Leonardo DRS, Inc. Privacy Policy

Last Updated: September 16, 2024

Introduction

Leonardo DRS, Inc. and all other covered entities enumerated below (collectively referred to herein as “Leonardo DRS,” “we,” “our” or “us”), recognize the importance of protecting personal data we may collect from visitors and any other individual or entity (“Users,” “you” or “your”) who visit our web sites.

This Privacy Policy applies to data collection by Leonardo DRS and shall apply to your use of the website, www.leonardodrs.com, and other Leonardo DRS-related sites, apps, communications, capabilities, and services (“Services”) accessible on or by any top-level Leonardo DRS domain owned by us (each, a “Site” and collectively the “Sites”), but excluding services that state that they are offered under a different privacy policy.

Our Privacy Policy explains: (1) what information we collect; (2) why we collect it; (3) how we use that information; (4) how we may share it; and (5) the choices we offer, including how to access and update information. Specifically, our Privacy Policy covers the following topics:

Please familiarize yourself with our privacy practices and let us know if you have any questions. By using the Sites, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites.

Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International Transfer” section below. If you do not agree to the transfer, storage, and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.

This Privacy Policy and related privacy practices reflect our commitment to compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF.

If you have any questions or comments about this Privacy Policy, please submit a request to [email protected].

1.0  When this Privacy Policy Applies

Our Privacy Policy applies to all of the services offered by Leonardo DRS and its affiliates, and services offered on other sites, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you, or other sites linked from our services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

2.0  Terms of Use

By accessing or using the Sites in any manner, you also agree to be bound by Leonardo DRS’ Terms of Use (the “Agreement”). Please read the Agreement carefully. If you do not accept all of the terms and conditions contained in or incorporated by reference into the Agreement, please do not use the Sites.

3.0  Information We Collect

We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of personal data include: full name, home address, email address, date of birth, digital identity, such as a login name or handle, information about your device, and certain metadata.

“Sensitive Personal Data” refers to a smaller subset of personal data that is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation. Leonardo DRS does not collect or use Sensitive Personal Data and asks that you do not provide Sensitive Personal Data to us.

We collect Personal Data in the following ways:

  • Information You Give to Us.
    You may choose to provide us with Personal Data about yourself, including your name, billing address, shipping address, email, phone number, zip or postal code, and username and password, by completing forms on our website, such as when you request information about our Services, apply for a job, or register for a program. You may also choose to provide us with your resume, employment history, education information, and some demographic information when you apply for a job at Leonardo DRS via our Site.

    When you visit one of our locations, you may provide us with additional information, including your company name, company address, and a government or other form of identification.

    When using our Services, you may provide us with messages sent between those individuals you have authorized to use our Services. In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.

    Please note that if you do not provide us with Personal Data, your ability to use certain aspects of our Sites or Services may be limited.
  • Information We Obtain from Your Use of Our Services.
    We collect certain information automatically, such as your operating system version, browser type, and internet service provider. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; and cookies that uniquely identify your browser.  We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.

  • Cookies and Similar Technologies.
    We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third-party advertising and analytics partners include Google, Bing, Sharpspring, Active Campaign, Youtube, Vimeo, LinkedIn, Stack Adapt and SEM Rush.

The technologies we use for this automatic data collection may include:

  • Cookies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate settings on your browser. However, if you select this setting you may be unable to access certain parts of our services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our services.  For more information about our use of cookies, including details on how to opt out of certain cookies, please see our Cookie Policy.
  • Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count Users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
  • Clickstream Data. Clickstream data is information collected by our computers when you request Web pages from the Sites. Clickstream data may include information such as the page served, the time spent viewing the page, the source of the request, the type of browser making the request, the preceding page viewed, and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, and what type of visitors in the aggregate are interested in particular kinds of content on the Sites.

4.0  Information Collected Related to California Residents

During the last twelve (12) months, we have collected the following categories of personal information from Users.

CategoryType of Identifiers We CollectCollected
IdentifiersName, billing address, shipping address, email, phone number, zip or postal code, unique personal identifier, Internet Protocol address, and username and password.YES
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))A name, address, telephone number, financial account information, education, medical information and employment history.YES
Protected classification characteristics under California or federal lawAge, racial or ethnic origin, sex, sexual orientation.YES
Commercial InformationRecords of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.YES
Internet or other similar network activityBrowsing history, search history, information on a consumer’s interaction with a website, application, or advertisement, cookies.YES
Professional or employment-related informationProfessional or employment-related information, such as work history and prior employer, human resources data and data necessary for benefits and related administrative services.YES

We obtain the categories of Personal Data listed above from the following categories of sources:

  • Directly from our customers or their agents, visitors, applicants, employees and contractors. For example, from information that our customers provide to us when they enter information to purchase supplies.
  • Indirectly from our customers or their agents. For example, through information we collect from our customers in the course of providing Services to them.
  • Directly and indirectly from activity on our website (www.leonardodrs.com). For example, from website usage details that are collected automatically. In addition, like many companies, we use “cookies” which are small text files a website can use to recognize repeat Users, facilitate the User’s ongoing access to and use of the site and to track usage behavior of, for example, the webpages you visit.
  • From third parties that assist us in providing certain transactions and services (e.g. hosting), even though it appears that you may not have left our Site.

5.0  How We Use Information We Collect

We use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:

  • To inform you about services available from Leonardo DRS.
  • To authorize access to our Sites and Services.
  • To provide you with Services and Products.
  • To offer and administer programs.
  • To administer content, promotion, sweepstakes, surveys, voting polls or other Site features.
  • To communicate about, and administer your participation in, special programs, surveys, contests, online campaigns, online programs, sweepstakes, and other offers or promotions, and to deliver pertinent emails.
  • For marketing purposes, including but not limited to, personalizing email marketing that we send to you, sending you other promotional materials, and notifying you about special promotions, offers, events or opportunities that may be of interest to you.
  • To improve our customer service.
  • To respond to and support Users regarding their use of the Sites and Services.
  • To comply with all applicable legal requirements.
  • To investigate possible fraud or other violations of our Terms of Use or this Privacy Policy and/or attempts to harm our Users.

We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our Company and our Users.

We use information collected from cookies and other technologies, to improve your user experience and the overall quality of our services. We may use your personal information to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. 

We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.

6.0  Our Legal Basis for Collecting Personal Data

Whenever we collect Personal Data from you, we may do so on the following legal bases:

  • Your consent to such collection and use;
  • Out of necessity for the performance of an agreement between us and you, such as your agreement to use our Services or your request for Products;
  • Our legitimate business interest, including but not limited to the following circumstances where collecting or using Personal Data is necessary for:
    • Intra-organization transfers for client data for administrative purposes.
    • Product development and enhancement, where the processing enables Leonardo DRS to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our Users, and to better understand how people interact with our Sites.
    • Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our promotional campaigns and advertising.
    • Fraud detection and prevention.
    • Enhancement of our cybersecurity, including improving the security of our network and information systems.
    • General business operations and diligence.

Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards that are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.

7.0  Information We Share

We do not share Personal Data with companies, organizations and individuals outside of the Organization unless one of the following circumstances applies:

  • With your consent. We will share Personal Data with companies, organizations or individuals outside of Leonardo DRS when we have your consent to do so.
  • For external processing. We provide Personal Data to our affiliates or other trusted businesses or partners to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. These third parties include resellers, distributors and sales representatives. It is our policy to only share Personal Data with contractors, service providers and other third parties who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. Under certain circumstances, you may avoid having us share your information with our business partners and vendors by not granting us permission to share your information.  Not granting us permission to share your information with our business partners or vendors may limit your access to their services through the Sites.
  • For Legal Reasons. We will share Personal Data with companies, organizations or individuals outside of Leonardo DRS if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
    • meet any applicable law, regulation, legal process or enforceable governmental request.
    • enforce applicable Terms of Use, including investigation of potential violations.
    • detect, prevent, or otherwise address fraud, security or technical issues.
    • protect against harm to the rights, property or safety of Leonardo DRS, our Users or the public as required or permitted by law.

We attempt to notify Users about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague, or lack proper authority, but we do not promise to challenge every demand.

  • Business Transfers. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. If Leonardo DRS itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.
  • Aggregate site use information. We may share aggregate and anonymized/pseudonymized Personal Data to third parties in order to promote or describe use of the Sites, for research, marketing, advertising, or similar purposes.

8.0  Your Failure to Provide Personal Data

Your provision of Personal Data is required to use certain parts of our services and our programs. If you fail to provide such Personal Data, you may not be able to access and use our Services and/or our programs, or parts of our Services and/or our programs.

9.0  Our Retention of Your Personal Data

We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our programs and Services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

10.0  Sharing Personal Data

In the preceding twelve (12) months, we have disclosed the following categories of Personal Data for one or more business purposes:

  • California Customer Records Personal Information categories.
  • Protected classification characteristics under California or federal law.
  • Commercial information.
  • Internet or other network activity information.
  • Professional or employment-related information.
  • Geolocation data.

We disclose your Personal Data for a business purpose to the following categories of third parties:

  • Our affiliates.
  • Commercial providers.
  • Enterprise accounts, such as your employer.
  • Service providers and other third parties we use to support our business, including without limitation those performing core services (such as billing, credit card processing, customer support services, customer relationship management, accounting, auditing, advertising and marketing, analytics, email and mailing services, data storage, security clearance and other security purposes) related to the operation of our business and/or the Services, and making certain functionalities available to our Users.
  • Service providers and other third parties to support job recruitment, including, but not limited to, CareerArc Group LLC.
  • Third parties to whom you or your agents authorize us to disclose your Personal Data in connection with the services we provide to you.

We may disclose your Personal Data for legal reasons. Specifically, we will share Personal Data with companies, organizations or individuals outside of Leonardo DRS if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:

  • Fulfill any purpose for which you provide it.
  • Meet any applicable law, regulation, legal process or enforceable governmental request.
  • Enforce applicable Terms of Use, including investigation of potential violations.
  • Detect, prevent, or otherwise address fraud, security or technical issues.
  • Protect against harm to the rights, property or safety of Leonardo DRS, our Users or the public as required or permitted by law.
  • For any other purpose disclosed when you provide the information.
  • When we obtain your consent to do so.

We attempt to notify Users about legal demands for their Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

We may disclose your Personal Data in the event of a business transfer. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. If Leonardo DRS itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.

11.0  Do Not Sell Personal Data

In the preceding twelve (12) months, we have not sold any Personal Data.

12.0  Your Privacy Choices

You may have certain rights relating to your Personal Data, subject to local data protection laws. Whenever you use our services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of Personal Data we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that the Personal Data we maintain about you is inaccurate, and subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.

12.1 Rights Specific to California Residents

Under the California Consumer Privacy Act (CCPA”), California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.

Below we further outline specific rights which California residents may have under the CCPA.

  • Right to Access Your Data. Below we further outline specific rights which California residents may have under the CCPA.
  • Right to Data Portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means you have a right to request that we move, copy or transmit your Personal Data stored on our servers or information technology environment to another service provider’s servers or information technology environment.
  • Right to Delete Your Data. You have the right to request that we delete any of your Personal Data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Data from our records, unless an exception applies.
  • Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for exercising your privacy rights conferred by the CCPA.
  • Right to Correct. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
  • Right to Limit Use of Sensitive Personal Information. Under the CCPA, “Sensitive Personal Information” means: (A) personal information that reveals your social security, driver’s license, state identification card, or passport number; account log‐in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; the contents of your mail, email and text messages, unless we are the intended recipient of the communication; genetic data; and the processing of biometric information for the purpose of uniquely identifying you; (B) personal information collected and analyzed concerning your health; or (C) personal information collected and analyzed concerning your sex life or sexual orientation. Note that “Sensitive personal information” excludes information that is made publicly available.

If applicable under the CCPA, you have the right to limit our use of your Sensitive Personal Information in certain circumstances. To exercise this right, click on the ‘Limit the Use of my Sensitive Personal Information” button at the bottom of this page.

Exercising Your Rights

If you are a California resident who chooses to exercise your rights, you can:

  • Submit a request via email to [email protected]; or
  • Call 1-866-895-0699 to submit your request.

You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.

Our Response to Your Request

Upon receiving your request, we will confirm receipt of your request by sending you an email. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.

We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing.  If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

In some cases, our ability to uphold these rights for you may depend upon our obligations to process Personal Data for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the Personal Data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

12.2  Privacy Rights Specific to European Union & UK Residents

The European Union’s General Data Protection Regulation (“GDPR”) may provide EU and UK individuals with certain rights in connection with Personal Data they have shared with us. If you are a resident in the European Economic Area, you may have the following rights:

  • The right to be informed. You are entitled to be informed of the use of your Personal Data. This Privacy Policy provides such information to you.
  • The right of access. You have the right to request a copy of your Personal Data which we hold about you.
  • The right of correction. You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
  • The right to be forgotten. You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
  • The right to object (opt-out). You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
  • The right to data portability. You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
  • The right to refuse to be subjected to automated decision making, including profiling. You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
  • The right to lodge a complaint with a supervisory authority. You have the right to lodge complaints about our data processing activities by filing a complaint with us or with the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

To make these requests, you may contact us using the contact information below, and we will consider your request in accordance with applicable laws.

Changing or Deleting Your Information

You may update or correct information about yourself by making changes in your account or emailing us at [email protected]. If you completely delete all such information, then your account may become deactivated.  We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes. 

We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.

13.0  Our Opt-in/Opt-out Policy

By providing an email address on the Leonardo DRS Sites, you agree that we may contact you in the event of a change in this Privacy Policy, to provide you with any service related notices, or to provide you with information about our events, invitations, or related educational information.

For purposes of this Privacy Policy, “opt-in” is generally defined as any affirmative action by a user to submit or receive information, as the case may be.  

We currently provide the following opt-out opportunities: 

  • At any time, you can follow a link provided in offers, newsletters or other email messages (except for e-commerce confirmation or service notice emails) received from us to unsubscribe from the service.
  • At any time, you can contact us through [email protected] or the address or telephone number provided below to unsubscribe from the service and opt-out of our right per your consent under the terms of this Privacy Policy to share your Personal Data.

Notwithstanding anything else in this Privacy Policy, please note that we always reserve the right to contact you in the event of a change to this Privacy Policy, or to provide you with any service-related notices.

14.0  Third Party Links

The Sites may contain links to web pages operated by parties other than Leonardo DRS. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects, and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party’s website. Leonardo DRS strongly recommends that each User review the third party’s terms and policies.

15.0  International Transfer

We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data. 

Since we are a global organization, Personal Data and any additional information submitted may be used globally in connection with employment, business processes within Leonardo DRS, or communicating with our clients. Therefore, Personal Data may be transferred to other Leonardo DRS entities worldwide, where it will be processed in accordance with this Privacy Policy and laws that are applicable in each country. Countries, where we process data, may have laws that are different, and potentially not as protective, as the laws of your own country.

If we transfer your Personal Data out of your jurisdiction, we will implement suitable safeguards and rely on legally provided mechanisms to lawfully transfer data across borders to ensure that your Personal Data is protected.  It is our policy to, where required by applicable laws, execute a Data Privacy & Data Security Addendum and Standard Contractual Clauses with third parties with whom we may share Personal Data.

EU-U.S. Data Privacy Framework (DPF) & UK Extension to the EU-U.S. DPF

Leonardo DRS, Inc. and its U.S.-based subsidiaries enumerated below (collectively referred to in this Data Privacy Framework section as “Leonardo DRS”, “we”, “our” or “us”) comply with the EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Leonardo DRS has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) regarding the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (UK) and Gibraltar in reliance on the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the EU-U.S. DPF Principles and the UK Extension to the EU-U.S. DPF, Leonardo DRS commits to resolve complaints about your privacy and our collection or use of your personal information. European Union and UK residents with inquiries or complaints regarding this privacy policy should first contact Leonardo DRS at: [email protected].

Leonardo DRS has further committed to refer unresolved privacy complaints under the DPF to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, DRS commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) concerning unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship. Please do not refer human resources data inquiries or complaints to the BBB National Program’s Data Privacy Framework Services.

If your complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.

Our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We will disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Accountability for Onward Transfer

If you are an EU or UK individual, when we transfer your personal data to third party service providers who perform services for us on our behalf, we are responsible for the processing of that data by them and shall remain liable if they process your personal data in a manner inconsistent with the EU-GDPR or UK-GDPR, as applicable, unless we prove that we are not responsible for the event giving rise to the damage.

16.0  How We Protect Personal Data

Leonardo DRS maintains administrative, technical, and physical safeguards designed to protect the User’s Personal Data and information against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure, or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context, and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.

17.0  Children

The Site is not intended for use by children. We do not intentionally gather Personal Data about visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 16 in the applicable jurisdiction, please contact us at [email protected]. If we learn that we have inadvertently collected the personal information of a child under 16, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.

18.0 Direct Marketing and “Do Not Track” Signals

Leonardo DRS does not track its Users over time or across third-party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third-party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons, and similar technologies, to allow you to opt out of data collection through those technologies.

Do Not Track (DNT) is a privacy preference you can set in most browsers. For more details, visit allaboutdnt.com. There is no standard interpretation or practice for responding to DNT signals, so we handle all user information consistent with this Privacy Policy.

Global Privacy Control (GPC) is a setting you can enable in your web browser to communicate your privacy preference for not having certain information about your webpage visits collected across websites. For more details, including how to turn on GPC, visit https://globalprivacycontrol.org/.

We will not disclose your Personal Information to third parties if we have received and processed a request from you not to do so. To submit such a request, please contact us by clicking here: Do Not Sell or Share My Personal Information.

California residents are entitled to contact us to request information about whether we have disclosed personal information to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of personal information to third parties for their direct marketing purposes. You may choose to opt out of the sharing of your personal information with third parties for marketing purposes at any time by submitting a request to [email protected]. California Users may request further information about our compliance with this law by e-mailing us at the address listed in the “How to Contact Us” section.

19.0  Changes to this Privacy Policy

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services or programs, email notification or privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.

20.0  Choice

If Personal Data covered by this Privacy Policy is to be used for a new purpose that is materially different from that for which the personal data was originally collected or subsequently authorized or is to be disclosed to a non-agent third party in a manner not specified in this Policy, DRS will provide you with an opportunity to choose whether to have your Personal Data so used or disclosed. Request to opt out of such disclosures of Personal Data should be sent to us in the “How to Contact Us” section below.

Certain Personal Data, such as information about medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, is considered “Sensitive Information.” DRS will not use Sensitive Information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless DRS has received your affirmative and explicit consent (opt-in).

21.0  How to Contact Us

If you have any specific questions about this Privacy Policy, you can contact us via email or write to us at the address below:

Send e-mail to: [email protected]

Send mail to our address:

Leonardo DRS, Inc.
Blake M. Guy
VP, Corporate Counsel
Attn: Privacy Policy Inquiry
2345 Crystal Drive, Suite 1000
Arlington, VA 22202
U.S.A.

U.S. based covered entities: Laurel Technologies Partnership d/b/a DRS Laurel Technologies; DRS Surveillance Support Systems, Inc.; DRS C3 & Aviation Company; DRS Radar Systems, LLC; DRS Naval Power Systems, Inc.; DRS Power Technology, Inc.; Engineered Coil Company d/b/a DRS Marlo Coil; Pivotal Power Inc. d/b/a DRS Pivotal Power; DRS Environmental Systems, Inc.; DRS Sustainment Systems, Inc.; DRS Network & Imaging Systems, LLC; DRS Defense Solutions, LLC; DRS Signal Solutions, Inc.,; DRS Training & Control Systems; LLC, DRS Advanced ISR, LLC, DRS Unmanned Technologies, Inc.; DRS Systems, Inc.; DRS Homeland Security Solutions, Inc.; DRS Systems Management, LLC; Tech-Sym, LLC; DRS International, Inc.; T-S Holding Corporation; ESSI Resources, LLC; Engineered Support Systems, Inc.; Oto Melara North America, LLC; Daylight Solutions. Inc. d/b/a DRS Daylight Solutions, Inc.; Daylight Defense, LLC d/b/a DRS Daylight Defense, LLC; RADA Technologies, LLC; RADA Innovations, LLC