Other Covered Entities
- Aerospace and Defense
- Defense Equipment
Swiss-U.S. Privacy Shield Framework: Active
EU-U.S. Privacy Shield Framework: Active
Purpose of Data Collection
Northrop Grumman obtains personal data about individuals located in the Switzerland, such as contact information, in connection with maintaining its enterprise customer relationships and providing products and services to enterprise customers. Northrop Grumman also obtains relevant personal data of its suppliers' representatives, such as contact information, financial statements and reputational data. Northrop Grumman uses this information to manage its relationships with its suppliers and comply with applicable law or legal requirements. In addition, Northrop Grumman collects personal data directly from consumers located in the Switzerland. This collection occurs, for example, when a consumer visits Northrop Grumman?s websites and provides relevant personal data to the company. The company may use this information to: (1) provide products and services; (2) send promotional materials or other communications; (3) communicate with consumers about, and administer their participation in, special events, programs, offers, surveys and market research; (4) respond to consumer inquiries; (5) perform data analyses (including anonymization and aggregation of personal data); (6) operate, evaluate and improve the company's business (including developing new products and services; enhancing and improving the company's products and services; managing the company?s communications; analyzing the company's products, services and communications; and performing accounting, auditing and other internal functions); (7) manage customer services, including managing negotiations, contracts, transactions and customer accounts, budgeting, accounting and records related to customer financial analysis; (8) protect against, identify and prevent cybersecurity and other security events, espionage, fraud and other unlawful activity, claims and other liabilities; and (9) comply with and enforce applicable legal requirements, relevant industry standards and the company's policies. The types of relevant personal data Northrop Grumman collects in connection with these activities includes: (1) contact information (such as name, postal address, telephone number and email address); (2) login credentials for the company?s websites; (3) photograph, electronic signature and acknowledgement of company policy; (4) other personal information submitted by current or prospective suppliers and subcontractors, such as government issued identifiers and civil and criminal court history; (5) bank account and financial details; and (6) other personal information found in content that consumers provide. Northrop Grumman also collects personal data about employees and the employees of its affiliates, located in the Switzerland, to carry out and support human resources functions and activities. Northrop Grumman may disclose the relevant personal data to recipients such as (1) the organization?s affiliates and subsidiaries, (2) third-party controllers and (3) third-party processors the organization has retained to perform services on its behalf and pursuant to its instructions. Northrop Grumman also may disclose the relevant personal data if it is required to do so by law or legal process or in response to lawful requests from public authorities, including to meet national security, public interest or law enforcement requirements.
Northrop Grumman EU-U.S. Privacy Shield Privacy Notice on EU Employee Personal
Northrop Grumman Swiss-U.S. Privacy Shield Privacy Notice for Non-Affiliated Swiss Individual Personal Data
The Northrop Grumman EU-U.S. Privacy Shield Privacy Notice for Non-affiliated EU Individual Personal Data describes how the organization implements the Privacy Shield Principles with respect to the personal data of individuals who are covered by the company’s Privacy Shield certification and who are not employees of the company.
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Northrop Grumman Corporation at:
Corporate Privacy Officer
Falls Church, Virginia 22042
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Northrop Grumman Corporation to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Northrop Grumman Corporation regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission