Privacy statement – how we use your personal data
Introduction
BAE Systems, Inc (We, Us and Our) is committed to protecting the privacy and security of any personal data you may submit to Our website. There may be times when We require personal data about you or when you wish to disclose such personal data to Us. This page describes the personal data (meaning any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household) we collect on Our website and how We use it. By using the United States version of Our website www.baesystems.com/en-us/home (the Website), you acknowledge that you have read this privacy policy. Note that if you are a permanent or temporary employee, worker, contractor or other individual who has worked for us, our staff-related privacy practices are described in our separate BAE Systems Staff Privacy Notice. Any changes to how We collect and use this data will be made on this page.
Who We Are
We are BAE Systems Inc. and Our address is 2941 Fairview Park Drive, Falls Church, VA 22042, United States. You may contact bae.privacy@baesystems.com or (888) 374-0123 with any questions about data protection relating to the Website.
We may collect and process the following personal data about you:
We may collect and process details of your visits to the Website including, but not limited to: your IP address; your operating system and browser type; browsing history; search history; information regarding your interaction with our web sites, applications, or advertisements; traffic data; location data; weblogs; and other communication data and the resources that you access in accordance with Our cookie policy. Information may also be voluntarily submitted by you, such as your name, address, telephone number, email address, business information, resume and/or professional information. Some third parties may be able to track you over time and across different web sites. Please note that we do not currently recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” instructions. Additional information for California Residents concerning the types of data that we collect under California law can be found at the end of this document.
In addition to the information that we collect from you directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources.
Except as otherwise permitted or required by applicable law or regulation, We endeavor to retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal information, We consider applicable legal requirements, the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, and the purposes for which We process your personal information.
Registration, Passwords and Security
If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures for one of the registration-only sections of the Website, you are responsible for maintaining the confidentiality of your password and user name for the Website and you are responsible for all activities that are carried out under them. We do not have the means to check the identities of people using the Website and we will not be liable where your password or user name is used by someone else. We have the right to disable any user identification code or password at any time.
You agree to notify Us immediately by email to bae.privacy@baesystems.com of any unauthorized use of your password or user name of which you become aware. We have the right to disable any user identification code or password, whether chosen by you or allocated by Us, at any time, if in Our opinion, you have failed to comply with any of the provisions of these terms or the Terms and Conditions of use of the Website.
Electronic Communications
If you choose to provide Us with personal data over the Internet, you should be aware that data transmission via this medium cannot be guaranteed to be 100% secure. While We will take all reasonable efforts to protect such personal data, you acknowledge that We cannot ensure or warrant the security of any personal data provided by these means and you provide it to Us at your own risk.
How will We use your Personal data
We use personal data about you collected and submitted via the Website to:
- allow you to participate in the registration-only features of the Website and to download relevant brand content, when you choose to do so;
- ensure that content from the Website is presented in the most effective manner for you and for your computer;
- identify businesses, organizations and others who may be candidates to become suppliers in Our supply chain;
- evaluate your job application and consider you for potential roles with Us;
- provide you with information that you request from Us or which We feel may interest you, where you have consented to be contacted for such purposes; and
- notify you about changes to the Website and branding which may be relevant to you.
Will We share your personal data with third parties?
We may disclose your personal data in the following situations:
- Affiliates and Business Transfers. We may share information with Our corporate affiliates (e.g., parent company, subsidiaries, joint ventures, or other companies under common control) in the course of Our normal business operations. If another company acquires, or plans to acquire, Our company, business, or Our assets, We will also share information with that company, including at the negotiation stage;
- Legal or Regulatory Requests and Investigations. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws or regulations. We may also need to share your personal information with tax authorities, courts, regulators, the police and other governmental authorities where We are required or permitted to do so by law.
- Protection of the Company or Others. We may share your information to establish or exercise Our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of Our policies.
- Other Entities. With our service providers, such as IT or recruitment service providers; or
- Other Disclosures with Your Consent. We may ask to share your information with other third parties who are not described elsewhere in this privacy notice.
Data Security
We maintain reasonable physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal data in question. These safeguards are designed to help protect your personal data against loss, unauthorized access or disclosure, modification, or destruction. While We use reasonable efforts to protect your personal data, We cannot guarantee the security of your personal data. In the event that We are required by law to inform you of any privacy or security event relating to your personal data We may notify you electronically, in writing, or by telephone, if permitted to do so by law. To the extent that we use deidentified information, we will not attempt to reidentify the information, except for the sole purpose of determining if its deidentification process is satisfactory.
Your rights in relation to your personal data
Under applicable Data Protection Laws, you may have the right to inquire whether We process your personal information as well as a right to request access to your personal information. If required by law, upon request, We will grant you reasonable access to your personal information. There may be instances where applicable law or regulatory requirements allow or require Us to refuse to provide some or all of the personal information We hold about you.
You may also request that We stop sharing your personal information. If required by law We will grant a request to stop sharing information.
You may also request correction of inaccurate personal information. If required by law, upon request, We will correct your personal information.
You may also request that We delete your personal information. If required by law We will grant a request to delete information, but you should note that in some situations We must keep your personal information to comply with Our legal obligations, resolve disputes, enforce our agreements, or for another one of Our business purposes.
To submit a request, please email Us at bae.privacy@baesystems.com or call (888) 374-0123.
Note that, as required by law, We will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, We will ask for information, such as your name, and possibly other information. We may also ask you to provide a signed and notarized declaration confirming your identity.
In some circumstances, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf. We will require verification that you provided the authorized agent permission to make a request on your behalf. You must provide Us with a copy of the signed permission you have given to the authorized agent to submit the request on your behalf and verify your own identity directly with Us. If you are an authorized agent submitting a request on behalf of an individual you must attach a copy of the following information to the request:
- A completed Authorized Agent Designation Form indicating that you have authorization to act on the consumer’s behalf. For a copy of the form, please email bae.privacy@baesystems.com.
- If you are a business, proof that you are registered with the Secretary of State to conduct business in California.
If We do not receive both pieces of information, the request will be denied
Changes to Privacy Policy
We may change our privacy policy and practices over time and all such changes will take effect once they have been posted on the Website. Therefore, you should review this policy on a regular basis. To the extent that Our policy changes in a material way, the policy that was in place at the time that you submitted personal information to us will generally govern that information unless we receive your consent to the new privacy policy. Our privacy policy includes an “effective” and “last updated” date. The effective date refers to the date that the current version took effect. The last updated date refers to the date that the current version was last substantively modified.
Links to other websites
This privacy statement applies only to personal data collected on the Website. Other websites to which the Website may be linked may or may not contain privacy policies. We have no influence or control over those sites. The use of other sites, or the submission of personal data to them, is at your own risk and is subject to their privacy statements and policies.
Updated January 6, 2026.
Effective January 6, 2026.
California Information Sharing Disclosure
California Civil Code 1798.115(c), 1798.130(a)(5)(c), 1798.130(c), and 1798.140 indicate that companies should disclose whether the following categories of information are collected, transferred for consideration, or transferred for an organization’s “business purpose” as that term is defined under California law. We do not “sell” your “personal information,” as both terms are defined under California privacy law. The following chart describes the information collected on the Website. Note that while a category may be marked that does not necessarily mean that We have information in that category about you. For example, while We collect education and work history of those who apply to work for BAE Systems, We do not collect that from every user who visits our website. If you are a California employee of BAE Systems, you should refer to the disclosures provided in the BAE Systems staff privacy notice, which describes the type of information collected, and shared, in relation to staff. We do not discriminate against California residents who exercise any of their rights described in this Privacy Policy.
|
Categories of Personal Information That We Collect |
Categories of Third Parties to Whom We Disclose Personal Information for Business Purpose |
|---|---|
|
Identifiers – such as name, postal address, phone number, |
|
|
Commercial information – such as information about products |
|
|
Network activity data – internet or other electronic network |
|
| Geolocation data – such as precise physical location. |
|
|
Professional/employment information – such as occupation and professional references. |
|
|
Education information – such as information contained in education records. |
|
|
Inferences – drawn from any of the information listed above to create a profile |
|
We collect the categories of sensitive personal data (as defined under California law) indicated in the chart below. This data is collected to process transactions, comply with laws, manage Our business, or provide services. We do not use such data for any purposes that are not identified within California Civil Code 1798.121. We do not “sell” or “share” sensitive personal data for cross-context behavioral advertising.
|
Categories of Sensitive Personal Information We Collect |
Purposes for which it is collected |
|---|---|
|
Social security, driver’s license, state identification card, or passport number. |
|
|
Account log-in, financial account, debit card, or credit card number in combination |
|
| Precise geolocation. |
|
| Racial or ethnic origin, citizenship, immigration status, religious or philosophic beliefs, or union membership. |
|
|
Biometric information for the purpose of uniquely identifying you |
|
| Contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication |
|
| Genetic data |
|
| Health data |
|