Privacy Notice
Kratos Defense & Security Solutions, Inc. and its subsidiaries (“Kratos,” “we,” or “us”) are committed to your privacy and protecting your personal data. This notice explains what personal data is collected and processed by Kratos. If you have any questions or concerns about the information in this notice, we encourage you to contact us.
Contacting Kratos
Kratos is a data controller of personal data we have collected. There are several different ways that you can contact us. You may contact us by mail or telephone at:
10680 Treena Street, 6th Floor
San Diego, CA 92131
Phone: 858.812.7300
Toll-Free: 866.606.KTOS
You may also contact us directly by completing a form here, or preferably, email us at privacy@kratosdefense.com.
Application Of This Privacy Notice
This notice applies to the processing by Kratos of all personal data of customers, suppliers, vendors, visitors, and other individuals. It does not apply to former, current, or prospective employees. Our privacy notice for job applicants can be found here. If you are a California resident, our CCPA notice can be found here.
The Personal Data We Process And For What Purpose
When you directly interact with Kratos
For responding to inquiries or other communications we will process your name, contact details, and any other personal data you include in your communications.
For health, safety, and security, we may process your name, contact details, company details, and your image through CCTV feeds when you visit our premises. In addition, if you visit one of our premises and connect to our IT network, we will process personal data sent from your device, such as your IP address. Such information is needed to provide you with internet access, to monitor your use of our information and communication systems to ensure compliance with our policies, and to ensure network and information security.
When you visit our website
Like most organizations, we use third-party service providers for analytics, which use cookies and similar technologies to automatically collect information when you visit our website, such as your browser type, operating system, IP address, and the domain name from which you accessed the site. When you access our website using a mobile device, information about the type of mobile device you are using is collected. Information is also collected about how you use our website, such as the date and time you visit the site, the areas or pages of the site that you visit, the amount of time you spend viewing the site, the number of times you return to the site, and other click-stream data.
We collect this information to prevent or combat malicious activities, to understand how visitors are using our website, to optimize our website, and for marketing purposes.
If you do not want Kratos or our third-party service providers to use cookies during your visit to our website, your browser may allow you to disable or block certain cookies. Please refer to the help section of your browser for more information.
When you complete and submit a form on our website, we process the personal data that you included in the form so we can respond to your submission and for marketing purposes.
Kratos’ website is not intended for children and we do not knowingly collect information relating to children. If you believe that we have collected the information about a child under the age of 16, please contact us so that we can delete the information.
When you do business with us
Kratos collects personal data that you or your business provides us in connection with a business relationship between your company and Kratos. We process your contact details such as your address, email address, telephone number, and other business contact information, professional details such as your job title, and other categories of personal data that may be contained in written communications or disclosed orally.
We collect such personal data to assess whether to enter into a contact with your company, to enter into a contract with your company, to perform a contract with your company, to enforce contracts, to communicate with your company, to market to your company, and for internal management purposes.
We may also collect personal data about your from publicly available sources, such as LinkedIn.
In addition to the purposes for collecting personal data described under the three headings above, we may also process your personal data for the following purposes that we consider to be everyday business purposes:
- For legal and regulatory compliance, including all uses and disclosures of personal data required by law or as reasonably needed for compliance with Kratos policies and procedures;
- For audits, including financial, security, and compliance audits, and analysis and reporting;
- To respond to and defend against legal claims; and
- For corporate governance, including mergers, acquisitions, and divestitures.
The Legal Basis For Processing Your Personal Data
We will only collect, process, and share your personal data where we are satisfied that we have an appropriate legal basis to do so. To process your personal data, we may rely on different legal basis, including:
- Your consent (only when legally required or permitted). If we rely on your consent as a legal basis for processing your personal data, you may withdraw your consent at any time;
- To establish a contractual relationship with you and to perform our obligations under such contract;
- To comply with legal obligations and to establish, exercise, and defend our self from legal claims; and
- To pursue a legitimate interest, including:
- Marketing to you or your company;
- Entering into or performing a contract or commencing contractual negotiations as well as communicating with your company;
- Responding to your inquiries or other direct communications with us; and
- Ensuring our networks, information, and premises are secure.
If You Fail to Provide Your Information
Failing to provide your personal data to us when you:
- Directly interact with us may prevent us from being able to respond to your inquiry or other communication.
- Visit our website may prevent the website from performing optimally and may prevent us from contacting you about products you may be interested in.
- Visit one of our facilities, we may prevent you from entering the facility beyond the reception area.
- Or your company has a business relationship with us may prevent us from entering into a contract, performing under the applicable contract, or furthering our business relationship.
Disclosing Your Personal Information
Kratos does not sell, trade, or rent your information to third parties. Nor does Kratos maintain any relationships with any ad server companies, and no advertising appears on our website except our own.
We may share or disclose your personal data with the following types of third parties:
- Kratos companies: Because Kratos subsidiaries often collaborate for purposes of conducting our business, your personal data may be shared between and among Kratos and its subsidiaries or affiliates.
- Data hosting service providers, such as Microsoft SharePoint, to centralize and secure information.
- Customer Relationship Management (CRM) systems: We utilize CRM systems to manage relationships with customers, suppliers, and other business partners.
- Website service providers: Kratos uses third-party services providers to provide analytics, process forms, and gather other information related to your interactions with our website.
- Customers, vendors, suppliers, and other business partners: We may transfer your personal data to our business partners in connection with a contractual or business relationship we have with you, for business opportunities, and for communication purposes.
- IT Security service providers: Your personal data may be processed by IT Security service providers to protect our information, networks, and security.
We will also disclose your information to the extent required by law and to comply with legitimate governmental requests, subpoenas, court orders, and to establish or exercise our legal rights or defend against legal claims.
We will also disclose your information to third parties if we choose to sell, transfer, merge, or otherwise dispossess all or parts of our business or our assets.
Transferring Your Information
We transfer, process, and store information about you on servers located in the United States. We may also disclose or transfer your personal data to other entities within Kratos to fulfill one or more of the purposes described above.
Kratos complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Kratos has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Kratos has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles will govern. To learn more about the Data Privacy Framework (DPF) program, view a listing of our U.S. subsidiaries that also adhere to the Principles, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Kratos complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EU, the UK, or Switzerland, including remaining liable for any onward transfers to third parties that violate the Principles. In compliance with the Principles, Kratos commits to resolve complaints about our collection or use of your personal information as discussed below.
When we transfer personal data to third parties, such third parties will only process your personal data under a contract that provides that such data may only be processed for limited and specified purposes and will provide the same level of protection as required by applicable privacy laws and will notify us if it determines that it can no longer meet this obligation.
The following U.S. subsidiaries of Kratos Defense & Security Solutions, Inc. also comply with the EU-U.S. DPF the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF:
| Kratos S1 |
Kratos S2 |
Kratos Communications |
| Kratos Antenna Solutions Corporation |
Kratos Antenna Solutions International Corporation |
General Microwave Corporation |
| General Microwave Israel Corporation |
Florida Turbine Technologies |
FTT America |
| Gichner Systems International |
Gichner Systems Group |
Consolidated Turbine Specialist |
| Kratos Technology & Training Solutions |
Kratos Unmanned Aerial Systems |
|
Under certain circumstances, Kratos may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Choices You Have About Your Information
When your information is collected in the EEA, the UK, or Switzerland, you have the right to: (1) withdraw consent where you have previously given your consent to the processing of your personal data; (2) request access to, correction, and/or erasure of your personal data; (3) object to our processing of your personal data; (4) request a copy of your personal data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability. You may exercise these rights by reaching out to us through one of the contact methods provided above.
Kratos will offer individuals in the EEA, the UK, or Switzerland the opportunity to choose (by either opt-out or opt-in) if their personal data is (a) to be disclosed to a third party that is not an agent performing tasks for us under our instructions, or (b) to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal Data, Kratos will give individuals the opportunity to affirmatively and explicitly consent (opt-in) to permit Kratos to (a) disclose their sensitive personal data to a third party or (b) use Sensitive Personal Data for a purpose that is not related to or compatible with the purpose for which it was originally collected or subsequently authorized by the individual.
Kratos will provide individuals with reasonable, clear, and conspicuous and readily available mechanisms to exercise these choices. To request to limit the use and disclosure of your personal data, please submit a written request to privacy@kratosdefense.com
Requests, Inquiries, and Complaints
Individuals with requests or inquiries regarding this Notice should first contact Kratos at: privacy@kratosdefense.com.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Kratos commits to resolve DPF Principles-related complaints about our collection and use of your personal data. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact:
Kratos Defense & Security Solutions
Attn: General Counsel
10680 Treena Street, 6th Floor
San Diego, CA 92131
Phone: 858.812.7300
Email: privacy@kratosdefense.com
Phone: 866.606.KTOS
The Federal Trade Commission (FTC) has jurisdiction over Kratos’ compliance with the DPF.
Binding Arbitration
If you are in the EEA, the UK, or Switzerland and have exhausted all other means to resolve your concern regarding a potential violation of Kratos’ obligations under the DPF, under certain circumstances you may seek resolution via binding arbitration subject to the terms of and in accordance with Annex 1 of the DPF Principles: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf.
Kratos has further committed to refer unresolved DPF complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Legitimate Interest and Direct Marketing Objections
For information collected in the EEA, the UK, or Switzerland, you may object to Kratos processing your information where we are relying on a legitimate interest. We will stop processing your information unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims.
You may also object to Kratos processing your information for purposes of direct marketing. Anyone can do this no matter where your information was collected by clicking the “Unsubscribe” link in any automated marketing email or by submitting your request to Kratos through one of the contact methods described above.
Security
Kratos takes reasonable and appropriate organizational and technical security measures to protect your personal information from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in processing and the nature of such data, and comply with applicable laws and regulations.
Personal Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes for which the data was collected. When Kratos determines how long to retain your information, we will consider whether we have an active or potential business relationship with you, whether there are any legal obligations to which we are subject, and whether retention is prudent because of legal considerations (such as statute of limitations, litigation, or other investigations).
Kratos May Modify This Notice
Kratos reserves the right to update this notice at any time, without prior notice, to the extent permitted by applicable law and the DPF. The updated notice will be posted on our website. Any changes will be effective immediately unless otherwise stated.
Effective May 25, 2018
Last modified: August 1, 2024
