unless directed by its business customers to do so.
6. As a global company, Akamai acknowledges the importance of international standards to protect personal privacy.
As an intermediary service provider, Akamai does not on its own behalf collect, use, or disclose such personally identifiable consumer or end-user information as names, addresses, and e-mails. Akamai expects any of our business customers who do collect, use or disclosure such information and who use Akamai to process that information to adhere to fair information privacy standards, including the following principles:
Notice and Communication. We expect our business customers to communicate explicitly with consumers and other end-users about data collection and use and to identify the purpose for which personally identifiable information is collected and the extent to which it may be shared, by prominently posting clear, human-readable privacy policies on their business to consumer web sites.
Choice, Consent and Control. We expect our business customers to limit their requests for information from consumers to the information necessary for fulfilling the level of service desired by the user. We expect them to obtain informed consent prior to the collection and use of personally identifiable information and to provide users information about their ability to review and when appropriate to correct personally identifiable information. Among the rewards of such an approach are reduced user frustration, increased trust, and the facilitation of consumer relationships through anonymous, customized, or personalized relationships, as appropriate, between our business customers and their consumer customers.
Fairness and Integrity. We expect our business customers to treat users and their personally identifiable information with fairness and integrity. We expect our business customers accurately to represent their information practices in a clear and unambiguous manner, to use information only for the purpose stated and retain the information only so long as is necessary, to ensure that information is accurate, complete and up-to-date, and to provide the means to insure accountability and provide recourse.
7. Akamai maintains the security of data on our system to protect against possible loss, misuse or alteration.
At Akamai, our systems make use of a variety of mechanisms to protect personally identifiable information processed through our systems and stored by our business customers regarding their users against loss, misuse or alteration. These include administrative, physical and technical precautions to help protect the confidentiality, security and integrity of personally identifiable information stored on our system. Akamai uses appropriate trusted protocols for the secure transmission of data.
8. Akamai will act to protect your privacy if it learns your data is being abused.
Akamai is committed to abiding by all applicable U.S. and international laws protecting consumer privacy. Since in our capacity as an intermediary service provider we do not collect such key personal identifiers as name, address, and e-mail from consumers, we rely on business customers who may collect such data to abide by their commitments to their consumer customers. Should our business customers fail to meet those commitments, we want to know about it. If you believe any business using Akamai's services may have failed to live up to the legal commitments they have made to protect your privacy, please tell us at email@example.com. We will act expeditiously to bring your complaint to our business customer, and to remove or to disable access to any identifiable personal information regarding a data subject we may have stored upon obtaining actual knowledge of the fact that the information may have been obtained in violation of a privacy law or agreement.
9. Akamai will act to protect propriety information if it learns proprietary data is being abused.
As is set forth in our contractual agreements with our business customers, Akamai respects the confidentiality of proprietary information. If you believe that Akamai or anyone using Akamai's services may have failed to live up to any legal commitments they have made to protect proprietary information, please notify us and we will undertake a review of the issues you have raised in an effort to reach a prompt and proper resolution. We will act expeditiously to remove or to disable access to any proprietary information whose confidentiality could be at risk upon obtaining actual knowledge of the fact that the access could violate a contractual obligation or any relevant law governing the uses of such information.
II.PERSONALLY IDENTIFIABLE INFORMATION OF EMPLOYEES OF BUSINESS CUSTOMERS.
1. Akamai may collect, store and use personally identifiable information of employees of our business customers to enable us to provide products, services and information to existing or potential business customers.
In order to provide products and services to our business customers, Akamai has constant communications with the employees of these business customers in the scope of their employment. From time to time, Akamai, like most businesses, may collect, store and use personally identifiable information regarding these employees in connection with business communications. This information may include names, company names, addresses, telephone numbers, facsimile numbers, and e-mail addresses. In addition, Akamai may ask employees of business customers for web site addresses, product interests, and credit-related information with respect to product purchases and other information.
2. Akamai may acquire personally identifiable information concerning employees of other companies through authority, permission, or consent.
Akamai may acquire personally identifiable information regarding the employees of potential or existing business customers from a variety of sources. Such information may come from public sources and records, such as telephone, Internet, or business directories, or public maps and records. Other personally identifiable information may be provided to Akamai by the employees themselves, or by their employer or its agents.
3. Personally identifiable information collected from employees of businesses may be acquired, stored, processed, and used by Akamai from time to time for marketing purposes.
Akamai may use personally identifiable information regarding employees of businesses for business communication and marketing purposes. We do not currently but may in the future provide such information to our vendors, suppliers and business partners to provide an employee of a business with a product or service requested by the employee or the employee's business or to improve the operation and maintenance of our business services. We expect anyone to whom we disclose personally identifiable information of an employee of a business, not to use or disclose the employee's personally identifiable information for other purposes, although we cannot guarantee how other vendors, suppliers, or business partners will actually use such information.
III. AKAMAI ENHANCED DATA AND CONSUMER PRIVACY
Akamai provides market-leading managed services to business customers for powering rich media, dynamic transactions, and enterprise applications online. Some of these services help publishers and advertisers across our customer base gather non-personally identifiable information about and gain better insight into their consumer end users which, in turn, enables our customers to provide more personalized on-line experiences, including through better targeted advertising.
Information We May Collect About Consumers
The information that Akamai finds useful to provide the enhanced data services mentioned above does not require the identification of individual people. As a result, Akamai does not collect, store, or use personally identifiable information such as names, addresses, e-mails, phone numbers or social security numbers from the consumer end users of our business customers on our own behalf. Akamai also does not integrate the information we collect with names, addresses, e-mails, or other data in a way that would allow us to identify any individual person. To read Akamai's Policy on the Use of Health-Related Information in Online Behavioral Advertising, please click here.
Using Data to Provide Better Insight
As mentioned above, Akamai uses the non-personally identifiable information we collect to provide our business customers with better insight into their consumer end users, thereby enabling them to provide more personalized on-line experiences, including through better targeted advertising. In addition, Akamai may use the information we collect to support and complete current on-line interactions between our business customers and their consumer end users, to facilitate Web site and system administration, and for research and development. Akamai may also distribute the information we collect on our own behalf to other Akamai companies, our agents, and our business customers, so long as they agree not to integrate such information with names, addresses, e-mails or other data in a way that would allow them to identify an individual person.
How to Contact Us
As specified above, in providing managed services and creating Akamai enhanced data, Akamai seeks to maintain the anonymity of individuals whose data may be collected, used, or disclosed by Akamai. Akamai wants to know if you believe your personally identifiable information has been improperly used, and is prepared to respond appropriately. Should you have reason to believe Akamai or our business customers have failed to protect your personally identifiable data properly, we want to know about it. Please contact us at firstname.lastname@example.org. We will act expeditiously to remove or to disable access to any identifiable personal information regarding an individual we may have stored upon obtaining actual knowledge of the fact that the information may have been obtained in violation of a privacy law or agreement.
Akamai believes in giving consumers choice. To enable this choice, we provide consumers with the ability to opt out of allowing Akamai to collect non-personally identifiable information to enable our business customers to customize their Web sites through targeted advertising. If you would like to exercise your right to opt-out of this use of your non-personally identifiable information you can do so by visiting the Network Advertising Initiative's Web site. The NAI is a coalition of leading online advertising companies, including Akamai, committed to shaping and enforcing responsible privacy practices for online behavioral advertising and related business practices. To visit the NAI’s Web site and use the NAI opt-out tool, please click here. While visiting visit the NAI's Web Site you can also opt out of having other NAI member advertising networks collect non-personally identifiable information for use in targeted advertising. When you opt-out using this method Akamai(or other NAI member companies you choose to opt-out from) will place an opt-out cookie on your browser. You should note that if you delete, block or otherwise restrict cookies, or if you use a different computer or browser, you may need to renew your opt-out choice. Once you have opted out, Akamai will no longer use information we have collected to help deliver targeted advertisements. However, we may use such information for related purposes described above, including to support and complete current on-line interactions between our business customers and their consumer end users, to facilitate Web site and system administration, and for research and development, as well as for other purposes unrelated to targeted advertising.
IV. PERSONALLY IDENTIFIABLE INFORMATION ON INDIVIDUAL CONSUMERS.
1. Except as required by law or recognized public policy, Akamai will not knowingly collect, store or use sensitive personal data, except with the individual's permission.
2. Akamai recognizes standard domestic and international legal and public policy exceptions to non-disclosure.
Important exceptions to the general rule of non-disclosure without permission have been codified internationally in such privacy laws as the 1995 EU Privacy Directive, Title V of the U.S. Financial Services Modernization Act in 1999, and Canada's Personal Information Protection Act (C-6). In general, information processors such as Akamai may collect, maintain and use personally identifiable information that could be considered sensitive or controversial with the consent of the subject of the personally identifiable information, or when the processing is necessary for the performance of a task carried out in the public interest, such as processing or publication of material from public record sources or the public media. In addition, Akamai recognizes other standard legal and public policy exceptions to non-disclosure set forth in these and other relevant statutes. Akamai may therefore collect, use and disclose personally identifiable information necessary for the establishment, exercise or defense of legal claims, as required by law, or where the collection, use and disclosure is necessary for the purposes of preventive medicine, medical diagnosis, the provision of care or treatment or the management of health-care services. For example, Akamai may maintain such data in our system for a business customer using Akamai to store or process health insurance records for the purposes of the coordination of insurance benefits, in conformity with applicable national privacy and security requirements. As provided by applicable U.S. federal law, Akamai may also disclose personally identifiable information without the consent of the individual to protect the confidentiality or security of the firm's records pertaining to the customer, the service or product, or the transaction, to protect against or prevent actual or potential fraud, for institutional risk control, to resolve customer disputes or injuries, and for various other purposes provided by law.
3. Akamai will provide consumers meaningful notice and choice before collecting personally identifiable information on them.
4. Akamai will use our best efforts to stop the processing of any disputed personally identifiable information upon notification by an individual that there may be a problem.
If you believe Akamai may be processing or maintaining sensitive or personally identifiable information pertaining to you without your consent, or in violation of applicable domestic or international laws, please let us know at email@example.com. We will act expeditiously to disable access to any sensitive or personally identifiable information about you we may have obtained, while we work to investigate your complaint and to resolve the problem.
5. Akamai will respect FTC regulations and other applicable federal and state laws governing the handling of personally identifiable information in connection with the purchase, sale, or transfer of the assets of a business.
Recent federal bankruptcy litigation and FTC actions have highlighted new questions regarding the handling of personally identifiable information in connection with the resolution of a company's assets involving the liquidation of those assets. These questions may also have implications for the purchase, sale or transfer of personally identifiable information in connection with other forms of corporate restructuring. Although this area of U.S. law has been in flux, Akamai is committed to respecting FTC regulations and any other applicable state and federal laws regarding the purchase, sale or transfer of personally identifiable information in connection with any form of purchase, sale or transfer of the assets of a business.
6. Akamai does not currently knowingly collect, use and disclose personally identifiable data on children under the age of 13. Akamai will comply with the Children's Online Privacy Protection Act of 1998 if Akamai were to offer services to children under the age of 13.
In general, any data on children that might be processed or stored by Akamai would be processed without modification through Akamai's role as an intermediary services provider for other businesses. In the event that Akamai were to collect, use or disclose personally identifiable data on children on its own behalf and not as an intermediary services provider, Akamai will comply with the Children's Online Privacy Protection Act of 1998 ("COPPA") at that time, including but not limited to by obtaining verifiable parental consent, offering choice regarding disclosures to third parties, and providing parental access to information.