Equinix, Inc. and its affiliated companies ('Equinix', 'we', 'us' or 'our') in the United States and worldwide, in its three operating regions – the Americas, EMEA, and Asia-Pacific – are committed to respecting your privacy and recognise the need for appropriate protection and management of any Personal Data that you may provide us.
This Privacy Statement explains our practices with respect to Personal Data we collect and process in connection with your relationship with us. This includes Personal Data we collect:
- through our website;
- when you interact with us through social media;
- through business relationships that you or your organisation maintains with us;
- when you request marketing or promotional material from us; or
- through your employment relationship with us.
We encourage you to review this Privacy Statement to understand how we collect, process, use, share and safeguard your Personal Data. If you have any questions, comments or complaints about our practices, please contact us as outlined in the section How to Contact Us or Submit a Request at the end of this Privacy Statement.
- What is Personal Data?
- Personal Data We Collect
- How We Use Your Personal Data
- Disclosure of Your Personal Data to Third Parties
- Notice of Joint Controller for xScale Customers
- Cross-Border Transfer of Your Personal Data
- Legal Bases for Processing Your Personal Data
- How We Protect Your Personal Data
- How Long We Retain Your Personal Data
- Changes to this Privacy Statement
- Cookies and Other Tracking Technologies
- Your Rights
- Non-Discrimination and Non-Retaliation
- Your Choices
- Disclosure of Your Personal Data for Marketing
- Other Important Information About Personal Information and the Services
- How to Contact Us or Submit a Request
What is Personal Data?
Personal Data is any information that enables us to identify you and that is related to an identified or identifiable natural person (also known as a 'Data Subject'), such as a name, an identification number, location data or an online identifier. In some jurisdictions (e.g. Switzerland), data protection and privacy laws also apply to identified or identifiable legal persons.
Personal Data We Collect
We may collect Personal Data from you and about you from a variety of sources. We strive to only collect Personal Data that is adequate, relevant and limited to achieve the purpose(s) for which it was collected. In addition, we strive to keep all Personal Data accurate, complete and reliable for its intended need, and we only retain your Personal Data for as long as necessary to achieve the purpose(s) for which it was collected, as explained more fully in the section How Long We Retain Your Personal Data. Finally, we may, from time to time, provide you with supplemental information at the time we collect your Personal Data to address unique or situational collection needs.
Examples of the ways in which we collect your Personal Data include:
- Information You Share with Us. We collect Personal Data when you provide it to us directly, such as through our business interactions with you; when you visit one of our office locations or IBX Data Centres; when you provide it to us throughout an employment or pre-employment relationship; when you respond to a survey that we sent you; or when you interact with us on our website, our online customer portals, or through social media.
For example, if you visit one of our office locations, we may ask that you provide us your first and last name, business association and email address in order to identify you as a visitor. Likewise, when you visit one of our IBX Data Centres, we may require you to provide us your first and last name, business association, job title or position, telephone number, email address, photo and certain biometric information, such as a hand scan or other biometric-assessment technology developed in the future that Equinix may adopt.
Likewise, if you contact us with questions, requests or complaints, we may collect Personal Data sufficient to answer your questions, address your requests and/or handle your complaints. We may also require you to provide Personal Data to authenticate your identity in order to answer your questions, address your requests and/or handle your complaints.
- Information Collected through a Representative. We collect Personal Data when a representative from an organization or company with which you are associated provides it to us directly, such as through the provision of access credentials to our customer portals.
Equinix provides several online accounts for its customers to provide a variety of services. These online accounts include the customer portals such as the Equinix Customer Portal, the Equinix Marketplace Portal, and the Equinix Fabric Portal (not an exhaustive list; collectively, the “Equinix Portals”, “Customer Portal(s)” or “Portal(s)”). Each Portal requires individualized access credentials in order to log in, which are provisioned based on your first and last name, email address, business telephone number, and the company or organization with which you are associated. We also use automated technologies to improve your experience of the Portals (see ‘Information Collected Automatically’ below).
For example, the Equinix Customer Portal allows registered Equinix customers to purchase additional Equinix Licensed Space and Services (as defined within relevant agreements with us) and to gain access to relevant information about the customer’s business relationship with Equinix. If you are associated with an Equinix customer that has access to the Equinix Customer Portal, a representative from your organization may provide us with your first and last name, business telephone number, and email address in order for us to provide you access credentials.
- Information Collected Automatically. We collect Personal Data automatically when you visit our website through logging and analytics tools, cookies and as a result of your use of and access to our Portals. More information about cookies and similar technologies used in our websites (including our Portals) can be found in the section “Cookies and Other Tracking Technologies” below.
When you browse our website or use our online services, we utilize commonly-used logging and analytics tools, such as Google Analytics, to collect information about your device, the network used to access our online services, and information about your use of our online services (such as how you navigate and move around our website).
We also use certain technologies on our website, such as cookies, that allow us, our service providers, and other third parties to store information locally on your device, identify your device, and track your interactions and activity on our website.
Personal Data that we automatically collect may include the software and hardware attributes of the device you use to access our website and online services (such as our online employee or customer portals); unique device identification information; regional and language settings; performance data about our website and online services; network provider; and IP address (a number assigned to your device when you use the Internet).
Location Information: If you permit us to access information about your location (including global positioning system or general location information derived from the network you use to access the Services), we collect the precise or general location information provided by your device to appropriately tailor certain regional settings, such as preferred language.
Please see our Cookie Notice for more information about cookies and other web tracking technologies that we utilize; for information about how you can reject, delete, or prevent cookies from being placed on your system or device; and how you can opt out of, limit, or prevent certain web tracking technologies from collecting information about you.
- Information Obtained from Third Parties. We collect Personal Data from third-party sources, including our service providers, such as Google Analytics and Google Adwords, Demandbase, Marketo and Techtarget; through your interactions with us on social media; through industry, marketing or trade associations events; and through database providers, public agencies or credit bureaus.
For example, if you attend an industry conference and allow the association to publish your Personal Data, we may collect information, such as your name, the business with which you are associated, your job title or position and your email address. Likewise, if you apply for employment with us, we may perform certain diligence efforts that include collecting your Personal Data from public agencies and/or credit bureaus.
In addition, if you choose to interact with us or our partners on social media by posting to our pages, tagging us (or using certain hashtags or other identifiers) in posts or participating in activities, we may collect Personal Data from the social media account you use to interact with us, including the name associated with the account, the account handle, recent activity, the content of any posts in which we are tagged and other information that may be contained on your social media profile to allow us to respond to the posts and understand and engage with our audience.
You have choices about certain information we collect. When you are asked to provide your Personal Data, you may decline to do so; but if you choose not to provide your Personal Data that is necessary for us to provide any aspect of our services, you may not be able to use those services.
Moreover, to the extent that Personal Data you share with us is not your own (because, for example, you are a representative of an Equinix customer), you warrant that you have the right to provide such Personal Data, and you and the business with which you are associated shall be fully responsible for any liability arising from any such use of Personal Data, including indemnifying Equinix from any such liability. If you share Personal Data with us that is not your own, you agree to inform your agents, employees or any authorised personnel (e.g. contractors, partners or authorised third parties) (i) that their Personal Data may be processed by us; and (ii) of their rights regarding the processing of their Personal Data in accordance with this Privacy Statement and applicable data privacy and protection law.
Finally, we may collect data that is not identifiable to you or otherwise associated with you, such as aggregated data, which is not Personal Data. To the extent this data is stored or associated with your Personal Data, we will treat it as Personal Data; otherwise, it is not subject to this Privacy Statement.
How We Use Your Personal Data
We may use your Personal Data for one or more of the following business purposes:
- to provide you or the business with which you are associated with certain personalised services, including negotiation, execution and management of customer contracts, as well as access to and use of our IBX Data Centers, our intranet, and our Portals, such as the Equinix Customer Portal, the Equinix Marketplace, and the Equinix Fabric Portal;
- to support our internal activities, such as marketing, product and service development, dissemination of investor information and recruiting;
- to support our relationship with you and the business with which you are associated, including customer or technical support services, and accounting and billing services;
- to support certain internal processes to ensure protection of property and interests for both Equinix and its customers, including fraud detection, internal auditing, supporting internal and external investigations, and conducting security assessments;
- to inform you or the business with which you are associated of our products and services, and provide you with our latest information and news about us;
- to enable you to contact us, and for us to respond to you;
- to carry out, from time to time, certain satisfaction surveys about us; and
- to analyse the use of our website or our online services (such as our Portals and our customer service) by you in order to develop and enhance the services we may provide to you and the business with which you are associated.
In addition to the uses outlined above, you may also upload additional Personal Data to certain Equinix Portals, such as a photograph of yourself or other representatives from your organisation. This feature is completely voluntary, and Equinix will only use that Personal Data in connection with the purpose for which it was collected.
Disclosure of Your Personal Data to Third Parties
We will not disclose your Personal Data to any third party except as follows:
- We may share your Personal Data with our affiliated companies.
- We may share your Personal Data with third parties when you ask us to do so (such as when you make a request for data portability).
- We may share your Personal Data with our contracted service providers, suppliers and third-party processors, such as third-party marketing service providers acting on our behalf and under our instructions. These providers are authorised to use your Personal Data only as necessary to provide us with their services.
We do not sell your Personal Data to any third parties, whether for monetary or other valuable consideration, and have not done so in the prior 12 months. If we disclose your Personal Data as outlined above, we do so to facilitate the relevant services or our employment relationship with you and not for direct renumeration. Where we engage any service provider that will require access to and use of Personal Data to provide certain services for and under the instructions of Equinix, we take reasonable steps to ensure such service provider complies with applicable data protection and privacy laws.
Finally, we reserve the right to disclose your Personal Data if required to do so by law, in the good faith belief that such action is reasonably necessary to comply with applicable law, or to protect the rights, property or safety of Equinix, its employees, customers or the public.
Notice of Joint Controller for xScale Customers
If you are an xScale customer or contractor, the details of the Equinix legal entity ('Equinix Services') and our partner (and its subsidiaries) ('Hyperscale Entities') that are jointly responsible for the processing of Personal Data described in this notice will be set out in your customer or vendor contract. References to 'Equinix' in this notice should be read as if they were references to Equinix Services and each Hyperscale Entity, and references to 'premises' should be read as if they were references to xScale data centres. Equinix Services and each Hyperscale Entity is responsible for complying with its respective obligations under applicable data protection laws, ensuring the lawful transfer of your Personal Data and fulfilling any request you may make in respect of your Personal Data. We recommend that you direct any request to the Equinix Privacy Office at PrivacyOffice@equinix.com. However, you may make such request to Equinix Services or to any Hyperscale Entity, regardless of which entity is processing your personal data.
Cross-Border Transfer of Your Personal Data
Considering the global reach of our business, we may transfer your Personal Data between our affiliated companies in the Americas, EMEA, and Asia-Pacific regions, including locations where the data privacy legislation may differ from that in your country or jurisdiction. In addition, we may transfer your Personal Data to certain contracted service providers, as outlined in the section Disclosure of Your Personal Data to Third Parties, to a region where the data privacy legislation may differ from that in your country or jurisdiction.
However, we have in place appropriate transfer legitimisation measures to ensure the validity of Personal Data transfers to countries in which there is not a similar level of protection as required under applicable data protection laws. Those transfer legitimisation measures include the implementation of Binding Corporate Rules (enacted October 2019), as defined under European Union regulations, and entry into appropriate inter-company data transfer agreements based on the European Standard Contractual Clauses.
Legal Bases for Processing Your Personal Data
We process your Personal Data for, or based on, one or more of the following legal bases:
- Your Consent. When you opt-in to receive our marketing and promotional materials, we process your Personal Data to send messages to you about us and the products and services we offer. You can withdraw your consent at any time.
- Performance of a Contract. We may use your Personal Data to enter into, or perform under, the agreement between us and you or the business with which you are associated.
- Legitimate Interests. We may use your Personal Data for our legitimate interests, including improving our services; providing information about our products and/or services; preventing and detecting fraud; ensuring network and information security; and for administrative and legal compliance purposes.
- Compliance with Legal Obligations and Protection of Individuals. We may use your Personal Data to comply with the law and our legal obligations, as well as to protect you and other individuals from certain harms.
How We Protect Your Personal Data
We employ reasonable and appropriate physical, technical and organisational safeguards designed to promote the security of our systems and protect the confidentiality, integrity, availability and resilience of your Personal Data. Those safeguards include: (i) the encryption of personal information where we deem appropriate; (ii) the deployment of technical safeguards; (ii) taking steps to ensure Personal Data is backed up and remains available in the event of a security incident; and (iii) periodic testing, assessment and evaluation of the effectiveness of our safeguards.
However, no method of safeguarding information is completely secure. While we use measures designed to protect your Personal Data, we, unfortunately, cannot guarantee that our safeguards will be effective or sufficient. In addition, you should be aware that internet data transmission is not always secure, and we cannot warrant that information you transmit to us is or will be secure.
How Long We Retain Your Personal Data
We retain your Personal Data for only as long as necessary to carry out the processing activities described in this Privacy Statement, including but not limited to: (i) to provide services to you or to the business with which you are associated; (ii) to enter into or perform contracts with you or with the business with which you are associated; (iii) to comply with applicable laws, regulations, rules, and requests of relevant law enforcement and/or other governmental agencies; and (4) to protect our rights, property or safety, and the rights, property and safety of our customers, users and other third parties.
For Equinix customers, upon the expiry or earlier termination of the business relationships, we will archive Personal Data to preserve evidence and/or fulfil retention requirements under applicable laws or regulations. At the end of such archiving period (namely at the expiry of applicable statutes of limitation and/or minimum record retention requirements), we will delete the Personal Data from our systems and records.
Changes to this Privacy Statement
We reserve the right to change the terms of this Privacy Statement at any time. If we do make changes, though, we will take steps to indicate that the Privacy Statement has been updated on this website.
Cookies and Other Tracking Technologies
When you first navigate to an Equinix website, you will be given the opportunity to consent to certain cookies used by us, based on the purposes for which those cookies are used. Please note that some cookies – known as ‘strictly necessary’ cookies – are essential in order for the website to function properly, and it is not possible to refuse these cookies.
You can also set most browsers to notify you if you receive a cookie or you may choose to block cookies with your browser. Please know, though, that if you choose to delete or block your cookies, you will lose the ability to save certain preferences, such as your username and password. If you delete or block your cookies, you will, for example, need to re-enter your log-in credentials to gain access to certain parts of our website upon each visit.
Depending on applicable data protection and privacy laws, you may be entitled to a variety of legal rights regarding the collection and processing of your Personal Data. You may exercise these rights, to the extent they apply to you, by contacting us as outlined in the section How to Contact Us or Submit a Request at the end of this Privacy Statement or by following instructions provided in communications sent to you.
Note, however, that we may request certain reasonable additional information (that may include Personal Data) to help us authenticate your identity, your request and/or to clarify or understand the scope of such requests.
These rights vary depending on the particular laws of the jurisdiction applicable to you, but may include:
- the right to know whether, and for what purposes, we process Personal Data;
- the right to be informed about the Personal Data we collect and/or process about you;
- the right to learn the source of the Personal Data about you that we process;
- the right to access, modify, or correct Personal Data about you;
- the right to know with whom we have shared your Personal Data, for what purpose, and what Personal Data has been shared;
- where processing of Personal Data is based on consent, the right to withdraw your consent to such processing;
- the right to object to decisions based on profiling or automated decision-making that produce legal or similarly significant effects on you;
- the right to request restriction of processing of your Personal Data or to object to processing of your Personal Data carried out pursuant to (i) our legitimate interest or (ii) performance of a task in the public interest (including, but not limited to, processing for direct marketing purposes);
- in certain circumstances, the right to data portability, which means that you can request that we provide certain Personal Data we hold about you in a machine-readable format;
- in certain circumstances, the right to erasure and/or the right to be forgotten, which means that you can request deletion or removal of certain Personal Data we process about you;
- the right to opt-out of the sale of your Personal Data (please note, though, that we do not sell your Personal Data); and
- the right to lodge a complaint with a regulator, including relevant supervisory authorities, located in the jurisdiction of your residence, place of work or where an alleged violation of law occurred.
Where required by applicable law, we will respond to a valid request relating to your rights within one month of receipt, or within three months where a request is complex or challenging.
Non-Discrimination and Non-Retaliation
We respect your rights, and we will never discriminate or retaliate against you or the business with which you are associated as a result of your exercise any right outlined in this Privacy Statement or afforded to you under applicable law.
You have choices about how we communicate with you and how we process certain Personal Data about you.
- Communications Opt-Out. You may opt out of receiving marketing or other communications from us at any time by following this opt-out link or other unsubscribe instructions provided in any email that you receive from us, or by contacting us as outlined in the section How to Contact Us or Submit a Request at the end of this Privacy Statement.
- Cookies and Web Tracking. Consult our Cookie Notice for more information about how to control and/or opt out of certain cookies and web tracking technologies.
Disclosure of Your Personal Data for Marketing
If you are a California resident, you have the right to request and obtain from us a list of what personal information we have disclosed to third parties for their own direct marketing purposes in the preceding calendar year, but please note that we do not disclose your Personal Data, protected under the law, to third parties for their own direct marketing purposes.
Other Important Information About Personal Data
- Collection of Personal Information from Minors. We do not knowingly collect Personal Data from children under the age of 16. By using our services, you represent that you are 18 years of age or older.
- Third-Party Websites and Services. As a convenience, we may reference or provide links to third-party websites and services, including those of unaffiliated third parties, our affiliated companies, service providers and third parties with which we do business. When you access these third-party services, you leave our website, and we are not responsible for, and do not control, the content, security or privacy practices employed by any third-party websites and services. This Privacy Statement does not apply to any third-party services; please refer to the privacy notices or policies for such third parties for information about how they collect, use and process your Personal Data.
- Business Transfer. We may, in the future, sell or otherwise transfer some or all of our business, operations, or assets to a third party, whether by merger, acquisition or otherwise. We may disclose Personal Data we obtain from or about you to any potential or actual third-party acquirers, and it and may be among the assets transferred.
How to Contact Us or Submit a Request
To facilitate our compliance with applicable data privacy and protection laws, such as the EU’s General Data Protection Regulation or the California Consumer Privacy Act, and to ensure strong and consistent support for our privacy practices within Equinix globally, we have established a Privacy Office to manage privacy compliance for Equinix and to coordinate support for our customers on privacy matters.
If you have any query or complaint about this Privacy Statement or our privacy practices, or if you wish to exercise any of your rights, you may contact us at any time using the following contact information:
If you are located in the European Union or European Economic Area, and you wish to raise a concern regarding our privacy practices, you have the right to do so with your local supervisory authority or with our lead supervisory authority, the Information Commissioner’s Office in the UK (ICO), via its website https://ico.org.uk.