California Consumer Privacy Act (CCPA)
Similar to Europe's General Data Protection Regulation (GDPR), though with several key differences, California's data privacy act is a governmental framework designed to help safeguard consumers' sensitive personal information. As the digital landscape has evolved over the past decade, the tech sector's notion of consumer rights have expanded –- particularly when it comes to sensitive data. With a number of highly - publicly sensitive data breaches in recent years, personal information – from Social Security Numbers to payment card data –- needs to be safeguarded more vigorously than ever before. California's data privacy act, known as CCPA, is an effort to do just that. It's a governmental framework designed to help make sure organizations are properly protecting their customers' sensitive personal data.
F5 has been adhering to strict standards for our users’ data even before CCPA went into effect. We minimize our collection of personal data and only use personal data for the purpose for which it was collected. We have committed that we would keep personal information private, so we have never sold or rented our users’ personal information to anyone. We give people the ability to access, correct, or delete their personal information; and consistent with our role as a data processor, give our customers control over the information captured by our products.
FAQ
F5 is fully committed to complying with the privacy laws in the U.S., including the CCPA/CPRA and other state privacy laws. F5’s global privacy strategy and privacy-by-design approach ensures that F5 and its services prioritize the protection of personal data and uphold the highest standards of data privacy.
Does F5 comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act and the related regulations (collectively, “CCPA”)?
Yes. Please refer to the privacy notice for more details.
Is F5 a “service provider” under the CCPA?
Yes. In its provision of services, F5 acts only as its customer’s “service provider” within the meaning of the CCPA. F5’s Data Processing Addendum imposes on F5, as a service provider, all contractual obligations that customers subject to the CCPA are required to include when engaging a service provider. F5 complies with these contractual obligations and all other requirements applicable to service providers under the CCPA.
Does F5 comply with other U.S. state privacy laws similar to the CCPA, like the Colorado Privacy Act (CPA), Virginia Consumer Data Protection Act (VCDPA), Utah Consumer Privacy Rights Act, or Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA)?
Yes. F5 is a business-to-business service provider that acts as its customer’s “processor” within the meaning of these laws. F5’s Data Processing Addendum imposes on F5, as a processor, all contractual obligations that customers subject to these laws are required to include when engaging a processor. F5 complies with these contractual obligations and all other requirements applicable to processors under these laws.
