Personal Data We Process
Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”). We may collect data or ask you to provide certain data when you visit and use our websites, products and services. The sources from which we collect Personal Data include: Data collected directly from you or your device relating to an identified or identifiable natural person (“Data Subject”), and may include direct identifiers such as name, address, email address, phone number, and online or indirect identifiers such as login account number, login password, marketing preferences, social media account, or IP address; If we link other data relating to you with your Personal Data, we will treat that linked data as Personal Data; and We may also collect Personal Data from trusted third-party sources such as distributors, resellers, app stores, contact centers, and engage third parties such as marketing, survey, analytics or software suppliers to collect Personal Data to assist us. We do not process special categories of personal data or deduce in any way this type of information from data we collect within our products. We organize the Personal Data we process into these basic categories: Billing Data, Account Data, and Product Data. Billing Data includes your name, email address, masked credit card number, license information and in certain circumstances, your billing address and your phone number. In most circumstances, you purchase our products and services from a trusted third-party service provider, reseller, or app store. In those circumstances, your Billing Data is processed by the relevant third party and we only receive a subset of this data to keep proper business records.
Account Data includes information needed to set up and customize an account, such as your name, email address and username, and information connected with our services, such as license keys. For some of our products or some of their functions creating an account is necessary.
Product Data includes two sub-categories: Device Data includes information about the operating system; hardware; city/country of device; error logs; browser; network; applications running on the device, including the products; and Service Data includes information about the product usage and events relating to use of our product by you such as samples, detections and files used for malware protection, information concerning URLs of websites, usage statistics (activation, crashes, scans, errors), IP address. These sub-categories differ for each product and service.
Why We Process Your Personal Data
We do our best to disconnect or remove all direct identifiers from the Personal Data that we use:
For free versions, this disconnection or removal of identifiers begins when the products and services are initially activated. For paid users we keep Billing Data in a separate database and minimize its use for anything other than handling payments and our own finances. For both paid and free versions, we continuously monitor for, minimize, disconnect and remove all direct identifiers during the normal performance of the products and services.
Processing of IP Addresses
For paid products and performance, your IP address is collected at the time at which your product or service is being provided, for the purpose of facilitating our billing process. Specifically, our third-party billing partner will collect your IP address for its billing process; we do not store the IP address from this process. For free and paid products including antivirus, your IP address is also processed for the purpose of downloading certain products, product authorization, fraud and malware detection.
Personalization We use your answers from surveys, in which you can participate, and relevant Product Data to personalize communication and recommend our relevant products for you. We do not take any decisions solely based on algorithms, including profiling, that would significantly affect you.
We may use contractors and service providers to process your Personal Data for the purposes described in this Privacy Polic . We contractually require service providers to keep data secure and confidential. Such service providers may include in particular contact centers, professional consultants (including for defence or exercise of our rights), and marketing/survey/analytics/software suppliers. Sometimes these service providers, for example, our distributors, resellers, and app store partners, will be independent controllers of your data and their terms and conditions, end user license agreements (“EULA”) and privacy statements will apply to such relationships.
We may provide your Personal Data to our partners for the purpose of distribution, sale or management of our products. Our partners may use your Personal Data to communicate with you and others about our products or services. In addition, you purchase our products directly from our distributor, a reseller, or an app store. Because your relationship in these cases is with that distributor, reseller or an app store, such third party will also process your Personal Data.
We use analytical tools, including third-party analytical tools, which allow us to, among other things, identify potential performance or security issues with our products, improve their stability and function, understand how you use our products, and websites, so that we can optimize and improve your user experience, as well as evaluate and improve our campaigns. We use Service and Device data for analytics.
In certain instances, it may be necessary for us to disclose your Personal Data to public authorities or as otherwise required by applicable law. No Personal Data will be disclosed to any public authority except in response to: A subpoena, warrant or other process issued by a court or other public authority of competent jurisdiction; A legal process having the same consequence as a court-issued request for data, in that if we were to refuse to provide such data, it would be in breach of local law, and it or its officers, executives or employees would be subject to liability for failing to honor such legal process; Where such disclosure is necessary for us to enforce its legal rights pursuant to applicable law; or A request for data with the purpose of identifying and/or preventing credit card fraud.
How We Protect Your Personal Data
We maintain administrative, technical, and physical safeguards for the protection of your Personal Data. Administrative Safeguards
Access to the Personal Data of our users is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support to end users, or who service user accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. These third parties are contractually bound by confidentiality clauses, even when they leave. Where an individual employee no longer requires access, that individual’s credentials are revoked.
We store your personal information in our database using the protections described above. In addition, we utilize up-to-date firewall protection for an additional layer of security. We use high-quality antivirus and anti-malware software, and regularly update our virus definitions. Third parties who we hire to provide services and who have access to our users’ data are required to implement privacy and security practices that we deem adequate. Physical Safeguards
Access to user information in our database by Internet requires using an encrypted VPN, except for email which requires user authentication. Otherwise, access is limited to our physical premises. Physical removal of Personal Data from our location is forbidden. Third-party contractors who process Personal Data on our behalf agree to provide reasonable physical safeguards. Proportionality We strive to collect no more Personal Data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.
We have products and services designed specifically to assist you as a parent by providing child online protection features. In such cases, we will only collect and process Personal Data related to any child under 16 years of age, which you choose to disclose to us or otherwise instruct us to collect and process. Details about this processing is included in our Products Policy. Please refer to the specific applicable notices for this information.
How Long We Store Your Personal Data We will hold your Personal Data on our systems for the following periods: For Billing Data, for as long as we have a legal obligation or for our legitimate interests in establishing legal rights; For Account Data, for as long as you maintain your account; For Product Data, only as long as necessary for the purposes of a particular product or service. We use rolling deletion periods which means we regularly delete collected data in the given periods starting from the collection of that respective data. The rolling deletion periods for Product Data are not longer than six years. You can find specific rolling deletion periods for each of our products and their purposes in our Products Policy. Please note that when you uninstall our product, processing for service provision, in-product messaging, analytics and third-party ads, if applicable, dependent on the installed product shall cease. After the uninstallation, we will continue to process your Product Data for statistical purposes for up to six years, however, we have appropriate measures in place, including pseudonymization.
Storage of Your Personal Data
The data we collect from you may be stored, with risk-appropriate technical and organizational security measures applied to it, on in-house as well as third-party servers in the Czech Republic, in the United States, as well as anywhere we or our trusted service providers and partners operate. In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.
Your Privacy Rights
You have the following rights regarding the processing of your Personal Data:
Right to information – Right to receive information about the processing of your Personal Data, prior to processing as well as during the processing, upon request.
Right of access – Aside from the information about the processing of your Personal Data, you have the right to receive a copy of your Personal Data undergoing processing. Right to rectification – We should process accurate Personal Data; if you discover inaccuracy, you have the right to seek rectification of inaccurate Personal Data.
Right to erasure (“right to be forgotten”) – You have the right to erasure of your Personal Data, but only in specific cases stipulated by law, e.g., if there is no legally recognized title on our part for further processing of your Personal Data (incl. protection of legitimate interests and rights).
Right to data portability – The right to receive Personal Data which you have provided and is being processed on the basis of consent or where it is necessary for the purpose of conclusion and performance of a contract, in machine-readable format. This right applies exclusively to Personal Data which processing is carried out by automated means.
Right to object – Applies to cases of processing carried out in legitimate interest. You have the right to object to such processing, on grounds relating to your particular situation, and we are required to assess the processing in order to ensure compliance with all legally binding rules and applicable regulations. In case of direct marketing, we shall cease processing Personal Data for such purposes after the objection.
Right to withdraw consent – In the case of processing based on your consent, as specified in our Consent Policy, you can withdraw your consent at any time, by using the same method (if technically possible) you used to provide it to us (the exact method will be described in more detail with each consent when you provide it). The withdrawal of consent shall not affect the lawfulness of processing based on your consent before its withdrawal. Right to restriction of processing – You have the right to restriction of processing of your Personal Data if: You are contesting the accuracy of your Personal Data, for a period enabling us to verify the accuracy of your Personal Data; the processing is unlawful and you oppose the erasure of the Personal Data and request the restriction of its use instead; we no longer need the Personal Data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims; or you have objected to processing of your Personal Data, and there is a pending verification whether our legitimate grounds override your interests. Right to contact supervisory authority, court -or your local authority or a relevant court. The fulfillment of data subject rights listed above will depend on the category of Personal Data and the processing activity. In all cases, we strive to fulfill your request. We will action your request within one month of receiving a request from you concerning any one of your rights as a Data Subject. Should we be inundated with requests or particularly complicated requests, the time limit may be extended to a maximum of another two months. If we fail to meet these deadlines, we would, of course, prefer that you contact us to resolve the situation informally. Where requests we receive are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or (b) refuse to act on the request. For the free versions, we do not and will not maintain, acquire or process additional information solely in order to identify the users of our free products and services. This is simply not necessary for the free versions of our products to be provided to you and function. This means, when you use a free version of our products and services, you may contact us with a request concerning your Personal Data. Please note, consistent with our privacy by design, privacy by default and minimization practices, we may not be able to identify you in connection with your Product Data about your specific free products and services. If such a situation occurs, please go to your product settings and explore your options.
Your Choices in products
You can make certain choices about how your data is used by us by adjusting the privacy settings of the relevant product. Please check your product settings to set your privacy preferences there. Privacy Portal In order to make it easier for you to reach out to us and obtain the necessary information and action changes, corrections or deletions of your Personal Data, we have decided to provide you with a portal, which can show you the Billing Data and Account Data we have collected from you as well as your email preferences. . We undertake all the actions necessary to ensure security of your Personal Data. You are legally entitled to receive information related to processing your Personal Data. To exercise this right, you have to submit a request to contacts indicated below in the Contact Us section. You have the right to revoke the consent at any time by sending us an e-mail at contacts indicated below in the Contact Us section. Once we receive the revocation notice from you we will stop processing and destroy your Personal Data, except as necessary to provision the contract or service to you. However, please note once you have revoked your consent, we may not be able to provide to you the products and services you request, and may not be able to ensure proper work of our products. We do not transfer your Personal Data to the countries that under Russian law are not deemed to provide adequate protection to the individuals’ rights in the area of data privacy. We do not offer, sell or otherwise make available our products or services that have access to, collect and process (or allow us to do the same) Personal Data of third parti . If any provisions of this Policy contradict the provisions of this section, the provisions of this section shall prevail. California Privacy Rights
This section applies to California, USA residents: Information Notice Categories of collected personal information You can see all categories of collected personal information listed in the section Personal Data We Process. Sources from which the personal information is collected You can find information about the sources of data in the section Personal Data We Process. Business or commercial purpose for collecting or selling personal information You can find all purposes of processing your personal information listed in the section Why We Process Your Personal Data. Categories of third parties with whom the business shares personal information You can find all categories of recipients of personal information listed in the section
How We Diclose Your Personal Data.
Right To Opt Out Of Sale