California Supplemental Privacy Statement

This Policy was last updated June 29, 2021.

IBM Privacy Statement
Privacy Page Leadspace 2800x1400

If you are a California resident, you have rights under the California Consumer Privacy Act of 2018 (CCPA). The IBM Privacy Statement addresses the required disclosures about your Personal Information. This supplement to the IBM Privacy Statement is an overview of the information required by the CCPA and provides instructions on how to exercise the rights granted by the CCPA. There may be cases where we present you with an additional privacy notice that includes information specific to an activity or offering.

1. Disclosures about Your Personal Information

Collection, Business Purposes and Disclosure of Personal Information
As described in the IBM Privacy Statement, to support your relationship with IBM or your use of our products and services, we may have collected and disclosed, for a business purpose, information from the following categories in the last twelve months:

  • Information necessary to provide you with access to and use of our websites, products and services
  • Information necessary to respond to your request for information, order or support
  • Information about your use of IBM Cloud Services
  • Business contact information of clients, prospects, partners and suppliers
  • Information about visitors to our sites and locations
  • Information collected for marketing and business intelligence

this includes Personal Information defined by the CCPA as:

  • Identifiers such as IP address, mobile device ID and cookies
  • Personal information under the Customer Records provision of the California Civil Code such as your name, postal address, email address or payment information you provide to purchase an IBM product or service
  • Commercial information related to purchases of IBM products or services
  • Internet/network activity information relating to your interactions with IBM websites or applications
  • Geolocation data such as information about the location of your device when you use an IBM mobile application 
  • Audio, electronic and visual information such as visitors’ presence on security systems at IBM offices
  • Professional information such as your employer name and job title
  • Inferences about your consumer preferences

Sources and Sharing of Personal Information

The IBM Privacy Statement describes the types of sources from which we collect Personal Information and how we share your information with third parties. As explained, we may collect Personal Information directly from you, automatically from your device, from selected partners and/or from your employer. We may share information about you with our subsidiaries, suppliers and, where appropriate, with selected partners to help us provide you, or the company you work for, products or services, or to fulfill your requests, or with your consent.

Sale of Personal Information

When you use IBM websites, IBM’s authorized advertising partners may collect cookies and similar technologies and use this data for their own purposes. This activity may qualify as a “sale” under the CCPA. You can make choices to allow or prevent such uses. Depending on your choices, during the past twelve months, we may have “sold” to authorized advertising partners information within the following categories defined by the CCPA:

  • Identifiers like IP address and cookies
  • Internet activity information relating to your interactions with IBM websites
  • Inferences about your consumer preferences

2. Rights relating to Your Personal Information

In addition to the rights granted under the IBM Privacy Statement, as a California resident, you have the right to:

Know your Personal Information

You can request specific pieces of Personal Information, or information about the categories of Personal Information that IBM holds about you by submitting a request through our webform here or by calling (toll free) 1-800-IBM-4YOU (1-800-426-4968).

Request Deletion of your Personal Information

You can request the deletion of the Personal Information that IBM holds about you by submitting a request through our webform here or by calling (toll free) 1-800-IBM-4YOU (1-800-426-4968).

Opt-Out of the Sale of Personal Information

When you use IBM websites, IBM’s authorized advertising partners may collect cookies and similar technologies and use this data for their own purposes. This activity may qualify as a “sale” under the CCPA. You can make choices to allow or prevent such uses. To opt-out of IBM making information relating to cookies, and similar technologies, available to third parties for their own purposes, click here.

If you are accessing our websites while located outside of California, you can opt-out by going to "Cookie preferences" in the footer and setting your cookie preferences to "Required".

Non-Discrimination

If you choose to exercise any of these rights, we will not deny goods or services to you or provide different quality of services.

Authorized Agent

You may use an authorized agent to submit a request about your personal information via our webform here or by calling (toll free) 1-800-IBM-4YOU (1-800-426-4968). To use an authorized agent, you must provide the agent with written authorization. In addition, you may be required to verify your own identity with IBM.

Data Rights Metrics
Please note these metrics do not include requests made to The Weather Company. You can review The Weather Company’s CCPA data rights request metrics in its Privacy Policy.

For the period between January 1, 2020 and December 31, 2020:

Number of CCPA requests to know:

  • Received: 10
  • Complied with in whole or in part: 3
  • Denied due to lack of verification: 5
  • Denied because the request involved job applicant data which is an exception: 2
  • Mean number of days within which we substantively responded: 37

Number of CCPA requests to delete:

  • Received: 108
  • Complied with in whole or in part: 28
  • Denied due to lack of verification: 80
  • Mean number of days within which we substantively responded: 34

Number of US requests to opt out of sale:
(for IBM's purposes, opt-out of sale is functionally consenting to only required cookies)

  • Received: 19,255
  • Complied with in whole or in part: 19,255
  • Denied: 0
  • Mean number of days within which we substantively responded: <1

Additional Disclosure

As permitted under HIPAA, IBM may "Sell" or disclose Deidentified Patient Information (as those terms are defined under CCPA) that has been deidentified pursuant to the deidentification methods described in HIPAA.

How to Contact Us

Questions about this Policy or about IBM's handling of your Personal Information may be submitted through our webform here or by calling (toll free) 1-800-IBM-4YOU (1-800-426-4968).

To read more about IBM's general privacy practices that apply to the Personal Information we collect, use and share, please visit the IBM Privacy Statement.