Privacy Statement - CA Technologies
{{search ? 'Close':'Search'}}

Privacy Statement


Last updated by the CA Legal team on September 26, 2016

CA cares about your privacy

CA, Inc. and its global subsidiaries (sometimes referred to herein as CA or CA Technologies) are committed to protecting the privacy of individuals who visit CA’s websites and interact with CA online (“Visitors”), individuals who register to use the Services as defined below (“Customers”), and individuals who provide information to CA to register for Company’s corporate meetings or other events (“Attendees”). This Privacy Statement describes CA’s privacy practices in relation to the use of CA’s websites and the related products, applications and services (including support and education) offered by CA (the “Services”).

You should also note that CA maintains the same privacy practices with respect to data that is collected off-line and this statement may be relied upon with respect to those methods of data collection and use.

Please see our Code of Conduct for more information about CA’s high standard of ethics and our commitment to the protection of your personal information.

CA may modify or update this privacy statement at any time without prior notice. You can check the “Last Updated” date above to see when the statement was last changed. Your continued use of the website and/or the Services constitutes your consent to the contents of this Privacy Statement.

Q1: What personal information does CA collect or maintain?

In general, as a Visitor you will not need to identify yourself or reveal any personal information. However, CA does collect domain information from your visit to customize and improve your experience on our websites. The type of information CA may collect includes:

  • the date and time of your access
  • the pages you have acccessed
  • the name of the Internet Service Provider and the Internet Protocol (IP) address that you use to access the internet
There are times when CA may collect personal information from you as a Visitor, Customer or Attendee. This may include your name, email address, phone number and other contact information. In some cases CA may request additional information in which case you may receive a separate privacy statement at that time. Some of the ways in which CA may collect information from you are:
  • Registrations for webcasts, seminars, conferences, etc. sponsored by CA or a partner
  • Product support registration (for employee and/or customer login-ins)
  • CA Communities registration
  • Registering for courses or education
  • Subscription to newsletters or other CA content-related materials
  • Services purchases or trials (either on your own or on behalf of your company)
  • White paper or other downloads
  • Sweepstakes or contests

Q2: How does CA use your information?

CA uses the information collected to operate its websites, to provide you with the Services requested and to contact you about your interest in the Services, to verify your information, to plan and host corporate events, online forums and social networks, and to populate online profiles for Attendees on CA’s websites. CA may also aggregate your information with data that is separately provided by you on social media and third party websites if visible to third parties. CA may also use data from Visitors, Customers and Attendees for marketing purposes. For example, CA may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding CA, its affiliates, and its partners, such as information about promotions or events.

When CA collects information about you, such as your name or other details, it is CA’s practice to provide you with information on how the data will be used at the time you are asked for it if that is not immediately apparent. When CA asks you to provide your information through a registration page or otherwise, you will have the option of not doing so, in which case you may still be able to access other portions of this website, although you may not be able to access certain programs or services.

See Question 7 “What other rights do you have in connection with the personal data CA collects?” for information on your rights, including rights to “opt out” of certain uses of your information.

Some CA products or services use the Google Maps APIs and CA therefore incorporates by reference the Google privacy policy located at http://www.google.com/privacy.html, as amended by Google from time to time.

Q3: How does CA address data transfers from the European Economic Area (EEA)?

Because CA is a global company with customers located in many different countries around the world, it’s important that we comply with data privacy laws in many jurisdictions. CA has many entities operating in the EEA (the EEA is an area made up of European Union Member States and other countries in Europe who adhere to similar rules). In order for CA to do business, CA entities in the EEA need to send personal data to CA, Inc., a US based company, and other CA companies around the world. CA has implemented various mechanisms to enable the lawful transfer of personal data from the EEA to other countries globally. Here is a quick chart showing how CA Technologies uses each of these mechanisms for data transfers.

  Data Processor Data Controller Comments

Binding Corporate Rules (controller)

 

  x Click here to see listing on EU Commision website.

Privacy Shield*

 

x   Click here for details.

Standard Contractual Clauses (intercompany)

 

x   Contact CA for details.

Standard Contractual Clauses (customer/CA)

 

x   Click here to download CA’s Data Processing Agreement.

*US-Swiss Safe Harbor Framework for transfers between Switzerland and the US.

CA is generally a data processor when your company provides CA with access to personal data originating from your company, e.g., a file for product support or other Services, or data in a SaaS environment.

CA is generally a data controller when you proivde your data as a Visitor, Attendee or to register for a Service.

Binding Corporate Rules (CA as a Controller)

CA has developed a set of Binding Corporate Rules (BCRs) to ensure uniform, comprehensive data protection and privacy standards for the handling of personal data. CA relies on these BCRs for the transfer of data globally among CA entities in those cases where CA acts as the data controller.

Click here to see CA’s listing on the European Commission’s BCR website and the categories of data it covers.

Privacy Shield (CA as Processor)

Where CA acts as a data processor, CA, Inc. and its U.S. subsidiaries comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data from EEA member countries. CA, Inc. has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Framework, and to view CA’s certification page, please visit https://www.privacyshield.gov/.

Personal data covered by the Privacy Shield Framework may be provided to a third party as described in Q4 below. CA is accountable for personal data that it receives under the Privacy Shield Framework and transfers to a third party as set forth in the Privacy Shield Principles. CA remains liable under the Privacy Shield Principles if third parties engaged to process personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles will be administered and monitored by the Department of Commerce and will be enforced by the Federal Trade Commission (FTC).

If you have a complaint about CA’s use of your data under the Privacy Shield Framework see Q12 “What do you do if I have a question or a complaint regarding how CA is handling your personal data?” for information on what to do.

CA’s participation in the Privacy Shield Framework applies to all personal data that it receives from the EEA which is processed by CA as a data processor. It excludes HR data.

CA, Inc abides by the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Departmetn of Commerce. CA, Inc has certified that it adheres to the Safe Harbor Principles. For more information on the U.S.-Swiss Safe Harbor Framework, including the Safe Harbor Principles, and to view the scope of CA’s certification, please visit http://www.export.gov/safeharbor/.

Standard Contractual Clause (CA as Processor)

(i) For the transfer of personal data between CA entities in the performance of its customer contracts CA has executed an intercompany data processing agreement with attached Standard Contractual Clauses. Contact CA for details.

(ii) CA offers customers the right to enter into a customer specific data processing agreement with attached Standard Contractual Clauses. Click here to download the CA’s Data Processing Agreement.

For information on CA’s data transfer mechanisms, click here.

Q4: How does CA share your information?

CA may share your personal data with third parties for the purposes described below. For example, your data may be shared with companies CA has hired to provide support or services relating to CA products or to assist CA in protecting its systems.

CA Subsidiaries

CA may share data about Visitors, Customers and Attendees with other companies in order to work with them, including subsidiaries or CA, Inc. For example, CA may need to share data about Visitors to help improve our website or share data about Customers for customer relationship management purposes.

Suppliers

CA Technologies may share data about Visitors, Customers and Attendees with CA’s contracted suppliers so that these suppliers can provide services on CA’s behalf, this may include those who are performing customer support and cloud service providers such as storage providers. In addition and not limiting the foregoing, CA may also share data about Visitors, Customers, and Attendees with CA’s suppliers to ensure the quality of information provided, and with third-party social networking and media websites, such as LinkedIn and Facebook, for marketing and advertising on those websites. Unless described in this Privacy Statement, CA does not share, sell, rent, or trade any information with third parties for their promotional purposes.

CA maintains contracts with these companies that require them to abide by our data privacy and security provisions and such companies are not allowed to use the personal data they receive from CA for any other purpose.

Business Partners

CA may use partners (including without limitation resellers and managed service providers) to offer its Services and may also jointly host corporate meetings and events with partners. CA may share data about Customers collected in connection with your purchase with CA where a partner is used and about Attendees where you attend an event or meeting jointly hosted by CA and a partner. CA does not control its business partners’ use of the data about Customers and Attendees collected, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase using a partner or you may choose not to attend an event or meeting jointly hosted by a partner.

CA may also disclose data to its business partners for marketing and other purposes which CA believes may be beneficial to you.

Third Party Advertising

Q8 and Q9 of this Privacy Statement specifically address the use of third parties to advertise and third party links.

Disclosure

CA may disclose information it has collected about you if required or advisable to do so under law, pursuant to lawful requests by public authorities, including for national security or law enforcement requirements, or when CA believes it is reasonably necessary in order to protect the rights of CA or its employees or to comply with a judicial proceeding or process.

Q5: What are CA’s security levels for your data?

CA’s intent is to strictly protect the security of your personal information; honor your choice for its intended use; and carefully protect your data from loss, misuse, unauthorized access or disclosure, alteration, or destruction. CA has taken appropriate steps to safeguard and secure information we collect, including the use of encryption when collecting or transferring sensitive data such as credit card information. However, you should always take into consideration that the internet is an open forum and that data may flow across networks with little or no security measures, and therefore such information may be accessed by people other than those you intended to access it.

Q6: Can you update the information you provide to CA?

You are entitled to know whether CA holds information about you and, if we do (subject to certain limitations), to have access to that information, have it corrected if it is inaccurate or out of date, or ask CA to delete it, if appropriate. Contact CA at privacyhelpline@ca.com for any questions or to update your information.

Q7: What other rights do you have in connection with the personal data CA collects?

CA offers Visitors, Customers, and Attendees a means to choose how CA uses the personal data they provide. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located at the bottom of CA marketing emails. Additionally, you may send a request to privacyhelpline@ca.com.

Q8: What about other 3rd party links?

This website contains links to other websites. CA is not responsible for the privacy practices or the content of such websites and their use of the information will be in accordance with their own privacy policies.

Q9: What are CA’s practices regarding cookie and web beacons?

A “cookie” is a small amount of data transferred to your browser and read by the web server that placed it there. It records your preferences and information you entered. By using cookies, the information you previously provided can be retrieved on your next visit to the website so that your use of the website is more efficient. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie.

Web beacons may be used to deliver the cookie and to compile statistics about our website, such as how many people visited a particular page or clicked on certain links. While your particular use of the site will not be revealed and no personally identifying information will be collected, this information may be used, in an anonymous fashion, for preference marketing purposes, and CA’s third party advertising companies may use the information about your visit to the website(s) in order to provide ads about goods and services of interest to you. This information can include: date/time of banner ad shown, related cookie, and the first three octets of the IP address. CA may share aggregated statistics about the use of the website with third parties.

Cookies are either session-based (which disappear after you close your browser) or persistent (which remain on your computer after you close your browser or turn off your computer).

You may see the list of CA and selected partner cookies on our website and make choices about those cookies by visiting our Cookie Consent Tool here. In addition to our Cookie Consent Tool, most browsers allow you to manage cookie preferences. If you choose to decline cookies, you may not be able to get the benefit of some of the features of this website or other websites that you visit.

The following chart describes the types of cookies you may find on the CA website and your options for managing them.

Types of Cookies Description Settings
Required cookies

Required cookies enable you to navigate CA’s websites and use its features, such as accessing secure areas of the websites and using CA Services.

If you have chosen to identify yourself to CA, CA uses cookies containing encrypted information to allow CA to uniquely identify you. Each time you log into the Services, a cookie containing an encrypted, unique identifier that is tied to your account is placed on your browser. These cookies allow CA to uniquely identify you when you are logged into the Services and to process your online transations and requests.

 

Because required cookies are essential to operate CA’s websites and the Services, there is no option to opt-out of these cookies.
Performance cookies These cookies collect information about how Visitors use CA’s website, including which pages visitors go to most often and if they receive error messages from certain pages. These cookies do not collect information that individually identifies a Visitor. All information these cookies collect is aggregated and anonymous. It is only used to improve how CA’s website functions and performs.

To learn how to opt out of performance cookies using your browser settings click here.

To learn how to manage privacy and storage settings for Flash cookies, click here.

Functionality cookies

Functionality cookies allow CA’s websites to remember information you have entered or choices you make (such as your username, language, or your region) and provide more enhanced, more personal features. These cookies also enable you to optimize your use of CA’s Services after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.

CA uses local shared objects, also knows as Flash cookies, to store your preferences or display content based upon what you view on CA’s websites to personalize your visit.

To learn how to opt out of functionality cookies using your browser settings click here.

Note that opting out may impact the functionality you receive when CA’s websites.

To learn how to manage privacy and storage settings for Flash cookies click here.

Targeting or Advertising cookies

CA may engage third parties to track and analyze usage and volume statistical information from individuals who visit CA’s websites. CA sometimes uses cookies delivered by third parties to track the performance of CA advertisements. For example, these cookies remember which browsers have visited CA’s websites. The information provided to third parties does not include personal infromation, but this information may be reassociated with personal information after CA receives it.

CA also contracts with third party advertising networks that collect IP addresses and other information from Web beacons (see below) on CA’s websites, from emails, and on third party websites. Ad networks follow your online activities over time and across different sites or other online services by collecting Web Site Navigational Information through automated means, including through the use of cookies. These technologies may recognize you across the different devices you use, such as a desktop or laptop computer, smartphone or tablet. Third parties use this information to provide advertisements about products and services tailored to your interests. You may see these advertisements on other websites or mobile applications on any of your devices. This process also helps CA manage and track the effectiveness of its marketing efforts. Third parties, with whom CA partners to provide certain features on its websites or to display advertising based upon your Web browsing activity, use Flash cookies to collect and store information. Flash cookies are different from browser cookies because of the amount of, type of, and how data is stored.

To learn more about these and other advertising networks and their opt out instructions, click here and here.

To learn how to manage privacy and storage settings for Flash cookies click here.

Web Beacons

CA uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of CA’s websites and interaction with emails from CA. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular website tied to the Web beacon, and a description of a website tied to the Web beacon. For example, CA may place Web beacons in marketing emails that notify CA when you click on a link in the email that directs you to one of CA’s websites. CA uses Web beacons to operate and improve CA’s websites and email communications.

IP Addresses

When you visit CA’s websites, CA collects your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, CA uses IP addresses to monitor the regions from which Customers and Visitors navigate CA’s websites. CA also collects IP addresses from Customers when they log into the Services as part of CA’s “Identity Confirmation” and “IP Range Restrictions” security features.

Do Not Track

Certain browsers like Internet Explorer, Firefox and Safari offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to websites’ visited by the user about the user’s browser DNT preference setting. CA does not currently commit to reponding to browsers’ DNT signals with respect to CA’s websites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. CA takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

Q10: What is you post on social media pages?

Portions of this website make chat rooms, forums, blogs, message boards, and/or news groups available to Visitors. Please remember that any information that is disclosed in these areas could be made public so exercise caution when deciding to disclose any personal information.

Use of these portions of our website may be subject to additional terms. Additional information about community and support sites can be found at our Terms for User Sites on ca.com.

In addition, CA’s websites may use social media functionality like the Facebook “like” button which may collect your IP address and which page you are visiting on CA’s website, and may set a cookie to enable the feature to function properly. You may be given the option by that social media site to post information about your activities on CA’s websites to your profile page on that social media site. Your interactions with these features are governed by the privacy policy of the company that is providing them.

Q11: What should you do if you have a question or complaint regarding how CA is handling your personal data?

If you have any questions, concerns, or comments about our privacy statement or practices, please contact CA via email at privacyhelpline@ca.com with the words “PRIVACY POLICY” in the subject line. All emails will be read promptly and we endeavor to provide an initial response to the sender within 5-7 business days indicating the complaint will be investigated.

To the extent you have a question, request, inquiry or complaint regarding personal data for which CA acts as a data processor (which may include information provided to CA by your company or other third party), CA may have to reach out to our corporate customers in order to comply with requests relating to the handling of such personal data. For these reasons, we ask that if you with to request access, to limit use, or to limit disclosure to such personal data, please provide the name of the CA customer who provided your data to CA. CA will then work with that customer to help ensure that your request is addressed.

Privacy Shield Complaints

CA will provide an initial response to any Privacy Shield complaint within 45 days from the complaint. If we fail to respond within that time, or if our response does not address your concern, CA has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.

If neither CA nor the Council of Better Business Bureaus resolves your complaint, you may have the possibliity to engage in binding arbitration through the Privacy Shield Panel.

All of the above recourses are free of charge for the individual raising the complaint.

All issues raised will be investigated until completion, and all matters will be handled in compliance with the Principles of the EU-U.S. Privacy Shield.

US-Swiss Safe Harbor Complaints

CA complies with the US-Swiss Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. CA has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access and enforcement. If there is any conflict between the policies in this Privacy Statement and the Safe Harbor Privacy Principles, the Safe Harbor Privacy Principles shall govern. To learn more about the US-Swiss Safe Harbor and to view our certification page please visit http://www.export.gov/safeharbor/swiss.

In compliance with the US-Swiss Harbor Principles, CA commits to resolve complaints about your privacy and our collection or use of your personal data. Swiss citizens with inquiries or complaints regarding this policy should first contact CA at:

CA Technologies
520 Madison Avenue
New York, NY 10022
Attention: Bonnie Yeomans, Assistant General Counsel and Privacy Officer

privacyhelpline@ca.com

CA has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.

Visit the Canadian Privacy Policy page for additional information about CA Canada.

Contact
Call us at 1-800-225-5224
Call us at 1-800-225-5224
Email
Get in touch with CA
Email Us

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

agent is typing