Privacy Statement

Last reviewed: September 25, 2024

Unisys is driven by our mission to build high-performance security-centric solutions for the most demanding businesses and governments. We change how people experience technology and help organizations act upon new opportunities through digital workplace, cloud, applications, enterprise computing and business process solutions (the “Services”). Unisys Corporation and its subsidiaries around the world understand that when our clients, partners and other individuals provide personal data to Unisys, they place their trust in us. We take this trust seriously and are committed to respecting each individual’s privacy and protecting the personal data we handle.

This Privacy Statement describes our privacy practices to help you understand what personal data we collect, use, share and transfer and to inform you about the choices you can make regarding your personal data.

This Privacy Statement applies to personal data (information that identifies you as an individual or relates to you as an identifiable individual) we process of:

  • Visitors to the Unisys websites that link to this Privacy Statement;
  • Visitors of the Unisys social media pages that link to this Privacy Statement;
  • Representatives of our clients, suppliers or other business partners (collectively, the “Business Partners”);
  • Visitors of our office locations, seminars or other events.

Certain specific products, services or websites may have their own privacy statement. In such cases, the specific privacy statement will apply instead of this Privacy Statement. For example, our Recruiting Privacy/Data Protection Notice applies to the personal data that we process for recruiting and hiring purposes, for example if you contact us in connection with a vacancy or apply for a job with Unisys.

Please note that Unisys is a service provider. When Unisys provides Services to its clients, it processes personal data on its clients’ behalf, upon their instructions and in accordance with its contractual obligations. Our clients are responsible for their processing of personal data when using our Services. You are accordingly referred to our respective clients’ privacy statement for any such processing. This Privacy Statement does not apply to personal data that we process on behalf of our clients.

Summary

The Unisys entity that you correspond with, enter into a contract with, or whose premises you visit, is the entity responsible for the processing of your personal data in that context.

In addition, Unisys Corporation is responsible for the processing of your personal data if you are a Unisys website or social media page visitor. It is also responsible for the processing of personal data that are shared with Unisys Corporation by any of the other subsidiaries for certain marketing purposes or business purposes as described below.

You can find a list of Unisys entities at Unisys Locations.

We collect the following personal data:

Categories of Personal Data

Examples of Personal Data

Sources

Contact details

Name, address, phone number, e-mail address, company name.

We receive this information directly from you or from our Business Partners, if you are a representative of our Business Partners.

Billing details

Billing address, corporate credit card information or banking information.

We receive this information directly from you.

Marketing preferences

Whether you’ve opted in or opted out to receiving marketing related information from us.

We receive this information directly from you.

Event details

Attendance at our events, preferences related to your attendance, such as dietary preferences or requests for assistance.

We receive this information directly from you or from our Business Partners who sign you up for our events.

Due diligence data

Information to assess a client, supplier or business partner’s financial or reputational status.

We collect this information from public sources.

Photo and/or video

Photos and videos of you and images captured through our CCTV systems.

We collect this information through our CCTV systems set up in our offices.

Information submitted by individuals

Responses to client satisfaction surveys, content of a request or complaint made to Unisys and other information that individuals choose to provide to Unisys, including by email, through contact forms on our websites or via our social media pages.

We receive this information directly from you.

Social media information

Profile pictures, social media account ID, and other social media profile information, including lists of friends/followers on social media.

We receive this information from you and the social media platforms when you connect with us on social media or enable certain cookies.

Device information

Information about devices and use of our Services, including data obtained through cookies and similar technologies, as described in our Cookies and Automatic Data Collection Tools Policy.

We receive this information from your use of our Services and through cookies and similar technologies.

We use and disclose the personal data for the following purposes. Where required by applicable law, we will undertake these activities with your consent.

Purpose

Example of Processing Activity

Categories of Personal Data

Legal basis (subject to applicable law)

Provide our Services

Contact you in relation to the provision of Services, including providing warranty and repair services and product support updates.

Contact details

We undertake these activities to perform the contract we have with our Business Partners.

Commercial account management

Select, negotiate and enter into contracts with Business Partners; generate invoices and make payments.

Contact details and billing details

We undertake these activities to prepare for or perform the contract we have with our Business Partners.

Improve our Services and develop new products and services

Conduct quality controls and evaluate the performance of our products and services, including conducting client satisfaction surveys.

Contact details and information submitted by individuals

We undertake these activities because we have a legitimate interest to improve our Services.

Conduct due diligence

Checking whether Business Partners are included on a sanctions’ list, have the financial means to enter into a contract with us, or comply with our Code of Ethics and Business Conduct.

Contact details and due diligence data

We undertake these activities because we have a legitimate interest to ensure that our Business Partners have a sound financial and reputational status and comply with our Code of Ethics and Business Conduct.

Marketing

Send relevant newsletters, solution updates, event notifications and other marketing communications; host webinars, seminars and other events.

Contact details, marketing preferences and social media information.

We undertake these activities because we have a legitimate interest to generate sales and marketing leads. Where required by applicable law, we will undertake these activities with your consent.

You can always opt out or withdraw your consent if you no longer wish to receive marketing-related communications from us. Please refer to the “How We Respect Your Privacy in Marketing” section for more information.

Advertising

Provide tailored information and/or offers such as targeted advertising tailored to your interests, on our marketing partners’ platforms; engage with relevant audience to offer products and/or services that may be of interest.

Contact details, marketing preferences, social media information, device information.

We undertake these activities based on consent where required by applicable law. Such consent may be given through the cookie settings through which you can enable or disable certain advertisement cookies.

We have a legitimate interest to provide you with personalized offers.

 

Hosting events

Register your attendance, cater to your requests, send you notifications and messages related to the event (such as reminders and practical information) and take photographs or videos at the event.

Contact details, event data, marketing preferences and photo and/or video.

We undertake these activities to perform our contractual obligation with you (when you sign up for an event), with your consent or because we have a legitimate interest in making sure the event runs smoothly and we are able to report on it to our stakeholders, as relevant.

Communicate with you

Respond to inquiries or requests for information.

Contact details and information submitted by individuals

Depending on the nature and content of your request or inquiry, we undertake these activities because we have a legitimate interest (for example, to fix an issue that you may have spotted), with your consent, or where we have a legal obligation (for example, if you request access to your personal data).

Relationship building and engagement

Facilitate and respond to any reviews, social sharing and posts on our social media pages.

Contact details and social media information.

We undertake these activities because we have a legitimate interest to engage with Business Partners and other individuals who post on our social media pages.

Business purposes

Business reporting, revenue forecasting, identifying usage trends, for example, understanding which of our Services are of most interest to clients.

All personal data as relevant for the specific business purpose. Unisys will strive to process aggregate or anonymized data for these purposes.

We undertake these activities because we have a legitimate interest such as to anticipate demand of our Services.

Security and Fraud prevention

Monitor for and prevent fraud.

Security purposes, including system security and on-site security of our premises.

For example, we authenticate Business Partners to enable their use of guest networks and collaboration tools, and visitors that visit our offices. We may also have a CCTV system installed at our premises for safety and security reasons.

Contact details and Photo and/or Video

We undertake these activities because we have a legitimate interest such as to ensure the security of our products, services, premises, employees and visitors.

Legal and Compliance

Fulfil our legal and compliance-related obligations, including complying with applicable laws.

Conduct audits, verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.

Comply with legal processes.

Respond to requests from public and government authorities.

Meet national security or law enforcement requirements.

Enforce our terms and conditions.

Protect our operations.

Protect the rights, privacy, or property of Unisys or others.

Conduct internal investigations.

Allow us to pursue available legal remedies, defend claims and limit the damages that we may sustain.

Personal data as relevant for the specific legal action, (regulatory) investigation, and/or legal processes in question

We undertake these activities based on a legal obligation or on our legitimate interest, such as defending our legal position.

Aggregating and/or anonymizing personal data

We may aggregate and/or anonymize personal data so that it will no longer be considered personal data. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.

All personal data as relevant for the specific business purpose.

We undertake these activities based on our legitimate interests, such as to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.

Business transaction

Facilitate a business transaction or sale.

All personal data as relevant for the specific transaction

We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

We use reasonable security procedures and technical and organizational measures to protect against accidental or unlawful destruction, loss, disclosure or use of personal data we handle. Our network and systems used to provide Services are governed by Unisys corporate Information Security policies, which are based upon standards, including International Organization for Standardization (ISO) 27001 and National Institute of Standards and Technology (NIST).

We limit access to and use of your personal data to authorized persons and trusted third parties who have a reasonable need to know the information in order to perform our services and business operations and who are bound by confidentiality obligations.

Please note, however, that no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How to Contact Us” section below.

We retain your personal data only for as long as is necessary to fulfill the purpose for which the data was collected from you and in consideration of and compliance with applicable legal or regulatory requirements to maintain the data for legitimate purposes. For example, where required by law for audits or accounting requirements, to enforce our agreements or handle disputes.

The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship with you and provide the Services to you; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

We may disclose your personal data to authorized Unisys personnel in our subsidiaries with a need to know the information in order to process the personal data for the purpose we collected it.

We also disclose personal data to third party service providers who are acting on our behalf in order to provide the products or services you request or to support our relationship with you. These third parties are not authorized by us to use or disclose the information except as necessary to perform services on our behalf pursuant to a contractual obligation or to comply with legal requirements. Unisys requires such third parties to comply with applicable data protection and privacy laws and agree to implement and maintain appropriate technical and organizational security measures to safeguard the personal data.

Other disclosures may include:

  • To our professional advisors and insurers to run our business;
  • To competent legal authorities when required by applicable laws or regulations;
  • To law enforcement authorities or other government officials when we are required to do so by law or pursuant to legal process (including for national security purposes); when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual fraud or illegal activity; or when we believe that disclosure is necessary to protect our rights, protect your safety or the safety of others;
  • With third parties for dispute resolution purposes;
  • With appropriate third parties in connection with the sale, transfer or financing of all or part of a Unisys business or its assets, including any such activities associated with a bankruptcy proceeding.

Unisys is a global enterprise based in the United States with operations in countries around the world. Authorized Unisys personnel and third parties acting on our behalf may access, use and process personal data collected from you in a country or region that is different from the country or region where you are located, which may have less stringent data protection laws.

As an IT and security services company, Unisys has implemented global privacy practices for processing personal data protected under various data protection laws. Unisys transfers personal data between the countries and regions in which we operate in accordance with the standards and conditions of applicable data privacy laws, including standards and conditions related to security and processing and acceptable transfer mechanisms.

For example, where our processing of your personal data is subject to the EU’s or the United Kingdom’s General Data Protection Regulation (“GDPR”) and we transfer your personal data outside the European Economic Area (“EEA”) or the United Kingdom (“UK”), we rely on the following safeguards:

  • Data Privacy Framework: Unisys Corporation has certified to the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-US Data Privacy Framework (collectively “DPF”) for personal data that it receives from the EEA, UK, and Switzerland. As explained in our Data Privacy Framework Privacy Policy here, personal data covered by our DPF certification will be protected in accordance with the DPF Principles.
  • Adequacy Decisions: The UK Secretary of State and the European Commission have recognized certain countries as providing an adequate level of data protection, so that personal data can be transferred to those countries without additional safeguards. For transfers from the EEA, the full list of these countries is available here. For transfers from the UK, the full list of these countries is available here.
  • Standard Contractual Clauses: For transfers of personal data from the UK and/or EEA to countries outside the UK and EEA, which (at any point in time) are not covered by a DPF certification and are not considered adequate as explained above, we have put in place standard contractual clauses to protect your personal data. You may obtain a copy of these measures by contacting us in accordance with the “How to Contact Us” section below or by following this link.

In all cases, we will undertake transfers of your personal data in accordance with applicable law.

For more information on the appropriate safeguards in place to protect your personal data, please contact us at unisysglobalprivacy@unisys.com.

Unisys uses various means of communication and tools to market its products and services. You may opt-out of our commercial marketing emails by using the “Unsubscribe” or “Opt-out” link in the commercial email or by contacting us at unisysglobalprivacy@unisys.com. You may opt-out of our commercial marketing calls by making such request on the respective call or sending your opt-out request including your phone number to unisysglobalprivacy@unisys.com.

We will comply with your request(s) as soon as reasonably practicable. Please note that while we process your request(s) you may still temporarily receive emails until your request(s) have been processed. Please also note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages, from which you cannot opt out.

When you visit the Unisys website, we or our third-party service providers may collect information through the use of cookies or other similar technologies. You can review more information about our use of cookies and similar technologies here.

This Privacy Statement does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Meta, Apple, Google, X or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any personal data you disclose to other organizations through or in connection with our social media pages.

We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the websites or our other online services.

You may receive advertisements based on information relating to your access to and use of our websites and other websites or online services on any of your devices, as well as on information received from third parties. These companies place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Statement, please visit http://optout.aboutads.info/#/, http://optout.networkadvertising.org/#/ and https://youronlinechoices.eu/ in the EU. You may download the AppChoices app at https://youradchoices.com/control to opt out in mobile apps.

We rely on you to provide accurate, complete and current personal data to us.

If you need to correct or update the personal data you provided to us, in many cases, you can edit your data from the location where you provided the personal data to us.

If you would like to request to access, correct, update, suppress, restrict, or delete personal data, object to or opt out of the processing of personal data, or if you would like to request to receive a copy of your personal data for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us via unisysglobalprivacy@unisys.com or in accordance with the “How to Contact Us” section below.  We will respond to your request consistent with applicable law. 

In your request, please make clear what personal data your request relates to.  For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.  We will try to comply with your request as soon as reasonably practicable.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete a request (e.g., if you submitted a complaint, we cannot delete the personal data associated with the complaint until it is fully resolved). 

Individuals residing in California should review the “Additional Information Regarding California” section below, for further details on their privacy rights and how to exercise them.

Individuals from the European Economic Area or the United Kingdom may lodge a complaint with (1) an EU/EEA data protection authority for their country or region where they have their habitual residence or place of work or where an alleged infringement of applicable data protection law occurs, or (2) the UK’s Information Commissioner.  A list of EEA data protection authorities is available here.

If you have any questions or comments regarding this statement or our privacy practices, or any concerns regarding a possible violation of this statement, our practices or any applicable privacy law, or a concern or complaint about our cross-border data transfer practices,​​ please contact the privacy office at unisysglobalprivacy@unisys.com or through ​our Unisys Compliance Helpline, and we will promptly respond.​

Our mailing addresses are:

Unisys Global Privacy Office​​
Legal Department
801 Lakeview Drive, Ste. 100
Blue Bell, PA 19422
United States

The Data Protection Officer for Brazil is Jefferson Renato Ribeiro
Encarregado@unisys.com
Unisys Brazil – Departamento Jurídico e Compliance
Av. Das Nações Unidas 17.891, conjunto 801
Vila Almeida – São Paulo/SP
CEP: 04.795-920
Brazil

The Data Protection Officer for Germany is Oliver Schiff
Philipp-Reis-Str. 2
Hattersheim 65795
Germany

Links to Other Websites

As a convenience to our website visitors, we sometimes provide links to other websites. These linked sites are not under the control of Unisys and we are not responsible for their content. You should review the privacy statements of any linked website to understand their privacy practices before using the site.

Children

It is not our intent to collect personal data from children under the age of consent in their country or region of residence. Our websites are not designed to attract children and we request that children under the age of 16 do not submit personal data to us through our websites.

Updates to Our Privacy Statement

We may update this Privacy Statement from time to time. When we update this statement, we will also update the date at the top. Only the current statement is effective, so please review it periodically. If we make any material changes, we may also notify you by contacting you directly or posting a notice on our website.

This California section applies to California residents and supplements the information provided above in the Privacy Statement.

NOTICE AT COLLECTION

Pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”), we are providing the following additional details regarding the categories of “Personal Information” (as that term is defined by the CCPA) about California residents that we collect, use, and disclose.

Categories of Personal Information Collected, Disclosed, Sold, and Shared

The following chart details which categories of Personal Information about California residents we collect, as well as which categories of Personal Information we have collected and disclosed for our operational business purposes in the preceding 12 months. The chart also details the categories of Personal Information that we “sell” or “share” for purposes of cross-context behavioral advertising, including within the preceding 12 months.

Categories of Personal Information

Disclosed to Which Categories of Third Parties for Operational Business Purposes

Shared with Which Categories of Third Parties for Cross-Context Behavioral Advertising

Sold to Which Categories of Third Parties

Identifiers, such as name, contact information, and online identifiers, including IP address

Our affiliated entities and third-party service providers, including professional advisors

Ad networks; social media platforms

None

Personal information, as defined in the California customer records law, such as name and contact information

Our affiliated entities and third-party service providers, including professional advisors.

Ad networks; social media platforms

None

Characteristics of protected classifications under California or federal law, such as gender and age

Our affiliated entities and third-party service providers, including professional advisors.

None

None

Commercial information, such as transaction information and purchase history

Our affiliated entities and third-party service providers, including professional advisors.

None

None

Internet or network activity information, such as browsing history and interactions with our website

Our affiliated entities and third-party service providers.

Ad networks; social media platforms

None

Geolocation data, such as approximate location derived from IP address

Our affiliated entities and third-party service providers.

Ad networks; social media platforms

None

Audio, electronic, visual, and similar information, such as photos, videos, and images captured through our CCTV systems

Our affiliated entities and third-party service providers

None

None

Professional or employment-related information, such as current employer

Our affiliated entities and third-party service providers, including professional advisors

Ad networks; social media platforms

None

Inferences drawn from any of the Personal Information listed above to create a profile/summary about, for example, an individual’s preferences and characteristics

Our affiliated entities and third-party service providers

Ad networks; social media platforms

None

To request to opt out of any future “sale” of your Personal Information and/or “sharing” of your Personal Information for purposes of cross-context behavioral advertising, click here.

Purposes for the Collection, Use, Disclosure, Sale, and Sharing of Personal Information

As described above, we collect, use, disclose, sell, and share Personal Information for the purposes of operating, managing, and maintaining our business, providing our products and services, and accomplishing our business purposes and objectives, including to:

  • Develop, improve, repair, and maintain our products and services;
  • Fulfill your requests and process your transactions; 
  • Personalize, advertise, and market our products and services;
  • Conduct research, analytics, and data analysis;
  • Disclose Personal Information to our service providers to enable them to provide services to us such as information technology and related infrastructure provision, email delivery, customer service, auditing, and other services;
  • Maintain our property and our records, and undertake quality and safety assurance measures;
  • Conduct risk and security control and monitoring, and detect and prevent fraud;
  • Perform identity verification, accounting, audit, and other internal functions, such as internal investigations and record-keeping;
  • Carry out corporate transactions, such as mergers, joint ventures or acquisitions; and
  • Comply with law, legal process, and internal policies, and exercise and defend legal claims.

Purposes for the Collection, Use, and Disclosure of Sensitive Personal Information

We collect, use, and disclose Sensitive Personal Information for purposes of: performing services on behalf of our business; providing goods or performing services as requested by you; ensuring security and integrity, short term transient use such as displaying first party, non-personalized advertising; order processing and fulfillment; servicing accounts and providing customer service; verifying customer information; activities relating to quality and safety control or product improvement; securing the access to, and use of, our facilities, equipment, systems, networks, applications, and infrastructure; preventing, detecting, and investigating security incidents; resisting and responding to fraud or illegal activities; and other collection and processing that is not for the purpose of inferring characteristics about an individual.  We do not use or disclose Sensitive Personal Information for additional purposes.

We do not knowingly “sell” or “share” for purposes of cross-contextual advertising the Personal Information, including the Sensitive Personal Information, of minors under 16 years of age.

Retention Period

We retain each category of Personal Information, including Sensitive Personal Information, only for as long as is necessary to fulfill the purpose for which the Personal Information was collected from you and in consideration of and compliance with applicable legal or regulatory requirements to maintain the data for legitimate purposes. For example, where required by law for audits or accounting requirements, to enforce our agreements or handle disputes.

The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship with you and provide the Services to you; (ii) whether there is a legal obligation to which we are subject; or (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Go To Top of Privacy Statement

Individual Rights and Requests

If you are a California resident, you may request:

  1. To receive the following information:
    1. The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
    2. The categories of Personal Information about you that we “sold” or “shared” for purposes of cross-context behavioral advertising and the categories of third parties with whom we “sold” or “shared” such Personal Information; and
    3. The business or commercial purpose for collecting, “sharing,” or “selling” Personal Information about you;
    4. The specific pieces of your Personal Information; and
    5. The categories of Personal Information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such Personal Information.
  2. To correct inaccuracies in your Personal Information.
  3. To delete your Personal Information we collected from you.
  4. To opt out of the future “sale” of your Personal Information.
  5. To opt out of the future “sharing” of your Personal Information for purposes of cross-context behavioral advertising.

You have the right to be free from unlawful discrimination for exercising your rights under the CCPA.

To make a request under #1-3, please contact us at unisysglobalprivacy@unisys.com or submit a request online. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as name and email address, in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information. If you make a deletion request, we may ask you to verify your request before we delete your Personal Information.

To request to opt out of any future “sale” of your Personal Information and/or “sharing” of your Personal Information for purposes of cross-context behavioral advertising, click here.

We also process opt-out preference signals, such as the Global Privacy Control.  These signals set the opt-out preferences only for the particular browser or device you are using.  For information about how to use the Global Privacy Control, please visit https://globalprivacycontrol.org/.

Authorized Agents

If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in the section entitled “Individual Rights and Requests.” As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in the section entitled “Individual Requests” or confirm that you provided the agent permission to submit the request.

De-Identified Information

Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.