Akamai Technologies, Inc. and its wholly owned and operated global affiliates (together “Akamai”) are committed to compliance with privacy laws and legislation in the countries in which it operates, as well as respecting generally the privacy rights of the individuals. This privacy statement explains what personal data Akamai collects or otherwise processes about you, either through our direct interactions with you (e.g., as a customer or a visitor to our websites) or through your interactions with an Internet site or application of one of our customers, as well as how and why we use (process) that data.
This statement covers the following topics. Use the links provided below to jump directly to any points of interest.
What Personal Data Does Akamai Collect?
Data collected through direct interactions with Akamai
Akamai collects data from individuals with whom it interacts in person, as well as via interactions with its various Internet sites and online portals. This data is collected in order to operate efficiently; allow interaction to provide information regarding Akamai products and services; protect the company’s networks, systems, data, and visitors; and to personalize our interactions to provide the best experiences with our sites and services. You provide some of this information directly, for example when using Akamai’s sites and portals; registering for an Akamai event, webcast, or training; visiting the Akamai booth; accessing resources (such as publications and white papers) available online; or speaking to one of our representatives. We collect other data through your interactions with our websites and services using technologies like cookies and methods for obtaining usage and device data. For more information about the technologies, such as cookies, used and your choices regarding them, see the “Cookies, Web Beacons, and other Technologies
” section of this statement.
Data is collected at your consent through your use of the site or explicitly via consent requests. When asked to provide personal data, you may decline. If you decline to provide information required to obtain a product or service or access a feature, you may be unable to use that product, service, or feature.
The data collected depends upon the nature of your interaction with Akamai and the products, services, and features you use, as well as any decisions you make about providing data, including decisions through privacy settings that you may set on your browser or device. Categories of data collected may include the following and apply with respect to both customer representatives and non-customers:
Contact Information and Name. This data includes first and last name, email address, postal address, telephone number, company name, and similar contact data.
Login Information and Credentials. If you use any of our online portals or communities, you may be asked to create an account and provide a login name, password, and similar security information for authentication and account access.
Employment, Job History, and Applicant Data. If you interact with Akamai or an online service provider used by Akamai to process employment applications, we collect information relating to your job history, educational history, resume, and related information used to evaluate candidates for employment with Akamai.
Device and Usage Data.
Akamai collects information about the device you use to access our sites, communities, and portals, and the interactions of you and your device with our web properties and applications. That personal data includes the Internet Protocol address (IP address) associated with your computer or device, the domain name of your Internet Service Provider, your device type and identifiers, browser type, operating system, the content or pages you view on the Akamai sites, time spent on Akamai sites, and similar usage and device information. For more information about the technologies, such as cookies, used and your choices regarding them, see the “Cookies, Web Beacons, and other Technologies
” section of this statement.
In some cases, you may provide such personal data via third-party service providers (such as job application sites or professional event coordinators) who then forward the data to Akamai. Such service providers perform business operations on Akamai’s behalf, such as sales, direct marketing, IT, or HR tasks. When we engage with such service providers, we seek assurances that the personal data about you was legally acquired and that we have the right to obtain such data from the service provider and to use such data for the described purpose. We also agree to terms to ensure the protection of your personal data.
Data collected or processed through interactions with an Akamai customer
Akamai is a global leader in content delivery and cloud security services designed to make the Internet fast, reliable, and secure for its customers. When you use the online services of one of Akamai’s customers, Akamai will process and collect certain data about you associated with your interaction with our customer’s services.
By using a customer’s website or application, personal data about you may be included in the content that is sent across Akamai’s network or that is stored on Akamai’s servers as part of your session with the customer’s website or application. We call this “End User Personal Data” and it may include login credentials; subscriber name and contact information; financial, payment, or other transaction information; or any other information relating to you as requested or provided through the use of the web services.
Akamai operates largely as a conduit for End User Personal Data collected, processed, and transmitted by its customers via the Akamai services. The customer determines what End User Personal Data is collected or otherwise used and how it will be processed by Akamai. The customer, therefore, will be responsible for compliance with applicable laws for such processing (e.g., appropriate end user notices or consents, and having chosen services appropriate for the type of End User Personal Data transiting Akamai’s servers). Absent a specific customer request, Akamai does not store or otherwise process End User Personal Data other than as required to provide the services purchased by the customer.
Akamai also collects network traffic data logged by Akamai servers, relating to the delivery of information over the Akamai platform, as well as (when our customer has purchased the relevant services) data associated with user activity and interaction with web and Internet protocol sessions transiting Akamai’s servers as part of your session with the customer’s web property. We call this “Logged Personal Data,” which may include the IP address used by your device, page activity data and URLs of sites you visit, country or region/city of origin based upon the IP address, and telemetry data (e.g., mouse clicks, movement rates, and user agent and related browser data).
Logged Personal Data may also be processed for purposes of billing, service issue resolution and service improvement (e.g., routing optimization), service troubleshooting, and aggregate reporting (i.e., reports that do not identify you or the customer).
Logged personal data is not collected or processed in a manner that allows Akamai to positively identify you (that is, while we know your IP address, we do not know who you are or your name, address, etc.).
How Does Akamai Use Personal Data?
Akamai uses the personal data that it collects for three basic purposes:
- Operation of our business, including providing, maintaining, developing, and improving our products and services (including identification and mitigation of security threats on the Internet) and providing recruitment services;
- Managing and supporting our relationship with our customers; and
- Communications, including promotional communications.
These purposes are discussed in greater detail below.
Operation of our business
The data collected by Akamai both through interaction with you directly and through your interactions with our customers is used to perform essential business operations and provide, maintain, and improve our products and services; including operating and maintaining our platform, improving performance, development of new features and capabilities, research, and customer support. Business operations uses include, for example:
Fulfillment of Transactions/Contractual Obligations. We use data to respond to requests from current and prospective customers, visitors to our sites, applicants, and other interested parties.
Personalization of Your Experience on Our Sites. We use the data collected to provide you with a personalized experience on our websites, communities, and portals, such as providing you with content in which you may be interested and making navigation on our sites easier. The data also is used to generate statistics about the usage and effectiveness of our sites and our service offerings, personalize your experience, and tailor our interactions with you.
Providing Support. We use data to provide you with technical support as requested. We also use data collected to troubleshoot and identify errors in our sites, communities, and portals, as well as with our platform and services.
Product Development and Improvement. We use data in the development of new products and services, and to improve and implement new features and capabilities in existing products. Logged Personal Data and other traffic data is used, for example, to derive and compile information relating to the type, nature, content, identity, behavior, signature, source, frequency, reputation, and other characteristics of malicious Internet traffic and activity.
Security. We use data to detect and prevent potential fraud and security risks to our platform and to our visitors and customers.
Recruitment. In connection with a job application or inquiry, whether advertised on an Akamai site or on a third-party platform, you provide us or such third-party service providers with personal data about yourself, such as a resume and contact information. We may use this data within Akamai in order to address your inquiry or consider you for employment purposes. Unless you tell us not to do so, we will keep your personal data for future consideration.
Managing and supporting our customer relationships
We use data collected about individuals representing our customers. This information is used to support our contracts and provide support for our services, provide access to customer service portals and communities, provide service training, communicate with customers, sell new services and features, troubleshoot issues, and other customer relationship related matters.
Communications, including promotional communications
We use data we collect to communicate with you, whether you are a visitor, prospective customer, existing customer, job applicant, or other interested party.
Promotional Communications. We use the personal data collected from your interaction with the sites to deliver marketing communications, special offers, or advertisements that may be of interest to you either directly or via third-party service providers.
You may decide not to be subject to such communications by contacting us as outlined in the “How to Contact Us
” section of this statement.
As part of any communications, we offer you the opportunity to choose whether or not we can use your personal data in this way. You may at any time choose not to receive marketing communications from us by following the unsubscribe instructions included in each email you may receive, by indicating so when we call you, or by contacting us as outlined in the “How to Contact Us
” section of this statement.
Some of our offerings may be co-branded, as they are sponsored by both Akamai and third parties. We share data with these third parties for promotional purposes.
We encourage you to familiarize yourself with such third parties’ privacy policies to gain an understanding of the manner in which they will handle personal data about you.
Mobile Applications and Social Computing Environment. Akamai makes available mobile applications for download from various mobile application marketplaces. Akamai also provides social computing tools on some of its sites to enable online sharing and collaboration among members who have registered to use them. These include forums, wikis, blogs, and other social media platforms.
When downloading and using these applications or registering to use these social computing tools, you are asked to provide certain personal data. Registration information will be subject to and protected in accordance with this statement, except for the personal data that is automatically made available to other participants in such social computing environment as part of your profile or settings. The processing of your personal data by these applications and tools may be subject to their respective privacy statements with specific information about personal data collection and handling practices. We recommend that you read those supplemental statements to understand how the tools and applications are processing your personal data.
We also provide “Live Chat” sessions to assist with our sites and contents. Please be aware that it is our general practice to monitor and in some cases record the live chats for staff training and quality assurance purposes and in certain cases to retain evidence of a particular transaction or interaction.
Customer Surveys and Service Improvements. As part of our customer relationship with you, we contact you (except in cases when you choose not to be contacted by us) via the personal data provided asking you to participate in our satisfaction surveys or in market research surveys. We use such surveys to improve our service offering and business operations to better serve you.
How Does Akamai Share Personal Data?
Akamai shares personal data among our wholly owned and controlled affiliates and subsidiaries globally. We also share data with vendors or agents working on our behalf for the purposes described in this statement. These companies or organizations must abide by our data privacy, confidentiality, and security requirements and are prohibited from using the data for any other purposes.
Akamai may share your data with your consent or as may be necessary to complete any transaction, fulfill a request, or provide you with a requested product or service either directly or through your interaction with one of our customers.
Akamai will share, transfer, access, disclose, and preserve personal data to the extent required, in our discretion, that such is necessary for:
Protection of the Rights and Property of Akamai and Others. We use and share the personal data you provide to protect the rights or property of Akamai, our business partners, third-party service providers, customers, or others when we have reasonable grounds to believe that such rights or property have been or could be affected.
Compliance with Applicable Law. We use and share personal data as required to comply with applicable law or regulation, respond to proper law enforcement requests or other valid legal process, or to comply with applicable government reporting obligations.
Corporate Transactions. Circumstances may arise where, whether for strategic or other business reasons, Akamai decides to sell, buy, merge, or otherwise reorganize businesses in one or more countries. In such cases, we may share the personal data collected within Akamai, with Akamai third-party service providers, or other third parties as reasonable to proceed with the negotiation or completion of a merger, acquisition, sale, or other corporate transaction.
In all cases, Akamai will seek reasonably appropriate protections for your personal data when sharing it with third parties and we share it only if the recipient agrees to comply with this privacy statement or has in place substantially similar privacy policies regarding the treatment of personal data and only after execution of a data protection agreement or a non-disclosure agreement.
Where Does Akamai Process Personal Data?
Akamai is a global organization with business processes, management structures, and technical systems that cross borders. As such, we share the personal data within the Akamai group and with our business partners, third-party service providers, and other third parties, and therefore transfer your personal data to countries in the world where we do business.
Safeguards for Transfer.
For any transfer of personal data outside the European Economic Area to a country which is deemed by the EU to have an inadequate level of data protection, Akamai has put in place with its affiliates, with its third-party service providers, and with its customers, the necessary safeguards and mechanisms to ensure that such transfers comply with applicable data protection laws. These safeguards include the EU Standard Contractual Clause
and Akamai’s EU-U.S. and U.S. – Swiss Privacy Shield certification
. In addition, Akamai may institute in the future in its discretion other lawfully approved mechanisms such as Binding Corporate Rules and Codes of Conduct. For transfers to third-party service providers, Akamai shall ensure that such entity maintains appropriate safeguards and shall have in place required data protection terms to ensure protection of personal data to the same degree as required of Akamai.
Akamai’s Legal Basis for Processing of Personal Data
As discussed above, Akamai processes personal data for a number of reasons. In all cases, Akamai ensures that such processing is legal, fair, and reasonable. The various processing activities are justified by varying legal bases under the GDPR and similar laws.
Data Processed for Promotional Communications. In those cases where data is collected in order to provide promotional materials or communications, Akamai’s processing is based upon the consent of the individual.
Data Processed to Provide a Service, Feature, or Functionality of a Website or Portal. In those cases where you are accessing or using a feature or service provided by Akamai, the basis for Akamai’s processing is either to provide a service requested by you or, when consent is requested on the website or portal, your consent.
Processing of Logged and End User Personal Data. Where Logged Personal Data is processed in order to provide, improve, and develop services and functionality, the legal basis for such processing is Akamai’s legitimate interest in providing services to its customers, and improving and developing service to support its business objectives and provide benefit to its customers and Internet end users. In the case of End User Personal Data processed as a result of your interaction with a customer website or service, Akamai will process such data on behalf of that customer subject to its instruction, and the legal basis for such processing will be determined by the customer.
Data Processed to Support Akamai Necessary Business Operations. Where Akamai processes personal data in order to support necessary business operations such as site operations and security, recruitment, site and service analytics, relationship management, and global operations, Akamai processes such data pursuant to its legitimate interest in maintaining viable and efficient business operations and support of necessary business functions (e.g., HR, Finance, etc.).
In all cases of data processing, Akamai considers the impact on the rights and freedoms of the individuals whose data may be part of the processing, and ensures that its processing activities do not contradict or place at unreasonable risk any such rights or freedoms.
How Does Akamai Secure Personal Data?
Akamai maintains administrative, technical, organizational, and physical measures designed, taking into account the nature of the data and the processing, the state of the art, the costs of implementation, and the potential for impact to the rights and freedoms of individuals whose data is being processed, to protect personal data in accordance with this statement and applicable laws against loss, and unauthorized access, use, alteration, and disclosure, Such measures include, by way of example, encryption in transit, two-factor authentication, and strict access controls. We also require that our third-party service providers protect personal data against unauthorized access, use, and disclosure as required under applicable laws.
How Long Does Akamai Retain Personal Data?
The retention of personal data collected depends on the purpose it has been collected for and the systems used to process the data. For example, we will retain your account data for our sites and communities for as long as your account is active. With respect to Logged Personal Data collected as a result of your interactions with a customer’s website or services, Akamai will retain such personal data generally for no more than 90 to 100 days, and often for a shorter period than that. Similarly, customer data will be retained as long as required for the customer relationship. Please note that where applicable we will retain and use your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Requests regarding data retention may be made as outlined in the “Your Rights as a Data Subject” section.
Cookies, Web Beacons, and Other Technologies
As discussed above, we collect information from your visits to our sites, communities, and portals, and your interactions with our customer service offerings, in order to help us gather statistics about usage and effectiveness; personalize your experience; tailor our interactions with you; and provide, develop, and improve our services. We do so through the processing of transaction logs, as well as the use of various technologies, including scripts, tags, Local Shared Objects (Flash cookies), Local Storage (HTML5) beacons, and cookies. A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as a tag that identifies your computer. While cookies are often only used to measure website usage (such as number of visitors and duration of visit) and effectiveness (such as topics visitors are most interested in) and to allow for ease of navigation or use and, as such, are not associated with any personal information, they are also used at times to personalize a known visitor’s experience to a website by being associated with profile information or user preferences. Over time, this information provides valuable insight to help improve the user experience.
Cookies are typically categorized as “session” cookies or “persistent” cookies. Session cookies help you navigate through websites efficiently, keeping track of your progression from page to page so that you are not asked for information you have already provided during the current visit. Session cookies are stored in temporary memory and erased when the web browser is closed. Persistent cookies, on the other hand, store user preferences for current and successive visits. They are written on your device’s hard disk, and are still valid when you restart your browser. We use session cookies, for example, for media performance analytics. We use persistent cookies, for example, to record your choice of language and country location.
While Akamai’s sites at this time do not recognize automated browser signals regarding tracking mechanisms, such as “do not track” instructions, you can generally express your privacy preferences regarding the use of most cookies and similar technologies though your web browser. Look under the heading “tools” (or similar heading) in your particular browser for information about controlling cookies. You can set your browser in most instances to notify you before you receive a cookie, giving you the chance to decide whether to accept it or not. You can also generally set your browser to turn off cookies. Since cookies allow you to take advantage of some of our sites’ features or features of our service offerings and services, we recommend that you leave them turned on. If you block, turn off, or otherwise reject our cookies, some web pages may not display properly or you will not be able to proceed to checkout, for instance. Some sites, service offerings, and services may also use web beacons or other technologies to provide better customer service. These technologies may be in use on a number of pages across the sites. When you as a visitor access these sites, a non-identifiable notice of that visit is generated, which may be processed by us or by our third-party service providers. These web beacons usually work in conjunction with cookies. If you don’t want your cookie information to be associated with your visits to these sites or use of these services, you can set your browser to turn off cookies. If you turn off cookies, web beacon and other technologies will still detect visits to these sites; however, they will not be associated with information otherwise stored in cookies.
Many Akamai services that you interact with via our customer services also use session and persistent cookies in order to provide the service functionality. Examples of the purposes for use of various cookies include determining whether a given interaction is with a human or a “bot,” identifying attempts to bypass security settings, identifying devices that already have been authenticated, and similar necessary service functions.
We use Local Shared Objects, such as Flash cookies, and Local Storage, such as HTML5, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display Akamai advertising on others’ websites based upon your web browsing activity also use Flash cookies or HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.
We may also include web beacons in marketing email messages or our newsletters in order to determine whether messages have been opened and links contained within have been clicked on.
Some of our business partners set web beacons and cookies on Akamai’s website, communities, and mobile applications:
You may also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the Google Analytics Opt-out Browser Add-on, available here: https://tools.google.com/dlpage/gaoptout?hl=en
. Opt-out cookies prevent the future collection of your data when you visit the site. To prevent Google Universal Analytics from collecting data across several devices, you must opt out on all systems used.
Third-Party Social Media Widgets.
In addition, third-party social media widgets (e.g., Facebook’s “Share” or “Like” button), the playing of videos embedded on our sites and operated by third-party video-sharing providers (e.g., YouTube), and surveys linked to from our sites and operated by third-party providers (e.g., SurveyMonkey), may log certain information such as your IP address, browser type and language, access time, and referring website addresses, and, if you are logged in to those social media sites, they may also link such collected information with profile information they may have about you. We do not control these third-party tracking technologies. Please make yourself familiar with these third-party web beacons and cookies usage and read their privacy statements to understand their data collection practices and the choices offered to you (e.g., for YouTube, https://policies.google.com/privacy?hl=en
Depending upon your privacy settings with the social media service providers, we may be able to collect information from your profile set up for their social media services when you interact with the widgets.
Akamai does not deliver third-party online advertisements on our sites, but we advertise our services on third parties’ websites.
Please familiarize yourself with those website operators’ or network advertisers’ privacy policies to understand their practices relating to advertising, including what type of information they may collect about your Internet usage. Some advertising networks we may use may be members of the Network Advertising Initiative (NAI) or the European Interactive Digital Advertising Alliance (EDAA). Individuals may opt out of targeted advertising delivered by NAI or EDAA member ad networks by visiting http://www.networkadvertising.org
” section of this statement.
Please note that this does not opt you out of being served non-targeted advertising. You will continue to receive generic, non-targeted ads.
Links to Third-Party Websites and Third-Party Applications
To allow you to interact with other websites on which you may have accounts (such as Facebook and other social media service providers) or join communities on such sites, we may provide links or embed third-party applications that allow you to log in, post content, or join communities from our sites. We may also provide you with general links to third-party websites.
Your use of these links and applications is subject to the third parties’ privacy policies, and you should become familiar with these third-party sites’ privacy policies before using the links or applications. Akamai is not responsible for the privacy practices or the content of those other third-party websites.
Notification of Changes to this Statement
We will post a notice for 30 days at the top of this page notifying individuals when this statement is updated or modified in a material way. If we are going to use your personal information in a manner different from that what is stated in this statement at the time of collection, we will notify you, and you will have a choice as to whether or not we can use your personal information in such a way. We recommend that you check this statement regularly to familiarize yourself with Akamai’s practices and to be aware of any material changes.
How to Contact Us
If you have a question about this statement or Akamai’s handling of your personal data, or if you wish to provide instructions regarding our use of your data as set forth in this statement, you may contact us:
By sending mail to:
Akamai Technologies, Inc.,
Global Data Protection Office
Attn: Chief Data Protection Officer
Cambridge, MA 02142
Akamai Technologies GmbH
EMEA Data Protection Officer
Attn: Data Protection Officer
Akamai Technologies Limited
Akamai Technologies, Inc.’s EU representative
5 New Street Square
London, EC4A 3TW
Your Rights as a Data Subject:
You have the right to request access to and rectification or erasure of personal data or restriction of processing concerning the data subject and to object to processing as well as the right to data portability. You also have the right to withdraw any consent that you may have given for the processing of personal data.
You may make such requests by contacting us as set forth in the “How to Contact Us” section of this statement.
Please note that before Akamai is able to provide you with any access to information, correct any inaccuracies, or delete your personal data, we may ask you to verify your identity and to provide other details to help us to respond to your request. We will contact you within 30 days of your request.
Note Regarding Logged Personal Data. As discussed above, Akamai does not process or maintain Logged Personal Data (e.g., IP addresses) in a manner that allows us to positively identify any individual. We process such data from the point of view of identifying activities on the Internet and our customers’ sites and identifying IP addresses and devices that may be the source of malicious or harmful activity. In addition, we do not collect additional information in order to positively identify any individual. Therefore, absent detailed and verifiable proof that a given IP address from any person requesting access to Logged Personal Data that may relate to them was actually assigned to the requestor during the time period of the request, we likely will not be able to provide any data in response to the request. If such verifiable and detailed information is available, Akamai will work with the requestor to determine if the request can reasonably be met.
Akamai’s Supervisory Authority
Akamai’s supervisory authority is:
The Information Commissioner’s Office, ICO
How to Report a Concern
You may report any concerns you have regarding our processing activities of personal data by contacting us as outlined in the “How to Contact Us” section.
You may also choose to report your concern directly to our Supervisory Authority.
|Date of Changes
||Changes to Prior Version
May 15, 2018
The Akamai Privacy Statement was updated to meet the requirements of the General Data Protection Regulation EU 2016/679 (“GDPR”).
Added descriptions of privacy practices associated with data processed as part of Akamai service offerings.