Effective Date: 10 Oct 2019
F5’s Silverline managed security services (the “Services”) offer:
- Protection against dedicated denial-of-service (“DDoS”) attacks; and
- A Web application firewall (“WAF”).
This Privacy Statement applies to the customer data that F5 processes through the Services.
Roles of the Parties
Under the data protection laws of the EU and similar jurisdictions, F5 is a processor of the customer data, and the customer is (or acts on behalf of) a controller of such data, to the extent it contains personal data.
Personal Data Processed by the Service
To use the Services, the customer routes its network traffic through F5 servers. This network traffic may contain personal data (such as the IP address of a visitor to the customer’s online properties).
Processing of the Personal Data
The Service inspects the customer’s network traffic for unauthorized activity (e.g., a DDoS attack or hacking attempt). If the Service determines that a network traffic packet is malicious or otherwise meets customer-specified criteria for blocking, the Service drops the packet and creates a log of the blocking event (including the packet’s purported source IP address) for that customer’s later review. Otherwise, the Service just transmits the packet onward to its destination.
What to Do If Your Access to an Online Property Has Been Blocked
If you believe that the Service has improperly blocked or restricted your access to a customer’s online property, please contact that customer to request restoration of your access. If the Service presents you with a support ID number when blocking your access, please include that support ID in your request to the customer.
For more information about F5’s privacy practices, please see the F5 Privacy Notice. To exercise your rights with respect to the customer data that F5 processes when providing the Services to a customer, please contact that customer.