Privacy Notice
Last Updated: September 22, 2023
To see prior version, click here.
This Privacy Notice describes how we collect and use your personal information in relation to AWS websites, applications, products, services, events, and experiences that reference this Privacy Notice (together, “AWS Offerings”).
This Privacy Notice does not apply to the “content” processed, stored, or hosted by our customers using AWS Offerings in connection with an AWS account. See the agreement governing your access to your AWS account and the AWS Data Privacy FAQ for more information about how we handle content and how our customers can control their content through AWS Offerings. This Privacy Notice also does not apply to any products, services, websites, or content that are offered by third parties or have their own privacy notice.
- Personal Information We Collect
- How We Use Personal Information
- Cookies
- How We Share Personal Information
- Location of Personal Information
- How We Secure Information
- Access and Choice
- Children’s Personal Information
- Third Party Sites and Services
- Retention of Personal Information
- Contacts, Notices, and Revisions
- EU-US and Swiss-US Data Privacy Framework
- Additional Information for Certain Jurisdictions
- Examples of Information Collected
Personal Information We Collect
We collect your personal information in the course of providing AWS Offerings to you.
Here are the types of information we gather:
- Information You Give Us: We collect any information you provide in relation to AWS Offerings. Click here to see examples of information you give us.
- Automatic Information: We automatically collect certain types of information when you interact with AWS Offerings. Click here to see examples of information we collect automatically.
- Information from Other Sources: We might collect information about you from other sources, including service providers, partners, and publicly available sources. Click here to see examples of information we collect from other sources.
How We Use Personal Information
We use your personal information to operate, provide, and improve AWS Offerings. Our purposes for using personal information include:
- Provide AWS Offerings: We use your personal information to provide and deliver AWS Offerings and process transactions related to AWS Offerings, including registrations, subscriptions, purchases, and payments.
- Measure, Support, and Improve AWS Offerings: We use your personal information to measure use of, analyze performance of, fix errors in, provide support for, improve, and develop AWS Offerings.
- Recommendations and Personalization: We use your personal information to recommend AWS Offerings that might be of interest to you, identify your preferences, and personalize your experience with AWS Offerings.
- Comply with Legal Obligations: In certain cases, we have a legal obligation to collect, use, or retain your personal information. For example, we collect bank account information from AWS Marketplace sellers for identity verification.
- Communicate with You: We use your personal information to communicate with you in relation to AWS Offerings via different channels (e.g., by phone, email, chat) and to respond to your requests.
- Marketing: We use your personal information to market and promote AWS Offerings.
- Fraud and Abuse Prevention and Credit Risks: We use your personal information to prevent and detect fraud and abuse in order to protect the security of our customers, AWS, and others. We may also use scoring methods to assess and manage credit risks.
- Purposes for Which We Seek Your Consent: We may also ask for your consent to use your personal information for a specific purpose that we communicate to you.
Cookies
To enable our systems to recognize your browser or device and to provide, market, and improve AWS Offerings, we and approved third parties use cookies and other identifiers. For more information about cookies and how we use them, please read our Cookie Notice.
How We Share Personal Information
Information about our customers is an important part of our business and we are not in the business of selling our customers’ personal information to others. We share personal information only as described below and with Amazon.com, Inc. and the affiliates that Amazon.com, Inc. controls that are either subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice.
- Transactions Involving Third Parties: We make available to you services, software, and content provided by third parties for use on or through AWS Offerings. You can tell when a third party is involved in your transactions, and we share information related to those transactions with that third party. For example, you can order services, software, and content from sellers using the AWS Marketplace and we provide those sellers information to facilitate your subscription, purchases, or support.
- Third-Party Service Providers: We employ other companies and individuals to perform functions on our behalf. Examples include: delivering AWS hardware, sending communications, processing payments, assessing credit and compliance risks, analyzing data, providing marketing and sales assistance (including advertising and event management), conducting customer relationship management, and providing training. These third-party service providers have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Notice and as permitted by applicable data protection law.
- Business Transfers: As we continue to develop our business, we might sell or buy businesses or services. In such transactions, personal information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the individual consents otherwise). Also, in the unlikely event that AWS or substantially all of its assets are acquired, your information will of course be one of the transferred assets.
- Protection of Us and Others: We release account and other personal information when we believe release is appropriate to comply with the law, enforce or apply our terms and other agreements, or protect the rights, property, or security of AWS, our customers, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.
- At Your Option: Other than as set out above, you will receive notice when personal information about you might be shared with third parties, and you will have an opportunity to choose not to share the information.
Location of Personal Information
Amazon Web Services, Inc. is located in the United States, and our affiliated companies are located throughout the world. Depending on the scope of your interactions with AWS Offerings, your personal information may be stored in or accessed from multiple countries, including the United States. Whenever we transfer personal information to other jurisdictions, we will ensure that the information is transferred in accordance with this Privacy Notice and as permitted by applicable data protection laws.
How We Secure Information
At AWS, security is our highest priority. We design our systems with your security and privacy in mind.
- We maintain a wide variety of compliance programs that validate our security controls. Click here to learn more about our compliance programs.
- We protect the security of your information during transmission to or from AWS websites, applications, products, or services by using encryption protocols and software.
- We follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.
- We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of personal information. Our security procedures mean that we may request proof of identity before we disclose personal information to you.
Access and Choice
You can view, update, and delete certain information about your account and your interactions with AWS Offerings. Click here for a list of examples of information that you can access. If you cannot access or update your information yourself, you can always contact us for assistance.
You have choices about the collection and use of your personal information. Many AWS Offerings include settings that provide you with options as to how your information is being used. You can choose not to provide certain information, but then you might not be able to take advantage of certain AWS Offerings.
- Account Information: If you want to add, update, or delete information related to your account, please go to the AWS Management Console. When you update or delete any information, we usually keep a copy of the prior version for our records.
- Communications: If you do not want to receive promotional messages from us, please unsubscribe or adjust your communication preferences in the AWS Management Console or the AWS Email Preference Center. If you do not want to receive in-app notifications from us, please adjust your notification settings in the app or your device.
- Cookies Preferences: You can change your cookie preferences on AWS sites at any time by clicking Cookie Preferences in the footer of the AWS site. You can also manage cookies through your browser settings. The "Help" feature on most browsers and devices will tell you how to remove cookies from your device, how to prevent your browser or device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.
- Sellers and Amazon Partners: Sellers and Amazon Partner Network members can add, update, or delete information in the AWS Marketplace and APN Partner Central, respectively.
Children’s Personal Information
We don’t provide AWS Offerings for purchase by children. If you’re under 18, you may use AWS Offerings only with the involvement of a parent or guardian.
Third Party Sites and Services
AWS Offerings may embed content provided by others or include links to other websites and applications. These companies may collect information about you when you interact with their content or services. We are not responsible for the practices of these companies. Please consult their privacy policies to learn about their data practices.
Retention of Personal Information
We keep your personal information to enable your continued use of AWS Offerings, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you. How long we retain specific personal information varies depending on the purpose for its use, and we will delete your personal information in accordance with applicable law.
Contacts, Notices, and Revisions
If you have any concerns about privacy at AWS, please contact us with a thorough description, and we will try to resolve the issue for you.
For any prospective or current customers of Amazon Web Services, Inc., our mailing address is: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, ATTN: AWS Legal
Contact details for specific jurisdictions including the European Economic Area, the UK and Switzerland, can be found in “Additional Information for Certain Jurisdictions” below.
If you interact with AWS Offerings on behalf of or through your organization, then your personal information may also be subject to your organization’s privacy practices, and you should direct privacy inquiries to your organization.
Our business changes constantly, and our Privacy Notice may also change. You should check our website frequently to see recent changes. You can see the date on which the latest version of this Privacy Notice was posted. Unless stated otherwise, our current Privacy Notice applies to all personal information we have about you and your account. We stand behind the promises we make, however, and will never materially change our policies and practices to make them less protective of personal information collected in the past without informing affected customers and giving them a choice.
EU-US and Swiss-US Data Privacy Framework
Amazon Web Services, Inc. participates in the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework*. Click here to learn more.
*We will not rely on the Swiss-US Data Privacy Framework or the UK Extension to the EU-US Data Privacy Framework until they enter into force, but we adhere to their required commitments in anticipation of their doing so.
Additional Information for Certain Jurisdictions
We provide additional information about our controllers and data protection officers (as applicable), the privacy, collection, and use of personal information of prospective and current customers of AWS Offerings located in certain jurisdictions.
-
Brazil
Controller of Personal Information. When Amazon AWS Serviços Brasil Ltda. is the provider of an AWS Offering, Amazon AWS Serviços Brasil Ltda., A. Presidente Juscelino Kubitschek, 2.041, Torre E - 18th and 19th Floors, Vila Nova Conceicao, Sao Paulo, is the data controller of personal information collected or processed through the AWS Offering. The data protection officer for Amazon AWS Serviços Brasil Ltda. can be contacted at aws-brasil-privacy@amazon.com.
Processing. We process your personal information on one or more of the following legal bases:
- as necessary to enter into a contract with you or a legal entity you represent, to perform our contractual obligations, to provide AWS Offerings, to respond to requests from you, or to provide customer support;
- where we have a legitimate interest, as described in this Privacy Notice (see How We Use Personal Information above);
- as necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
- with your consent.
Your Rights. Subject to applicable law, you have the right to:
- ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
- request us to restrict the processing of personal information where the processing is inappropriate;
- object to the processing of personal information;
- request portability of personal information that you have provided to us (which does not include information derived from the collected information), where the processing of such personal information is based on consent or a contract with you and is carried out by automated means; and
- request information about the possibility of refusing consent and the consequences of doing so.
If you wish to do any of these things and you are an AWS customer, please contact us here. If you are not an AWS customer, please contact us here or at the address under Controller of Personal Information above.
You can also file a complaint with Brazil’s National Data Protection Authority (ANPD) through its official channels.
When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
Transfers outside of Brazil. When we transfer your personal information outside Brazil, we do so in accordance with the terms of this Privacy Notice and applicable data protection law.
-
Canada
Your Rights. Subject to applicable law, you have the right to:
- ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements; and
- lodge a complaint with us regarding our practices related to your personal information.
If you wish to do any of these things and you are an AWS customer, please contact us. If you are not an AWS customer, please contact us here or by mail at 120 Bremner Blvd, 26th Floor, Toronto, Ontario, M5J 0A8, Canada, ATTN: AWS Canada Legal. Further, the Amazon Web Services Canada, Inc. Privacy Officer can be contacted at aws-canada-privacy@amazon.com or by mail at the address noted above.
When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
-
Costa Rica
Your Rights. With respect to data collected and processed by Amazon Web Services Costa Rica (“AWS Costa Rica”), you have the rights of access, rectification, erasure, restriction, or complaint. When you consent to AWS Costa Rica processing your personal information for a specified purpose, you may withdraw your consent at any time and AWS Costa Rica will stop any further processing of your data for that purpose.
If you wish to do any of these things and you are an AWS customer, please contact us. If you are not an AWS customer, please contact us at Zona Franca America, Edificio C7. 600 norte de Plaza Real Cariari, sobre la paralela a la Autopista General Cañas. San Francisco de Heredia, Costa Rica.
-
European Economic Area, UK, and Switzerland
Controller of Personal Information. When Amazon Web Services EMEA SARL is the provider of an AWS Offering, Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg, is the data controller of personal information collected or processed through the AWS Offering.
Amazon Web Services EMEA SARL is also the authorized representative of Amazon Web Services, Inc. in the EEA.
Processing. We process your personal information on one or more of the following legal bases:
- as necessary to enter into a contract with you or a legal entity you represent, to perform our contractual obligations, to provide AWS Offerings, to respond to requests from you, or to provide customer support;
- where we have a legitimate interest, as described in this Privacy Notice (see How We Use Personal Information above);
- as necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
- with your consent.
Information We Retain After Your Account is Closed.
- If you decide to terminate your agreement and close your AWS account, we will retain your content for a period of up to 90 days after account closure, during which you may still access part of the AWS Management Console in order to retrieve your billing documents and to contact customer support. During this period, you may also decide to reopen your AWS account. At the end of this period, we will delete any content remaining in your account.
- After account closure, we may need to keep certain information for an additional period of time for legal and legitimate business purposes. For example, we may retain personal information such as your contact information (e.g., name, email address, physical address) and any invoices that AWS has sent to you (e.g., record of purchases, applicable discounts, and tax information) for tax and accounting purposes. If applicable, AWS may also retain records of communications with you, as well as relevant logs (e.g., a log of your account closure) for dispute resolution purposes. We further may keep records for preventing fraud and ensuring security, for example in case of misuse of our services or violation of our terms.
Your Rights. Subject to applicable law, you have the right to:
- ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
- request us to restrict the processing of personal information where the processing is inappropriate;
- object to the processing of personal information; and
- request portability of personal information that you have provided to us (which does not include information derived from the collected information), where the processing of such personal information is based on consent or a contract with you and is carried out by automated means.
Questions and Contacts. If you wish to do any of these things or have a data-protection related question, and you are an AWS customer, please contact us here. If you are not an AWS customer, please contact us here.
The data protection officer for Amazon Web Services EMEA SARL can be contacted at aws-EU-privacy@amazon.com.
You can also lodge a complaint with our principal supervisory authority, the Commission Nationale pour la Protection des Données in Luxembourg, or with a local authority.
When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
Cookies. Please refer to our Cookie Notice.
Transfers outside of the EEA. When we transfer your personal information outside the EEA we do so in accordance with the terms of this Privacy Notice and applicable data protection law.
- as necessary to enter into a contract with you or a legal entity you represent, to perform our contractual obligations, to provide AWS Offerings, to respond to requests from you, or to provide customer support;
-
India
For any prospective or current customers of Amazon Web Services India Private Limited (formerly known as Amazon Internet Services Private Limited), our mailing address is: Amazon Web Services India Private Limited, Block E, 14th Floor, Unit Nos. 1401 to 1421, International Trade Tower, Nehru Place, New Delhi, Delhi 110019, India, ATTN: AWS India Legal.
-
Japan
Controller of Personal Information
Any personal information provided to or gathered by Amazon Web Services Japan G.K. is controlled primarily by Amazon Web Services Japan G.K., 3-1-1 Kamiosaki, Shinagawa-ku, Tokyo 141-0021 JAPAN. Any personal information collected by Amazon Web Services, Inc. is controlled primarily by Amazon Web Services, Inc.
Use of Personal Information
We jointly use your personal information for such purposes as described in this Privacy Notice with domestic and foreign affiliates that Amazon.com, Inc. controls, including Amazon Web Services, Inc., Amazon Web Services Japan G.K., Amazon Web Services EMEA SARL, and other global entities that either are subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice. Jointly used personal information includes personal information described under “Personal Information We Collect” and “Example of Information Collected” above. Amazon Web Services, Inc. is the business operator primarily responsible for managing jointly used personal information.
We share personal information with third parties only to the extent described under “How We Share Personal Information” above and in accordance with the Act on Protection of Personal Information.
When we share your personal information with third parties outside of Japan, such as sellers of products on AWS Marketplace and sponsors of AWS events, we require the recipients to adopt personal information security measures to protect your personal information.
Please see here for information on the countries where third parties may be located, and the applicable data privacy laws and data protection systems in these countries.
Your Rights
You may have the right to request access to or delete your personal information in accordance with applicable law. If you wish to submit a data subject access request, please contact us (for AWS customers) or contact us at our mailing address, Amazon Web Services Japan G.K., 3-1-1 Kamiosaki, Shinagawa-ku, Tokyo 141-0021 JAPAN, ATTN: AWS Japan Legal (for current or prospective customers of Amazon Web Services Japan G.K. and non-customers in Japan).
-
Malaysia
A Bahasa Malaysia translation of this Privacy Notice can be found here.
-
Nigeria
Controller of Personal Information. With respect to personal information provided to Amazon Web Services Nigeria Limited, located at 3-5 Sinari Daranijo Street, Off Ajose Adeogun, Victoria Island, Lagos, Nigeria (“AWS Nigeria”), AWS Nigeria is the data controller.
Your Rights. Subject to applicable law, you have the right to:
- ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
- request us to restrict the processing of personal information where the processing is inappropriate;
- object to the processing of personal information;
- request portability of personal information that you have provided to us (which does not include information derived from the collected information), where the processing of such personal information is based on consent or a contract with you and is carried out by automated means; and
- request information about the possibility of refusing consent and the consequences of doing so.
If you wish to do any of these things and you are an AWS Nigeria customer, please contact us here. If you are not an AWS customer, please contact us here.
You can also file a complaint with Nigeria’s National Information Technology Development Agency through its official channels.
When you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
-
Peru
Controller of Personal Information. With respect to personal information provided to Amazon Web Services Peru S.R.L., located at Av. Jorge Basadre 349 San Isidro, Lima (“AWS Peru”), AWS Peru is the data controller and the personal data bank holder of the following data banks: customers, prospective customers, and vendors.
Personal Information. Depending on how you engage with AWS Peru, we may process one or more of the following kinds of personal information: name, identity card number, Tax ID, contact information (such as address, telephone, email address), profession, banking and credit card details, and physical or electronic signature. For more information about the personal information that we collect, click here.
Your Rights. Subject to applicable law, you have the right to:
- ask whether we hold personal information about you and request copies of such personal information and information about how it is processed;
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
- request us to restrict the processing of personal information where the processing is inappropriate;
- object to the processing of personal information; and
- exercise any other rights afforded by the Peruvian Personal Data Protection Regulations.
If you wish to do any of these things and you are an AWS Peru customer, please contact us here. If you are not an AWS customer, please contact us here or at the address under Controller of Personal Information above.
You can also file a complaint before the Peruvian National Data Protection Authority through its official channels.
Data Processors and Transfers to Third Parties. We may share your personal information as described in this Privacy Notice and as permitted by the Peruvian Personal Data Protection Regulations, including to Amazon Web Services Inc., located at 410 Terry Avenue North, Seattle, WA 98109-5210, United States of America, for the purposes of providing services and engaging in marketing, business development, and sales efforts with respect to cloud services that Amazon Web Services, Inc. sells globally; and enabling the provision of data hosting, storage, and processing by Amazon Web Services, Inc. as AWS Peru’s data processor.
-
Philippines
With respect to personal information provided to Amazon Web Services Philippines, Inc. (“AWS Philippines”), you may contact the Data Protection Officer (“DPO”) and Data Compliance Officer for Privacy (“COP”) here if you are an AWS Philippines customer. If you are not an AWS customer, you may contact the DPO and COP at 21st floor Arthaland Century Pacific Tower, 5th Avenue 1634 Bonifacio Global City, Taguig, Philippines.
-
South Africa
Controller of Personal Information. With respect to personal information provided to Amazon Web Services South Africa Proprietary Limited, located at Wembley Square 2, 134 Solan Road, Gardens, Cape Town, 8001 (“AWS South Africa”), AWS South Africa is the responsible party.
Your Rights. Subject to applicable law, you have the right to:
- request that inaccurate personal information is corrected;
- request deletion of personal information that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements;
- object, at any time to the processing of your personal information for purposes of direct marketing other than direct marketing by means of unsolicited electronic communications from AWS which is prohibited unless you give consent to receive such direct marketing;
- object, at any time (at which point we will cease processing of your personal information), to the processing of your personal information if you feel the processing of that personal information is not necessary for protection of your legitimate interest/s; proper performance of a public law duty by a public body; or pursuance of the legitimate interests of AWS or of a third party to whom the information is supplied; and
- to submit a complaint to the Information Regulator of South Africa regarding interference with the protection of your personal information.
If you wish to do any of these things and you are an AWS South Africa customer, please contact us here. If you are not an AWS customer, please contact us here or at the address under Controller of Personal Information above.The Information Regulator Contact Details. The Information Regulator of South Africa is located at: JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001. P.O. Box 31533, Braamfontein, Johannesburg, 2017. You may direct general enquiries by email to: enquiries@inforegulator.org.za. You may direct complaints by email to: POPIAComplaints@inforegulator.org.za.
-
South Korea
AWS does not knowingly collect personal information from children under the age of 14 without the consent of the child's parent or guardian.
How We Share Personal Information
AWS may share personal information as described in this Privacy Notice, including with affiliates of Amazon Web Services, Inc.
AWS has contracts in place with the following third party service provider(s) (delegatees) to perform functions on behalf of AWS in Korea, and they may have access to your personal information as needed to perform their functions described below:
Name of Party
Description of Function
BusinessOnCommunication Co., ltd.
Payment invoicing
Marketo
Customer communications
NHN KCP Corp.
Payment instrument processing and invoicing
Paymentech
Payment instrument processing
Salesforce
Customer relationship management
General Agent
Domestic agent
The details of delegation for event management can be found on the relevant event page.
AWS may share your personal information with the following third party service provider(s) outside of Korea as described below:
Name of Party (Contact Information)
Country
Transferred Items
Purpose of Transfer
Date and Method of Transfer
Period of Retention
Marketo
(privacyofficer@marketo.com)United States
Personal information as described in this Privacy Notice
Customer communications
Transmission of data through information network as needed
As disclosed in the Privacy Notice
Salesforce
(privacy@salesforce.com)United States
Personal information as described in this Privacy Notice
Customer Relationship Management
Transmission of data through information network as needed
As disclosed in the Privacy Notice
Paymentech
(+1-800-935-9935)
United States
Personal information as described in this Privacy Notice
Payment Instrument Processing
Transmission of data through information network as needed
As disclosed in the Privacy Notice
Deletion of Personal Information
AWS will delete your personal information (including after closure of your AWS account) as described in this Privacy Notice. When deleting personal information, AWS will take standard commercially reasonable measures to make the personal information practically irrecoverable or irreproducible. The specific manner of deletion will depend on the information being deleted, how the information was collected and stored, and your interactions with us. Electronic documents or files containing personal information will be deleted using a technical method that makes recovery or retrieval of such information practically impossible or renders the data no longer personally identifiable. Non-electronic documents or files containing personal information will be shredded, incinerated, or both.
Retention of Personal Information
AWS Korea keeps your personal information to enable your continued use of AWS Offerings, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as may be required by law (including for tax and accounting purposes as may be required by the Framework Act on National Taxes of Republic of Korea or other laws), or as otherwise communicated to you. How long we retain specific personal information varies depending on the purpose for its use, and we will delete your personal information in accordance with applicable law.
Domestic Agent Information
The information of Domestic Agent based on the Personal Information Protect Act is as follows:
Name and representative: General Agent Co., Ltd. (Representative: Eun Mi Kim)Address: Rm. 1216, 28, Saemunan-ro 5ga-gil Jongno-gu, Seoul
Telephone number: (02) 735 6888Email address: AWS@generalagent.co.krIf you have any privacy questions or requests please contact:AWS Korea PrivacyEmail: aws-korea-privacy@amazon.com
Korean translation of this Privacy Notice can be found here.
-
United States
These additional state-specific privacy disclosures, which serve as a Notice at Collection under the California Privacy Rights Act, are required by the California Consumer Privacy Act, as amended by the California Privacy Rights Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act and are effective as of June 30, 2023:
Categories of personal information collected. The personal information that we may collect, or may have collected from consumers in the preceding twelve months, fall into the following categories established by the California Privacy Rights Act, depending on how you engage with the AWS Offerings:
- Identifiers, such as your name, alias, address, phone numbers, or IP address, your AWS account log-in information, or a government-issued identifier (e.g., a state-issued ID number, which may be required to verify your identity when completing certain AWS certification courses);
- personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as a credit card number or other payment information;
- characteristics of protected classifications under California or US federal law, such as age, race, or gender, for example if we conduct user surveys or analysis;
- commercial information, such as purchase activity;
- internet or other electronic network activity information, including content interaction information, such as content downloads, streams, and playback details;
- biometric information, such as your voice or appearance, for example if you choose to participate in a demonstration of a speech or image recognition service;
- geolocation data, which may in some cases constitute precise geolocation information, such as the location of your device or computer, for example if you enable location services to enhance your experience through event applications we offer;
- audio, visual, electronic or other similar information, including when you communicate with us by phone or otherwise;
- professional or employment-related information, for example data you may provide about your business;
- inference data, such as information about your preferences; and
- education information, such as information about enrollment status, fields of study, or degrees, honors, and awards received.
We collect this information from you, automatically through your interaction with the AWS Offerings, or from third parties. For more information about the personal information we collect, click here. We collect this information for the business and commercial purposes described in the “How We Use Personal Information” section above.
Categories of personal information disclosed for a business purpose. The personal information that we may have disclosed about consumers for a business purpose in the preceding twelve months fall into the following categories established by the California Privacy Rights Act, depending on how you engage with the AWS Offerings:
- Identifiers, such as your name, address, or phone numbers, for example if we use a third-party carrier to deliver AWS hardware, or government identifier, for example if we use a third-party service to verify your identity;
- personal information as described in subdivision (e) of Section 1798.80 of the California Civil Code, such as a credit card number or other payment information, for example if we use a third-party payment processor;
- information that may reveal your age, gender, race, or other protected classifications under California or US federal law, for example if we conduct user surveys or analysis using a third-party service provider;
- commercial information, such as the details of a product or service you purchased if a third-party service provider is assisting to provide that product or service to you;
- Internet or other electronic network activity information, such as if we use a third-party service provider to help us gather reports for analyzing the health of our devices and services;
- biometric information, for example if you choose to participate in a demonstration of certain AWS services facilitated by a third-party service provider;
- geolocation data, which may constitute precise geolocation data, for example if we enable transportation services from a third party in connection with an AWS event;
- audio, visual, electronic or other similar information, for example if a third-party service provider reviews recordings of customer support phone calls for quality assurance purposes;
- professional or employment-related information, for example if we provide information to a third-party service provider for verification or registration as part of the AWS Offerings;
- education information, for example if we facilitate employment or internship recruitment activities for participants in the AWS Educate program; and
- inference data, for example if we use a third-party service provider to store information about your preferences.
For more information about the personal information we may disclose for a business purpose, click here.
Your Data Rights. You may have certain data rights under state privacy laws, including to request information about the collection of your personal information by us, to access your personal information in a portable format, and to correct or delete your personal information. If you wish to do any of these things and you are an AWS customer, please contact us here. If you are not an AWS customer, or you are an authorized agent under applicable state law, please contact us here or at the address under Contacts, Notices, and Revisions above. Additionally, you may have the right to appeal the denial of any of these rights by submitting a form that will be provided to you if we deny a data request. Depending on your data choices, certain services may be limited or unavailable.
To ensure the security of your AWS account, we will generally ask you to verify your request using the contact information you have already provided. If you are an authorized agent making a request on behalf of a consumer pursuant to applicable state law, we may ask you to provide information verifying you have proper authority to make the request on behalf of the consumer or we may ask the consumer to verify their identity with us directly.
No sale or sharing of personal information. We do not sell or share any personal information of consumers, as those terms are defined under the California Privacy Rights Act.
California Privacy Rights Act Sensitive Personal Information Disclosure. The categories of data that we collect and disclose for a business purpose include “sensitive personal information” as defined under the California Privacy Rights Act. We do not use or disclose sensitive personal information for any purpose not expressly permitted by the California Privacy Rights Act.
California Privacy Rights Act Retention Disclosure. We keep your personal information to enable your continued use of AWS Services, for as long as it is required in order to fulfill the relevant purposes described in this AWS Privacy Notice, as permitted or as may be required by law, or as otherwise communicated to you.
California Privacy Rights Act Non-Discrimination Statement. We will not discriminate against any consumer for exercising their rights under the California Privacy Rights Act.
California Privacy Rights Act, Colorado Privacy Act, Connecticut Data Privacy Act, Virginia Consumer Data Protection Act, and Utah Consumer Privacy Act De-identified Data Disclosure. AWS may use de-identified data in some instances. AWS either maintains such data without attempting to re-identify it or treats such data as personal data subject to applicable law.
Colorado Privacy Act Profiling Disclosure. We do not engage in profiling of consumers in furtherance of automated decisions that produce legal or similarly significant effects, as those terms are defined under the Colorado Privacy Act.
- Identifiers, such as your name, alias, address, phone numbers, or IP address, your AWS account log-in information, or a government-issued identifier (e.g., a state-issued ID number, which may be required to verify your identity when completing certain AWS certification courses);
Examples of Information Collected
Information You Give Us
You provide information to us when you:
- search for, subscribe to, or purchase AWS Offerings;
- create or administer your AWS account (and you might have more than one account if you have used more than one email address when using AWS Offerings);
- configure your settings for, provide data access permissions for, or otherwise interact with AWS Offerings;
- register for or attend an AWS event;
- purchase or use content, products, or services from third-party providers through the AWS Marketplace (or other similar venues operated or provided by us);
- offer your content, products, or services on or through AWS Offerings or the AWS Marketplace (or other similar venues operated or provided by us);
- communicate with us by phone, email, or otherwise;
- complete a questionnaire, a support ticket, or other information request forms;
- post on AWS websites or participate in community features; and
- employ notification services.
Depending on your use of AWS Offerings, you might supply us with such information as:
- your name, email address, physical address, phone number, and other similar contact information;
- payment information, including credit card and bank account information;
- information about your location;
- information about your organization and your contacts, such as colleagues or people within your organization;
- usernames, aliases, roles, and other authentication and security credential information;
- content of feedback, testimonials, inquiries, support tickets, and any phone conversations, chat sessions and emails with or to us;
- your image (still, video, and in some cases 3-D), voice, and other identifiers that are personal to you when you attend an AWS event or use certain AWS Offerings;
- information regarding identity, including government-issued identification information;
- corporate and financial information; and
- VAT numbers and other tax identifiers.
Automatic Information
We collect information automatically when you:
- visit, interact with, or use AWS Offerings (including when you use your computer or other device to interact with AWS Offerings);
- download content from us;
- open emails or click on links in emails from us; and
- interact or communicate with us (such as when you attend an AWS event or when you request customer support).
Examples of the information we automatically collect include:
- network and connection information, such as the Internet protocol (IP) address used to connect your computer or other device to the Internet and information about your Internet service provider;
- computer and device information, such as device, application, or browser type and version, browser plug-in type and version, operating system, or time zone setting;
- the location of your device or computer;
- authentication and security credential information;
- content interaction information, such as content downloads, streams, and playback details, including duration and number of simultaneous streams and downloads;
- AWS Offerings metrics, such as offering usage, occurrences of technical errors, diagnostic reports, your settings preferences, backup information, API calls, and other logs;
- the full Uniform Resource Locators (URL) clickstream to, through, and from our website (including date and time) and AWS Offerings, content you viewed or searched for, page response times, download errors, and page interaction information (such as scrolling, clicks, and mouse-overs);
- email addresses and phone numbers used to contact us; and
- identifiers and information contained in cookies (see our Cookie Notice).
Information from Other Sources
Examples of information we receive from other sources include:
- marketing, sales generation, and recruitment information, including your name, email address, physical address, phone number, and other similar contact information;
- subscription, purchase, support, or other information about your interactions with products and services offered by us, our affiliates (such as AWS training courses), or third parties (such as products offered through the AWS Marketplace) in relation to AWS Offerings;
- search results and links, including paid listings (such as Sponsored Links); and
- credit history information from credit bureaus.
Information You Can Access
Examples of information you can access through AWS Offerings include:
- your name, email address, physical address, phone number, and other similar contact information;
- usernames, aliases, roles, and other authentication and security credential information;
- your subscription, purchase, usage, billing, and payment history;
- payment settings, such as payment instrument information and billing preferences;
- tax information;
- email communication and notification settings; and
- if you participate in the AWS Marketplace or Amazon Partner Network (or other similar venues operated or provided by us), your account, your status, subscriptions, and other information.
Customers can access the information above through AWS Offerings, such as the AWS Management Console (including the My Account, Billing Dashboard, Bills, Payment Methods, Payment History, Preferences and Tax Settings pages), the AWS Email Preference Center, AWS Marketplace, and APN Partner Central.