Last Modified December 6, 2021
This Privacy Statement explains how Western Digital (“Western Digital,” “we,” “us,” or “our”) collects, uses, and discloses your information. The Privacy Statement applies to all Western Digital products and services, except those products and services that have a separate privacy statement.
Where applicable, you consent to the use of your information as described in this Privacy Statement each time you use our products or services, so we urge you to read this document in full and Contact Us if you have any questions.
Personal information is information that can be used to directly or indirectly identify you. Personal information also includes information that is linked to information that can be used to directly or indirectly identify you. Personal information does not include information that has been irreversibly anonymized or aggregated so that it can no longer enable us, whether in combination with other information or otherwise, to identify you.
Here is a description of the types of personal information we may collect and how we may use it:
Depending on the products and services you use, we may collect and have collected within the preceding 12 months different kinds of personal information from or about you.
We may use personal information for the purposes described in this Privacy Statement. Generally speaking, we use personal information to provide, improve, develop, and personalize your experience with our products and services, to communicate with you, to offer you targeted advertisements and services, and to protect us and our users. We may do so with your consent, for compliance with a legal obligation, for the performance of a contract with you, or for our legitimate interests, to the extent permitted by applicable laws. Western Digital Technologies, Inc. collects, processes, and determines how to process your personal information as data controller for the following purposes:
For any of the uses of your data described above that require your prior express consent under applicable law, note that you may withdraw your consent by contacting us via our webform.
As a global company, Western Digital Corporation has a number of corporate affiliates in different jurisdictions. Each of these affiliates collects, processes, and determines how to process your personal information as a data controller to help provide you with the products and services you request.
We use and have used within the preceding 12 months cookies and similar technologies to provide, protect, and improve our products and services, such as by personalizing content, understanding user behavior, and providing a safer experience. We also use these technologies to provide you with personalized advertisements, including on third-party websites and applications, and to determine the effectiveness of our promotional campaigns.
We make certain personal information available to strategic partners that work with us to provide our products and services or help us market to customers. Personal information will only be shared and has been shared within the preceding 12 months by us with these companies in order to provide or improve our products, services, and advertising; it will not be shared and has not been shared within the preceding 12 months with third parties for their own marketing purposes.
We may share personal information with companies that provide services on our behalf, such as website hosting; email services; marketing; advertising; sponsoring of sweepstakes, contests, and other promotions; auditing; payment processing; fulfilling customer orders; data analytics; providing customer support; conducting customer research and satisfaction surveys; cloud storage services; and other services that assist in providing or selling our products and services. These companies are obligated to protect your information and may be located wherever we operate.
We may share personal information with all Western Digital Corporation-affiliated companies. In the event of a merger, reorganization, acquisition, joint venture, assignment, spin-off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal information to the relevant third party.
It may be necessary—by law or as a result of legal process, litigation, or requests from public or governmental authorities within or outside your country of residence—for us to disclose personal information. We may also disclose personal information if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
We may also disclose personal information if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our terms and conditions, investigate fraud, or protect our operations or users.
We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date. Depending on where you live, you may have the rights described below.
You have the right to access, correct, or delete the personal information that we collect. You have the right to object to or restrict, at any time, the further processing of your personal information. You may also have the right to receive your personal information in a structured and standard format. You may lodge a complaint with the competent data protection authority regarding the processing of your personal information.
To protect the privacy and the security of your personal information, we may request information from you to enable us to confirm your identity and right to access such information, as well as to search for and provide you with the personal information we maintain. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal information that we maintain.
You may fill out our webform to exercise your rights. We will respond to your request in a reasonable timeframe, and in any event in less than 30 days.
Please refer to our California Consumer Privacy Act Notice for additional disclosures and information relating to your rights under California law, including how to submit requests to access and/or delete your information pursuant to the CCPA.
If you are a California resident, you have the right to opt-out of the sale of your personal information by us to third parties at any time.
(1) submit a request through the Do Not Sell My Personal Information form available here, specifying you wish to opt-out of sales (such as sharing your information with our partners for audience matching purposes via means other than cookies or web tracking technologies referenced in (2) below); and
(2) click Cookies Preferences and toggle the options to “No” for both “Performance and Functionality” and “Advertising” Cookie options, and click “Submit Preferences”. This will deactivate performance, functionality, and advertising cookies and web tracking technologies on our site, including those used for audience matching purposes and personalized advertisements. Deactivating these cookies and web tracking technologies may only apply to the specific browser from which you click the link, and your preferences may reset if you change your settings.
To access to your personal information or to request that we delete your personal information, please submit a request via our webform here.
Please fill out our webform to close your account in relation to the following uses of your personal information:
If you close your account, we have no obligation to retain your information, and we may delete any or all of your information without liability. We may retain, however, information related to you if we believe it may be necessary to prevent fraud or future abuse, if required by law, or for legitimate purposes, where applicable, such as analysis of non-personal information, account recovery, maintaining the functionality or security of our systems, auditing our records, or enforcing our rights and obligations under our agreements.
Our products and services, including our websites and digital media properties, may contain links to or the ability for you to access third-party websites, products, and services. We are not responsible for the privacy practices employed by those third parties, nor are we responsible for the information or content their products and services contain. This Privacy Statement applies solely to information collected by us. We encourage you to read the privacy policies of any third parties before proceeding to use their websites, products, or services.
It is important that you take precautions to protect against unauthorized access to your Western Digital products, account credentials, and computers or other devices. If you feel that the security of your account or personal information has been compromised, please immediately Contact Us. Please be aware that, despite our efforts, no security system is impenetrable. In the event of a security breach, we will promptly notify you and the proper authorities if required by law.
We will retain your personal information for as long as it is necessary to fulfill the purposes outlined in this Privacy Statement, unless a longer retention period is required or permitted by law.
We do not knowingly collect, use, or disclose information from children under the age of 16. If we learn that we have collected the personal information of a child under the age of 16—or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States or 14 in the People’s Republic of China (which, for the purposes of this Privacy Statement, excludes the Hong Kong SAR, Macao SAR and the Taiwan region)—we will take steps to delete the information as soon as possible. Please immediately Contact Us if you become aware that a child under the age of 16 has provided us with personal information.
If you are a California resident under the age of 18, and you are a registered user of our products or services, California law permits you to request and obtain removal of content or information you have publicly posted. To make such a request, please Contact Us with specific information about where the content or information is posted and attesting that you posted it. We will then make reasonable, good faith efforts to remove the post from prospective public view, or anonymize it so you cannot be individually identified, to the extent required by applicable law. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstances in which the law does not require or allow removal even if requested.
When we share your personal information with our partners, Western Digital-affiliated companies, and service providers, your personal information may be transferred to and/or made accessible from countries out of the European Economic Area or the People’s Republic of China. In such circumstances, we will enter into model contractual clauses as adopted by the European Commission or the Cyberspace Administration of China, as applicable, or rely on alternative legal bases, and implement mandatory measures to act in accordance with applicable laws (for example, creating a process to disclose additional required information to you when transferring your personal information out of the People’s Republic of China). For some of our services, your personal information may be transferred to and/or stored and processed on servers located in the United States, or in other locations outside of the country where you reside for the purpose of providing the services to you.
We may periodically change this Privacy Statement to keep pace with new technologies, industry practices, and regulatory requirements, among other reasons. We expect most such changes to be minor. Any non-material changes will take effect immediately upon posting of an updated Privacy Statement, and we will indicate the Last Modified date at the top of this document. There may, however, be cases where changes to this Privacy Statement may be more significant. In such cases, we will provide you with a prominent notice of such changes on our website or will directly send you a notification.
Your continued use of our products and services after the effective date of the Privacy Statement means that you accept the revised Privacy Statement. If you do not agree to the revised Privacy Statement, please refrain from using our products and services and Contact Us to close any account you may have created.
If you have any questions regarding this Privacy Statement or its implementation, you may email our Data Protection Officer (DPO) at DPO@wdc.com. You may also reach us via our webform or write to us at:
5601 Great Oaks Parkway
San Jose, California 95119 USA
For customers in the European Union, we have registered our DPO with the Irish Data Protection Commission. If you have any questions or concerns about our privacy practices, we encourage you to contact our DPO at the email address above.