This privacy policy describes the types of personal information GDIT and its affiliates (“GDIT”) collect including information we collect on www.gdit.com, how we may use that information, and with whom we may share that information. This privacy policy also describes the measures we take to protect the security of the information. We also tell you how you can reach us to provide feedback, inquire about our company and its services, or answer questions you may have about our privacy practices.
Information may be automatically collected by our website, including your IP address, the address of the site you visited just prior to ours, and number of times an article or page from our site has been shared. You may choose to provide personal information (such as your name, address, telephone number and email address) on this website. Following are the ways you may provide the information and the types of information you may submit, and how we may use the information you provide.
You can submit your resume and other information online to apply for jobs with GDIT. We use third-party service providers to help us conduct recruitment-related activities. We use the information you submit to evaluate your job application and to contact you regarding possible careers with GDIT.
When you share contact information (i.e. email address, phone number) we may use the information we collect to:
Like many companies, we use cookies and log files on our web site. Cookies are small text files that web sites often store on the computer hard drives of visitors to their sites. A cookie contains a unique code, which is used to recognize your computer when a user of your computer returns to a web site that was visited previously. Log files are small text files that web sites automatically create when a user visits a site. We use cookies and log files to enhance the online experience of our visitors and to better understand how our site is used. Cookies and log files may tell us, for example, whether you have visited our site before or whether you are a new visitor.
The “help” portion of the toolbar on most browsers will tell you how to stop accepting new cookies, how to be notified when you receive a new cookie, and how to disable existing cookies. Remember, though, without cookies, you may not be able to take full advantage of all Web site features, such as submitting a resume online to pursue career opportunities with GDIT.
We may use third-party web analytics services on our website such as Google Analytics. These service providers help us analyze how users use the website. The information collected for this purpose (including your IP address and other information collected by automated means) will be disclosed to or collected directly by these service providers. To learn more about how to opt out of Google Analytics click: Google Analytics
Both we and others (such as our service providers and advertising networks) may collect personal information about our visitors' online activities, over time and across third-party websites. Our website is not designed to respond to “do not track” signals from browsers.
We may provide links to other web sites for your convenience and information. These sites may operate independently from www.gdit.com and may not be under our control. These sites may have their own privacy notices in place, which we strongly suggest you review if you visit any linked websites. The entities that operate these sites are responsible for the content of their sites, any products or services they may offer through their sites or any other use of their sites.
We do not sell, rent, trade or otherwise disclose personal information about our website visitors, except as described here. We may share the information you provide with companies that are affiliated with GDIT. We also share information provided by our website visitors with service providers we have retained to perform services on our behalf (for example, to assist with recruiting activities). In addition, we may disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the transferee uses personal information you have provided through this website in a manner that is consistent with this privacy notice.
We maintain security controls to protect against unauthorized disclosure, use or alteration of the personal information in our possession.
We may change or update portions of this privacy notice at any time and without prior notice to you.
You have specific legal rights relating to the personal data GDIT collects and processes about you. In certain circumstances, you may have rights to:
You can contact us at: gditprivacy@gdit.com or by mail at: General Dynamics Information Technology, Inc., 3150 Fairview Park Drive, Falls Church, Virginia 22042. You may access information concerning the source of the personal data, e.g., the purposes for which your personal data are being used, the categories of personal data concerned and the details of the parties with whom GDIT may share your personal data. Pursuant to the law, you may object to the processing of your personal data for legitimate reasons, notably the transfer of your personal data to some recipients. You further have the right to lodge a complaint with a relevant supervisory authority if you believe that we may have infringed your rights.
1. Controller and contact details
GDIT is responsible for the personal data we collect and use in connection with your application.
2. What data we collect We collect and process personal data that you provide or that we receive from other sources in connection with your application, including:
We collect and process personal data that you provide or that we receive from other sources in connection with your application, including:
We may also collect information from recruitment agencies, background-check providers and publicly available professional profiles (for example, LinkedIn).
3. Why we use your data and legal bases
We use your personal data to: receive, review and manage your application; assess your skills, qualifications and suitability for the role; communicate with you about the process; comply with legal and regulatory requirements (for example, right-to-work and equal-opportunity obligations); and keep records of our hiring process for audit, dispute-resolution and business-management purposes. Where applicable privacy laws require a legal basis, we rely on: taking steps at your request before entering into an employment contract; our legitimate interests in recruiting and managing our workforce (where these are not overridden by your rights and interests); compliance with legal obligations; and your consent where required (for example, for certain background checks or keeping your details for future roles).
4. Sensitive personal data
In some cases we may process information that is considered sensitive or special-category under local law (for example, health information needed for reasonable accommodations, or diversity-monitoring data such as race/ethnicity or disability status). We process this data only where permitted by law and only for specific purposes, such as providing accommodations, meeting equal-opportunity or reporting obligations, or establishing, exercising or defending legal claims. Where local law requires it, we will ask for your explicit consent before processing such information.
5. Who we share your data with
We limit access to your personal data to people who need it for legitimate business purposes, including: GDIT HR and recruitment teams, hiring managers and interviewers; senior management involved in hiring decisions; IT and system-administration providers who support our recruitment systems; and third-party service providers, such as recruitment agencies, assessment providers, background-check providers and professional advisers. These parties are required to protect your data and use it only for the purposes we specify. We may also share data where required by law or by competent authorities.
6. International transfers
Because GDIT operates internationally, your personal data may be stored and processed in a country different from where you live or applied, including the United States. When we transfer personal data across borders, we do so in accordance with applicable privacy laws and, where required, put in place appropriate safeguards such as standard contractual clauses or participation in recognized transfer mechanisms (for example, the EU-US Data Privacy Framework and its UK extension for relevant data).
7. How long we keep your data
We keep your personal data only for as long as needed for the recruitment process and for a reasonable period afterward to demonstrate fair and non-discriminatory hiring practices, respond to or defend against legal claims, and comply with record-keeping or regulatory requirements. If you are hired, some of your data will become part of your employee file and will be kept in line with GDIT’s employee-privacy and records-retention policies. If we wish to keep your details on file for future opportunities beyond the normal retention period, we will ask for your consent where required.
8. Your rights
Depending on the laws that apply to you, you may have rights to: access the personal data we hold about you; ask us to correct inaccurate or incomplete data; ask us to delete your data in certain circumstances; ask us to restrict or limit how we use your data; object tocertain types of processing, including where we rely on legitimate interests; and withdraw consent where processing is based on consent (without affecting processing carried out before withdrawal). To exercise your rights, please contact us using the details above; we may need to verify your identity before responding.
9. Providing data and consequences of not providing it
Some information is necessary for us to consider your application (for example, contact details, information about your experience and proof of your right to work). If you do not provide this information, we may not be able to process your application or make you an offer.
10. Complaints and questions
If you have questions or concerns about how GDIT handles your personal data, you can contact us at gditprivacy@gdit.com. Depending on your location, you may also have the right to lodge a complaint with your local data-protection authority.
11. Additional Information for applicants located in Belgium, Bosnia and Herzegovina, Germany, Italy, Portugal and Spain
For applicants located in Belgium, Bosnia and Herzegovina, Germany, Italy, Portugal and Spain, we process your personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and any applicable local data-protection laws. For applicants in the United Kingdom, we process your personal data in accordance with the UK GDPR (the retained EU GDPR as incorporated into UK law) and the Data Protection Act 2018.
In this context, the main legal bases we rely on are:
Where we process special categories of data (for example, health information needed to provide reasonable accommodations, or diversity-monitoring data such as racial or ethnic origin, religious or philosophical beliefs, sexual orientation or disability status), we do so only where permitted by law, including under Article 9(2) GDPR / UK GDPR, such as:
Where we transfer your personal data outside the EEA/UK, we use appropriate transfer mechanisms, such as adequacy decisions or standard contractual clauses adopted by the European Commission or UK authorities, to ensure an adequate level of protection.
You also have the right to lodge a complaint with your local data-protection supervisory authority in addition to contacting us.
12. Additional information for applicants in Chile, Colombia, Costa Rica, Ecuador, El Salvador, Mexico, Peru and Argentina
When you apply from one of these countries, GDIT processes your personal data in accordance with the applicable national data-protection or habeas-data laws, including, as relevant:
In many of these countries, processing of applicant data is based on your prior, informed consent, our need to evaluate your application and, where applicable, to comply with legal and regulatory obligations (for example, labour, social-security or anti-discrimination rules). Where consent is required by local law, we will request it separately (for example, before conducting background checks or collecting sensitive information), and you may withdraw that consent at any time, without affecting processing that has already taken place in reliance on it. We will only collect data that is adequate, relevant and not excessive in relation to the recruitment purposes described in this notice
13. Additional information for applicants in Canada
When you apply from Canada, GDIT processes your personal information in accordance with applicable Canadian privacy laws, including the federal Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, substantially similar provincial private-sector laws (such as those in Alberta, British Columbia and Québec). These laws require us to obtain your knowledge and consent for the collection, use and disclosure of personal information, to limit use to identified purposes, to safeguard it appropriately and to retain it only as long as necessary for those purposes.
Under these laws, you have the right to request access to the personal information we hold about you and to request correction of that information if it is inaccurate or incomplete. You may also challenge our compliance with these principles and, where information is no longer required for the purposes identified at the time of collection, you may request that it be destroyed, erased or made anonymous, subject to our legal and contractual obligations.
14. Additional information for applicants in South Africa
For applicants in South Africa, we process personal information in accordance with the Protection of Personal Information Act, 2013 (POPIA). POPIA requires us to comply with the eight conditions for lawful processing, including accountability, processing limitation, purpose specification, further-processing limitation, information quality, openness, security safeguards and data-subject participation. We apply these conditions to our recruitment activities, including limiting processing to what is necessary for recruitment and protecting information with appropriate technical and organisational measures. Under POPIA, you may request access to personal information we hold about you, ask us to correct or delete personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully, and object, on reasonable grounds, to certain forms of processing. You also have the right to lodge a complaint with the Information Regulator (South Africa) if you believe your personal information has not been handled in accordance with POPIA.
15. Additional information for applicants in Kenya
For applicants in Kenya, we process your personal data in line with the Data Protection Act, 2019 and its regulations. This law requires that personal data be processed lawfully, fairly and transparently, collected for explicit and legitimate purposes, adequate and limited to what is necessary, accurate and up to date, kept only as long as needed and secured with appropriate safeguards.
You have the right to be informed about how your data is used, to request access to the personal data we hold about you, to request correction of inaccurate or incomplete data, and to object to certain processing, including for purposes that are not compatible with the purposes for which the data was collected, subject to statutory limitations. Where we transfer personal data outside Kenya, we will do so in accordance with the cross-border transfer requirements of the Data Protection Act, 2019 and any guidance issued by the Office of the Data Protection Commissioner, including ensuring appropriate safeguards for your personal data.
16. Additional information for applicants in Kazakhstan, Ethiopia, Jamaica, Bahamas, Barbados, Guyana, Haiti and Trinidad and Tobago
When you apply from one of these countries, we process your personal data in accordance with any applicable national data-protection, ICT or privacy laws, which may include:
To the extent these laws give you specific rights, you may generally request access to personal data we hold about you, request correction or update of inaccurate or incomplete data, and, in some cases, request deletion, cancellation or restriction of data that is no longer necessary or is being processed contrary to local law. You may also, where provided by local law, object to certain processing (for example, direct marketing or automated decision-making) and may have the right to lodge a complaint with the relevant supervisory authority or seek judicial remedy.
To exercise any of these rights, applicants in these countries should contact General Dynamics Information Technology, Inc. at gditprivacy@gdit.com or via the postal address in this notice, indicating their country of residence and the right they wish to exercise. We will respond in accordance with the requirements and time limits of the applicable national law.
Updated June 11, 2026