Looking for product - or service-specific privacy statements? Go here.
Our goal is to make the world a better place through the ethical use of data.
At F5, our guiding principle is: first and foremost, we do the right thing. That’s why you can count on us to always do the right thing with your data. This concept defines and governs our approach to privacy, as reflected in our privacy principles.
We’re transparent about our data management practices. We do what we say, and say what we do.
We intentionally build our solutions with privacy by design and default.
We only collect the data we need to better serve you.
Data security and data privacy go hand in hand—we prioritize both to protect your data.
Our service-specific privacy statements detail the types of personal data that our services handle. In addition, we collect:
We may collect personal data directly from you or your employer, third-party sources like our Unity Partners, third-party marketplaces that offer our products (like AWS and Google Cloud Platform), data brokers, marketing companies, customer referrals, and publicly available sources like company websites and LinkedIn.
For complete details, please see our privacy notice.
NOTE: We can aggregate or de-identify your personal data so that the information can’t be linked to you and is, in actuality, no longer personal data. Our use and disclosure of non-personal data isn’t subject to our privacy notice.
We use and disclose personal data collected or generated through our services as described in our service-specific privacy statements and based on contracts with customers. We use and disclose other personal data for these reasons:
The disclosure of personal data we collect or generate through our services is described in service-specific privacy statements and based on contracts with customers. We may disclosure other personal data to:
We’re a global company, so some affiliates and third parties who we disclose data to are in countries where data protection laws may not provide as much protection as the laws in your country. We comply with legal requirements for protecting the movement of data across borders, including the use of European Commission-approved Standard Contractual Clauses.
Our customers may transfer personal data to F5 via legal mechanisms approved by the European Commission and other relevant authorities for transferring data across borders. If you want to see copies of the tools F5 uses for transfers data to third parties, please contact us.
For a full explanation of F5’s privacy practices, please see our privacy notice.
We’ll keep personal data as long as necessary to fulfill the purposes outlined in our privacy notice unless the law requires us to keep it longer. For security and business continuity, we make backups of certain data, which we may hold onto for longer than the original data.
The laws in some jurisdictions require data controllers to tell you about the legal grounds that allow them to use or disclose your personal data. Where those laws apply, our legal grounds are:
Legitimate interests—We handle personal data because it furthers the legitimate interests of F5, our customers, business partners, or suppliers, such as the interests listed below, when the handling of data doesn’t unduly impact your interests, rights, and freedoms:
Contractual obligations—Some of the ways we handle personal data are required to meet our contractual obligations to individuals or to take steps at the person's request because we’re planning to enter into a contract with them. A good example of this is when we process an individual’s payment data for a certification exam.
Consent—If the law requires, we handle personal data on the basis of consent. For example, some of our direct marketing efforts operate on the basis of consent. If the law requires explicit consent, we use personal data only when such consent is given. If the law allows, we can infer consent based on circumstances.
Legal obligations—We sometimes need to use and disclose personal data to comply with legal obligations.
As a business subject to the investigatory and enforcement authority of the United States Federal Trade Commission, F5 has certified it adheres to the Privacy Shield Principles with respect to personal data we receive through a specific subset of our many services. We honor our commitments with respect to personal data received under our certification.
F5’s Privacy Shield certification is available at privacyshield.gov/list. To learn more about the Privacy Shield program, please visit privacyshield.gov.
We recognize that the Court of Justice of the European Union in July 2020 ruled that the EU-U.S. Privacy Shield Framework can no longer be the basis for entities subject to the GDPR to export personal data to the United States, and that the United Kingdom and Switzerland have since reached similar conclusions.
While F5 customers who relied on the EU-U.S. and Swiss-U.S. Privacy Shield certifications transition to other safeguards, like Standard Contractual Clauses, we continue to honor our commitments to comply with the Privacy Shield.
For complete details, please see our privacy notice
An important note about security
To help protect personal data, our privacy practices include physical, technical, and administrative safeguards. However, we can’t be certain that the data that we collect will never be used or disclosed in a way that’s inconsistent with our privacy notice.
For personal data that we collect via our services, the privacy statement for each service has instructions on how you can exercise your legal rights with respect to your data.
For other personal data (and certain personal data we collect through some of our services), we offer the following options for exercising your rights and choices about how we use your personal data.
For your protection, we’ll only implement certain requests with respect to personal data after we’ve verified your identity. Contact us or review our full Privacy Notice to find all the information relevant to exercising your rights.
In our websites, apps, and emails, we and third parties may collect certain information via cookies, web beacons, JavaScript, and mobile-device functionality. This information can include unique browser identifiers, IP address, browser and operating system information, device identifiers (such as the Apple IDFA or Android Advertising ID), geolocation, other device information, and Internet connection information, as well as details about your interactions with our apps, websites, and emails (for example, the URL of the third-party website you came from, the pages on our website that you visit, and the links you click on our websites).
We and third parties may use these automated means to read or write information on your devices, such as in various types of cookies and other browser-based or plugin-based local storage to collect pieces of information that, taken together, can uniquely identify your device.
These technologies help us:
By clicking on the cookie preferences link in the footer of our participating websites, you can launch a consent tool to adjust your preferences about how certain cookies and similar technologies are used in those F5 websites. Repeat this process with each browser you use to visit those websites. Our full privacy notice has more detail about our use of these technologies, how this opt-out works, and additional opt-out options.
To request to exercise your data protection rights under the GDPR or other laws (beside the CCPA), please visit the General DSR Portal.
For CCPA Requests only for California Residents, please follow the instructions for California-specific rights.
For security and legal reasons, F5 reserves the right to deny requests that require us to access third-party websites or services.
If you have any other request, question, or complaint regarding your personal data or this Privacy Notice, please complete the form below or send your inquiry to:
F5 can change our privacy notice at any time, including to reflect changes in the law or our data practices. Any updated privacy notice will be easily accessible from f5.com.
F5 Inc.,Shape Security, Inc., or Volterra, Inc.
Attn: Privacy Office
801 5th Ave
Seattle, Washington 98104
United States
Data Protection Officer:
Dr. Felix Wittern
Fieldfisher
Am Sandtorkai 68
20457 Hamburg
Germany
f5.dpo@fieldfisher.com
Main European office:
NGINX
Attn: Privacy Office
3rd Floor, 89/90 South Mall
Cork, Ireland
T12 RPPO