Privacy Policy
When this Policy applies
Data Policy This policy describes the information we process to support Facebook, Instagram, Messenger and other products and features offered by Facebook (Facebook Products or Products).You can find additional tools and information. Information we may collect. The Globe collects personal information from you in several.
This Privacy Policy (“Policy”) covers the information generated when you use or subscribe to AT&T products, services, apps, websites or networks to which this policy is linked. In the policy, we call them “Products or Services” for short. They include voice, data, video, entertainment, advertising, internet and other products, services and apps.
This Policy applies to you and anyone who uses our Products or Services under your account, except where we identify for you that separate AT&T privacy policies or terms and conditions apply. You are responsible for making sure all users under your account understand and agree to this Policy. Click “Learn more” for a description of special circumstances where this Policy may not apply or may apply in addition to other policies.
Here are special circumstances where this Policy may not apply, or may apply in addition to other policies:
- Some of our Products or Services – for example the AT&T TV app and our FirstNet service – may be covered by their own privacy policies or additional privacy terms and conditions.
- Some of our affiliates – such as WarnerMedia companies and Cricket – have their own privacy policies that apply to data they collect from products, services and apps they provide. Any data collected subject to this Policy that is shared with those affiliates will still be protected consistent with this Policy.
- Some areas both inside and outside of the United States - for example California and the European Union - require us to adopt different policy terms and commitments in accordance with local laws.
- In certain cases, when you’re using your AT&T Products or Services, other companies may be collecting information, so that your information may be covered by this Policy and other privacy policies at the same time. Here are some examples: if you purchase one of our Products or Services from a retailer; if you use our services to connect to a social networking service or another company’s Wi-Fi network; or if you provide your information to another company through a co-branded website, app or service controlled by the other company. In those cases, any information you provide to those companies may be subject to just their policy, or subject to both their policy and ours.
- If you are an AT&T business customer, we may have written Product or Service agreements that contain specific provisions about confidentiality, security or handling of information. When one of those agreements differs from or conflicts with this Policy, the terms of those agreements will apply instead.
The information we collect
We collect information about you and how you’re using our Products or Services along with information about your devices and equipment. This may include performance information, along with web browsing, location and TV viewing information.
Here are detailed examples of types of information we collect from our Products or Services:
- Account Information: includes things like contact and billing information, service-related details and history and similar information, including Customer Proprietary Network Information. It also includes technical, equipment and usage information that relate to the services, products, websites and networks we provide you.
- Web browsing and app information includes things like the websites you visit or mobile apps you use, on or off our networks. It includes internet protocol addresses and URLs, pixels, cookies and similar technologies, and identifiers such as advertising IDs and device IDs. It can also include information about the time you spend on websites or apps, the links or advertisements you see, search terms you enter, items identified in your online shopping carts and other similar information.
- Equipment Information includes information that identifies or relates to equipment on our networks, such as type, identifier, status, settings, configuration, software or use.
- Network performance and usage information includes information about our networks, including your use of Products or Services or equipment on the networks, and how they are performing.
- Location Information includes your street address, your ZIP code and where your device is located. Location information is generated when the devices, Products or Services you use interact with cell towers, Wi-Fi routers, Bluetooth services, access points, other devices, beacons and/or with other technologies, including GPS satellites.
- TV and video viewing information is generated when you use our video services, such as apps, satellite or internet protocol television services or a streaming service. We get information from the technologies you use to watch TV or video. These services may also include video on demand, pay per view, streaming service, interactive services and games, DVR services, TV apps for a tablet or smartphone and similar services and products. If you are watching TV or video through a web browser or app, we may also collect information as described above in the web browsing and app information section. We also collect information related to your use and interaction with the equipment in your home, including the TV receivers, set top boxes, remotes and other devices you may use to access our services.
How we collect your information
We collect your information in 3 ways:
- You give it to us when you make a purchase, set up an account or otherwise directly communicate with us.
- We automatically get it when you use, or your device uses, our Products or Services. For example, we use network tools to collect information like call and text records and the web browsing information we describe in this Policy.
- We get it from outside sources like credit reports, marketing mailing lists, and commercially available geographic and demographic information, along with other available information, such as public posts to social networking sites.
How we use your information
We use your information to power our services and to improve your experiences. We use your information to provide, support, improve, protect, analyze and bill for our products, service and network; to communicate with you about your service, products or apps; to market our services; to detect and avoid fraud; for advertising; and for research purposes.
Here are examples of ways we use your information:
- Providing our Products and Services.
- Contacting you.
- Improving your experience and protecting the Products and Services we offer. This includes things like customer care, network security, verifying or authenticating your identity, detecting fraud , billing and collection, protecting your financial accounts, authorizing transactions and the development of future Products and Services.
- Helping us plan, deploy, improve, protect and defend our network infrastructure, detecting and preventing fraud, and protecting our property and legal rights.
- Understanding the Products, Services and offers that you, and other AT&T customers with whom you call and text and interact, might enjoy the most. We do not use the content of your texts, emails or calls for marketing or advertising.
- Creating engaging and customized experiences and offering new or improved Products and Services or offers. This is based on things like the information we’ve collected and our research, development and analysis.
- Supporting and providing location services.
- Designing and delivering advertising and marketing campaigns to you and others and measuring their effectiveness. See Privacy Choices and Controls for more information about how your information is used for advertising and marketing programs and your choices and controls for such use.
- Delivering or customizing products and the content you see, including advertisements, articles, videos, and marketing materials.
- Creating aggregate business and marketing insights, and helping companies develop aggregate insights to improve their business (for instance, to market their products and services).
- Preventing and investigating illegal activities and violations of our Terms, Use Policies and other service conditions or restrictions.
How we share your information
- We share it with your permission.
- We share it across AT&T companies.
- We share it with non-AT&T companies or entities as explained in this Policy. For more details about how your information may be shared for advertising and marketing see Privacy Choices and Controls.
Sharing information across the AT&T affiliates
Like many large companies, AT&T is made up of many affiliates. Our Products and Services are developed, managed, marketed and sold by a variety of our affiliates. We share information that may identify you personally internally among our affiliates, such as Xandr, the WarnerMedia family of companies and Cricket. You can learn more about AT&T affiliates by going to att.com. For information collected under this Policy, we require the affiliate to protect the information consistent with this Policy. We may also combine information that identifies you personally with data that comes from an app or affiliate that has a different privacy policy. When we do that, our Policy applies to the combined data set.
Sharing information with non-AT&T companies that provide services for us or for you
We share information that identifies you personally with vendors that perform services for us or that support Products or Services provided to you, including marketing or ad delivery services. We do not require consent for sharing with our vendors for these purposes. We do not allow those vendors to use your information for any purpose other than to perform those services, and we require them to protect the confidentiality and security of data they get from us in a way that’s consistent with this Policy.
Sharing information with non-AT&T companies to enable third party services to you
We may share information with non-AT&T companies for their purposes to provide you services such as verifying or authenticating your identity, detecting fraud, protecting your financial accounts, and authorizing transactions. We require proof of your explicit consent before sharing your information that identifies you personally for this purpose. We do not allow those non-AT&T companies to use it for any purpose other than to perform those services, and we require them to protect the confidentiality and security of data they get from us in a way that’s consistent with this Policy. In some cases, to facilitate these programs, we will use or share identifiers such as your phone or account number. These identifiers are only used for network authentication, to detect fraud, for identity verification, or for the linking of devices you own to authenticate you.
Sharing information with other non-AT&T companies or entities
There are also times when we provide information that identifies you personally to other companies and entities, such as government agencies, credit bureaus and collection agencies, without your explicit consent, but where authorized or required by law. Reasons to share include:
- Complying with court orders, subpoenas, lawful discovery requests and as otherwise authorized or required by law. Like all companies, we are required by law to provide information to government and law enforcement agencies, as well as parties to civil lawsuits. You can find out more about this in our Transparency Report.
- Detecting fraud.
- Providing or obtaining payment for your service.
- Routing your calls or other communications.
- Ensuring network operations and security.
- Notifying, responding or providing information (including location information) to a responsible governmental entity in emergency circumstances or in situations involving immediate danger of death or serious physical injury.
- Alerting the National Center for Missing and Exploited Children to information concerning child pornography of which we become aware through the provision of our services.
- Enforcing our legal rights, protecting our network and property or defending against legal claims.
- Complying with legal requirements to share the names, addresses and telephone numbers of non-mobile phone customers with phone directory publishers and directory assistance services. We honor your request for non-published or non-listed numbers.
- Providing name and number information for wireline and wireless CallerID and related services, like Call Trace. This means a person receiving a call can see the name and number of the caller.
Sharing Metrics Reports with non-AT&T companies
Sometimes the services you enjoy from us directly involve other businesses. We may pay a network for the rights to broadcast a sporting event or your favorite show on our television service. We may be paid by an advertiser to deliver an advertisement or by a business customer to provide its employee with a service. In such cases, we may use or share information that doesn’t identify you personally to provide metrics reports to our business customers and service suppliers. We may also share it with advertising and other companies to deliver or assess the effectiveness of advertising and marketing campaigns.
Sharing information for research
We may share information that doesn’t identify you personally with other companies and entities for research. When we share this information, we require companies and entities to agree not to attempt or to allow others to use it to identify individuals. Our agreements will also prevent businesses from reusing or reselling the information, and require that they will handle it in a secure manner, consistent with this Policy.
Sharing information for aggregate media research reports
We share TV and video viewing information, tied to identifiers that do not identify you personally, with media research companies. They combine this data with other information to provide audience analysis services about what shows certain audience segments are watching. We require that they only use it to compile aggregate reports, and for no other purpose. We also require businesses to agree they will not attempt to identify any person using this information, and that they will handle it in a secure manner, consistent with this Policy.
Sharing information with AT&T affiliates and non-AT&T companies for advertising and marketing programs
We may share information with AT&T affiliates and with non-AT&T companies to deliver or assess effectiveness of advertising and marketing campaigns as described in Privacy Choices and Controls.
Sharing information to support location services
Location services rely on, use or incorporate the location of a device to provide or enhance the service. Location services may collect and use or share location information to power applications on your device (those that are pre-loaded or those that you chose to download), such as mapping and traffic apps, or other location services you subscribe to. AT&T will not share your location information for location services without your consent (to us or a company providing you service), except as required by law. If you purchase location services from another company, such as a medical alerting device, the use or disclosure of location information is governed by the agreement between you and the service provider, including any applicable privacy policy of the service provider, and is not governed by this privacy policy. In other cases – for example parental controls services - the account holder for the location services, instead of a user, may initiate or subscribe to the location services and provide the required consent.
Disclosing personally identifiable information collected from satellite and internet protocol television subscribers in response to a court order
When a non-governmental entity obtains a court order, we’re authorized to disclose personally identifiable information collected from TV subscribers as a result of the subscriber's use of TV service, but only after we let the subscriber know what’s going on. When a governmental entity obtains a court order, we’re authorized to disclose personally identifiable information collected from a TV subscriber as a result of the subscriber's use of TV service, but only if the following conditions are met:
- A judge decides that the governmental entity has offered clear and convincing evidence that the subject of the information is reasonably suspected of engaging in criminal activity and that the information sought would be material evidence in the case; and
- The subject of the information has an opportunity to appear and contest the governmental entity's claim; and
- We have provided notice to the subscriber as required by applicable state law.
Your Privacy Choices and Controls
You can Manage Your Privacy Choices about how we contact you and how we use or share your information. You also have choices about how certain third parties and advertisers use your information, including how we use and share your information for advertising, marketing and analytics. Click “Learn more” for more detail.
Communication preferences
Sometimes we have offers or programs that may interest you. We’d like to be able to tell you about these. You can manage how we do it. You can opt-out of marketing and advertising programs, but we still may contact you with service and non-marketing messages.
- Email: You can opt-out of marketing emails by using our email unsubscribe.
- Text messages: Opt-out of our marketing text messages by replying 'stop' to any message.
- Consumer telemarketing: Ask to be removed from our consumer telemarketing lists by contacting us at one of the numbers listed here, or by sending an e-mail to privacypolicy@att.com. You also can ask the AT&T representative to remove you from our telemarketing lists when you receive a marketing or promotional call from us.
- Business telemarketing: Where required by local laws and/or regulations, we’ll remove your business information from our telemarketing lists at your request.
- National Do Not Call Registry: The FTC maintains a National Do Not Call Registry at donotcall.gov, and some states in the United States may maintain their own Do Not Call Registry. Putting your number on these registries also may limit our telemarketing calls.
- Automated messages: In some cases, we will ask for your permission to send you automated calls or messages to your mobile phone. To opt-out of these calls or messages from us, go to Manage Your Privacy Choices. As required or allowed by law, even if you opt-out, we may continue to contact you with automated calls or messages at the telephone number issued by us for certain important informational messages about your service. For example, we may need to let you know about a problem with your wireless service.
- Postal mail: You can review our Residential Do Not Mail Policy Statement and limit postal mail solicitations. You’ll still receive billing statements, legal notices, product updates and other similar correspondence, and you may still receive some promotional mailings.
Choices about how we use and share your information for advertising, marketing and analytics
You have choices about whether your information is used or shared in our programs that provide you with marketing and advertising tailored to your interests and for aggregate analytics. As your provider of communications and internet services, our collection and use of information operates independently in many cases from the user controls and settings on your device, through your operating system, or on third-party websites or apps.
Online behavioral advertising: Online behavioral advertising is automated, customized advertising that you see when using online services, like ads in mobile apps or on websites. Those ads are served to you based on inferences about your interests. Those interests are determined from data collected about you, whether by AT&T or other parties.
- We work with ad companies that may serve ads for us, and for others, across your use of online services. These companies may use cookies, mobile advertising identifiers, and other technologies to collect information about your use of our websites and other websites. This information may be used to, among other things, analyze and track online activities and deliver ads and content tailored to your interests as part of our advertising programs, such as Relevant Advertising.
- You can opt-out of online behavioral advertising from companies who participate in the Digital Advertising Alliance by going to their Consumer Choice Page or selecting this icon when you see it on an online ad.
Relevant Advertising and Enhanced Relevant Advertising: Relevant Advertising and Enhanced Relevant Advertising both use information to deliver ads that we think you might be interested in on websites, TV and video programming, apps and other properties, sites or services.
- Relevant Advertising: This program is used to tailor the ads you see to match your interests. It doesn’t give you more advertising—it just makes the ads you see more likely to be relevant to you. If you don’t want to receive Relevant Advertising, you may opt-out by going to Manage Your Privacy Choices.
- Information we use for Relevant Advertising: In this program, we use information about your use of our Products and Services, information we get from companies like our advertising partners, and demographic information like ZIP code and age range to deliver or assess effectiveness of advertising and marketing campaigns. We use the information we collect about you, like your TV viewing, your location, or information about the apps you use or the websites you visit to place you into demographic or interest categories like “sports enthusiast” or “coffee lover.” We do not use sensitive information such as medical conditions or diagnosis or financial account records to target ads. We don’t use or share the content of your texts, emails or calls for marketing and advertising. Nor do we use or share information you provide to encrypted websites.
- Information we share in Relevant Advertising: We may share non-sensitive information, such as your device information, information from companies like our advertising partners, and demographic information like your age range, gender and ZIP code. We may share this information with third parties, such as advertisers, programmers and networks, social media networks, analytics firms, ad networks, and other similar companies that are involved in creating and delivering advertisements. When we share that information, we combine it with an identifier like a device or ad ID (such as Apple or Android Ad ID).
- Information we don’t share in Relevant Advertising: We don’t share information about your individual web browsing or TV viewing. Nor will we share the precise location of your device, Customer Proprietary Network Information, Social Security number, full date of birth, credit card information or driver’s license number. When we share information with third parties, we won’t share your name or identify you by anything other than an identifier, like a device or ad ID.
- Enhanced Relevant Advertising: This opt-in program further personalizes the ads you see. With your prior explicit consent, this program lets us use and share additional information for advertising and marketing purposes. Please see the Enhanced Relevant Advertising Terms and Conditions for more details. If you’d like to participate in Enhanced Relevant Advertising or change your previous choice, you can go to Manage Your Privacy Choices.
External Marketing and Analytics:
We may use or share information that does not identify you personally to help our business customers develop aggregate insights that improve their businesses. This information may be combined with other information, such as demographic information or an identifier like a device ID or ad ID. We require that your information be used only to develop aggregate insights that will improve products and services. In addition, we require anyone who receives this data to agree they will only use it for aggregate insights, won’t attempt to identify any person or device using this information, and will handle it in a secure manner, consistent with this Policy.
If you don’t want your information included in External Marketing and Analytics, you can opt out by going to Manage Your Privacy Choices.
Other Choices
- Customer Proprietary Network Information: You can opt-out or go to att.com/cpni/optout for more information about Customer Proprietary Network Information and your choices about our use of that information for marketing purposes.
- DIRECTV Puerto Rico: If you’re a DIRECTV customer in Puerto Rico, you can exercise and manage your choices by visiting https://www.directvpr.com/Midirectv/ingresar or by calling (787) 776.5252.
- Advertising on AT&T’s web portal for consumers (Currently): Opt-out of receiving interest-based advertising when using our Currently portal services from companies who participate in the Digital Advertising Alliance by going to its Consumer Choice Page or selecting this icon when you see it on an online ad. This covers att.net email and also the Currently portal.
- Online behavioral advertising by Industry Participants: In accordance with industry self-regulatory principles, you can opt-out of online behavioral advertising from companies who participate in the Digital Advertising Alliance by going to its Consumer Choice Page or selecting this icon when you see it on an online ad. To limit collection of data on websites that may be used for advertising, you can manage cookies and other similar technologies on your computer. If you change computers, devices, web browsers or you delete cookies, you will need to opt-out again. Please note that our collection of web browsing information works independently of your web browser's privacy settings with respect to cookies and private browsing. In addition, we don’t currently respond to Do Not Track and similar signals. You can manage AT&T’s use of web browsing information at Manage Your Privacy Choices.
- Domain Name System Error Assist: A description of the program and your choices about how we use your information can be found at Manage Your Privacy Choices.
- Third Party Services: A description of the program and your choices about how we use your information can be found at Manage Your Privacy Choices.
- AT&T Call Protect: You can also sign up for AT&T Call Protect to automatically block potential fraud calls, see warnings of suspected spam calls, add unwanted callers to your personal block list and help protect your phone from malware, viruses and system threats.
Security
We work hard to safeguard your data using a range of technological and organizational security controls.
We maintain and protect the security of computer storage and network equipment, and we use security procedures that require employees to authenticate themselves to access sensitive data. We also limit access to personal information only to those with jobs requiring such access. We require callers and online users to authenticate themselves before providing account information.
No security measures are perfect, however. We can’t guarantee that your information will never be disclosed in a manner inconsistent with this Policy. If a breach were to occur, we will notify you as required by applicable law.
Data storage, transfer, retention and accuracy
We take steps to ensure that data is processed according to this Policy and to the requirements of applicable law of your country and of the additional countries where the data is subsequently processed.
Data we collect may be processed and stored in the United States or in other countries where we or our affiliates or service providers process data.
When we transfer personal data from the European Economic Area to other countries, we use a variety of legal mechanisms to help ensure all applicable laws, rights and regulations continue to protect your data.
We keep your information as long as we need it for business, tax or legal purposes. After that, we destroy it by making it unreadable or indecipherable.
Need to update your information? We’re happy to help you review and correct the information we have on your account and billing records. For more information, please see the Contact Us section of this Policy.
Other privacy information
Changes in ownership or to the Policy
Information about our customers and users, including information that identifies you personally, may be shared and transferred as part of any merger, acquisition, sale of company assets or transition of service to another provider. This also applies in the unlikely event of an insolvency, bankruptcy or receivership.
We may update this Policy as necessary to reflect changes we make and to satisfy legal requirements. We’ll post a prominent notice of material changes on our websites. We’ll give you reasonable notice before any material changes take effect.
Information specific to Children
We don’t knowingly collect personally identifying information from anyone under the age of 13 unless we first get permission from the child's parent or legal guardian. Unless we have parental consent, we will not contact a child under the age of 13 for marketing purposes. Information about our collection, use or sharing of, and your choices and controls with respect to such information, is found in Learn more.
If you create an AT&T e-mail sub-account for a child under the age of 13, then with your explicit permission, we collect your child’s name, “nicknames and aliases,” alternative e-mail address, birth date, gender and ZIP code. We use the information collected on sub-accounts to create and maintain those accounts, for research, to customize the advertising and content seen on our pages, and for other marketing purposes. Your child can use their AT&T e-mail address and password to log onto websites and online services provided by us, like uverse.com. We and our advertising partners may collect, use or share information about customers who log onto those sites as described in the Information we collect, how we collect your information, how we use your information and how we share your information sections of this Policy. Here is the option to opt out of online behavioral advertising by advertising partners who collect information from our sites and participate in the Digital Advertising Alliance.
You or your child can review, edit, update and delete information relating to your child's sub-account and, if you no longer wish your child to have such an account, you can revoke your consent at any time, by logging on to manage your account.
You may e-mail us at privacypolicy@att.com, call us at (800) 495.1547 or write to us at AT&T Privacy Policy, Chief Privacy Office, 208 S. Akard, Room 2100, Dallas, TX 75202 with any questions or concerns you may have about our privacy policy as it relates to children.
Information collected from devices or services purchased by adult subscribers that are used by children without our knowledge will be treated as the adult's information under this Policy.
We have developed safety and control tools, expert resources and tips designed to help you manage technology choices and address online safety concerns. Please go to AT&T Secure Family for more information.
Your California Privacy Rights and other Information for our California customers
California Consumer Privacy Act (CCPA)
We comply with special legal requirements for California residents associated with access, deletion and sale or sharing of residents’ data and application of do not track notices.
Website data collection:
We don’t knowingly allow other parties to collect personally identifiable information about your online activities over time and across third party websites for their own use when you use our websites and services, unless we have your consent.
Do Not Track notice:
We don’t currently respond to Do Not Track and similar signals. Please go to All About Do Not Track for more information.
California customers have the right, in certain circumstances, to request information about whether a business has disclosed personal information to any third parties for their direct marketing purposes. You have the right to opt-out of our disclosing your information to third parties for their marketing purposes. To find out more, go to Manage Your Privacy Choices.
California Consumer Privacy Act (CCPA)
CCPA Personal Information (CCPA PI) is defined by California law as information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with California consumers or households.
Whatsapp Privacy Policy
The Information We Collect and Share
We want to provide you with the information about how to exercise rights involving CCPA PI. Here is information about the CCPA PI we have collected from and shared about consumers over the past year.
Information We Collected From Consumers
The CCPA identifies a number of categories of CCPA PI. In the year before the date this policy was issued, we collected these categories of CCPA PI:
- Address and other identifiers – such as name, postal address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
- Unique and online identifiers associated with personal information – IP address, device IDs, or other similar identifiers.
- Commercial information – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet, gaming or other electronic network activity information – such as browsing history, search history and information regarding an individual’s interaction with an internet website, application, or advertisement.
- Professional or Educational Information.
- Video Footage (e.g., CCTV); Audio Recordings; Photographs; Calendar Information.
- Location Information (see above in 'The information we collect').
- In Game or Online Viewing Activities (e.g., videos viewed, pages viewed).
- Inferences drawn from CCPA PI, such as individual profiles, preferences, characteristics, behaviors.
We collected the above categories of CCPA PI for the following purposes:
- Performing services on behalf of the business, such as customer service, processing or fulfilling orders, and processing payments.
- Auditing customer transactions.
- Fraud and crime prevention.
- Debugging errors in systems.
- Marketing and advertising.
- Internal research, analytics and development – e.g., user-preference analytics.
- Developing, maintaining, provisioning or upgrading networks, services or devices.
We collected the above categories of CCPA PI from the following sources:
Privacy Policy Definition
- Directly from you – such as contact and billing info and customer service interactions
- Generated by your use of our services – such as technical, equipment and usage information
- Social media sites and other online platforms
- Other companies – such as vendors, marketing firms and other AT&T companies
- Publicly available sources – such as public records
Information We Shared About Consumers
In the year before the date this policy was issued, we shared these categories of CCPA PI with entities that provide services for us, like processing your bill:
- Address and other identifiers – such as name, postal address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
- Unique and online identifiers – IP address, device IDs, or other similar identifiers.
- Commercial information – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet, gaming or other electronic network activity information – such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.
- Professional or Educational Information.
- Video Footage (e.g., CCTV); Audio Recordings; Photographs; Calendar Information.
- Location Information (see above in 'The information we collect').
- In Game or Online Viewing Activities (e.g., videos viewed, pages viewed).
- Inferences drawn from CCPA PI, such as individual profiles, preferences, characteristics, behaviors
We may have shared each of the above categories of CCPA PI with the following categories of third parties who perform services on our behalf:
- Product and services delivery companies
- Marketing services companies
- Cloud storage companies
- Credit reporting agencies
- Billing and payment processing companies
- Fraud prevention entities
- Analytics companies
The CCPA defines “sale” very broadly and includes the sharing of CCPA PI for anything of value. According to this broad definition, in the year before the date this policy was issued, a ‘sale’ of the following categories of CCPA PI may have occurred:
- Address and other identifiers – such as name, postal address, email address, account name, or other similar identifiers.
- Unique and online identifiers – IP address, device IDs associated with television viewing, or other similar identifiers.
- Commercial information – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Internet, gaming or other electronic network activity information – such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement.
- Location Information (see above in 'The information we collect').
- Inferences drawn from CCPA PI, such as individual profiles, preferences, characteristics, behaviors.
We may have sold each of the above categories of CCPA PI to the following categories of third parties:
- Analytics and measurement providers
- Companies involved in marketing and advertising
- Other AT&T companies
Your Right To Request Disclosure Of Information We Collect And Share About You
We are committed to ensuring that you know what information we collect. You can ask us for the following information:
- The categories and specific pieces of your CCPA PI that we’ve collected.
- The categories of sources from which your CCPA PI was collected.
- The purposes for collecting or selling your CCPA PI.
- The categories of third parties with whom we shared your CCPA PI.
We are also committed to ensuring that you know what information we share about you. You can submit a request to us for the following additional information:
- The categories of CCPA PI we’ve sold about you, the categories of third parties to whom we’ve sold that CCPA PI, and the category or categories of CCPA PI sold to each third party.
- The categories of CCPA PI that we’ve shared with service providers who provide services for us, like processing your bill; the categories of third parties to whom we’ve disclosed that CCPA PI; and the category or categories of CCPA PI disclosed to each third party.
To exercise your right to request the disclosure of your CCPA PI that we collect or share, either visit our CCPA page or contact us at 866-385-3193. These requests for disclosure are generally free.
Your Right To Request The Deletion Of CCPA PI
Upon your request, we will delete the CCPA PI we have collected about you, except for situations when that information is necessary for us to: provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; comply with or exercise rights provided by the law; or use the information internally in ways that are compatible with the context in which you provided the information to us, or that are reasonably aligned with your expectations based on your relationship with us.
To exercise your right to request the deletion of your CCPA PI, either visit our CCPA page or contact us at 866-385-3193. Requests for deletion of your CCPA PI are generally free. Pivot: unofficial download full.
Your Right To Ask Us Not To Sell Your CCPA PI
You can always tell us not to sell your CCPA PI by visiting our CCPA page or contacting us at 866-385-3193.
Once we receive and verify your request, we will not sell your CCPA PI unless you later allow us to do so. We may ask for your permission to resume sale of your CCPA PI at a later date, but we will wait at least 12 months before doing so.
Verification of Identity — Access or Deletion Requests
Password Protected Account. If you maintain a password-protected account with us, in most cases you may submit an access or deletion request by authenticating yourself with a password like you would when you access your account (see exceptions below in the following paragraph). You’ll have to authenticate yourself again to access your data or submit your deletion request.
Former Accountholders, Non-Accountholders (without Password Protected Account) – and also FirstNet, Prepaid and .net accounts. If you do not have a password protected account – or have a FirstNet, prepaid or .net account – we will ask to verify your identity using our mobile verification process. This process captures an image of your identity document, such as your driver’s license, and compares it to a self-photo you submit. We will only use this information to verify your identity. We will delete it after the time expires allowed by the CCPA to process and respond to your request.
If we cannot verify your identity, we will not be able to respond to your request. We will notify you to explain.
Authorized Agents
You may designate an authorized agent to submit requests on your behalf. Your agent will need a valid power of attorney or written permission signed by you. If the agent relies on written permission, we’ll need to verify the agent’s identity. We may also contact you directly to confirm the permission. Your authorized agent can submit your requests by calling us at 866-385-3193.
We Don’t Mind If You Exercise Your Data Rights
We are committed to providing you control over your CCPA PI. If you exercise any of these rights explained in this section of the Privacy Policy, we will not disadvantage you. You will not be denied or charged different prices or rates for goods or services or provided a different level or quality of goods or services.
Consumers Under 16 Years Old
As of the effective date of this policy, we do not have actual knowledge that we sell CCPA PI of consumers under 16 years of age. If we collect CCPA PI that we know is from a child under 16 years old in the future, we will not sell that information unless we receive affirmative permission to do so. If a child is between 13 and 16 years of age, the child may provide that permission.
Any customer who wishes to request further information about our compliance with these requirements, or who has questions or concerns about our privacy practices and policies, can email us at privacypolicy@att.com, or write to us at AT&T Privacy Policy, Chief Privacy Office, 208 S. Akard, Room 2100, Dallas, TX 75202.
Customer Proprietary Network Information (CPNI)
CPNI is information about your telecommunications and VoIP (internet phone) services from us, including what plans you subscribe to, how you use these services and billing information. (Your telephone number, name and address are not considered CPNI.) We use CPNI internally and share it outside AT&T only when conforming with applicable regulations and orders of the Federal Communications Commission.
We do not share CPNI with anyone outside of the AT&T affiliates defined above or our authorized agents or vendors without your consent, with the following authorized exceptions: Court orders; as authorized by law; fraud detection; to provide your service and route your calls; for network operations and security; aggregate (grouped) information and information that doesn’t identify you personally.
We do use your CPNI internally. We may share information about our customers among the AT&T affiliates and our agents to offer new or enhanced services or promotions. We can also use your CPNI for the purpose of turning it into aggregate data or information that does not personally identify you.
It is your right and our duty under federal law to protect the confidentiality of your CPNI.
If you don’t want us to use your CPNI internally for things like offers, here is what you can do:
- Opt-out at att.com/cpni/optout.
- Call us at (800) 315.8303, any time of day, and follow the prompts.
- Chat with a service representative at (800) 288.2020 (consumer) or (800) 321.2000 (business).
If you choose to restrict our use of your CPNI, it won’t affect your ability to use any of your services. You can change your mind at any time about letting us use or not use your CPNI. If you restrict your CPNI use, you may still get marketing from us, but it won’t be based on using your CPNI.
How to contact us about this policy
Contact us at either of these addresses for any questions about this Policy.
- E-mail us at privacypolicy@att.com
- Write to us at AT&T Privacy Policy, Chief Privacy Office, 208 S. Akard, Room 2100, Dallas, TX 75202.
For questions not related to privacy click on the 'Contact Us' link at the bottom of any att.com page. You also can access your online account from the upper right hand corner of our home page at att.com for additional service options.
If you are not satisfied with our resolution of any dispute, including with respect to privacy or data-use concerns, please review a description of our dispute resolution procedures at http://www.att.com/disputeresolution.
You also have the option of filing a complaint with the FTC Bureau of Consumer Protection, using an online form, or by calling toll-free 877.FTC.HELP ((877) 382.4357; TTY: (866) 653.4261). Other rights and remedies also may be available to you under federal or other applicable laws.
If you’re a satellite TV subscriber, you also have certain rights under Section 338(i) of the Federal Communications Act.
Customer service contact numbers can be found at att.com.
Last updated: August 2020
Zoom Video Communications, Inc., and its subsidiaries, affiliates and parent companies (“Zoom”, “we”, “us” or “our”) is committed to protecting your privacy and ensuring you have a positive experience when you use our video conferencing and communication services (the “Services”), visit our webpages, interact with us on social media, or attend a Zoom sponsored event offline or online.
This Statement explains Zoom’s practices when we process your “personal data,” which is information that relates to an identified or identifiable individual. To “process” or “processing” means any use of personal data including, transferring, collecting, recording, storing, using, analyzing, combining, disclosing or deleting it.
This Statement may be updated periodically. If we plan to make any material changes to the way we handle personal data as described here, we will notify you by posting an updated version of this Statement on our website. Changes to this Statement are summarized in our Change Log. We may supplement this Statement with “just-in-time” notices, or other disclosures contained within or in connection with the provision of the Services, which may describe in more detail our data collection, use and sharing practices. Unless we say otherwise, such supplemental privacy statements will govern how we may process the information in the context of the specific product or service.
This Statement applies to the personal data we process as a data controller, that is, as the party that determines what data to collect and why. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with the Services. The data we collect depends on the context of your interactions with Zoom and the choices you make, including the products and features you use. We also obtain data about you from third parties.
When you use Zoom’s Services through a Zoom account holder, such as your employer or school, the processing of your personal data is determined and administered by that account holder under its privacy policies. If you have questions about how and why your personal data is collected, the legal basis for processing, or requests regarding your personal data, please refer to the account holder’s privacy statement and direct your inquiries to the account holder or its administrator.
Supplementary Information
Being Considered for a Job at Zoom
Please see our Candidate Privacy Statement for supplemental information on the personal data we process in connection with our recruiting efforts.
Your California Privacy Rights
If you are a resident of the State of California, this Privacy Statement is supplemented by our California Privacy Rights Statement that explains your California privacy rights and how you can exercise these rights.
Zoom for Government
The following section on Zoom for Government (ZfG) supplements this Privacy Statement. Where terms differ, this section takes precedence.
ZfG is hosted in the United States in a separate cloud authorized by FedRAMP and is accessible by way of a separate website (www.zoomgov.com). If you use the ZfG service:
- All data collected about you while using the ZfG service or the ZfG website is stored in the United States of America;
- Your data is only processed by Zoom in accordance with FedRAMP “moderate impact level” control standards;
- The sections in this Statement related to data handling outside the United States do not apply to the personal data collected by Zoom about you in connection with your use of the ZfG service or ZfG website;
- With regard to the Zoom App Marketplace, we do not allow third parties to use any personal data obtained from us for their own purposes, unless it is with your consent (e.g. when you download an app from the Zoom for Government Marketplace: https://marketplace.zoomgov.com/).
Zoom and Children
Zoom does not knowingly allow children under the age of 16 to sign up for their own accounts. Primary and secondary schools or districts register to use Zoom’s video communications platform through a “K-12/Primary and Secondary Account.” Please see Zoom’s K-12/Primary and Secondary Privacy Statement for additional information. Where terms differ, as with the limitations on advertising in K-12 Accounts, the K-12/Primary and Secondary Privacy Statement takes precedence.
Zoom App Marketplace & Other Sites, Mobile Applications and Services
This Privacy Statement does not apply to any third-party applications or software that you elect to add to the Services (“Third Party Services”), or any other third-party websites, mobile applications, or online products, services or businesses you may access from the Services. When you download an App from the Zoom App Marketplace, for example, the app publisher provides its own terms of service, privacy policy and support information. Please review that information carefully.
The table below describes Zoom’s processing of personal data as a data controller. The table does not cover customer content, including any personal data about you that may be contained in customer content—such as meeting or call recordings or transcripts—because the customer (the Zoom account holder), rather than Zoom, controls how customer content is processed. Any questions about the processing of customer content should be addressed to the customer directly.
Personal Data Processing | |||
---|---|---|---|
Types of Personal Data | How We Get It | What we do with it | Legal Basis [Applies only in the EEA, and only within the meaning of the EU’s General Data Protection Regulation (GDPR)] |
Account User Data Information we collect when you register for a free Zoom Account, such as:
| From the free Zoom Account registrant |
|
|
Paid Account Holder Data Information we collect for a Paid Zoom Account, such as:
| From the Paid Zoom Account registrant |
|
|
Operation Data Technical information from Zoom’s software or systems hosting the Services, and from the systems, applications and devices that are used to access the Services, such as:
| Automatically through use of the Services |
|
|
Support and Feedback Data, such as:
| Directly from a Zoom user |
|
|
Approximate Location (e.g.,nearest city or town) | Automatically through your use of the Services |
|
|
Persistent Identifiers on Marketing Pages Data collected through the use of cookies and pixels from tools (such as Google Analytics and Google Ads), such as:
| Depending on how you choose to configure our cookie preference tool, we may collect this info automatically from our Marketing Pages and other online services |
|
|
Persistent Identifiers on Product Pages These are third-party cookies that are necessary for technical support and to deliver the service. Please see our Cookie Policy for more detail. | Automatically when you use the Services from your web browser |
|
|
Marketing Data
| From Third Parties and public sources |
|
|
Zoom sponsored or co-sponsored Event Attendee information
| From you or the party responsible for registering you for a Zoom sponsored event |
|
|
Customer Content
Customer content is the “in-session” information you give us directly through your use of the Services, such as meeting recordings, files, chat logs, and transcripts, and any other information uploaded while using the Services. Zoom uses customer content only in connection with providing the Services – we do not monitor, sell or use customer content for any other purposes.
We do not control the actions of anyone with whom you or any other Service user may choose to share information. Therefore, we cannot and do not guarantee that any customer content you or any user provides to the Services will not be viewed by unauthorized persons. Nor can Zoom control the information a user may choose to share during a meeting. Although Zoom account holders can set privacy options that limit access to certain areas of the Services, please be aware that no security measures are perfect or impenetrable and that we are not responsible for circumvention of any security measures contained on the Services. You should be cautious about the access you provide to others when using the Services, and the information you choose to share when using the Services.
Zoom’s Product and Marketing Pages
Zoom generally processes personal data in two different manners using its websites and apps. First, Zoom processes personal data it obtains from the webpages or mobile application interfaces that Zoom uses to provide its Services, such as the landing page a user sees after clicking on a link to join a meeting (Zoom’s “Product Pages”). Product Pages also include webpages and links that are only accessible to a Zoom account holder after they login to their Zoom account. Product Pages serve only third-party cookies that are necessary for technical support and to deliver the service. There are no interest-based advertising cookies on Product Pages.
Second, Zoom processes personal data obtained from its webpages that are accessible without logging in to a Zoom account (Zoom’s “Marketing Pages”). Marketing Pages, such as www.zoom.us, are designed to encourage sales of Zoom subscriptions. They tell you about our product, plans, and pricing, features, and other related information.
Like many companies, we use advertising services that try to tailor online ads to your interests based on information collected via cookies and similar technologies on our Marketing Pages. This is called interest-based advertising. You can get more information and opt-out of the use of cookies on our Marketing Pages by clicking the Do Not Sell My Personal Information link in the footer of this webpage. You will need to set your preferences from each device and each web browser from which you wish to opt-out. This feature uses a cookie to remember your preference, so if you clear all cookies from your browser, you will need to re-set your settings. For more information regarding cookies or similar technologies, please review our Cookie Policy.
Our Referral Program
You can use our referral program to tell others about Zoom in certain jurisdictions (where permitted under applicable law). When you do, you will be asked to provide that person’s name and email so that we can contact them. We rely on you to make sure the person you are referring to us has agreed to be contacted by us. We will send a one-time email inviting them to visit a Marketing Page. Unless that person says they want to hear more, we will only use their name and email address to send this one-time email and to maintain an activity log of our referral program where permitted by law.
We only share personal data with companies, organizations or individuals outside of Zoom when one of the following circumstances applies:
With Consent
We may share personal data with companies, organizations, individuals outside of Zoom and others when we have consent from an individual (as applicable).
With Zoom Partners
If Zoom received your personal data from a third-party partner and you become a Customer, Zoom may disclose select personal data to that partner or their designee for the purpose of the partnership agreement; for example, to reward a referral partner from a co-sponsored event. Zoom’s partners have contractually agreed to comply with appropriate privacy and security obligations.
For corporate transactions
We may share personal data with actual or prospective acquirers, their representatives and other relevant participants in, or during negotiations of, any sale, merger, acquisition, restructuring, or change in control involving all or a portion of Zoom’s business or assets, including in connection with bankruptcy or similar proceedings.
For business purposes
We provide personal data to vendors and services providers to help us provide the Services and for Zoom’s business purposes. Examples include public cloud storage vendors, carriers, payment processor, and service provider for managing customer support tickets. Zoom contractually prohibits such vendors from using the personal data for any reason other than to provide the contracted-for services and Zoom contractually requires its vendors to comply with all appropriate privacy and security requirements.
For legal reasons
We share personal data with companies, organizations or individuals outside of Zoom if we believe that access, use, preservation or disclosure of the information is reasonably necessary to:
- meet any applicable law or respond to valid legal process, including from law enforcement or other government agencies.
- enforce applicable Terms of Service, including investigation of potential violations.
- detect, prevent, or otherwise address fraud, security or technical issues.
- protect against harm to the rights, property or safety of Zoom, our users or the public as required or permitted by law, including to help prevent the loss of life or serious injury of anyone.
For more information about data we disclose in response to requests from law enforcement and other government agencies, please see our Guidelines for Government Requests.
Right to Correct or Update Your Information
If you would like to correct or update information that you have provided to us, please logon to www.zoom.us and update your profile.
Marketing Communications
You may receive marketing email communications from us where permissible. If you would like to stop receiving these communications, you can update your preferences by using the “Unsubscribe” link found in those emails.
European Privacy Rights
If you reside in the European Economic Area, you may have the right to exercise certain privacy rights available to you under applicable laws. We will process your request in accordance with applicable data protection laws. We may need to retain certain information for record-keeping purposes or to complete transactions that you began prior to requesting any deletion.
- Right not to provide consent or to withdraw consent. We may seek to rely on your consent in order to process certain personal data. Where we do so, you have the right not to provide your consent or to withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
- Right of access and/or portability. You may have the right to access the personal data that we hold about you and, in some limited circumstances, have that data provided to you so that you can provide or “port” that data to another provider.
- Right of erasure. In certain circumstances, you may have the right to the erasure of personal data that we hold about you (for example if it is no longer necessary for the purposes for which it was originally collected).
- Right to object to processing. You may have the right to request that Zoom stop processing your personal data and/or to stop sending you marketing communications.
- Right to rectification. You may have the right to require us to correct any inaccurate or incomplete personal information.
- Right to restrict processing. You may have the right to request that we restrict processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is not accurate or lawfully held).
- Right to lodge a complaint to your local Data Protection Authority. If you are an EEA resident, you have the right to complain to a data protection authority about our collection and use of your personal data.
How to Exercise Your Rights
To exercise any of the rights above, email us at privacy@zoom.us. You may also submit a request to the following address:
Zoom Video Communications, Inc.
Attention: Data Privacy Officer
55 Almaden Blvd, Suite 600
San Jose, CA 95113
Please identify yourself and specify your request. If you have a password protected Zoom account, we will use your account information to verify your identity. If not, we will ask you to provide additional verification information. What we request will depend on the nature of your request, how sensitive the information is, and how harmful unauthorized disclosure or deletion would be.
We use commercially reasonable efforts to delete your personal data as required but retain records necessary to comply with a governmental authority or applicable federal, state, or local law. Where legally permitted, we may decline to process requests, including requests that are unreasonably repetitive or systematic, require disproportionate technical effort, or jeopardize the privacy of others.
Zoom operates globally, which means personal data may be stored and processed (for example stored in a data center) in any country where we or our service providers have facilities or hold events. By using Zoom or providing personal data for any of the purposes stated above, you acknowledge that your personal data may be transferred to or stored in the United States or in other countries around the world. Such countries may have data protection rules that are different and less protective than those of your country.
If you are a resident of the European Economic Area (EEA), and your personal data is transferred outside of the EEA, we will:
- Process it in a territory which the European Commission has determined provides an adequate level of protection for personal information; or
- Implement appropriate safeguards to protect your personal information, including transferring it in accordance with applicable transfer mechanism, including the European Commission's standard contractual clauses .
We will retain personal data for as long as required to do what we say we will in this Statement, unless a longer retention period is required by applicable law. The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide our services to you (for example, for as long as you have an account with us or keep using our services);
- Whether we have a legal obligation to keep the data (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
Customers can delete their own accounts.
Zoom is committed to protecting your personal data. We use reasonable and appropriate technical and organizational measures to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data. If you have any questions about the security of your data, please contact our security team at security@zoom.us
If you have any privacy-related questions or comments related to this Statement, please send an email to privacy@zoom.us. You can also contact us by writing to this address:
Privacy Policy For Website
Zoom Video Communications, Inc.
Attention: Data Privacy Officer
55 Almaden Blvd, Suite 600
San Jose, CA 95113
EU Representative
Lionheart Squared Ltd
Attn: Data Privacy
2 Pembroke House
Upper Pembroke Street 28-32
Dublin
DO2 EK84
Republic of lreland
email: zoom@LionheartSquared.eu
Data Protection Officer
Deborah Fay is our Data Protection Officer for the EEA and she can also be contacted at privacy@zoom.us.
Facebook Privacy Policy
Privacy Policy Example
Summary of Updates Made:
Privacy Policy Generator
Date of Update | Summary of Changes |
---|---|
March 29, 2020 | Revised entire Statement to be more readable and transparent. We did not change any data practices, only how we described them. |
July 2020 |
We did not change or add any data practices, only how we described them. |
August 2020 |
|