Northrop Grumman Online Privacy Notice
Northrop Grumman Website User’s Privacy Notice
Effective March 10, 2025
Last Updated March 10, 2025
This Privacy Notice is a supplement to the Northrop Grumman General Privacy Notice that applies to northropgrumman.com and other Northrop Grumman websites that link to this Notice (“Sites”).
This Notice describes the types of personal information we may collect through your visit to our Sites, how we use the information, with whom we share it and the choices available to individuals regarding our use of the information. We also describe the measures we take to protect the security of the information and how individuals can contact us about our privacy practices. Internal company policies and procedures govern Northrop Grumman’s internal networks and systems and the processing of personal information relating to employees and other authorized Northrop Grumman network users.
This Notice uses certain terms that have the meaning given to them in the California privacy laws.
Information We Collect/Obtain
Through your interaction with Northrop Grumman as a website user/visitor, we may collect the following categories of personal Information about you:
- Log-in Credentials, including username, password, time and date of login
- Unique Personal Identifiers, including device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; other forms of persistent or probabilistic identifiers
- Internet and Other Electronic Network Activity Information, including IP address, browsing history, search history, digital communications with the company, and information regarding your interaction with websites, applications or advertisements
Of the personal information collected, we may collect the following categories of sensitive personal information which may have special protections under the laws of your region:
- Log-in Credentials; (such as username, password, time and date of login)
Information We Collect By Automated Means
When you use our Sites, we may collect certain information by automated means, using technologies including but not limited to cookies, web server logs, web beacons and JavaScript.
Cookies are files that websites send to your computer or other internet-connected device to uniquely identify your browser or to store information or settings on your device. Our Sites may use cookies (such as HTTP and HTML5 cookies) and Flash cookies, as well as other types of local storage (such as browser-based or plugin-based local storage). Your browser may tell you how to be notified when you receive certain types of cookies and how to restrict or disable certain cookies. You also may be able to delete your Flash cookies or adjust your Flash cookie settings by visiting the Adobe Flash Website Storage Settings Panel and Global Storage Settings Panel. Please note, however, that without cookies you may not be able to use all of the features of our Sites or other websites and online services. View the Northrop Grumman Cookie Policy.
In conjunction with gathering information through cookies, our web servers may log information such as your device type, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. We also may record information such as the address of the web page that referred you to our Sites and the IP address of the device you use to connect to our Sites. We also may log information about your interaction with the Sites, such as which pages you visit. We may place tags on our web pages called “web beacons,” which are small files that link web pages to particular web servers and their cookies.
We may use third-party web analytics services on our Sites, such as those of Google Analytics, Adobe Omniture, ScorecardResearch and DocAve Analytics. These service providers help us analyze how users use the Sites. The information collected for this purpose (including your IP address and other information collected by automated means) will be disclosed to or collected directly by these service providers. To learn more about how to opt out of these third-party web analytic service providers’ activities, click the relevant link below:
Both we and others (such as our service providers and advertising networks) may collect personal information about our visitors’ online activities, over time and across third-party websites. Our Sites are not designed to respond to “do not track” signals from browsers.
The providers of other third-party plug-ins on our Sites, such as embedded videos and social sharing tools, may use automated means to collect information regarding your use of the Sites and your interactions with the plug-ins. This information is subject to the privacy policies or notices of the third-party plug-in providers and is not subject to Northrop Grumman’s General Privacy Notice.
Interest-Based Advertising
On our Sites, we may collect information about your online activities for use in providing you with advertising about products and services tailored to your individual interests. This section of our Online Privacy Notice provides details and explains how to exercise your choices.
You may see certain ads on other websites because we participate in advertising networks. Ad networks allow us to target our messaging to users through demographic, interest-based and contextual means. These networks track your online activities over time by collecting information through automated means, including through the use of cookies, web server logs and web beacons. The networks use this information to show you advertisements that may be tailored to your individual interests. The information our ad networks may collect includes data about your visits to websites that participate in the relevant advertising networks, such as the pages or advertisements you view and the actions you take on the websites. This data collection takes place both on our Sites and on third-party websites that participate in the ad networks. This process also helps us track the effectiveness of our marketing efforts. Learn how to opt out of this ad network interest-based advertising.
How We Use the Information About You
We may use the above categories of personal information and sensitive personal information for certain business and/or commercial purposes, including as described in this table:
|
Purposes |
Categories of Personal Information |
Legal Basis |
|
To provide products and services |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for the performance of a contract that governs the services we provide |
|
To provide you with support and to respond to your requests or inquiries, including to investigate and address any concerns and monitor and improve our responses |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for the performance of a contract that governs the services we provide |
|
To operate, evaluate and improve our business (including developing new products and services; enhancing and improving our products and services; managing our communications; analyzing our products, services and communications; and performing accounting, auditing and other internal functions) |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To administer and manage the websites |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To understand how people use the features and functions of our Websites in order to improve the user experience; |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To perform data analyses (including anonymization and aggregation of personal information) |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To personalize and enrich your browsing experience by displaying content that is more likely to be relevant and of interest to you |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To protect against, identify and prevent cybersecurity and other security events, espionage, fraud and other unlawful activity, claims and other liabilities; and prosecuting those responsible |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To comply with Northrop Grumman policies |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
|
To comply with and enforce applicable legal requirements, contractual obligations, relevant industry standards |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for us to comply with a legal obligation |
|
To respond to law enforcement requests |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for us to comply with a legal obligation |
|
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
Necessary for our legitimate interests |
Prior Collection, Use and Disclosure of Personal Information
We may have collected and used your personal information, as described in “Information We Collect” and “How We Use the Information We Collect” sections above, during the 12-month period prior to the effective date of this Statement.
For personal information collected during such timeframe, we describe below:
a. the categories of sources from which we may have obtained the personal information,
b. the categories of personal information we may have disclosed for a business purpose and the categories of persons to whom we may have disclosed such information, and
c. the categories of personal information we may have sold or shared to a third party, if any.
a. Sources of Personal Information
We may have obtained personal information about you from various sources, including as described below.
|
Categories of Sources of Data Collection |
Categories of Personal Information |
|
From your devices (such as when you browse or use our Sites) |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Vendors who provide services on our behalf |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Government agencies, law enforcement, courts and regulators |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Cybersecurity information sharing resources |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Social networking services |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Public databases |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
b. Disclosure of Personal Information for a Business Purpose
We may have disclosed certain categories of personal information to certain categories of persons for a business purpose, including as described below.
|
Categories of Persons |
Categories of Personal Information |
|
Vendors who provide services on our behalf |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Our customers and business partners (such as subcontractors and suppliers) |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Participants in cyber security information resources (when related to a cyber threat indicator) |
Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Government agencies, law enforcement, courts and regulators |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
|
Other parties in the event of a corporate transaction, such as an acquisition |
Log-in Credentials; Unique Personal Identifiers; Internet and Other Electronic Network Activity Information |
For a list of relevant service providers, please contact us using one of the means identified in the “How To Contact Us” section below for more information.
c. Sale or Sharing of Personal Information
We do not sell your personal information to third parties in exchange for monetary or other valuable consideration, nor do we share your personal information with third parties for cross‐context behavioral advertising.
We also may use the information in other ways for which we provide specific notice at the time of collection.
In addition, we use information collected through automated means for the purposes set forth above, including by (i) customizing our users’ visits to our Sites, (ii) analyzing the manner in which our users interact with our Sites and online advertisements, (iii) delivering content tailored to our users’ interests and (iv) managing our Sites and other aspects of our business.
Your Rights and Choices
Please refer to the “Your Rights and Choices” section of the Northrop Grumman Privacy Notice for an explanation of the rights and choices you have under applicable laws regarding your personal information.
Data Transfers
Please refer to the “Data Transfers” section of the Northrop Grumman Privacy Notice for information related to the cross-border transfer of personal information to regions other than the region in which the information was collected/obtained.
How We Protect Personal Information
Please refer to the “How We Protect Personal Information” section of the Northrop Grumman Privacy Notice for a description of the measures we undertake to protect your personal information.
Data Retention
Please refer to the “Data Retention” section of the Northrop Grumman Privacy Notice for more information on how long your data may be kept.
Links To Other Websites
Please refer to the “Links To Other Websites” section of the Northrop Grumman Privacy Notice for more information.
Updates To Our Notice
Please refer to the “Updates To Our Notice” section of the Northrop Grumman Privacy Notice for more information.
How To Contact Us
Please refer to the “How To Contact Us” section of the Northrop Grumman Privacy Notice for more information.
Subsidiaries/Affiliates
Please refer to the “Subsidiaries/Affiliates” section of the Northrop Grumman Privacy Notice for more information.