F5 Distributed Cloud WAAP Privacy Statement

Published on: 7 March 2021
Last updated on: 15 February 2022


F5's Distributed Cloud WAAP platform (the “Service”) enables users to deploy, connect, secure and operate applications across the edge and multi-cloud.

This Privacy Statement applies to the customer data that F5 processes through the Service.

Roles of the Parties

Under the data protection laws of the EU and similar jurisdictions, F5 is a processor of the customer data, and the customer is (or acts on behalf of) a controller of such data, to the extent it contains personal data. 

Personal Data Processed by the Service

The customer can place its applications and other content (which may include personal data) in the Service.  The customer also can use the Service to connect instances of components of its applications, whether or not they are hosted in the Service.  The customer then routes traffic for the applications through the Service.  This traffic may contain personal data (such as the IP address of a visitor to the customer’s application, as well other personal data that is specific to the customer’s application).

Processing of the Personal Data

IP addresses in the traffic, and related metadata, are used for load balancing, routing, and security (e.g., DDoS and bot mitigation), including to create logs for the customer.  The Service also hosts and/or interconnects instances or components of the customer’s application, which may engage in other processing of personal data.

More Information

To exercise your rights with respect to the customer data that F5 processes when providing the Services to a customer, please contact that customer.  For more information about F5’s privacy practices, please see the F5 Privacy Notice.