Last Updated: May 2021
Leidos, Inc. (“Leidos,” “we” or “us”) recognizes the importance of protecting your Personal Information. This Privacy Statement (“Statement”) provides you with information about how Leidos collects, uses, and discloses your Personal Information, and the rights you may have with respect to your Personal Information.
We commit to collecting and processing your Personal Information responsibly and in compliance with applicable data protection/privacy laws. This Statement generally applies to leidos.com and any Leidos-owned websites or mobile applications that link to this Statement (collectively, “Leidos Sites and Apps”).
Leidos is a business-to-business (B2B) and business-to government (B2G) products and services provider. Accordingly, while we may collect and process customer data, which may include Personal Information (collectively, “Customer Data”), our normal business practice is to do so only at the request or direction of our customers and solely for the purpose(s) agreed to in the applicable customer contract. We collect and process such Customer Data responsibly and in compliance with applicable laws, regulations, and customer contract obligations.
Further, Leidos policy requires limiting the collection and storage of personal information only to what is required for a legitimate business purpose. The Leidos Global Privacy Office routinely advises the business to limit collection of personal information to the minimum necessary to achieve the purpose for which it is being collected. Leidos annual compliance training reminds employees of that requirement.
If you are a resident of the UK, European Economic Area (EEA) or California, you have additional rights, which are explained in the Additional Rights under Local Laws section. These rights apply regardless of whether we collect your Personal Information through our Sites or Apps or through other means.
Whether this Statement applies to your Personal Information also depends on your relationship with Leidos and how such information was collected. For example, if you are a Leidos employee, Leidos’ Global Employee Privacy Notice applies to any employment-related information about you. And if you are a job applicant, Leidos’ Job Applicant Privacy Notice applies to any Personal Information we collect in connection with your job application.
If there is a conflict between this Statement and the terms of any written agreement between a Leidos customer and Leidos, the terms of such written agreement will control.
What Types of Personal Information Are Collected via Leidos Sites and Apps?
For the purposes of this Statement, “Personal Information” generally means data, or a combination of data from one or more sources, that identifies or could reasonably be used to identify an individual.
When you visit a Leidos Site or App, the Personal Information collected about you may include, but is not limited to:
- postal address;
- e-mail address;
- organization name and job title;
- telephone number;
- IP address;
- network and geo-location;
- education and/or employment history;
- the searches you perform while visiting or using our Sites or Apps; and
- any information you provide to us through web forms or other communication tools available to you while visiting or using our Sites or Apps.
If you choose not to provide us with this Personal Information when prompted, we may be unable to provide you with the information or services you have requested.
Why is this Personal Information Collected?
We generally collect the Personal Information described above on an entirely voluntary basis – in other words, we do not require you to give us your Personal Information. Certain areas of the Leidos Sites and Apps, however, may request your Personal Information so that you can use specific features, learn more about Leidos or access certain content. For example, we may ask you to submit Personal Information if you:
- request a product demo, download or access information about our products, services or programs;
- watch video content on our Sites and Apps;
- submit a contact form to request customer or technical support;
- access Investor Relations information;
- apply for a job with Leidos;
- ask to have a Leidos employee contact you; or
- request that we send materials to you
Use of Personal Information
We collect, use and share Personal Information when we have an appropriate legal basis to do this, such as:
- you have consented, for example, by signing up to receive communications or content from us or otherwise requesting access to information or materials that we make available via our Sites and Apps;
- our use of your Personal Information is necessary to meet our legitimate interests as a commercial organization (see Examples of Leidos' Legitimate Interests);
- our use of your Personal Information is necessary to perform a contract or take steps to enter into a contract with you, for example if you apply for a job with us or if you work for one of our service providers, customers, partners, prime contractors or subcontractors; and/or
- when necessary to comply with a relevant legal or regulatory obligation, for example, in response to an audit, subpoena or court order.
Examples of Leidos’ Legitimate Interests:
- operating, maintaining, and improving Leidos websites, products, services and programs;
- responding to comments and questions directed to us;
- providing customer service or technical support;
- sending information such as confirmations, invoices, technical notices, software updates, security alerts, and support and administrative messages;
- providing information requested by website visitors, current or potential customers, including but not limited to, educational content, fact sheets, webinars, white papers, upcoming events, and other news about products and services offered by us or our selected partners;
- protecting against, investigating, and deterring fraudulent, unauthorized, or illegal activity;
- process employment applications; and
- protecting Leidos’ personnel or property.
We may also use what we know about you to highlight products and services that may be of interest to you, or we may combine your Personal Information and other information about you with information collected from offline sources or information we already have.
Sharing Personal Information
We process and share your Personal Information for the purposes set out in this Statement. When we disclose Personal Information to other entities or individuals to perform support services for us, we authorize such entities and individuals to use your Personal Information only for the limited purposes of performing those support services.
Please note that as a general rule, Leidos cannot force third parties to abide by Leidos’ policies. Nevertheless, we do contractually require third parties with whom we share employee data, Customer Data or other Personal Information to abide by appropriate and relevant contract obligations aligned with the Leidos Code of Conduct, as well as applicable laws and regulations.
We may disclose Personal Information to:
- respond to questions about our product or services;
- send communications, including email newsletters, or other marketing materials;
- comply with applicable laws, obey judicial orders, respond to subpoenas; cooperate with law enforcement authorities, and respond to law enforcement requests;
- detect or prevent suspected or actual illegal activities or harm to our personnel or property;
- help us run our day-to-day business operations;
- protect the rights or property of others, including our customers; and
- respond to and/or assist our auditors and legal advisors.
We may also disclose Personal Information:
- when legally required (e.g., for government reports);
- with our affiliates;
- in connection with or in the performance of a sale, merger, acquisition, or other transfer of all or part of our business to another company, or as part of a bankruptcy proceeding or business reorganization or any due diligence relating to any such sale, merger, acquisition, or other transfer;
- for other legitimate business purposes, such as product or service development, marketing, sales and website administration; and
- as otherwise permitted or required by law.
We may share and disclose information that does not personally identify you when necessary for our business operations.
Authorized Service Providers. We sometimes hire or contract with other companies and individuals to perform certain functions and services on our behalf. This is a common industry practice. We may need to disclose Personal Information so that they can perform these functions and services, which may include, for example, call center/customer service support, sending or processing postal mail or email, and analyzing or hosting data on cloud-based servers.
Data Collected for Analytics, Marketing and Advertising Purposes
We market our business in a number of ways, primarily through digital advertising, social media platforms, email marketing and offline marketing, such as at trade shows and conferences. You can learn about the choices available to you to opt out of receiving marketing from us in the Your Choices section.
Leidos does not use this information to identify you. Network or device identifiers - such as computer or device IP addresses and serial numbers - do not themselves identify individuals who use such computers or devices. However, some jurisdictions’ laws may define these network or device identifiers as Personal Information.
We, and our service providers, use several industry standard analytics and tracking tools to collect Analytics Data, such as browser cookies, flash cookies, web beacons and other, similar technologies.
We use Analytics Data to:
- identify new visits to Leidos websites;
- recognize returning visits;
- analyze the effectiveness of our website content and marketing or advertising-related activities;
- better understand Leidos’ current and potential customers, website visitors and mobile app users;
- determine whether Leidos’ current and potential customers, website visitors, and mobile app users might be interested in additional content, new products or services; and
- tailor our marketing and business development campaigns to individuals who we think may be interested in learning more about our products and services.
You can also set your preferences for Leidos websites by reviewing the Cookie Settings. This feature allows you to set your cookie preferences when you visit Leidos domains.
To learn how to manage flash cookies in particular, please visit the Flash Player help page.
For more information on the types of cookies we set, click here. Note that limiting the placement of cookies may result in certain features of our Sites and Apps not functioning as intended.
Please also note that we may use Google Analytics to measure and understand how visitors use our Sites and Apps. You can learn more about how Google uses the information it collects by visiting its website at www.google.com/policies/privacy/partners. You can opt out of Google’s collection of this information by downloading the Google Analytics Opt-Out Browser Add-On at https://tools.google.com/dlpage/gaoptout?hl=en.
You have certain choices with respect to the information we collect for advertising and marketing purposes. This section provides you with information about the choices you may have to control the information we collect about you for these purposes and how we use it.
Direct Marketing Communications. You can opt out of receiving direct marketing from us or change your marketing preferences by contacting us here.
You can opt out of receiving email marketing communications at any time by using the unsubscribe links or instructions included at the bottom of our emails. Please note that we may continue to send you service-related communications even after you opt out of receiving marketing communications.
You may also be able to opt out of receiving push notifications from mobile apps and text messages if you decide that you no longer wish to receive such communications. You may be able to use your device or app settings to manage your push notification preferences with respect to any of our Sites and Apps. If you previously agreed to receive text messages from us, but you no longer want to receive such messages, you can follow the instructions provided to you, which may include replying “STOP” to any such messages.
You can learn more about interest-based advertising by visiting the Network Advertising Initiative (“NAI”) or the Digital Advertising Alliance (“DAA”) websites. You can also learn how to opt out from the collection of your information for interest-based advertising purposes by third parties that participate in these self-regulatory programs by visiting the NAI and DAA opt- out pages.
Social Media Plugins
Minors and Children under 16
Leidos websites are not directed to nor intended for use by minors. We do not knowingly collect any Personal Information or knowingly track the use of Leidos Sites or Apps by children under the age of 16.
Safeguarding Your Information
The integrity, availability and confidentiality of your Personal Information matters to us. That is why we use industry-standard technical, administrative and physical controls to protect Personal Information from unauthorized access, use and disclosure. We also review and evaluate our security procedures and controls on an ongoing basis to consider appropriate new technology and updated methods to help minimize risks from new security threats as they become known.
We will retain your Personal Information for as long as required for the purposes for which it was collected. How long we retain it depends on a number of factors, including the purpose for which it was obtained and/or our legal or regulatory obligations. For example, we may store your Personal Information for longer periods of time where we are required to do so to meet legal, regulatory, tax, or accounting requirements. We may also store it for longer periods of time to have an accurate record of your interactions with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation.
Additionally, Leidos has a Records Retention Policy and schedules that address data retention and destruction for specific type(s) of records. This policy specifies how records maintained by Leidos are to be retained and deleted, in compliance with applicable laws and best practices for the retention of records.
You should be aware that hyperlinks on this site may direct you to other websites that we do not control. These websites may be subject to a different privacy statement. Leidos is not responsible for the privacy practices or the content of websites to which we link, list, rank or identify by means of a search. Leidos takes no responsibility for the products, services, policies or actions of third parties or the content of third-party websites. We encourage you to be aware when you are leaving our site and to read the privacy policies of each website you visit.
Additional Rights under Local Laws (Depending on Where You Live)
Depending on where you live, local laws may require that we provide you with additional notices and rights. This section provides information about how we process Personal Information that is subject to these laws and the rights you may have under these laws.
EU/UK Privacy Notice. If you are a resident of the European Union (“EU”) or the United Kingdom (“UK”), our processing of your Personal Information may be subject to the General Data Protection Regulation (“GDPR”) or the Data Protection Act 2018 (“DPA”). These laws may provide you with additional rights with respect to your Personal Information. Please read our EU/UK Privacy Notice to learn more about these rights.
California Privacy Notice. If you are a resident of California, our processing of your Personal Information may be subject to the California Consumer Privacy Act (“CCPA”). Under this law, you may be entitled to certain additional information. To learn more about our processing of Personal Information about California residents and the rights you may have under the CCPA, please read our California Privacy Notice.
International Data Transfer
Leidos operates all over the world, but it is headquartered in the United States. If you use a Leidos Site or App, your Personal Information may be transferred to or accessible by individuals working in the United States. It may also be stored and processed in any other country where Leidos or its affiliates, subsidiaries, or service providers have facilities. Some of these countries have not yet been determined by the European Commission to have an adequate level of data protection. When we transfer your Personal Information from the European Union to such countries, we use a variety of legal mechanisms, including contracts and written assurances from service providers, to help ensure your rights and protections travel with your Personal Information.
By continuing to use Leidos Sites, you authorize Leidos and its service providers to transfer your Personal Information to – or make it available in – destinations outside your home country and to process it according to this Statement. You may contact us at [email protected] for more information about the safeguards used to protect your privacy if we transfer your Personal Information outside of your country of residence.
Questions and Complaints
If you have any questions, complaints, or wish to send us comments about this Statement, please send an e-mail to [email protected]. We will investigate your complaint, and respond as soon as possible.
If you submit a complaint that relates to processing of Customer Data, Leidos will communicate your complaint to the relevant customer for a response (unless it has been agreed otherwise with such customer). As stated above, Leidos will adhere to customer contract obligations regarding Customer Data.
Right to Lodge a Complaint with your Local Supervisory Authority
You may also have a right to file a complaint with your local supervisory authority if you have concerns about how we are processing your Personal Information. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
For UK visitors to Leidos websites:
If you have concerns about our information rights practices, you may lodge a complaint with the Information Commissioner's Office ("ICO"). Details of how to contact the ICO are located at ico.org.uk.
For Australian visitors to Leidos websites:
If we fail to respond to your complaint within a reasonable period of receiving it in writing, or if you are dissatisfied with the response that you receive from us, you may lodge a complaint with the Office of the Australian Information Commissioner ("OAIC"). Details of how to contact the OAIC are located at oaic.gov.au.
Changes to this Privacy Statement
We may update this Statement periodically. We will notify you of any changes by posting the new Statement at leidos.com/privacy, and we will change the "Last Updated" date above. You should consult this page regularly for any changes.
If you expand the + symbol next to the dates below, you will see a summary of the recent substantive changes to this Statement and the dates these updates came in to effect.
- Privacy Statement refreshed in light of the EU General Data Protection Regulation (GDPR).
- Privacy Statement also made more concise and easier to navigate for all users of Leidos websites.
- Updated Legal Basis for Collecting and Using Personal Information section
- Updated Managing your Personal Information section, including updates to the following subsections:
- Right to Change or Delete Your Personal Information
- Right to Object to the Processing of your Personal Information
- How to Exercise the Rights Listed Above
- Updated this Privacy Statement to reflect new rights under the California Consumer Privacy Act (CCPA)
- Created and posted new California Privacy Notice on separate Web page
- Condensed section in this Privacy Statement regarding rights of UK and EEA residents
- Detached UK/EEA Privacy Notice and posted it on different Web page
- Added sections relating to Analytics Data and Interest-Based Advertising
- Updated various sections to provide greater clarity on our information collection and handling practices
- Added language regarding processing of Customer Data and handling of complaints related to Customer Data
- Added disclosures about contractual obligations of third parties with whom Leidos shares Personal Information
- Added language regarding Scope, the collection of customer data, and limiting the collection of personal data.
- Added language to Data Retention section related to the Leidos Records Retention Policy