Nike, Inc., and its subsidiaries and affiliates (including your employer, “Nike”) provide their employees with devices and electronic communication tools and systems for use in supporting business activities. These systems include Nike-owned hardware or Nike-licensed and approved software including company servers, company email accounts, applications, programs, company shared drives or file shares, message boards, instant messaging systems, blogs, internet channels, company cloud storage locations and various other systems (“Nike Systems”).
The following Policy provides continued support for employees to ‘Keep it Tight,’ and also helps to ensure that all electronic communication using Nike Systems is appropriate, professional, and legally compliant.
1. NIKE May Access NIke Systems and Monitor Your Communications
1.1. Subject to this Policy and any local Policy addendums applicable in your location, Nike monitors employee access to Nike Systems by way of automated tools that may scan, filter and record activities and communications on Nike Systems (even when employees are absent and off campus), to protect against unauthorized access and use of Nike Systems and any company-related information held in electronic form. This includes company emails and other communications, documents, data, databases, images, graphics, photos and other materials, which may include, but is not limited to, proprietary, confidential or personal information of Nike, its clients, consumers, suppliers, partners or other third parties ("Nike Material"). There should be no expectation of privacy in anything employees communicate, store or access when they access and use Nike Systems or Nike Material, which are considered Nike’s property, subject only to mandatory provisions of local law. Nike has full authority to manage the Nike Systems and Nike Material, including the installation of software that tracks and records device and data activity in the Nike Systems.
1.2. Nike Systems are provided to support Nike business and to give you the right tools and resources for performing your job. Subject to any local Policy addendum or monitoring notice, which would override the terms in this Policy, and as permissible by applicable law, incidental and occasional non-business use of the Nike Systems is permitted within Nike. But any use of the Nike Systems and the content of any materials communicated on Nike Systems, including personal materials and information, may be viewed and recorded by Nike for legitimate business purposes, including the following: ensuring security of Nike Systems and all data contained or transmitted therein, in particular Nike Material; securing proprietary information; preventing or mitigating the misappropriation of Nike Material; and verifying use patterns and activity on Nike Systems in order to anticipate, detect, thwart and evidence attacks on and infiltration of Nike Systems. To the extent allowed under applicable law, employees’ personal information, if any, may also be processed for investigations and legal proceedings if the monitoring reveals unlawful acts or violations of Nike policies. Personal information will be accessed exclusively by persons authorized by Nike and any processing of your personal information will be performed in a manner intended to limit the impact on employee’s privacy and kept for the time necessary to achieve the purposes outlined above.
1.3. Where there is a justified suspicion of any threat, security violation or misappropriation in relation to Nike Systems or Nike Material, Nike may engage in supplemental monitoring, viewing or recording of any activity in the Nike Systems. Information relating to and produced by such viewing and recording activities may be disclosed, without notice or other restrictions, to other Nike group entities and to third party providers and law enforcement, which may be located outside the country of employment, for any of the purposes set forth in this Policy or to comply with applicable law. Subject to any Nike local monitoring policy or notice, and as permissible by applicable law, Nike reserves the right to access at any time the Nike Systems using automated tools or by manual review, to monitor data and messages within the Nike Systems, and to read, reject or remove any message (including attachments) composed, sent or received, for the purposes set forth in this Policy or to comply with applicable law. Nike reserves the right to limit and/or terminate access to Nike Systems at any time, as a result of non-compliance with this Policy, or for any other reason consistent with the purposes set forth in this Policy; such right may be further described in other Nike policies or employment contracts, if applicable.
1.4. Nike Systems are not designed for personal employee use. Subject to this Policy and any local Policy addendums applicable in your location,employees who do make incidental and occasional personal use of Nike Systems should file personal materials in a separate folder clearly marked as such (by marking or naming the folder “PERSONAL”). Consistent with and subject to local law and process, Nike reserves the right to access material stored in that location on a Nike device, despite its being marked as Personal, to the extent doing so is necessary to protect Nike Systems and Nike Material. Consistent with and subject to local law and process, any personal materials stored in Nike Systems may be used against you to the fullest extent permissible under applicable law, including to justify termination or in the context of litigation.
1.5. To protect Nike Systems and Nike Material, Nike may remotely wipe Nike-owned devices at any time. When leaving Nike, employees must return their Nike-owned device(s) and all Nike Material to Nike. Employees’ access to Nike Materials, including company email, will be terminated when the employee leaves the company. It is the employee's obligation to remove or retrieve any personal materials that may exist on their Nike-owned devices, and while Nike will seek to provide opportunity for employees to remove personal materials on Nike-owned devices employees may not be guaranteed an opportunity to obtain copies of all personal materials on those devices. Nike’s right to view, record, access and monitor Nike Systems and Nike Material remains enforceable even after you leave Nike and surrender the device to Nike. Failure to return Nike devices to Nike can result in potential legal action against the former employee.
2. Keep NIKE's Secrets
2.1. Nike business may only be conducted on Nike Systems. Employees may not use personal communications channels, such as personal email accounts, to conduct Nike work. Employees may not forward any Nike Materials to a personal email account or non-approved external file sharing programs without a legitimate business need and pre-approval.
2.2. All employees are responsible for ensuring that Nike's non-public, proprietary or confidential information does not enter the public domain (for example, through electronic transmissions). Employees are responsible for securing any Nike Material in their possession. All employees are also responsible for complying with the terms of any confidentiality and proprietary agreements they have signed, or similar provisions in employment agreements or other Nike policies, including Nike’s Confidential Information and Trade Secret Policy.
2.3. Nike's proprietary and confidential information includes, but is not limited to, any information, data, ideas, plans, strategies, concepts or proposals relating to the following:
2.4. If you have a question as to whether information is considered proprietary or confidential, be sure to talk with your manager before taking any next steps. In some cases, protection of confidential data is a legal requirement, not just a company policy. Legal requirements vary by country and employees should check with Nike's legal department to identify relevant local legal requirements.
2.5. Use the most secure communication method commercially available to transfer Nike's proprietary or confidential information, being mindful that Nike's private network and Nike-provided tools are always preferable to the Internet. Use Nike-provided email accounts, approved secure file transfer services, or approved messaging services to conduct Nike business; personal email accounts such as Gmail or Yahoo, and unapproved file transfer or messaging services, must not be used. Nike Material, especially proprietary or confidential information, may not be shared except in the normal course of business and consistent with Nike policies.
3. Make Sure Your Communications are Appropriate and Professional
3.1. Do not use words, phrases or symbols in any electronic communications – either internal Nike communications or external business communications – that may be viewed by diverse audiences as inappropriate, offensive, or defamatory. Carefully review the content of any communications prior to publishing or distributing and consider the intended and unintended audiences (as content could be shared beyond the original audience). Consider whether the content, if shared publicly or subpoenaed, would be damaging or embarrassing to either you or Nike. Nike's anti-harassment and anti-discrimination policies and any similar provisions in company handbooks, work rules, internal regulations or your employment agreement apply to written as well as verbal internal and external business communication. Subject to any Nike local monitoring policy or notice, and as permissible by applicable law, Nike may review communications to determine whether any Nike policy is violated, and will take appropriate steps to remedy any inappropriate behavior.
4. Internal blogs and other Internal communication
4.1. When developing an internal blog or other communication, remember that all Nike policies apply, including this Policy and the Matter of Respect Policy. If your blog or other communication contains links to other content outside your control (like an external website), be sure to first review all the links associated with the content to ensure that it is appropriate.
5. Social Media Policy
5.1. Use of social media platforms such as Facebook, Twitter, LinkedIn and others is addressed in Nike’s Policy for Communication on External Websites and Social Media Platforms.
6. Respect Copyrights and Other Material Owned by Third Parties
6.1. Loading, sharing and maintaining unlicensed music, movies, software, or other similar items owned by third parties in Nike Systems is prohibited.
7. Retention oF INFORMATION
7.1. Nike will retain business records and information (which may include company email) for a specific retention period, depending on the type of record. There may also be laws and regulations that require Nike to retain certain records for a period of time, and it is Nike's policy to comply with them. At the expiration of the appropriate retention time, the information will be deleted or archived in accordance with applicable law. See the Record Retention Policy and Schedule for more information about appropriate retention periods.
8. Improper Use
8.1. Improper use of the Nike Systems or Nike Material, as outlined in the applicable Nike policies or in employment contracts, if applicable, may result in limitation or revocation of your electronic access privileges as well as corrective action, up to and including termination. Activities that may constitute improper use include, but are not limited to, the following:
9. PROTECTING YOUR PERSONAL INFORMATION
9.1. Any personal information Nike collects and processes in furtherance of this Policy will be processed and stored for the purposes and by the recipients described in this Policy and in compliance with Nike’s Employee Privacy Policy, to the extent such a policy is in effect in your location.
9.2. Nike reserves the right to modify or to rescind this Policy at any time, consistent with applicable law. Also, this Policy is subject to and may be superseded by any local policies that a Nike company may adopt. For example, retail employees should check with Retail Store Operations Policy which may have different or additional requirements.
9.3. It is important for employees to understand that this Policy should not interfere with any rights protected under local or country law, including, where applicable, employees' rights to access personal data and discuss their terms and conditions of employment.
9.4. Employees who have questions or other inquiries about anything covered in this Policy may contact Nike Human Resources through HR Direct.
EMEA ADDENDUM TO
NIKE’S GLOBAL ACCEPTABLE USE POLICY:
ELECTRONIC COMMUNICATIONS AND DEVICES
Nike, Inc., and its subsidiaries and affiliates (including your employer, “Nike”) provide their employees with devices and electronic communication tools and systems for use in supporting business activities. These systems include Nike-owned hardware or Nike licensed and approved software including company servers, company email accounts, applications, programs, company shared drives or file shares, message boards, instant messaging systems, blogs, internet channels, company cloud storage locations and various other systems (“Nike Systems”).
This EMEA Employee Monitoring Addendum (“EMEA Addendum”) is an addendum to Nike’s Global Acceptable Use Policy: Electronic Communications and Devices (the “Global Acceptable Use Policy”), which provides continued support for employees to ‘Keep it Tight,’ and also helps to ensure that all electronic communication using Nike Systems is appropriate, professional, and legally compliant.This EMEA Addendum applies to the use of Nike’s Systems by Nike employees in the EMEA Region and specifies the information on the protections Nike implements when it conducts network and system monitoring activities in the EMEA Region. This is required to address differences due to national laws and should be read together with the Global Acceptable Use Policy. Any EMEA specific deviations to the content of the Global Acceptable Use Policy are specified in this document by paragraph number. In case of a conflict with the Global Acceptable Use Policy, the provisions of the EMEA Addendum will prevail.
1. NIKE MAY ACCESS NIKE SYSTEMS AND MONITOR YOUR COMMUNICATIONS
Paragraph 1.a. of the Global Acceptable Use Policy is replaced as follows:
Subject to the Global Acceptable Use Policy, this EMEA Addendum and any local Policy addendums applicable in your location, Nike monitors employee access to Nike Systems by way of automated tools that may scan, filter and record activities and communications on Nike Systems (even when employees are absent and off campus), to protect against unauthorized access and use of Nike Systems and any company-related information held in electronic form. This includes company emails and other communications, documents, data, databases, images, graphics, photos and other materials, which may include, but is not limited to, proprietary, confidential or personal information of Nike, its clients, consumers, suppliers, partners or other third parties ("Nike Material"). Nike employees should have limited expectation of privacy in anything employees communicate, store or access when they access and use Nike Systems or Nike Material that are considered Nike’s property. Nike has full authority to manage the Nike Systems and Nike Material, including the installation of software that tracks and records device and data activity in the Nike Systems, to the extent permitted under applicable law. Such automated tools may include:
We take steps to ensure that the automated tools used at Nike are necessary for the purposes described in the Global Acceptable Use Policy and this EMEA Addendum and are configured in a way to prevent permanent logging of employee activity on the company network. If our tools generate an alert, we may issue a warning reminding you, for example, that Nike owns all content you create during your work duties and directing you to the relevant company policies and trainings.
Paragraph 1.b. of the Global Acceptable Use Policy is replaced as follows:
Nike Systems are provided to support Nike business and to give you the right tools and resources for performing your job. Any use of the Nike Systems and the content of any materials communicated on Nike Systems, including personal materials and information, may be viewed and recorded by Nike for legitimate business purposes, including the following: ensuring security of Nike Systems and all data contained or transmitted therein, in particular Nike Material; securing proprietary information; preventing or mitigating the misappropriation of Nike Material; and verifying use patterns and activity on Nike Systems in order to anticipate, detect, thwart and evidence attacks on and infiltration of Nike Systems. To the extent allowed under applicable law, employees’ personal information, if any, may also be processed for investigations and legal proceedings if the monitoring reveals unlawful acts or violations of Nike policies. Personal information will be accessed exclusively by persons authorized by Nike and any processing of your personal information will be performed in a manner intended to limit the impact on employee’s privacy and kept for the time necessary to achieve the purposes outlined above.
Paragraph 1.c. of the Global Acceptable Use Policy is replaced as follows:
Where there is a justified suspicion of any threat, security violation or misappropriation in relation to Nike Systems or Nike Material, Nike may, subject to applicable law, engage in supplemental monitoring, viewing or recording of any activity in the Nike Systems. Information relating to and produced by such viewing and recording activities may be disclosed, subject to applicable law, to other Nike group entities and to third party providers and law enforcement, which may be located outside the country of employment, for any of the purposes set forth in the Global Acceptable Use Policy and this EMEA Addendum or to comply with applicable law. Subject to any Nike local monitoring policy or notice, and as permissible by applicable law, Nike reserves the right to access at any time the Nike Systems using automated tools or by manual review, to monitor data and messages within the Nike Systems, and to read, reject or remove any message (including attachments) composed, sent or received, for the purposes set forth in this EMEA Addendum or to comply with applicable law. Nike reserves the right to limit and/or terminate access to Nike Systems at any time, as a result of non-compliance with the Global Acceptable Use Policy or this EMEA Addendum, or for any other reason consistent with the purposes set forth in these policies; such right may be further described in other Nike policies or employment contracts, if applicable. Such monitoring will first be carried out at the company level and where technically feasible on an aggregate data level. We only identify a particular employee where our automated tools detect unusual activities or irregularities within the Nike Systems and generate an alert, flag or other indication that further inspection of the issue is required. Alerts are reviewed by authorized personnel within a reasonable time. Subject to applicable law, we may notify you if an inspection or further investigation must be carried out on the devices you are using to perform your work duties at Nike. Where necessary, we will also notify your supervisor. Nike takes steps continuously to ensure that inspections are conducted in a proportional manner. Inspections are conducted by authorized personnel, on a need-to-know and confidential basis, who conduct searches based on patterns and keywords related to the scope of the inspection and review only relevant logs. If the inspection reveals actual or suspected unlawful acts or violations of Nike policies, any personal information or materials stored in Nike Systems may be used against you, to the fullest extent permissible under applicable law, including conducting investigations, terminating your employment contract or bringing legal proceedings.
Paragraph 1.d. of the Global Acceptable Use Policy is replaced as follows:
Nike Systems are not designed for personal employee use. Subject to this EMEA Addendum, the Global Acceptable Use Policy and any local Policy addendums applicable in your location, employees who do make incidental and occasional personal use of Nike Systems should, immediately, or without undue delay, file personal materials in a separate folder clearly marked as such (by marking or naming the folder “PERSONAL”). If you are located in Germany, incidental and occasional non-business use can be permitted by your local employer if you provide your consent to the processing of telecommunication data as outlined in the German consent language. Nike makes reasonable efforts not to monitor content of communications and files marked “personal.” In exceptional circumstances, Nike may monitor such communications or files but only if permitted by and in accordance with applicable law, including where there is reason to believe that such communications or files contain evidence of an employee’s possible violation of the Nike’s policies, standards, and procedures. When doing so, personal materials will be accessed exclusively by persons authorized by Nike and any processing of employee’s personal information will be performed in a manner intended to limit the impact on employee’s privacy. If required, Nike will appoint an authorized inspector to work with you and verify whether any communications or materials are incorrectly of falsely marked as “personal” and select the relevant files for inspection based on concrete instructions. Consistent with and subject to local law and process, any personal materials stored in Nike Systems may be used against you to the fullest extent permissible under applicable law, including to justify disciplinary action, termination or in the context of litigation.
Paragraph 1.e.: See Global Acceptable Use Policy.
2. KEEP NIKE'S SECRETS
Paragraph 2.a.: See Global Acceptable Use Policy.
Paragraph 2.b.: See Global Acceptable Use Policy.
Paragraph 2.c.: See Global Acceptable Use Policy.
Paragraph 2.d.: See Global Acceptable Use Policy.
Paragraph 2.e.: See Global Acceptable Use Policy.
3. MAKE SURE YOUR COMMUNICATIONS ARE APPROPRIATE AND PROFESSIONAL
Paragraph 3.a.: See Global Acceptable Use Policy.
4. INTERNAL BLOGS AND OTHER INTERNAL COMMUNICATION
Paragraph 4.a.: See Global Acceptable Use Policy.
5. SOCIAL MEDIA POLICY
Paragraph 5.a.: See Global Acceptable Use Policy.
6. RESPECT COPYRIGHTS AND OTHER MATERIAL OWNED BY THIRD PARTIES
Paragraph 6.a.: See Global Acceptable Use Policy.
7. RETENTION OF INFORMATION
Paragraph 7.a.: See Global Acceptable Use Policy.
8. IMPROPER USE
Paragraph 8.a.: See Global Acceptable Use Policy.
9. PROTECTING YOUR PERSONAL INFORMATION
Paragraph 9.a.: See Global Acceptable Use Policy.
Paragraph 9.b.: See Global Acceptable Use Policy.
Paragraph 9.c: See Global Acceptable Use Policy.
Paragraph 9.d. of the Global Acceptable Use Policy is replaced as follows:
We respect the privacy of our employees. When we monitor Nike Systems for the purposes described in the Global Acceptable Use Policy and this EMEA Addendum, we may need to process your personal information stored in these systems. We process your personal information to pursue our legitimate interests of ensuring our network security, protecting our assets, data and copyright, transmitting the personal information within Nike for internal business purposes, defending legal claims, and ensuring compliance with our policies and applicable law. When processing personal information for our legitimate interests, we take appropriate measures to ensure that the interests we pursue are balanced with your interests, rights and freedoms, which we are happy to explain to you upon request. The entity responsible for the collection and processing of your personal information in the context of Nike’s employee monitoring activities is the Nike entity in the EMEA Region who is your employer. For more information on how Nike processes the personal information of its employees, please read Nike’s Employee Privacy Policy. Where required under applicable law, we will collect your consent to process personal information.
Paragraph 9.e. is added to the Global Acceptable Use Policy:
We collect the minimum amount of personal information necessary to conduct our monitoring activities which primarily is technical information stored in our systems, including user name, date/time, IP address, device number or other identifier, file name/type/size, destination, event time stamp and other information employees may store on the company devices that is relevant to the inspection. We do not monitor a specific employee or access the content of specific employee’s private files or emails, unless permitted by and in accordance with applicable law, including where we have a justified suspicion of illegal activity or violation of Nike’s internal policies. We do not knowingly access sensitive data of our employees, meaning racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, sex life or sexual orientation, except as permitted or required by applicable law.
Paragraph 9.f. is added to the Global Acceptable Use Policy:
Nike processes personal information as necessary to secure the effective operation of its information technology and communications systems, to detect any unauthorized use of such systems, including any breach of Nike’s principles, rules and policies for Internet use and inappropriate behavior, to conduct necessary inspections or investigations, or where necessary for the establishment, exercise or defense of legal claims as described above in this EMEA Addendum or the Global Acceptable Use Policy.
Paragraph 9.g. is added to the Global Acceptable Use Policy:
Nike may disclose your personal information if necessary for the processing purposes described in the Global Acceptable Use Policy and this EMEA Addendum to (i) other Nike entities and affiliates, (ii) vendors or suppliers who perform security, data storage, investigation, forensic or legal services on our behalf (including IT forensic companies, external investigators and investigatory companies), and law firms, (iii) an acquiring organization if Nike is involved in a sale or transfer of some or all of its business or change in control; or (iv) where we are otherwise required to do so, such as by court order or by law, to the relevant authorities or law enforcement. We contractually require third parties who perform services on our behalf to only process personal information based on our instructions and to implement data security measures. To the extent permitted by applicable law, personal information may be shared with third parties such as advisors, courts and public authorities as necessary for investigations and legal proceedings.
Paragraph 9.h. is added to the Global Acceptable Use Policy:
Weprotect your personal information by applying technical and organizational measures to prevent unauthorized access, destruction, loss, alteration, misuse or any other unlawful form of processing of the personal information. We make reasonable efforts to ensure a level of security appropriate to the risk of the processing of personal information. Where possible, we do not monitor identifiable personal information, but we primarily conduct searches based on keywords and patterns. Personal information may be accessed exclusively by persons authorized by Nike on a need-to-know basis. Personal information will be retained for the time necessary to achieve the purposes outlined in this EMEA Addendum. To the extent permitted by applicable law, your personal information may be retained for a reasonable period after the termination of your employment relationship.
Paragraph 9.i. is added to the Global Acceptable Use Policy:
In the context of the processing activities described in the Global Acceptable Use Policy and this EMEA Addendum, your personal information is transferred and stored outside the country of your employment, to Nike, Inc., in the United States, which has not been recognized by the EU Commission as providing an adequate level of data protection. When we transfer personal information outside the European Union, Switzerland or other countries with data transfer restrictions, to a country that does not have an adequate level of protection, we implement appropriate safeguards to protect the personal information, including by entering into appropriate data transfer agreements such as the European Commission’s EU Standard Contractual Clauses with the data recipients, ensuring that the data recipient has certified to the EU-U.S. or Swiss-U.S. Privacy Shield Framework, or has implemented Binding Corporate Rules, as applicable. Nike’s intra-group data transfer agreement is available upon request by contacting us as described below.
Paragraph 9.j. is added to the Global Acceptable Use Policy:
You have the right to request access to and rectification or erasure of your personal information processed in the context of Nike’s monitoring activities, or to request the restriction of the processing of such personal information, as permitted by applicable law. You also have the right to object to that processing on grounds relating to your particular situation. If you are not satisfied with our responses, you have the right to consult with the supervisory authority in your country. You can contact us as described in paragraph below to exercise your rights.
Paragraph 9.k. is added to the Global Acceptable Use Policy:
For any questions regarding this EMEA Addendum or the Global Acceptable Use Policy and how we protect your personal information in the context of our employee monitoring activities, please contact your HR department or Nike’s Data Protection Officer at privacy.office@nike.com.
GERMAN CONSENT FORM
Consent [Separate pop-up window]
To the extent permitted or required by applicable law, you expressly authorize all data processing of communication data related to your private use of Nike Systems (including the recording and monitoring of your communication data) for the purposes and under the conditions described in the Global Acceptable Use Policy and the EMEA Addendum.
You understand that Nike processes private communication data for legitimate business purposes.
You understand that Nike will not intentionally or routinely access non-business related materials marked as “Personal.” In the event that Nike accesses such information for the purposes and under the confidentiality conditions described in the Global Acceptable Use Policy and this EMEA Addendum, you freely and expressly consent to such access. You may withdraw your consent at any time. However, if you withdraw your consent, we may no longer be able to provide you with the possibility to use the Nike Systems for private purposes. You may also have a right to data portability.
Your private use of the Nike Systems is voluntary. If you do not agree with the terms of the Global Acceptable Use Policy and the EMEA Addendum, including how user personal information is processed, personal use of the Nike Systems is not permitted.
[I agree]