• Information and Communications Technology


EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 12/2/2016
Next Certification Due Date: 11/17/2023
Data Collected: NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 12/7/2017
Next Certification Due Date: 11/17/2023
Data Collected: NON-HR

Purpose of Data Collection

This certification applies to certain IBM designated Infrastructure-as-a-Service, Platform-as-a-Service, Software-as-a-Service, and other hosted cloud services offered by IBM in which IBM acts as a data processor on behalf of our clients, which act as data controllers. A list of the cloud offerings covered by this certification is available through our Privacy Shield Privacy Policy. The purposes for which we process data on behalf of our clients vary by product and are provided in the pertinent offering agreements and may include providing the offering and related services; improving the offering; and for other purposes reflected in the agreements. Data may be disclosed to third parties as outlined in our Privacy Shield Privacy Policy and offering agreements.

Privacy Policy

Non-HR Data


• The IBM Privacy Shield Privacy Policy for Certified IBM Cloud Services reflects the privacy practices applicable to the offerings that are certified under the Privacy Shield, and is available through the link provided below.

Effective Date: 12/1/2021

Verification Method


Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact International Business Machines Corporation (IBM) at:

William Tworek
Director, Security and Privacy, IBM SaaS
International Business Machines Corporation (IBM)
1 New Orchard Road
Armonk, New York 10504

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from International Business Machines Corporation (IBM) to your question or complaint, please contact the independent recourse mechanism listed below


Appropriate statutory body with jurisdiction to investigate any claims against International Business Machines Corporation (IBM) regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission