Privacy Statement
Last Updated: April 2023
Introduction
Leidos, Inc. (“Leidos,” “we” or “us”) recognizes the importance of protecting your Personal Information. This Privacy Statement (“Statement”) provides you with information about how Leidos collects, uses, and discloses your Personal Information, and the rights you may have with respect to your Personal Information.
Scope
We commit to collecting and processing your Personal Information responsibly and in compliance with applicable data protection/privacy laws. This Statement generally applies to leidos.com and any Leidos-owned websites or mobile applications that link to this Statement (collectively, “Leidos Sites and Apps”).
Leidos is a business-to-business (B2B) and business-to government (B2G) products and services provider. Accordingly, while we may collect and process customer data, which may include Personal Information (collectively, “Customer Data”), our normal business practice is to do so only at the request or direction of our customers and solely for the purpose(s) agreed to in the applicable customer contract. We collect and process such Customer Data responsibly and in compliance with applicable laws, regulations, and customer contract obligations.
Further, Leidos policy requires limiting the collection and storage of personal information only to what is required for a legitimate business purpose. The Leidos Global Privacy Office routinely advises the business to limit collection of personal information to the minimum necessary to achieve the purpose for which it is being collected. Leidos annual compliance training reminds employees of that requirement.
Residents of jurisdictions with comprehensive data protection/privacy laws that provide for data subject rights, such as the UK, European Economic Area (EEA) or California, may have additional rights with respect to the processing of their Personal Information. Information about these rights and how to exercise them is provided in the Additional Rights under Local Laws section. In jurisdictions where these rights apply, you may exercise them, to the extent permitted by applicable data protection/privacy laws, with respect to any personal information that Leidos processes for our own purposes regardless of whether we collect your Personal Information through our Sites or Apps or through other means.
Whether this Statement applies to your Personal Information also depends on your relationship with Leidos and how your Personal Information was collected. For example, if you are a Leidos employee, Leidos’ Global Employee Privacy Notice applies to any employment-related information about you. And if you are a job applicant, Leidos’ Recruitment Privacy Notice applies to any Personal Information we collect in connection with recruiting and hiring new employees.
Some Leidos Sites and Apps may also have a supplemental privacy statement, policy, or notice. For example, the Leidos Australia Privacy Policy is available.
If there is a conflict between this Statement and the terms of any written agreement between a Leidos customer and Leidos, the terms of such written agreement will control.
Current Privacy STATEMENT Changes since PRIOR Privacy STATEMENT
What Categories of Personal Information Are Collected via Leidos Sites and Apps?
For the purposes of this Statement, “Personal Information” generally means data, or a combination of data from one or more sources, that identifies or could reasonably be used to identify an individual.
When you visit a Leidos Site or App, Leidos may collect the following categories of Personal Information from or about you. These categories of Personal Information may include, but are not limited to the types of Personal Information identified for each category of Personal Information:
- Contact Information – name; postal address, e-mail address, telephone number;
- Professional Information – organization name and job title;
- Network Information – IP address; network and geo-location;
- Resume Information – education and/or employment history, skills, certifications;
- Usage Information – the searches you perform and actions you take while visiting or using our Sites or Apps; and
- Voluntarily Disclosed Information – any information you provide to us through web forms or other communication tools available to you while visiting or using our Sites or Apps.
If you choose not to provide us with this Personal Information when prompted, we may be unable to provide you with the information or services you have requested.
Why is this Personal Information Collected?
We generally collect the categories of Personal Information described above on an entirely voluntary basis – in other words, we do not require you to give us your Personal Information. Certain areas of the Leidos Sites and Apps, however, may request your Personal Information so that you can use specific features, learn more about Leidos or access certain content. For example, we may ask you to submit Personal Information if you:
- request a product demo, download or access information about our products, services or programs;
- watch video content on our Sites and Apps;
- submit a contact form to request customer or technical support;
- access Investor Relations information;
- apply for a job with Leidos;
- ask to have a Leidos employee contact you; or
- request that we send materials to you
Use of Personal Information
We collect, use and share Personal Information when we have an appropriate legal basis to do this, such as:
- you have consented, for example, by signing up to receive communications or content from us or otherwise requesting access to information or materials that we make available via our Sites and Apps;
- our use of your Personal Information is necessary to meet our legitimate interests as a commercial organization (see Examples of Leidos' Legitimate Interests);
- our use of your Personal Information is necessary to perform a contract or take steps to enter into a contract with you, for example if you apply for a job with us or if you work for one of our service providers, customers, partners, prime contractors or subcontractors;
- when necessary to comply with a relevant legal or regulatory obligation, for example, in response to an audit, subpoena or court order; and/or
- our processing of your Personal Information is otherwise permitted by applicable law.
Examples of Leidos’ Legitimate Interests:
- operating, maintaining, and improving Leidos websites, products, services and programs;
- responding to comments and questions directed to us;
- providing customer service or technical support;
- sending information such as confirmations, invoices, technical notices, software updates, security alerts, and support and administrative messages;
- providing information requested by website visitors, current or potential customers, including but not limited to, educational content, fact sheets, webinars, white papers, upcoming events, and other news about products and services offered by us or our selected partners;
- protecting against, investigating, and deterring fraudulent, unauthorized, or illegal activity;
- process employment applications; and
- protecting Leidos’ personnel or property.
We may also use what we know about you to highlight products and services that may be of interest to you, or we may combine your Personal Information and other information about you with information collected from offline sources or information we already have.
Sharing Personal Information
We process and share your Personal Information for the purposes set out in this Statement. When we disclose Personal Information to other entities or individuals to perform support services for us, we authorize such entities and individuals to use your Personal Information only for the limited purposes of performing those support services.
Please note that as a general rule, Leidos cannot force third parties to abide by Leidos’ policies. Nevertheless, we do contractually require third parties with whom we share employee data, Customer Data or other Personal Information to abide by appropriate and relevant contract obligations aligned with the Leidos Code of Conduct, as well as applicable laws and regulations.
We may disclose Personal Information to:
- respond to questions about our product or services;
- send communications, including email newsletters, or other marketing materials;
- comply with applicable laws, obey judicial orders, respond to subpoenas; cooperate with law enforcement authorities, and respond to law enforcement requests;
- detect or prevent suspected or actual illegal activities or harm to our personnel or property;
- help us run our day-to-day business operations;
- protect our legal rights under any applicable laws or regulations, or to enforce our Terms of Use or Leidos policies;
- protect the rights or property of others, including our customers; and
- respond to and/or assist our auditors and legal advisors.
We may also disclose Personal Information:
- when legally required (e.g., for government reports);
- with our parent company or affiliates;
- in connection with or in the performance of a sale, merger, acquisition, or other transfer of all or part of our business to another company, or as part of a bankruptcy proceeding or business reorganization or any due diligence relating to any such sale, merger, acquisition, or other transfer;
- for other legitimate business purposes, such as product or service development, marketing, sales and website administration; and
- as otherwise permitted or required by law.
We may share and disclose information that does not personally identify you when necessary for our business operations.
Authorized Service Providers. We sometimes hire or contract with other companies and individuals to perform certain functions and services on our behalf. This is a common industry practice. We may need to disclose Personal Information so that they can perform these functions and services, which may include, for example, call center/customer service support, sending or processing postal mail or email, and analyzing or hosting data on cloud-based servers.
Data Collected for Analytics, Marketing and Advertising Purposes
We market our business in a number of ways, primarily through digital advertising, social media platforms, email marketing and offline marketing, such as at trade shows and conferences. You can learn about the choices available to you to opt out of receiving marketing from us in the Your Choices section.
To understand how our marketing or advertising campaigns are performing, our third-party service providers may collect certain information such as IP addresses, number of page visits, pages viewed, documents downloaded, videos viewed, search engine referrals, browsing activities over time and across other websites following your visit to one or more of our Leidos websites and responses to offline marketing campaigns (“Analytics Data”). We and our third-party service providers may use cookies to collect this information. You can learn more about our use of cookies in the Cookies section.
We, and our service providers, use several industry standard analytics and tracking tools to collect Analytics Data, such as browser cookies, flash cookies, web beacons and other, similar technologies.
We use Analytics Data to:
- identify new visits to Leidos websites;
- recognize returning visits;
- analyze the effectiveness of our website content and marketing or advertising-related activities;
- better understand Leidos’ current and potential customers, website visitors and mobile app users;
- determine whether Leidos’ current and potential customers, website visitors, and mobile app users might be interested in additional content, new products or services; and
- tailor our marketing and business development campaigns to individuals who we think may be interested in learning more about our products and services.
Use of Cookies
We may use cookies and other technologies to enhance your experience on our Sites and Apps and to collect information about your visits to our Sites and Apps. We may also allow certain third parties to place cookies on your browser when you visit our Sites and Apps, so they can provide us with analytics about how our Sites and Apps are used. We use cookies and other technologies to collect and store information about your preferences and settings, including the browser and device you use to visit our Sites; to collect information about your engagement with our Sites and Apps, including the pages you view, the links you click on, the date and time you visit our Sites and Apps; the duration of your visit; and the website that referred you to our Sites and Apps. We may use the information we collect about your visits to our Sites and Apps to make certain features available to you; to develop, maintain, and improve our Sites and Apps; to review whether our Sites and Apps are operating properly; and to perform analytics on usage of our Sites and Apps.
Managing Cookies. Cookies are small text files that may be placed on your browser when you visit our Sites and Apps. You may be able to use your browser or device settings to limit our ability to use cookies to collect information about your use of our Sites and Apps. Please note that your browser or device settings may not limit the collection of your personal information where flash cookies are used.
You can also set your preferences for Leidos websites by reviewing the Cookie Settings. This feature allows you to set your cookie preferences when you visit Leidos domains.
To learn how to manage flash cookies in particular, visit the Flash Player help page.
Review the following information on the types of cookies we set. Note that limiting the placement of cookies may result in certain features of our Sites and Apps not functioning as intended.
Please also note that we may use Google Analytics to measure and understand how visitors use our Sites and Apps. You can learn more about how Google uses the information it collects by visiting its website at google.com/policies/privacy/partners. You can opt out of Google’s collection of this information by downloading the Google Analytics Opt-Out Browser Add-On at tools.google.com/dlpage/gaoptout?hl=en.
Your Choices
You have certain choices with respect to the information we collect for advertising and marketing purposes. This section provides you with information about the choices you may have to control the information we collect about you for these purposes and how we use it.
Direct Marketing Communications. You can opt out of receiving direct marketing from us or change your marketing preferences.
You can opt out of receiving email marketing communications at any time by using the unsubscribe links or instructions included at the bottom of our emails. Please note that we may continue to send you service-related communications even after you opt out of receiving marketing communications.
You may also be able to opt out of receiving push notifications from mobile apps and text messages if you decide that you no longer wish to receive such communications. You may be able to use your device or app settings to manage your push notification preferences with respect to any of our Sites and Apps. If you previously agreed to receive text messages from us, but you no longer want to receive such messages, you can follow the instructions provided to you, which may include replying “STOP” to any such messages.
Interest-Based Advertising
We may engage third-party advertising service providers to help us target our advertisements to individuals who may be interested in our products and services or who may be interested in employment with Leidos. These service providers may also help us deliver advertisements to you, provide us with information about whether you engaged with our advertisements, and provide us with other analytics relating to the performance of our online advertisements. These service providers may use cookies and other technologies to collect information about your activity on our Sites and Apps. They may also combine this information with the information they collect about you, including information about your activities on other websites and applications over time and any personal information you or a third party may provide to them. They may also associate any information they collect about you across the various browsers and devices you use.
You can learn more about interest-based advertising by visiting the Network Advertising Initiative (“NAI”) or the Digital Advertising Alliance (“DAA”) websites. You can also learn how to opt out from the collection of your information for interest-based advertising purposes by third parties that participate in these self-regulatory programs by visiting the NAI and DAA opt- out pages.
Social Media Plugins
Our Sites and Apps may include plugins from social networks or other third parties. An example of a plugin is the link to Leidos’ Twitter feed or LinkedIn page. These plugins may communicate with and send information to the party that provided the plugin, even if you do not click on the plugin. This information may include your IP address, information about your browser and device, and the address of the web page you are visiting on our site. Loading, using or clicking the plugins may also place, read and transmit cookies. These cookies may contain a unique identifier the social network or third party assigns to you for use in associating information collected about your browser, so they can deliver interest-based advertising to you. The loading, functionality and your use of the plugins are governed by the privacy policy and terms of the party that provided the plugin.
Minors and Children under 16
Leidos websites are not directed to nor intended for use by minors. We do not knowingly collect any Personal Information or knowingly track the use of Leidos Sites or Apps by children under the age of 16.
Safeguarding Your Information
The integrity, availability and confidentiality of your Personal Information matters to us. That is why we use industry-standard technical, administrative and physical controls to protect Personal Information from unauthorized access, use and disclosure. We also review and evaluate our security procedures and controls on an ongoing basis to consider appropriate new technology and updated methods to help minimize risks from new security threats as they become known.
Data Retention
We will retain your Personal Information for as long as required for the purposes for which it was collected. How long we retain it depends on a number of factors, including the purpose for which it was obtained and/or our legal or regulatory obligations. For example, we may store your Personal Information for longer periods of time where we are required to do so to meet legal, regulatory, tax, or accounting requirements. We may also store it for longer periods of time to have an accurate record of your interactions with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation.
Other Websites
You should be aware that hyperlinks on this site may direct you to other websites that we do not control. These websites may be subject to a different privacy statement. Leidos is not responsible for the privacy practices or the content of websites to which we link, list, rank or identify by means of a search. Leidos takes no responsibility for the products, services, policies or actions of third parties or the content of third-party websites. We encourage you to be aware when you are leaving our site and to read the privacy policies of each website you visit.
Additional Rights under Local Laws (Depending on Where You Live)
Depending on where you live, local laws may require that we provide you with additional notices and rights. These rights may include:
- the right to access your Personal Information;
- the right to delete your Personal Information;
- the right to data portability;
- the right to correct your Personal Information;
- the right to object to our Processing of your Personal Information;
- the right to restrict our processing of your Personal Information;
- the right not to be subject to automatic decision-making;
- the right to know what Personal Information we collect;
- the right to opt-out of sales of your Personal Information; and
- the right to limit our processing of Sensitive Personal Information.
If you are a resident of the European Union (“EU”) or the United Kingdom (“UK”), please visit our EU/UK Privacy Notice to learn more about our processing of your Personal Information and the rights available to you under local law. If you are a resident of California, please visit our California Privacy Notice for more information about our processing of your Personal Information and your rights under California law. Individuals who reside in a country, state, or other jurisdiction with a law that provides for data subject rights may submit a request to exercise these rights by completing Leidos’ Privacy Rights Request Form.
International Data Transfer
Leidos operates all over the world, but it is headquartered in the United States. If you use a Leidos Site or App, your Personal Information may be transferred to or accessible by individuals working in the United States. It may also be stored and processed in any other country where Leidos or its affiliates, subsidiaries, or service providers have facilities. The data protection authority in your jurisdiction may not have determined that these countries have an adequate level of data protection. When we transfer your Personal Information from your jurisdiction to such countries, we use a variety of legal mechanisms, including contracts and written assurances from service providers, to help ensure your rights and protections travel with your Personal Information.
By continuing to use Leidos Sites and Apps, you authorize Leidos and its service providers to transfer your Personal Information to – or make it available in – destinations outside your home country and to process it according to this Statement. You may contact us at [email protected] for more information about the safeguards used to protect your privacy if we transfer your Personal Information outside of your country of residence.
Questions and Complaints
If you have any questions, complaints, or wish to send us comments about this Statement, please send an e-mail to [email protected]. We will investigate your complaint and respond as soon as possible.
If you submit a complaint that relates to processing of Customer Data, Leidos will communicate your complaint to the relevant customer for a response (unless it has been agreed otherwise with such customer). As stated above, Leidos will adhere to customer contract obligations regarding Customer Data.
Right to Lodge a Complaint with your Local Supervisory Authority
You may also have a right to file a complaint with your local supervisory authority if you have concerns about how we are processing your Personal Information. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time. If you need assistance identifying the appropriate supervisory authority, you can request assistance by sending an email to the email address provided above.
Changes to this Privacy Statement
We may update this Statement periodically. We will notify you of any changes by posting the new Statement at leidos.com/privacy, and we will change the "Last Updated" date above. You should consult this page regularly for any changes.
If you expand the + symbol next to the dates below, you will see a summary of the recent substantive changes to this Statement and the dates these updates came into effect.
-
- Privacy Statement refreshed in light of the EU General Data Protection Regulation (GDPR).
- Privacy Statement also made more concise and easier to navigate for all users of Leidos websites.
-
- Updated Legal Basis for Collecting and Using Personal Information section
- Updated Managing your Personal Information section, including updates to the following subsections:
- Right to Change or Delete Your Personal Information
- Right to Object to the Processing of your Personal Information
- How to Exercise the Rights Listed Above
-
- Updated link to Leidos Australia Privacy Policy
-
- Updated this Privacy Statement to reflect new rights under the California Consumer Privacy Act (CCPA)
- Created and posted new California Privacy Notice on separate Web page
- Condensed section in this Privacy Statement regarding rights of UK and EEA residents
- Detached UK/EEA Privacy Notice and posted it on different Web page
- Added sections relating to Analytics Data and Interest-Based Advertising
- Updated various sections to provide greater clarity on our information collection and handling practices
-
- Added language regarding processing of Customer Data and handling of complaints related to Customer Data
- Added disclosures about contractual obligations of third parties with whom Leidos shares Personal Information
-
- Added language regarding Scope, the collection of customer data, and limiting the collection of personal data.
- Added language to Data Retention section related to the Leidos Records Retention Policy
-
- Updated the Privacy Statement and California Privacy Notice to reflect new notice requirements and data subject rights under new privacy and data protection laws.
- Clarified the scope of the Privacy Statement and the availability of data subject rights.