HP Privacy Statement
Our Privacy Principles
We have an accountability-based program and are committed to the following principles, which are based on internationally-recognized frameworks and principles of privacy and data protection:
Participation in International Privacy Programs
As a global company, it is possible that any information you provide may be transferred to or accessed by HP entities worldwide in accordance with this Privacy Statement and on the basis of the following International Privacy Programs.
EU-US PRIVACY SHIELD
HP has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
If your complaint is not resolved through the above channels, under limited circumstances you may be able to invoke binding arbitration before a Privacy Shield Panel.
HP is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, or any other U.S. authorized statutory body.
*The specific U.S.-based HP companies participating in the EU-US Privacy Framework include: Compaq Information Technologies, LLC; Computer Insurance Company; Gram, Inc.; Handspring Corporation; Hewlett-Packard Company Archives LLC; Hewlett-Packard Development Company, L.P.; Hewlett-Packard Enterprises, LLC; Hewlett-Packard Products CV 1, LLC; Hewlett-Packard Products CV 2, LLC; Hewlett-Packard World Trade, LLC; HP Federal LLC; HP Inc.; HP WebOS, LLC; HPI Bermuda Holdings LLC; HPI Brazil Holdings LLC; HPI CCHGPII LLC; HPI CCHGPII Sub LLC; HPI Federal LLC; HPI J1 Holdings LLC; HPI J2 Holdings LLC; HPI Luxembourg LLC; HPQ Holdings, LLC; Indigo America, Inc.; Palm Latin America, Inc.; Palm South America, LLC; Palm Trademark Holding Company, LLC; Palm, Inc.; Shoreline Investment Management Company; and Tall Tree Insurance Company.
Binding corporate rules
HP has also established a set of binding corporate rules (“BCRs”), which have been approved by the majority of Data Protection Regulators in the EEA and Switzerland, effective June 2011. The BCRs ensure that personal data from the EEA is adequately protected while being processed by any of HP’s global entities. HP transfers of personal data from the EU are conducted in accordance with the approved BCR and Model Contractual Clauses approved by European Data Protection Authorities. More information about our BCRs can be found here.
Apec cross-border privacy rules
HP has received TRUSTe's APEC Privacy Seal signifying that this Privacy Statement and our practices have been reviewed for compliance with the TRUSTe program viewable on the validation page available by clicking the TRUSTe seal. HP’s privacy practices described in this Statement comply with the APEC Cross Border Privacy Rules System (“CBPR”), including transparency, accountability, and choice regarding the collection and use of your personal information. The CBPR certification does not cover information that may be collected through downloadable software on third-party platforms.
If you have an unresolved privacy or data use concern related to HP’s APEC Certification that we have not addressed satisfactorily, please contact TRUSTe.
How We Use Data
We collect and use personal data to manage your relationship with HP and better serve you by personalizing your experience and interaction with us. Examples of how we may use your data include:
Providing you with a seamless customer experience by maintaining accurate contact and registration data, delivering comprehensive customer support, offering products, services and features that may interest you and enabling you to participate in contests and surveys. We also use your data to deliver a tailored experience, personalize the HP Services and communications you receive and create recommendations based your use of HP Services.
Assisting you in completing transactions and orders of our products or services, administering your account, processing payments, arranging shipments and deliveries and facilitating repairs and returns.
Product support & improvement
Improving the performance and operation of our products, solutions, services and support, including warranty support and timely firmware and software updates and alerts to ensure the continued operation of the device or service.
Communicating with you about HP Services. Examples of administrative communications may include responses to your inquiries or requests, service completion or warranty-related communications, safety recall notifications, or applicable corporate updates related to mergers, acquisitions or divestitures.
Maintaining the integrity and security of our websites, products, features and services and preventing and detecting security threats, fraud or other criminal or malicious activity that might compromise your information. When you interact with us, we will also take reasonable steps to verify your identity, such as requiring a password and user ID, before granting access to your personal data. We may also maintain additional security measures, such as CCTV, to safeguard our physical locations.
Conducting ordinary business operations, including recruiting, verifying your identity, making credit decisions if you apply for credit, conducting business research and analytics, corporate reporting and management, staff training and quality assurance purposes (which may include monitoring or recording calls to our customer support) and outreach.
Research & innovationInnovating new products, features and services using research and development tools and incorporating data analysis activities.
Providing personalized promotional offers (in accordance with your Privacy Preferences) on HP Services and other selected partner websites (for example, you might see an advertisement for a product on a partner site that you have recently viewed on an HP site). This may involve the use of Automatic Data Collection Tools. We might also share some of your information with marketing service providers and digital marketing networks to present advertisements that might interest you. To learn more, read How HP uses Automatic Data Collection Tools.
Compliance with law
Compliance with applicable laws, regulations, court orders, government and law enforcement requests, to operate our services and products properly and to protect ourselves, our users and our customers and to solve any customer disputes.
Please see our Data Collection and Use Matrix for a quick-reference guide to how we use the data we collect.
What Data We Collect
Personal data is any information that personally identifies you or from which you could be identified either directly or indirectly. We may collect your personal data through your use of HP Services or during conversations or correspondence with HP representatives.
The personal data we collect from you depends on the nature of your interaction with us or on the HP Services you use, but may include the following:
Information you provide directly
- Contact Data – We may collect personal and/or business contact data including your first name, last name, mailing address, telephone number, fax number, email address and other similar contact information.
- Payment Data – We collect data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information.
- Account Data – We collect information such as how you purchased or signed up for HP Services, your transaction, billing and support history, the HP Services you use and anything else relating to the account you create.
- Location Data – We may collect geolocation data when you enable location-based services or when you choose to provide location-related information during product registration.
- Security Credentials Data– We collect user IDs, passwords, password hints, and similar security information required for authentication and access to HP accounts.
- Demographic Data – We may collect, or obtain from third parties, certain demographic data including country, gender, age, preferred language, general educational and employment background, and general job interest data.
- Preferences – We collect information about your preferences and interests as they relate to our products, services (both when you tell us what they are or when we deduce them from what we know about you) and how you prefer to receive communications from us.
- Social Media Data – We may provide social media features that enable you to share information with your social networks and to interact with us on various social media sites. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We encourage you to review the privacy policies and settings on the social media sites you use to make sure you understand the information that may be collected, used, and shared by those sites.
- Other Unique Identifying Information – Examples of other unique information that we may collect from you include product serial numbers, information you provide when you interact in-person, online or by phone or mail with our services centers, help desks or other customer support channels, your responses to customer surveys or contests or additional information you have provided to us to facilitate delivery of HP Services and to respond to your inquiries. If you apply for instant credit, we may ask you to provide additional personal data such as salary, government-issued identification number, banking/financial account information, and other information (for example from credit reporting agencies) for authentication purposes and to verify credit worthiness.
You are not required to share the personal data that we request, however, if you choose not to share the information, in some cases we will not be able to provide you with HP Services, certain specialized features or be able to effectively respond to any queries you may have.
Information automatically collected about your use of hp services
- Product Usage Data – We collect product usage data such as pages printed, print mode, media used, ink or toner brand, file type printed (.pdf, .jpg, etc.), application used for printing (Word, Excel, Adobe Photoshop, etc.), file size, time stamp, and usage and status of other printer supplies. We do not scan or collect the content of any file or information that might be displayed by an application.
- Device Data – We collect information about your computer, printer and/or device such as operating system, amount of memory, region, language, time zone, model number, first start date, age of device, device manufacture date, browser version, computer manufacturer, connection port, warranty status, unique device identifiers, advertising identifiers and additional technical information that varies by product.
- Application Data – We collect information related to HP applications such as location, language, software versions, data sharing choices and update details.
- Performance Data – Printing events, features, and alerts used such as “Low on Ink” warnings, use of photo cards, fax, scan, embedded web server, and additional technical information that varies by product.
- Website Browsing Data – We collect information about your visits to and your activity on our HP websites, applications or websites “powered by” another company on our behalf including the content (and any ads) that you view and interact with, the address of the website from which you arrived and other clickstream behavior (such as the pages you view, the links you click or which items you've added to your shopping basket). Some of this information is collected using our Automatic Data Collection Tools which include, cookies, web beacons and embedded web links. To learn more, read How HP uses Automatic Data Collection Tools.
- Anonymous or Aggregated Data – We may collect anonymous answers to surveys or anonymous and aggregated information about how our HP Services are used. In the course of our operations we might also apply a process of de-identification or pseudonymisation to your data to make it reasonably unlikely to identify you through the use of that data with available technology.
Information from third-party sources
We may also acquire data from third-party sources that we deem to be credible and that are either publicly-available or available on a commercial basis. Such information may include personal data such as your name, address, email address, preferences, interests, and certain demographic data. For example, personal data may be collected when you access our applications through social media logins (e.g., logging in to our applications using your Facebook or other social media credentials). The basic details we receive may depend on your social network account privacy settings. In addition, if you purchase HP Services from an HP partner, we may receive certain information about your purchase from that partner. If applicable, we may also receive information from fraud prevention agencies or from credit reporting agencies in connection with credit determinations.
In order to provide certain HP Services at an enterprise level, your business contact data may be provided to HP by a designated entity within your business or enterprise (such as a member of your IT department). Where necessary, we may also use information provided by you or your employer, together with information from publicly-available and other online and offline sources, to conduct due diligence checks on business contacts as part of our anti-corruption compliance program.
We also receive non-personal data, such as aggregated or de-identified demographic/profile data, from third-party sources such as companies that specialize in providing enterprise data, analytics and software as a service.
In order to ensure data accuracy and offer a superior customer experience by providing you with better personalized services, content, marketing and ads, we may link or combine the information that we collect from the different sources outlined above. For example, we may compare the geographic information acquired from commercial sources with the IP address collected by our Automatic Data Collection Tools to derive your general geographic area. Information may also be linked via a unique identifier such as a cookie or account number.
HP does not knowingly collect information from children as defined by local law, and does not target its websites or mobile applications to children.
How We Keep Your Data Secure
To prevent unauthorized access or disclosure and to ensure the appropriate use of your information, we utilize reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process. HP retains data as required or permitted by law and while the data continues to have a legitimate business purpose.
When collecting, transferring or storing sensitive information such as financial information we use a variety of additional security technologies and procedures to help protect your personal data from unauthorized access, use, or disclosure. When we transmit highly-confidential information (such as credit card number or password) over the internet, we protect it through the use of encryption, such as later versions of the Transport Layer Security (“TLS”) protocol.
As part of real-time payment processing, we also subscribe to fraud management services. This service provides us with an extra level of security to guard against credit card fraud and to protect your financial data.
How We Share Data
We will only share your personal data as follows:
Sharing with hp companies
We may transfer your personal data to other HP entities in the US and worldwide for the purposes outlined in this Privacy Statement. To ensure that your personal data is secure and as part of our participation in the APEC Cross Border Privacy Rules, Binding Corporate Rules and Privacy Shield programs, HP entities are contractually bound to comply with our privacy requirements. Furthermore, our privacy guidelines are communicated to our HP employees on an annual basis as part of our mandatory Standards of Business Conduct training.
By accessing our websites, registering a product or for service, creating an account, or otherwise providing us with your personal data, you consent to the transfer of your personal data throughout the global HP network of entities on the basis of the international programs stated above.
Sharing with service providers
We retain service providers to manage or support certain aspects of our business operations on our behalf. These service providers may be located in the US or in other global locations and may provide services such as credit card processing and fraud management services, customer support, order fulfillment, product delivery, content personalization, advertising and marketing activities (including digital and personalized advertising), IT services, email service providers, data hosting, live-help, debt collection and management or support of HP websites. Our service providers are required by contract to safeguard any personal data they receive from us and are prohibited from using the personal data for any purpose other than to perform the services as instructed by HP. We also take steps to provide adequate protection for any transfers of your personal data in accordance with applicable law.
Circumstances may arise where, whether for strategic or other business reasons, HP decides to sell, buy, merge or otherwise reorganize businesses. In such transactions, we may disclose or transfer your personal data to prospective or actual purchasers or receive personal data from sellers. Our practice is to seek appropriate protection for your personal data in these types of transactions.
Compliance with law
We may also share your personal data when we believe, in good faith, that we have an obligation to: (i) respond to duly authorized information requests of law enforcement agencies, regulators, courts and other public authorities, including to meet national security or other law enforcement requirements; (ii) comply with any law, regulation, subpoena, or court order; (iii) investigate and help prevent security threats, fraud or other criminal or malicious activity; (iv) enforce/protect the rights and properties of HP or its subsidiaries; or (v) protect the rights or personal safety of HP, our employees, and third parties on or using HP property when allowed and in line with the requirements of applicable law.
Sharing with other third parties
Please see our Data Collection and Use Matrix for more detail on how we share your data.
Choosing Your Privacy Preferences
You have the option of subscribing to communications from us related to specific HP Services. You can also choose to receive HP general communications and you can select how those communications are delivered – e.g., via postal mail, email, telephone, fax, mobile device or online.
You can make or change your choices about receiving either subscription or general communications at the data collection point or by using other methods, which are described in the following sections. These options do not apply to communications primarily for the purpose of administering order completion, contracts, support, product safety warnings, driver updates, or other administrative and transactional notices where the primary purpose of these communications is not promotional in nature.
Subscription communications include email newsletters, software updates, etc. that may be expressly requested by you or which you consented to receive. After you request such communications, you may opt out of receiving them by using one of the following methods:
- Select the email’s “Opt out” or “Unsubscribe” link, or follow the instructions included in each email subscription communication.
- To unsubscribe from messages delivered to mobile devices, reply to the message with the words “STOP” or “END.”
- Return to the website(s) where you originally registered your preferences and follow the instructions to opt out. You can access many HP subscriptions at the Subscriber's Choice website.
- Contact our Data Protection Officer through the HP Privacy Office. Be sure to provide your name, contact information, and specific relevant information about the HP subscriptions or marketing that you no longer wish to receive.
Our general communications provide information about products, services, and/or support. This may include new product or services information, special offers, personalized content, targeted advertising or invitations to participate in market research or compliance reviews.
If you are unable to use HP Passport, you may opt out of receiving these general communications by using one of the following methods:
- Select the email’s “Opt out” or “Unsubscribe” link, or follow the instructions included in each email communication.
- To unsubscribe from messages delivered to mobile devices, reply to the message with the words “STOP” or “END.”
- Write to the HP Privacy Office. Be sure to provide your name, contact information, and specific relevant information about your privacy preferences.
HP ads and offerings on third-party websites
HP contracts with service providers to place ads on websites owned by third parties. Sometimes this will be achieved by sharing some personal data as described in the section on Third-Party Advertising Cookies and Social Media Cookies.
How We Use Automatic Data Collection Tools
You can find more information about Automatic Data Collection Tools at: www.allaboutcookies.org.
Cookies are text files containing small amounts of information which are downloaded to your device, or more technically, to the browser that you use on that device, when you visit a site. The entity that places cookies on your browser can then read the information on that cookie that it set. Cookies are typically classified as either “session cookies” which do not stay on your device after you close your browser or “persistent cookies” which will usually remain on your device until you delete them or they expire.
Different cookies are used to perform different functions which we explain below:
We use our own cookies and/or third-party cookies and other identifiers
(such as Web Beacons) to see how you use our websites and services in
order to enhance their performance and develop them according to the
preferences of our customers and visitors. For example, cookies and web
beacons may be used to: test different designs and to ensure that we
maintain a consistent look and feel across our websites; track and
provide trend analysis on how our users interact with our websites and
communications; track errors and measure the effectiveness of our
promotional campaigns. We use Google Analytics, run by Google Inc., for
example, to track website usage and activity.
The data collected will generally be aggregated to provide trends and usage patterns for business analysis, site/platform improvement and performance metrics. Our cookies or the resulting analysis may be also shared with our business partners. The type of information we collect includes how many visitors visit our websites, how many customers log in, when they visited, for how long and which areas of our websites and services but is generally not used to identify you individually. We may also receive similar information about visitors to our partner websites.
Third party advertising cookies and social media cookies
We do allow advertisers and other third parties (such as select retail partners) to place cookies on our websites to allow them to show you advertisements both on and off HP websites that are more relevant and useful to you. We may use remarketing tags (e.g., Google and Bluekai) to allow our retail partners to advertise products which you have browsed on our site. However, we do not share any information with these advertisers and third parties that will directly identify you. These advertisers and other third parties (including the ad networks, ad-serving companies, and other service providers they may use) may assume that users who interact with or click on a personalized ad or content are part of the group that the ad or content is directed towards.
You can find out more about some of our interest based advertising partners by visiting these websites:
Please note that the above is not an exhaustive list and may be updated by us from time to time.
Sharing other information with advertisers
We may also transfer information about you to ad technology providers so that they may recognize your devices and deliver interest based content and advertisements to you. The information may include your name, postal address, email, device ID, or other identifier in encrypted form. The providers may process the information in hashed or de-identified form. These providers may collect additional information from you, such as your IP address and information about your browser or operating system; may combine information about you with information from other companies in data sharing cooperatives in which we participate; and may place or recognize their own unique cookie on your browser. These cookies may contain demographic or other data in de-identified form.
Cookies may also be used when you share information using a social media sharing button on the websites. The social network will record that you have done this. This information may be linked to targeting/advertising activities. The types of cookies used by these third parties and how they use the information generated by them will be governed by those companies’ privacy policies. For information on how to opt out of targeting advertising, please see the above websites for more detail or go to Your Choices Regarding Automatic Data Collection & Online Tracking.
Other automatic data collection tools
We may use and permit select third parties to use web beacons (usually in combination with cookies) to compile information about your website usage and your interaction with email or other communications, to measure performance and to provide content and ads that are more relevant to you. A web beacon (also called a web bug or clear GIFs) is typically a transparent graphic image (usually 1 pixel x 1 pixel) that can be embedded in online content, videos, and emails, and can allow a server to read certain types of information from your device, know when you have viewed particular content or a particular email message, determine the date and time when you viewed the beacon, and the IP address of your device. For instance, we may include web beacons in our promotional email messages or newsletters to determine whether our messages have been opened or acted upon and whether our mailing tools are working correctly.
Embedded Web links
Emails from HP, Internet keyboard keys preconfigured by HP, and promotional icons preinstalled on your PC desktop often use links designed to lead you to a relevant area on the web, after redirection through HP’s servers. The redirection system allows HP to change the destination URL of these links, if necessary, and to determine the effectiveness of our marketing initiatives. In emails, such web links may also allow HP to determine whether you have clicked a link in an email, and this information about the interaction may be connected to your personal identity.
Your Choices Regarding Automatic Data Collection & Online Tracking
Note that by disabling certain categories of cookies, you may be prevented from accessing some features of our sites or certain content or functionality may not be available.
To opt out of being tracked by Google Analytics across our websites visit http://tools.google.com/dlpage/gaoptout.
If you are in the EU and would like to opt out of third party cookies relating to interest based advertising, please go to www.youronlinechoices.eu.
In the US and Canada, we comply with the Digital Advertising Alliance industry standards with respect to interest based advertising. To learn more about your advertising choices if you are in the US, please click here or in Canada please click here. In the US, the Network Advertising Initiative also offers a means to opt out of a number of advertising cookies. Please visit www.networkadvertising.org to learn more. Note that opting out does not mean you will no longer receive online advertising. It does mean that the company or companies from which you opted out will no longer deliver ads tailored to your web preferences and usage patterns.
Some newer web browsers incorporate “Do Not Track” features. Currently, no industry standard exists for handling “Do Not Track” requests, therefore at this time, our websites may not respond to “Do Not Track” requests or headers from these browsers.
Because web beacons are the same as any other content request included in the recipe for a web page, you cannot opt out or refuse them. However, you may be able to disable web beacons in email messages by not downloading images contained in messages you receive (this feature varies depending on the email software used on your personal computer). However, doing this may not always disable a web beacon or other Automatic Data Collection Tools in the email message due to specific email software capabilities. For more information about this, please refer to the information provided by your email software or service provider. Web beacons may also be rendered ineffective in some circumstances by opting out of cookies or amending your cookie settings in your browser.
Embedded web links
If you do not want us to collect information about the links that you click, you can:
- Change your choice about how you receive communications from us (i.e., choose a text-based version of the message where available) or choose not to click links in emails that we send;
- Delete the promotional icons preinstalled by HP on your PC desktop or choose not to click on those;
- Reconfigure the Internet keyboard keys on certain PC models to launch a destination URL of your choice by using the instructions provided with your PC.
Exercising Your Rights & Contacting Us
You have the right to access any personal data that you have provided to us or that we maintain about you. In addition, you have the right to withdraw any consent previously granted or to request correction, amendment, restriction, anonymization or deletion of your personal data and to request an explanation about the processing. In certain cases, your request may be denied on the basis of a legitimate exception such as where making information available would reveal personal data about another person or where we are legally prevented from disclosing such information.
We value your feedback. If you have any questions or concerns about our Privacy Statement, our collection and use of your data or a possible breach of local privacy laws, you can contact us via email to the HP Privacy Office or write to us at the appropriate address below:
HP France SAS
Global Legal Affairs
ATTN: Privacy Office
20 Quai du Point-du-Jour, 7th Floor (Seine) C.P. 92100
Global Legal Affairs
ATTN: Privacy Office
Av. Vasco de Quiroga #2999
Col. Santa Fe Peña Blanca
Del. Alvaro Obregon
C.P. 01210 México D.F.
REST OF WORLD
Global Legal Affairs
ATTN: Privacy Office
1501 Page Mill Road
Palo Alto, California 94304
All communications will be treated confidentially. Upon receipt of your communication, our representative will contact you within a reasonable time to respond to your questions or concerns. We aim to ensure that your concerns are resolved in a timely and appropriate manner.
If we are unable to resolve your concerns, you have the right to contact your local data privacy supervisory authority or seek a remedy through the courts if you believe your rights have been breached. For questions, concerns or complaints related to our participation in the EU-US Privacy Shield, please read about our Participation in International Privacy Programs.
Changes to Our Privacy Statement
If we modify our Privacy Statement, we will post the revised statement here, with an updated revision date. If we make significant changes to our Privacy Statement that materially alter our privacy practices, we may also notify you by other means, such as sending an email or posting a notice on our corporate website and/or social media pages prior to the changes taking effect. This Privacy Statement was last updated in October 2016.