Privacy and Trust
Arm believes that privacy is fundamental to fostering trust. Arm is committed to building trust with our partners and providing products and services that help ensure your data is protected.
Transparency is a key privacy principle and critical to fostering a relationship with our partners based on trust. This Trust Center is a collaboration between our security and privacy teams to provide more visibility into our approach to security and privacy.
The global privacy statement also has the customer data processing and DSAR information, CCPA as well as the transparency statement.
Arm’s Principles for Government Requests for Customer Data
Published: Nov 3, 2020
About these principles
Arm may on occasion receive a request from a government agency or law enforcement authority seeking access to data belonging to a customer. This document explains the principles that Arm follows if we receive such a request. Our goal is always to protect our customers’ data, while complying with applicable laws.
Trust is our #1 value
At Arm, trust is our number one value. The protection of our customers’ data is paramount, and we safeguard that data with robust, comprehensive, and transparent privacy and security programs. Our privacy and security programs are designed to protect our customers' privacy and protect data submitted by or for our customers to our, including personal data, against unauthorized access or disclosure.
We notify an affected customer of any request for its Customer Data unless we are explicitly prohibited from doing so by law
Trust starts with transparency. Unless prohibited by law, Arm always notifies a customer when it receives a request for that customer’s customer data, including a government request, as further set out in the “Compelled Disclosure” section of our Master Subscription Agreement.
Where possible, we refer the requesting government agency to the affected customer
We believe our customers should have as much control as possible over their respective customer data. Arm is not the owner of customer data, and we strongly believe that any governmental agency seeking access to customer data should address its request directly with that customer where possible. Accordingly, if we receive a government request for customer data, if permitted by law, we try to refer the request to the affected customer so that the customer can work with the governmental agency directly to respond.
We do not disclose Customer Data to government agencies unless compelled by law and we challenge unlawful requests
We review each government request for customer data on a case-by-case basis and only comply if and to the extent we determine the request is lawful. When reviewing the lawfulness of a government request, we consider all applicable laws, including the laws of other jurisdictions, where applicable. We require governmental agencies to follow the required legal process under applicable laws, such as issuing their request via a subpoena, court order, or search warrant. Where we believe a government request for customer data is invalid or unlawful, we try to challenge it.