1. DXC Global Pass and MWS O365 Data Privacy Statement
2. DXC Global Pass and MWS O365 User Agreement
DXC Global Pass and MWS O365 Data Privacy Statement and User AgreementAs described below:
- The DXC Global Pass single sign-on environment comprises commercially sensitive and proprietary resources and applications, including, but not limited to, an enterprise authentication service (Global Pass), enterprise Collaboration Services, databases, intranet sites, knowledge repositories, cooperative applications, and service delivery applications and sites.
The Global Pass single sign-on environment supports all DXC Technology business processes, including collaboration, discussion, and service delivery on internal and external efforts. It also provides a standard authentication system (Global Pass) that controls access to applications worldwide.
- MyWorkStyle O365 (MWS O365) is an enterprise social business collaboration and productivity service maintained by DXC in support of internal objectives. The service supports DXC business processes and houses numerous protected, sensitive, and critical resources and applications used by DXC employees, contractors, clients, partners or vendors.
Your use of the DXC Global Pass single sign-on environment and MWS O365 is subject to all the requirements set forth herein and separately in DXC policies, guidelines, and agreements.
The Global Pass and MWS O365 Data Privacy Statement and User Agreement that follow describe the personal data held in the services, how they are managed, and who will have access to them and why; as well as your responsibilities for proper use of the services, including prohibited actions and content. After acknowledging these notices during your initial login to the Global Pass single sign-on environment and/or MWS O365, you can access them at any time via a link in system footers.
These notices refer to DXC employees and contractors. As used here, these terms follow the definitions in HRMP 204 Employment Classifications and HRMP 220 Global Contingent Labor Management. DXC contractors, in particular, refers here to DXC contingent labor, as distinct from DXC clients, partners, vendors, and any other individuals with external Global Pass IDs. (If you wish to review such guidelines or policies before completing your initial login, contact your manager and/or an HR representative.)
From time to time the terms of these notices may change and DXC will endeavor to notify you of such changes. You will be notified separately about uses of data in other systems covered by separate notices. Your subsequent use of the Global Pass single sign-on environment and/or MWS O365 implies your continued acknowledgement of these notices. If you do not click the ACKNOWLEDGE button when it is presented with these notices, you cancel that login attempt and will not be able to access the Global Pass single sign-on environment and/or MWS O365. You will again be presented with these notices on any subsequent login attempt.
1. DXC Global Pass and MWS O365 Data Privacy Statement
The following Data Privacy Statement applies to the Global Pass single sign-on environment and to MWS O365.
1.1 Personal data held by the Global Pass single sign-on environment
- The Global Pass single sign-on environment holds the following types of user data:
- User profile data, including user name, user ID, password, e-mail address, manager, operating group, work address, and work phone numbers
- Discussion thread entries, blogs, or wikis
- Contributed content
- Membership lists
- Application-specific personal profiles that enable business processes supported by applications and/or security and access control required by applications (some of these profiles are covered by separate data privacy statements).
- Any further data you provide are at your discretion, though providing those data may be necessary for completion of work related tasks. You may submit as few or as many data into the Global Pass single sign-on environment as you think necessary, following the guidelines on personally identifiable information in the Global Pass User Agreement.
1.2 Personal data held by MWS O365MWS O365 will use the following subset of your Global Pass personal profile data to authenticate your access to MWS O365 and will provide these data to the third-party provider that supports the service:
- First name, middle initial, last name
- Short name
- Work email address
- DXC organization level 1
- Work address
- Work phone numbers
- Work country
- DXC user type (emp or sc)
- IP address and internet service provider (ISP).
Any additional data you provide are at your discretion, subject to your compliance with the standards and guidelines set forth in this data privacy statement, in the MWS O365 user agreement, and in any other applicable data privacy statements, agreements, or policies. Although provision of certain data may be necessary for completion of work-related tasks, you may submit as few or as many additional data as you think necessary and are willing to provide. You will also retain rights to correct or delete your additional data, where applicable.
1.3 Purposes for Use of Personal Data
DXC may use the data described above to process requests made by users, further DXC’s business interests, protect its rights and property, and otherwise ensure compliance with applicable law, corporate policy, and guidelines. All such actions will follow the terms of local laws and regulations and DXC policies and guidelines. In addition, DXC, where possible, will enable users to opt out of particular uses of their personal information.
1.4. Disclosure of Personal Data
1.4.1. The Global Pass single sign-on environment and MWS O365 are controlled sharing services. The data you contribute to them will be visible to the DXC employees and contractors who are authorized to access the portion of the service to which you contribute such data. You must use caution and see the Global Pass and MWS O365 User Agreement and any other applicable data privacy statements, agreements, and policies for information about your obligations concerning data contributed to the Global Pass single sign-on environment and MWS O365 .
1.4.2. DXC may engage the services of a third party (which is under a duty to maintain the confidentiality of information) to provide technical or other support in connection with the Global Pass single sign-on environment and/or MWS O365. Provision of this third-party technical or other support may require disclosure of data entered into the Global Pass single sign-on environment and/or MWS O365 by you, including data entered in an online form or request. DXC requires these third parties to respect DXC privacy practices and prohibits them from using your personal information for purposes other than to carry out DXC’s instructions.
1.4.3. DXC may be compelled by applicable law and regulation to disclose personal data to government authorities or other third parties. Additionally, DXC reserves the right to the extent permitted by applicable law and regulation to disclose personal data as deemed necessary by DXC based on compelling circumstances, including but not limited to an emergency situation affecting public safety, any sale of DXC or a portion of its assets to a third party or another corporate entity, or as necessary in order to mount a legal claim or defense.
1.4.4. The Global Pass Single Sign-on Environment and MWS O365 contain links to third-party websites or online services that are not owned or managed by DXC, maintained for DXC’s benefit, or otherwise under DXC’s control. DXC will not be liable for any company or personal data that you submit to such third parties and such use will be “as is” without recourse to the extent allowable by law or regulation.
1.5. Data Processing Location
1.5.1. Some components of the Global Pass single sign-on environment, including Global Pass itself, reside on DXC internal secure nodes in various countries, such as the U.S., U.K., and Australia. Different access levels are applied to data within the system to ensure data are visible only to authorized users and groups; those access levels also determine whether data will be searchable by relevant services.
1.5.2. MWS O365 is supported and hosted by Microsoft, a third-party provider of enterprise productivity application; file storage and sharing; email, calendar, contacts, online meeting; and social network services whose principal office is in Redmond, Washington, USA.
1.6. Data Transfers
DXC is a multinational corporation. Unless subject to country or contract-specific restrictions, personal data contributed to the Global Pass single sign-on environment and/or to MWS O365 will move between DXC entities and between DXC and the contracted third-party provider that supports MWS O365, all of whom are required to uphold DXC privacy practices.
Technical and organizational security of the DXC Global Pass single sign-on environment, of MWS O365, and of any other third-party services is maintained in accordance with DXC security policies, as well as DXC Data Protection Policy MPS 507, and is supported by authorized system administrators only. Administrative access to your profile in the MWS O365 directory is also granted to Microsoft system administrators, subject to the controls spelled out in this statement (http://www.microsoft.com/online/legal/v2/?docid=24&langid=en-us), and/or in DXC’s agreement with Microsoft. System-level security measures follow the principles “need-to-know” as well as “least privileges by default.” MWS O365 data do not replicate to other systems.
1.8. Data Retention
1.8.1. The Global Pass single sign-on environment will retain your personal data for only as long as is required to support your access to or use of the databases, intranet sites, knowledge repositories, cooperative applications, and service delivery applications and sites contained within the service. Standard DXC termination processes include steps for decommissioning access to and removing personal data from specific applications held in the Global Pass single sign-on environment.
1.8.2. MWS O365 will retain your personal profile data as long as is required to support Global Pass authentication into MWS O365 or is otherwise consistent with DXC’s then-current record retention policies. If/when your employment with DXC ends, and/or your Global Pass ID is terminated, standard DXC processes will disable your MWS O365 profile. Consistent with DXC record retention policy and schedule, legal hold, and work-for-hire policies and guidelines, some of your personal data will be retained in MWS O365 after your access to that service is deprovisioned according to standard DXC termination processes. The retained personal data will be visible as prescribed by those processes.
1.9 Data Access
You will retain rights to correct or delete the data you contribute, where applicable, for as long as you have employment with DXC and a Global Pass ID. Data you contribute at your discretion can be edited and/or deleted by you and by the manager of the site to which you have contributed the data. If you or the manager do not delete contributed data, they may remain visible (to the users given access to them) for the life of the system. Please note DXC’s implementation of MWS 0365 has made provisions for the retirement of sites that are no longer being actively used.
1.10. Changes to the Notice
This Data Privacy Statement may be augmented or superseded by other data privacy statements, agreements, or policies which cover specific applications, portals, intranets, or databases contained in the Global Pass single sign-on environment. Accepting this Privacy Statement does not relieve you of the responsibility of reviewing and responding to separate data privacy agreements.
1.11 More Information and Assistance
1.11.1. DXC users --- For more information about the Global Pass single sign-on environment or about MWS O365, please contact your local help desk, your manager and/or an HR representative.
1.11.2. Client users ---For more information about the Global Pass single sign-on environment, contact your account help desk or account representative and they can enter a ticket for you.
For further information about this data privacy statement, please contact DXC's Privacy and Data Protection Office at email@example.com your HR Manager, or your account help desk or account representative.
2. DXC Global Pass and MWS O365 User Agreement
The following User Agreement applies to the DXC Global Pass single sign-on environment. It also spells out the terms and conditions that apply to DXC Technology employee and contractors’ use of MWS O365.
Use of these resources places certain duties and obligations on the DXC employee or contractor and, where relevant, on the client, partner, or vendor, along with an expectation of professional conduct. Your compliance with these duties and obligations will help protect and ensure the secure and effective operation of the service.
Further, acknowledging this Global Pass and MWS O365 User Agreement does not relieve you of the responsibility of reviewing and responding to separate DXC user agreements, policies, and guidelines. In the event of a conflict between this User Agreement and any laws, regulations, DXC policies and guidelines, and/or contractual requirements, the obligations that result from compliance with all necessary laws and regulations will prevail.
The Global Pass single sign-on environment and MWS O365 are intended for adult use only. They are not intended for minors under applicable law or regulation, and minors should not submit any information to those services.
To the extent allowable by law, you agree to abide by the following terms and conditions when you access, submit, or manage content and/or information in the Global Pass single sign-on environment and/or MWS O365:
2.1.1. You will properly protect information that is protected, sensitive, and critical to DXC and its employees, contractors, clients, partners, or vendors. As described in section 1.6 in the Global Pass Single Sign-On and MWS O365 Data Privacy Statement, information contributed to the single sign-on environment and to MWS O365 may automatically cross national boundaries as part of the expected operation of the service. You must therefore pay particular attention to any applicable restrictions, including contract restrictions, regarding the allowed locations and/or recipients of information you post. If you are unsure, do not post these types of information in the relevant service.
2.1.2. You will abide by any legal or contractual restrictions on sharing content in the single sign-on environment and/or MWS O365 with other DXC employees and contractors, and/or with DXC clients, partners, or vendors.
18.104.22.168. You will not transmit protected, sensitive, and critical DXC information you find in the single sign-on environment and/or MWS O365 in any form to any person or entity outside the services other than authorized DXC employees without the proper restrictions and/or nondisclosure agreements being in place.
22.214.171.124. You will not transmit protected, sensitive, and critical DXC Client information you find in the single sign-on environment and/or MWS O365 in any form to any other DXC employees or contractors or to any external entities or individuals without written approval from the relevant client.
126.96.36.199. You will not release or disclose DXC financial or strategic information to anyone not authorized to access that information.
188.8.131.52. You will assume that DXC is prohibited by contract from making client references public and will abide by these restrictions.
184.108.40.206. Before submitting any DXC, client, partner, or vendor information to the single sign-on environment and/or MWS O365, you will confirm that that submission is appropriate under contract.If you are not certain whether there are relevant contractual stipulations regarding submission of DXC, client, partner, or vendor information to a third-party hosted service, you will before submitting any such information to MWS O365 contact the relevant Contracts and Commercial Manager, and/or your supervisor/ management; local DXC legal counsel; account and/or project management; and/or other relevant legal counsel for guidance. (See also section 220.127.116.11.)
18.104.22.168. You will ensure when submitting content to the single sign-on environment and/or MWS O365 that you submit the content with appropriate access controls, so that the content is accessible only to those groups and/or individuals who should have access to it; and/or you will ensure that the submission violates no export laws or regulations or copyright laws. (Site managers in DXC MWS O365 should also refer to the "MWS O365 Site Manager Terms and Conditions of Use.")
2.1.3. If you are accessing or submitting export-controlled technical data or information, you will comply with DXC and applicable U.S. and foreign country export law restrictions. DXC employees and contractors will refer any questions about export-controlled technical data or information to the Global Trade Control Representative for their business unit. DXC employees and contractors can find a list of business unit Global Trade Control Representatives in the intranet myDXC. DXC clients, partners, or vendors will refer any questions about export-controlled technical data or information to relevant account and/or project management, and/or other relevant legal counsel for guidance.
2.1.4. You will update, correct, or delete any personal information you have submitted if it is or becomes incomplete, inaccurate, or out of date.
2.1.5. You will manage the data you contribute, and/or you will confirm that the data you contribute are managed, in accordance with DXC Record Retention guidelines and/or with guidelines specific to applicable law and/or a particular DXC engagement with a DXC client, partner, or vendor.
2.1.6. You will maintain the security of your username and password for accessing the single sign-on environment and/or MWS O365, and will inform DXC's Security Incident Response and Coordination Center – SIRCC at firstname.lastname@example.org immediately of any unauthorized use of your account.
2.1.7. You acknowledge that any views you post in the single sign-on environment and/or MWS O365 (for example, in discussion threads or blogs) are yours alone and do not necessarily represent DXC positions, strategies, or opinions. You similarly acknowledge that postings in the single sign-on environment and/or MWS O365 by individual DXC employees or contractors are the posters’ own and do not necessarily represent DXC positions, strategies, or opinions. DXC does not guarantee the accuracy or reliability of such postings, nor will such postings suffice to create an obligation in law or equity on the part of DXC.
2.1.8. You acknowledge that views expressed by outside contributors that are posted in the single sign-on environment and/or MWS O365 do not represent the views of DXC, its management, or employees. DXC is not responsible and disclaims any and all liability for the content of comments from outside contributors posted in the single sign-on environment and/or MWS O365.
2.1.9. Unless otherwise agreed, you acknowledge that no client, advisory, fiduciary, or professional relationship is established through your access to the single sign-on environment and/or MWS O365, and neither DXC nor any other person is, in connection with those services, engaged in rendering auditing, accounting, tax, legal, advisory, consulting, or other professional services or advice.
DXC employees and contractors and DXC clients, partners, and vendors should contact the owners of applications hosted in the Global Pass single sign-on environment for guidelines on content types prohibited by or in those services.
When DXC employees and contractors access, contribute, or manage content and/or information in MWS O365, they agree they will NOT under any circumstances:
2.2.1. Contribute Protected Health Information as defined under applicable health record statutes, including but not limited to information protected under the privacy or security regulations issued pursuant to the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA) as amended, and the American Recovery and Reinvestment Act of 2009 and regulations promulgated thereunder (ARRA); as well as information regulated by the Australian Privacy Act 1988 and by health records statutes in Australian states and territories.
2.2.2. Unless otherwise explicitly agreed to in advance by DXC in writing, contribute European or Canadian Government information, including European or Canadian Defence, Public Sector, and Health Care information; as well as information about European or Canadian National Critical Infrastructure, including the Financial Sector.
2.2.3. Contribute private personal data such as driver license numbers; passport numbers; government-issued private identifiers such as social security, tax ID, national insurance, or similar numbers; or bank, checking, credit card, debit card, or other financial account numbers.
2.2.4. Contribute sensitive personal data as defined in their home jurisdiction, such as religious affiliation, union membership, etc.
2.2.5. Contribute any unsolicited advertisements, promotional materials, “spam” chain letters, surveys, or contests, or solicit participation in any pyramid schemes.
2.2.6. Contribute any unlawful (according to local, state or province, federal, or international law or regulation) content and/or information to or through MWS O365, or any content and/or information that advocates illegal activity.
2.2.7. Contribute, or provide links to, content and/or information that could be considered harmful, obscene, pornographic, indecent, lewd, violent, abusive, profane, insulting, threatening, tortious, harassing, hateful, or otherwise objectionable.
2.2.8. Contribute, or provide links to, content and/or information that harasses, victimizes, degrades, or intimidates an individual or group of individuals on the basis of religion, race, ethnicity, sexual orientation, gender, age, disability, or any other legally-protected characteristic.
2.2.9. Contribute, or provide links to, content and/or information that is defamatory, false, or libelous.
2.2.10. Contribute content and/or information, to or through MWS O365, that infringes on or violates any intellectual property or other right of any entity or person, including, without limitation, copyrights, patents, trademarks, laws governing trade secrets, rights to privacy, or publicity.
2.2.11. Contribute any content or information to MWS O365 that you do not have a right to make available under law or contractual or fiduciary relationships.
You will NOT under any circumstances:
2.3.1. Impersonate another person or entity or falsely state or otherwise misrepresent your affiliation with a person or entity, or adopt a false identity if the purpose of doing so is to mislead, deceive, or defraud another.
2.3.2. Manipulate identifiers, including by forging headers, in order to disguise the origin of any posting delivered to or through the Global Pass single sign-on environment and/or MWS O365.
2.3.3. Use the Global Pass single sign-on environment and/or MWS O365 in any manner that could damage, disable, overburden, impair, or otherwise interfere with those services or with other software, hardware, or network equipment belonging to DXC or to other users.
2.3.4. Attempt to gain unauthorized access to the Global Pass single sign-on environment and/or MWS O365, and/or to any related application, service, accounts, computer systems, or networks connected to the Global Pass single sign-on environment and/or MWS O365.
2.3.5. Otherwise cause damage on or through the Global Pass single sign-on environment and/or MWS O365.
In addition to the above, you are responsible for any content and/or information delivered to the Global Pass single sign-on environment and/or MWS O365 using your account. DXC reserves the right to limit or terminate access by a user of the Global Pass single sign-on environment and/or MWS O365 at any time, with or without notice from DXC.
DXC may not regularly monitor, delete, or edit content and/or information in the Global Pass single sign-on environment and/or MWS O365. However, DXC reserves the right to do so at any time. DXC is not responsible for damages of any kind arising from any postings to the Global Pass single sign-on environment and/or MWS O365, even when DXC is advised of the possibility of such damages and even if DXC has taken responsive action in other cases.
2.5. Limitations on Liability and WarrantiesThe following limitations are subject to the terms of applicable local laws and regulations and DXC policies and guidelines. In the event of a conflict between the following limitations and any laws, regulations, DXC policies and guidelines, and/or contractual requirements, the obligations that result from compliance with all necessary laws and regulations will prevail.
2.5.1. The material included in the Global Pass single sign-on environment and/or MWS O365 has been compiled from a variety of sources and it could include technical inaccuracies or typographical errors. DXC makes no warranties or representations as to the accuracy or completeness of material within the services. Everything is provided to you "as is" without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
2.5.2.DXC does not warrant that the Global Pass single sign-on environment and/or MWS O365, the services provided through them, and any information, software, or other material available within the Global Pass single sign-on environment and/or MWS O365 will be uninterrupted, error-free, or free of viruses or other harmful components.
2.5.3. To the extent allowable by law and irrespective of any general contractual obligations forming a contractual relationship between the user (you) and DXC, DXC shall not be liable for any special, incidental, or consequential damages, including, without limitation, any lost revenues, lost profits, or third-party claims resulting from the use or misuse of the Global Pass single sign-on environment and/or MWS O365 as defined herein, even if DXC has been advised of the possibility of such damages or for any claim by another party.
2.5.4. When links within the Global Pass single sign-on environment and/or MWS O365 lead to servers maintained by individuals or organizations other than DXC or those acting for its benefit and under its control, DXC has no control and makes no warranties or representations as to accuracy, timeliness, suitability, or any other aspect of the information located on such servers, and neither monitors nor endorses such servers or content.
2.6. Intellectual Property
2.6.1 You will assume that everything you see or read in the Global Pass single sign-on environment and/or on MWS O365 is copyrighted and may not be used except as provided in this User Agreement, in the text appearing with an application available in the Global Pass single sign-on environment and/or through MWS O365, or with written permission in advance from DXC.
2.6.2. Images of people or places displayed in the Global Pass single sign-on environment and/or MWS O365 are either the property of DXC or used with permission by or from DXC. Your use of these images is strictly prohibited unless specifically permitted by this User Agreement, unless specific permission is provided elsewhere in the Global Pass single sign-on environment and/or MWS O365, or unless you write directly to and obtain permission from DXC.
2.6.3. DXC, DXC Technology, and the DXC logo are Trademarks or registered Trademarks of DXC Technology. All other Trademarks and logos or registered Trademarks and logos found in the Global Pass single sign-on environment and/or MWS O365 or mentioned herein belong to their respective owners. Nothing contained in the Global Pass single sign-on environment and/or MWS O365 should be construed as granting, by implication, estoppel, or otherwise, any license or right to use any Trademark displayed in the service without the written permission of Computer Sciences Corporation or such third party that owns the Trademarks displayed in this service. DXC will enforce its intellectual property rights to the fullest extent permitted by law.
2.6.4. Unless otherwise provided, all postings to the Global Pass single sign-on environment and/or MWS O365 automatically become the property of DXC. DXC will be entitled to use the material for any type of use including in any media whether now known or later devised. If any court determines that DXC does not retain exclusive ownership of any posting, then you hereby expressly grant to DXC a royalty-free, perpetual, irrevocable right to use, reproduce, adapt, modify, publish, edit, translate, perform, transmit, sell, sublicense, or otherwise distribute and display the posting for any reason, including for promotional and advertising purposes, alone or as a part of other works in any form, medium, or technology now known or later developed.
2.7. Procedure for Making Claims of Copyright Infringement
2.7.1. DXC respects the intellectual property rights of third parties, and complies with all applicable laws and regulations, including the Digital Millennium Copyright Act (DMCA), regarding such rights.
2.7.2. If you believe that your work has been copied in a way that constitutes copyright infringement, you should send written notification thereof to appropriate DXC and/or DXC client, partner, or vendor counsel.
2.8. Choice of Law and Jurisdiction
Unless otherwise provided, the contents of the Global Pass single sign-on environment and/or MWS O365 are governed by the laws of the state of Virginia in the United States, and any claims rising directly or indirectly out of any materials contained in this service are subject to these same laws.
By clicking the ACKNOWLEDGE button during your first attempt to log in to the service, you consent to ALL the terms of this agreement. From time to time the terms of this agreement may change and attempts will be made to notify you of such changes. If you do not click the ACKNOWLEDGE button during your first attempt to log in to the environment, you cancel that login attempt.
Your subsequent use of these services implies your continued acknowledgement of this user agreement.
Last updated: March 2017