Skip to main content

Phillips 66 Privacy Statement

Last Updated:  February 8, 2023

Introduction

Phillips 66 Company is committed to protecting your privacy.  This Privacy Statement provides information regarding how we treat the personal data (also known as personal information) we collect from you, and your associated rights when using the Phillips 66 group of websites, platforms, and other services that link to this Privacy Statement, or when purchasing products from, conducting business with, or otherwise interacting with a company or companies within the Phillips 66 group of companies (“Phillips 66,” “we,” “us,” “our”). 

If you reside in the European Economic Area (“EEA”) or the United Kingdom, please visit the relevant notices to find out how we process your information.

Specifically, this Privacy Statement describes how Phillips 66 collects, uses, and discloses to others your personal data when you interact with us online, including through your use of social media, or offline (collectively, our “Services”).

If you are a job applicant, recruit, employee, contractor, or spouse/dependent of an employee of Phillips 66, please refer to the Phillips 66 Company Recruiting Privacy Statement.  Phillips 66 employees may access our Personal Data Privacy Policy in the Phillips 66 Policy Center.

What Personal Data Does Phillips 66 Collect?

Phillips 66 collects personal data for our operational purposes.  We may collect the following categories of personal data:

How Does Phillips 66 Collect Personal Data?

Phillips 66 collects personal data online and offline.

We may draw inferences from any of the categories of data above described to help us tailor our communications to you and to improve our Services. From time to time, we may also use or augment the personal data we have about you obtained from other sources, such as public databases, social media platforms and other third parties.  We may also combine information we get from a third party with information we already have, and we may combine information that we have collected offline with information we collect online.

Cookies, Web Beacons and Other Tracking

Cookies are small amounts of data generated by a website and saved by your web browser.  Their purpose is to remember information about you.  Our websites may use cookies to track the number of times you have visited our websites, to track the number of visitors to our site, to analyze visitors’ experience with our sites, to store data that you may provide (such as preferences), and to store technical information related to your interactions with our websites and applications.  We may also use session cookies, which are deleted when you close your browser, to store your username, to facilitate movement around our sites, and other information useful in administering your session on our sites.

Our websites may also contain web beacons, which are small, transparent image files.  Web beacons allow us to count the number of users who have visited pages of our sites.  We may also include web beacons in promotional email messages or newsletters in order to determine whether messages have been opened and acted upon, including whether the recipient clicked on a link in the email or forwarded the email to another person. 

Here are some of the types of personal data collected when visiting our website and mobile application:

Tracking Options and “Do Not Track” Signals

Most internet browsers automatically accept cookies, but you may adjust your browser, operating system, or mobile device settings to limit certain tracking, decline cookies, or notify you when a cookie is being placed on your computer or device.  If you choose not to accept cookies while using our Services, you may not be able to experience all the features of our sites or applications.  You can typically delete existing cookies, although this means that your existing settings will be lost, such as stored usernames and other preferences.  While you may be able to disable the use of cookies through your browser or device settings, the Phillips 66 Services currently do not respond to a “Do Not Track” signal in the HTTP header from your browser or mobile application due to lack of standardization regarding how that signal should be interpreted.

How Do We Use Your Personal Data?

We use your personal data for the following purposes:

We may aggregate, anonymize and/or de-identify data we collect about customers and site visitors and use it for any purpose, including product and Service development and other business improvement activities.

To Whom Do We Provide Your Personal Data?

We may provide your personal data within the Phillips 66 group of companies. We may also provide that personal data to the following categories of entities:

We do not sell and have not sold your personal data or transferred such personal data to third parties to use for their or our own commercial benefit. 

International Transfers in Global Operations

We may transfer personal data to and store personal data in countries other than the country where it was collected or from where you accessed our websites or applications.  Those countries may have different data privacy and protection laws than the countries from which the personal data was collected or from which you accessed our websites or applications.  To the extent required by applicable law, we will take measures to protect personal data so transferred or stored.  For example, we implement Standard Contractual Clauses approved by the European Commission and United Kingdom and use similar contractual obligations to comply with applicable laws of other jurisdictions including data processing agreements in the United States.  By choosing to use our Services, including our websites and applications, and submitting personal data to us, you consent to the transfer of such personal data outside of your country of residence. 

How Long Do We Keep Your Personal Data?

We store personal information about you on computer systems operated by us or our service providers. As a regulated company, we keep various records that contain personal information in accordance with applicable state and federal regulations, or pursuant to contractual obligations. In general, we aim to keep personal information only for as long as necessary and only for the reason(s) we collected it. It may be necessary to keep personal information longer than our official retention periods for legal or regulatory reasons, including litigation. To support us in managing how long we hold personal information and our record management, we maintain a data retention policy which includes clear guidelines on retention and deletion.

We consider the following criteria when determining how long a particular record will be retained, including any personal information contained in that record:

The same personal information about you may be included in more than one record and used for more than one purpose, each of which may be subject to different retention periods based on the factors listed above.

Security Measures

We use technical, administrative, and procedural measures to safeguard your personal data from unauthorized access or use.  We use, and we require our service providers to use, industry standard security measures for securing and protecting personal data, which may include measures such as encrypting data in transit and at rest, as well as limiting access to personal data on a least privilege basis (i.e., giving each user access only to personal data needed to perform their specific job duties).  No such measure is ever 100% effective though, so we do not guarantee that your personal data will be secure from theft, loss, or unauthorized access or use, and we make no representation as to the reasonableness, efficacy, or appropriateness of the measures we use to safeguard such data.

Linked Websites

Our websites and applications may contain links to other websites, including those of other companies, organizations, and publications. These linked websites operate independently from our websites and applications, and we do not control and are not responsible for the content, security, or data privacy practices used by other entities.  You should review the privacy statements of those linked websites to determine how they protect and use your personal data.

Children

Our Services, including our websites and applications, are not directed to children under 16 years of age and we do not knowingly collect any personal data from children under 16.  If we learn that we collected the personal data of a child under the age of 16, we will use reasonable efforts to delete such information from our systems promptly.

Your Rights

Depending upon the laws applicable where you reside, you may have certain rights associated with your personal data.

Click here if you are a resident of California.

Changes to Privacy Statement

Changes to Privacy Statement 

We reserve the right to amend this Privacy Statement at any time at our discretion and will review and update it as may be necessary but will do so at least annually.  When we do, we will revise the effective date at the top of this Privacy Statement.  Please revisit this page periodically to become aware of the most recent privacy terms; your use of our Services linked to this Privacy Statement after such changes have been posted constitutes your agreement to such terms.

Contact Us

If you have questions regarding this Privacy Statement or our handling of personal data, you may contact us at phillips66.com/contact.