Effective Date: Jan 3, 2018

VMware, Inc. and its group companies ("VMware", "we", "us" and "our") are committed to protecting the privacy of our website visitors, customers, business partners, end users, and event attendees.

The following privacy notices explain the different ways in which VMware collects, uses and shares personal information. Please take the time to read the notices carefully.

VMware Privacy Notice: This notice addresses the personal information we collect in the usual course of our business, including through our websites, our products and services (such as in product feedback and surveys), our mobile apps (where linked), and through other means (such as our events, sales and marketing activities).

Cookie Notice: This notice addresses how we use cookies and other similar tracking technologies when you visit our websites or use our products and services, and mobile apps.

Applicant Privacy Notice: This notice addresses the personal information we collect in connection with our employment recruiting efforts.

Mobile App Notices: For VMware mobile apps used by VMware for its own purposes (such as the VMworld mobile app or the VMware Partner Central mobile app), the VMware Privacy Notice will apply. To the extent the data collection, use and/or sharing practices of such mobile apps vary from the general notices in the VMWare Privacy Notice, these mobile apps will have their own individual privacy notices which will supplement the VMware Privacy Notice. For more information about the data collection practices of certain mobile apps, review the privacy notice of the VMware mobile app you have installed. For mobile apps developed by VMware but used by our customers or partners for their purposes, you should contact our customer or partner (your organization) to understand their data collection and use practices.

Additional Notices: VMware may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of those specific websites, mobile apps, products and services. These notices may supplement or clarify VMware's privacy practices or may provide you with additional choices about how VMware processes your data.

VMWARE PRIVACY NOTICE

VMware Inc. and its group companies ("VMware", "we", "us" and "our") are committed to protecting the privacy of our website visitors, customers, business partners, end users, and event attendees.

This Privacy Notice describes the privacy practices that apply to our collection, use, and disclosure of personal information through the VMware website, products, services and mobile apps (where they link or refer to this Privacy Notice), as well as in connection with our events, sales and marketing activities. 

VMware may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of that specific websites, mobile apps, products and services, and programs.  These notices may supplement or clarify the VMware's privacy practices in the circumstances described or may provide you with additional choices about how VMware processes your data.

If you have any questions about this Privacy Notice, please contact us at privacy@vmware.com. 

PART I: WHAT INFORMATION WE COLLECT & HOW WE USE IT

1. Information we collect from you
   

   We will collect personal information when you voluntarily provide it to us. For example, we collect personal information when you order, register for (or to use), or request information about VMware products or services, subscribe to marketing communications, request support, complete surveys, provide in product feedback, or sign up for a VMware event or webinar. We may also collect personal information from you offline, such as when you attend one of our events, during phone calls with sales representatives, or when you contact customer support. We may use this information in combination with other information we collect about you, as set forth in this Notice.
   
   The personal information we collect may include contact information such as your name, address, telephone number or email address, user IDs and passwords, and contact preferences. It may also include professional information, such as your job title, department or job role, as well as the nature of your request or communication. We also collect information you choose to provide to us when completing any 'free text' boxes in our forms (for example, for event sign-up, product feedback or survey requests). In addition, we may collect personal information disclosed by you on our message boards, chat features, blogs and our other services to which you are able to post information and materials. Any information that is disclosed in those forums becomes public information and may therefore appear in public ways, such as through search engines or other publicly available platforms, and may be “crawled” or searched by third parties. It could also be read, collected or used by other users to send you unsolicited messages. Please do not post any information that you do not want to reveal to the public at large.
   
   When purchasing VMware products or services, we may also collect billing and transactional information.
   
   Examples of how we may use this information include:

   • To provide you with VMware products and services, and to process transactions.
   • To respond to your requests or provide information requested by you.
   • To send administrative or account-related information to you.
   • To manage your account and provide support or other services, such as product updates, fixes and product and service recommendations.
   • To obtain and understand your feedback or user experience.
   • To better understand our customers and end-users and the way they use and interact with VMware websites, mobile apps, products and services.
   • To provide a personalized experience, and implement the preferences you request.
   • To improve service reliability or improve features and functionality.
   • To enhance security, monitor and verify identity or service access, combat spam or other malware or security risks.
   • To provide you with marketing and promotional communications (where this is in accordance with the law).
   • To determine the effectiveness of marketing and promotional campaigns.
   • To post testimonials (with your prior consent).
   • To interact with you on third party social networks (subject to that network's terms of use).
   • To administer product downloads and to confirm your compliance with our licensing and other terms of use.
   • To communicate with you about our events or our partner events.
   • For quality control and staff training.
   
   
2. Information we automatically collect
   When using VMware websites, online advertisements or marketing emails (collectively “Online Properties”) or mobile apps:
   

   We automatically collect certain information when you use or access Online Properties or mobile apps. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier. In some countries, including the European Economic Area, this information may be considered personal information under applicable data protection laws.
   
   We also automatically collect and store certain information in server logs such as: statistics on your activities on the Online Properties or mobile apps; information about how you came to and used the Online Property or mobile app; your IP address; device type and unique device identification numbers, device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL), broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser. We may also collect information about how your device has interacted with our website, including pages accessed and links clicked. In some countries, including the European Economic Area, this information may be considered personal information under applicable data protection laws.
   
   For additional information about our use of cookies and other similar tracking technologies, please see our Cookie Notice.
   
   Examples of how we may use this information include:

   • To provide you with the Online Property or mobile app.
   • To respond to your requests or provide information requested by you.
   • To obtain and understand your feedback or user experience.
   • To better understand our customers and end-users and the way they use and interact with the Online Property or mobile app.
   • To provide a personalized experience, and implement the preferences you request.
   • To improve service reliability or improve features and functionality.
   • To enhance security, monitor and verify identity or service access, combat spam or other malware or security risks.
   • To provide you with marketing and promotional communications (where this is in accordance with the law).
   • To determine the effectiveness of marketing and promotional campaigns.
   • To interact with you on third party social networks (subject to that network's terms of use).
   • To communicate with you about our events or our partner events.
   
   When using VMware products and services:
   

   In connection with your organization’s deployment of certain VMware products and services, we may automatically collect certain data relating to the performance and configuration of the VMware products and services, and our customer’s and their end-user's consumption of and interaction and use of such products and services ("Usage Data"). Usage Data is generally technical information obtained from product software or systems hosting the services, devices accessing these products and services and/or log files generated during such use which typically does not directly identify an end-user.
   
   Certain VMware products and services participate in VMware’s customer product experience improvement programs and, depending on the program, our customers may have the ability to limit or control the extent of information collected. Where information is collected in these programs, the information is used by VMware for three core purposes:

   • to facilitate the delivery of that VMware product or service and this may include tracking entitlements, verifying compliance, monitoring services and infrastructure performance, ensuring integrity and stability of the services or simply monitoring or addressing technical issues so we can deliver the product or service to the standards VMware has committed to;
     
   • to make recommendations for and to support the use of VMware products and services; and
     
   • to diagnose issues with and improve VMware products and services and related user experience.
   
   

   Some VMware products and services automatically collect and store certain Usage Data through cookies, pixel tags and other similar tracking technologies that uniquely identify a browser or device. For additional information about our use of cookies and other similar tracking technologies, please refer to our Cookie Notice.
   
   Where applicable, customer agreements (including service descriptions), just-in-time notices, or other disclosures contained within the VMware products or services may describe more details about the collection and use of Usage Data by VMware for its own purposes. The technical information and identifiers collected are further described in our Trust & Assurance Center and, in some cases, will depend on the level of program participation selected by the customer.
   
   Usage Data does not include any of a customer's content uploaded to VMware products or services. If you are an individual user of VMware products or services and you require more information regarding our Usage Data collection practices for products and services deployed by your organization, please contact your IT administrator.
   
   

3. Information from third party sources and affiliated companies
   

   From time to time, we may obtain information about you from third party sources as permitted by applicable law, such as public databases, resellers and channel partners, joint marketing partners, social media platforms. Examples of the information we may receive from other sources include: account information, job role and public employment profile, service and support information, information about your product or service interests or preferences, page-view information from some business partners with which we operate co-branded services or joint offerings, and credit history information from credit bureaus. We may use the information we receive from you to better understand you and/or maintain and improve the accuracy of the records we hold about you as well as to position, promote or optimise our products and services. We may also use this information in conjunction with your browsing habits / preferences (as obtained from our data partners) and your contact details, professional information and VMware transaction history (as obtained from our customer relationship management database) to deliver targeted advertising and marketing to you, where permitted by applicable law and in accordance with your advertising / marketing preferences.
   
   We may also obtain information about you from our affiliated companies, including Dell Technologies, Dell EMC, Pivotal, RSA, SecureWorks and VirtuStream (the Dell Family”) and, to the extent involved in the sales and marketing of our collective products and services, their appointed partners.
   
   We will use this information to provide support as well as to enhance our ability to provide relevant marketing, products, services and recommendations to you, and also to help monitor, prevent and detect fraud.
   
   

4. Information we process on behalf of our customers
   In the course of using our products and services, VMware customers and their end-users may submit or upload information to VMware's services for hosting or storage. This customer content is processed by VMware on behalf of the customer, and our privacy practices will be governed by the contract that we have in place with our customers, and this Privacy Notice will not apply to any personal information contained in such customer content. In accordance with such terms, VMware will process such customer content for the purposes of providing the relevant VMware services and in accordance with our customer's instructions. If you have any questions or concerns about how such information is handled, you should contact the person or entity who has contracted with VMware to use the VMware service to host or process this information (e.g. your employer). We will provide assistance to our customers to address any concerns you may have in accordance with the terms of our contract with them.

PART II: HOW WE SHARE YOUR INFORMATION

We take care to allow your personal information to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. We may share personal information about you with third parties in the following circumstances:

• Service Providers: We may share your information with third parties, such as vendors, consultants, agents and other service providers who work on our behalf. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis and insight, technical support and customer service. Unless described in this Privacy Notice, we do not share, sell, rent, or trade any of your personal information with third parties for their own promotional purposes.
  
• Business Partners: We may provide your information to our channel partners, such as distributors and resellers, to fulfill product and information requests, to effectively deliver unified support, and to provide customers and prospective customers with information about VMware and its products and services.
  From time to time, VMware may engage in joint sales or product promotions with selected business partners. If you purchase or specifically express interest in a jointly-offered product, promotion or service, we may share relevant personal information with those partners.
  Please be aware that VMware does not control our business partners’ use of such information. Our partners are responsible for managing their own use of the personal information collected in these circumstances. We recommend you review the privacy policies of the relevant partner to find out more about their handling of your personal information.
  
• VMware affiliates and Dell Family: We may share your information with our parent companies, subsidiaries and/or affiliates (including the Dell Family companies and their partners as mentioned above). This information may be shared and used to provide services and support, provide recommendations to optimize product and service use, to provide customers and prospective customers with information about the range of available products and services, and for the purposes otherwise described in this Privacy Notice.
  
• Vital interests: We may disclose information where we believe it necessary in order to protect the vital interests of any person.
  
• Compliance with laws or any competent law enforcement body, regulatory body, government agency, court or third party: We may disclose information where we believe disclosure is necessary or required (i) by law or regulation, in order to comply with legal process or government requests (including in response to public authorities to meet national security or law enforcement requirements); or (ii) to exercise, establish or defend our legal rights.
  
• Business transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your information shall only be used in accordance with this Privacy Notice.
  
• With your consent: We may disclose your personal information for any purpose with your consent.
  
• Other legitimate business purposes: We may share your personal information when it is necessary for other legitimate purposes such as protecting VMware's confidential and proprietary information or where necessary to support, respond to and to provide our products and services to our customers.

PART III: INTERNATIONAL TRANSFERS OF INFORMATION

Personal information, including personal information collected in the European Economic Area ("EEA") or Switzerland, may be transferred, stored and processed by us and our services providers, partners and affiliates in the United States and potentially other countries whose data protection laws may be different to the laws of your country, for example to Canada, The Philippines, Singapore, India, Australia and Israel. We will protect your personal information in accordance with this Privacy Notice wherever it is processed and will take appropriate contractual or other steps to protect the relevant personal information in accordance with applicable laws. These steps include implementing the European Commission's Standard Contractual Clauses for transfers of personal information from our group companies in the EEA to our other group companies. Our Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our service providers, partners and affiliates.

PART IV: SECURITY AND CONFIDENTIALITY

VMware maintains (and requires its service providers to maintain) appropriate organizational and technical measures designed to protect the security and confidentiality of any personal information we process. For example, VMware employs physical access controls, encryption, Internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. VMware staff who may have access to personal information are required to keep that information confidential.
However, no security procedures or protocols are ever guaranteed to be 100% secure and so we encourage you to take care when disclosing personal information online and to use readily available tools, such as Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

PART V: YOUR PRIVACY RIGHTS

Updating Your Information: If you would like to update personal information that you have provided to us, please logon to myvmware.com and update your profile.
Marketing Communications: You can opt-out of receiving marketing communications from VMware by going to the VMware subscription center at http://info.vmware.com/content/subscription and unsubscribing. You can also opt out by clicking "unsubscribe" in any marketing email communications we send you, or by sending an email to privacy@vmware.com.
Additional Rights for the EEA and Certain Other Territories: If you reside in certain territories (such as the European Economic Area), you may have the right to exercise certain privacy rights available to you under applicable laws. We will process your request in accordance with applicable data protection laws. We may need to retain certain information for record-keeping purposes and/or to complete transactions that you began prior to requesting any deletion.

• Right not to provide consent or to withdraw consent: We may seek to rely on your consent in order to process certain personal information. Where we do so, you have the right not to provide your consent or to withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
  
• Right of access: You may have the right to access the personal information that we hold about you.
  
• Right of erasure: In certain circumstances, you may have the right to the erasure of personal information that we hold about you (for example if it is no longer necessary for the purposes for which it was originally collected).
  
• Right to object to processing: You may have the right to request that VMware stop processing your personal information and/or to stop sending you marketing communications.
  
• Right to rectification: You may have the right to require us to correct any inaccurate or incomplete personal information.
  
• Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is not accurate or lawfully held).

If you would like to exercise any of the above rights, please contact privacy@vmware.com so that we may consider your request under applicable law. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
Certain VMware products and services: Certain VMware products and services may be used by our customers to collect personal information about you. In such cases, we are processing such personal information purely on behalf of our customers and any individuals who seek to exercise their rights should first direct their query to our customer (the data controller). See Part 1, section 4, above.

PART VI: OTHER INFORMATION

How long we retain your information
We will retain personal information we collect from you where we have a justifiable business need to do so and/or for as long as is needed to fulfill the purposes outlined in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes). You can request deletion of your personal information at any time (see "Your Privacy Rights" section for further information) and we will consider your request in accordance with applicable laws.
When we have no justifiable business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Children
Our website, products and services are not directed to individuals under the age of 14. We do not knowingly collect personal information from such individuals. If you become aware that a child has provided us with personal information, please contact us at privacy@vmware.com. If we become aware that a child under the age of 14 has provided us with personal information, we will take steps to delete such information.
External Links
Our website and services may provide links to other websites through direct links or through applications such as "share" or "Like" buttons. Other websites may contain links to the VMware website or services. VMware does not control those sites or their privacy practices, which may differ from VMware's Privacy Notice. We do not endorse or make any representations about third party websites. The personal information you choose to give to unrelated parties is not covered by this Privacy Notice. We encourage you to review the privacy notices found on such other websites, services, and applications to understand how your information may be collected and used.
Changes to this Privacy Notice
VMware will review and update this Privacy Notice periodically in response to changing legal, technical and business developments. When we update this Privacy Notice we will note the date of its most recent revision above. If we make material changes to this Privacy Notice, we will take appropriate measures to inform you in a manner that is consistent with the significance of the changes we make and is in accordance with applicable law. We encourage you to review this Privacy Notice frequently to be informed of how VMware is protecting your information.
California Privacy Rights
A business subject to California Civil Code section 1798.83 is required to disclose to its California customers, upon request, the identity of any third parties to whom the business has disclosed personal information within the previous calendar year, along with the type of personal information disclosed, for the third parties' direct marketing purposes. Please note that under California law, businesses are only required to respond to a customer request once during any calendar year.
In addition, a business subject to California Business and Professions Code Section 22581 must allow California residents under age 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted. Your request should include a detailed description of the specific content or information to be removed. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
If you are a California resident and would like to make either type of request described above, please contact us at privacy@vmware.com.

PART VII: HOW TO CONTACT US

If you have any questions or concerns regarding this Privacy Notice, you may write to us at privacy@vmware.com or by mail to: Office of the General Counsel of VMware, Inc., 3401 Hillview Ave, Palo Alto, California, 94304, USA.