Privacy and Security Information

The Allied Command Transformation website is provided as a public service by the ACT Innovation Branch.

Information presented on the ACT website is considered public information and may be distributed or copied. Use of appropriate byline, photo and image credits is requested.

For site management, information may be collected for statistical purposes.

What personal data is collected by the HQ SACT?
Controller collects and processes the following personal information:

  • To be defined and adjusted for particular situation: Personal identifiers
    including names, nationality, and characteristics (civilian, military, if
    necessary, age, gender, and contact details)
  • email address, working position, and phone number

How do we obtain the personal data and why do we have it?
The personal data Controller processes is provided to us:

  • Directly by you through our website, when you complete online forms to contact us, subscribe to a newsletter, participating in surveys, or registering for events such as conferences, workshops, trainings, education and meetings that HQ SACT is organizing whether online, in person, or otherwise
  • Automatically when you visit our websites. The personal data we collect
    automatically include your IP address, pixel ID, device type, unique device identification number,
    browser type, operating system, general geographic information (e.g. country
    or city-level location) and other technical information

We do not collect, nor maintain special categories of personal data, such as related to racial or ethnic origin, sexual orientation, political, philosophical, religious opinions or activities, as well as genetic, biometric data and data concerning health. If you provide any special categories of personal data to us, you consent to the collection and processing of these special categories of personal data by virtue of providing this information.


We collect personal data for any of the following reasons:

  • In order to permit you to access the information on the website you visit or
    grant you access to the requested website
  • To administer the websites
  • To confirm your identity to prevent unauthorized access to our website
  • To deliver information on our websites effectively, safely, and in quality
    manner
  • For our internal analytics purposes, we collect and use the personal data
    automatically collected through our websites
  • Data automatically will be collected using cookies and similar tracking technology.
  • To ensure the proper management of activities, online collaboration, and
    deliver events such conferences, workshops, and meetings, and to deliver training and education either online or in person
  • Other

We share your personal data under the following circumstances:
The HQ SACT may share collected personal data outside HQ SACT and its subordinate Commands in the following situations:

  • With other NATO bodies to ensure proper functioning
  • With other members of the particular event, training, workshop and otherwise same community of interest
  • With external service providers to ensure proper information management, such as supporting day-to-day office management, IT system management, data storage and similar
  • If necessary and when in accordance with NATO policies, directives including national security

Our basis for processing collected personal data:

  • Your consent. If you wish to remove your consent at any time, you can do this by unsubscribing to our newsletter or contacting the Innovation Hub
  • ACT’s legitimate interest to communicate information about NATO activities, develop and improve our website, maintain communication, organize event
    and protect NATO staff members, assets, and information

HQ SACT stores your personal data

Your rights related to your personal data:

  • Obtain confirmation as to whether your personal data is being processed
  • Access your personal data, subject to further exceptions outlined
  • Rectify inaccurate or incomplete personal data or erase your personal data in case it is no longer necessary for the purpose it was collected or it was
    processed in a manner contradictory to the specific purpose. Names of any data subject acting in an official capacity from NATO information of permanent value shall not be deleted
  • Object to the processing if you believe that there is no legitimate basis for processing your personal data
  • Complaint and appeal regarding HQ SACT’s decisions with regard to your personal data and any related requests

Please be aware that following exceptions to the release of personal data apply:

  • In case there is a possibility of adverse effect to the rights of others
  • There are possible violations of NATO policies on the release of classified or non-classified information
  • Due to ongoing inquiries, investigations or disciplinary proceedings
  • In case personal data is related to legal advice, used in litigation or deliberative proceedings
  • In case data is processed for the purpose of security, intelligence or counterintelligence activities

Personal data shall not be made available if to do so would involve disproportionate
resources for HQ SACT, or would be impossible. In such cases, we shall provide access
to the extent reasonable.

This government computer system may employ software programs to create summary statistics for such purposes as assessing what information is of most and least interest to the public, determining technical design specifications, and identifying system performance or problem areas. User-supplied information provided for the purpose of requesting information is destroyed by ACT following the transaction of information to the requester.

For site security purposes and to ensure that this service remains available to all users, this government computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage.

Except for authorized law enforcement investigations, no other attempts are made to identify individual users or their usage habits. Raw data logs are used for no other purposes and are scheduled for regular destruction in accordance with National Archives and Records Administration General Schedule 20.

Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

If you have any questions, complaints, or comments about the information presented here, please contact us.

For additional information about ACT and policies relating to this publicly accessible website, you may also write to:

Headquarters, Supreme Allied Commander Transformation
Public Affairs Office
7857 Blandy Road, Suite 100
Norfolk, VA 23551-2490