In brief
We respect your right to privacy.
In full
We wrote this to tell you about the personal and private data that we collect from you in this service and what we use it for. We believe that these topics matter to you the most, so we focus on them in this policy. For other aspects regarding the processing of your personal data, please see the F-Secure privacy statement, which applies to all of our services and to which this service-specific policy is an add-on.
The set of data that we collect depends on where you purchase the service.
e-Store: We get the following information on your purchase from our e-store partner: name, email, language, address, country, zip code, Internet Protocol (IP) address, payment type. More detailed information on data collected upon purchase is available from the e-store.
Operator partner: If you have purchased the service via your operator, the subscription data set that we receive varies per operator partner. It is typically limited to the above data. We also exchange some of the above collected data with our operator partner to provide you a smooth customer experience. This includes providing you with service support, communicating with you in a consistent manner, and keeping each other up to date on the status of your subscription.
Support. In cases where we provide you with personal support services, we may need to ask you for additional information.
We need to collect the above data types so that we have the necessary information to sell you the service, to deliver you the services, keep your customer journey fluent, communicate with you, and otherwise as may be required by law. These are explained further under the 'What do we do with it' section of the F-Secure privacy statement. The data collection happens automatically, except for information that you may actively provide to us or our reseller when purchasing the services.
Our guiding principle is that we do not seek to spy on the exact content of your private communications. We only need to analyze your communications traffic to enable the service to protect your home network. To be more exact, this means that:
All of the above is either anonymized or obfuscated so that we cannot look into your individual browsing habits or contents.
If you have purchased the service via your operator, we may exchange such data as is necessary (e.g. service purchases, license expirations, data collected for resolving a technical support case) with the operator. We do this to provide you with a smooth customer experience and support services, and to communicate with you in a consistent manner.
F-Secure also employs its affiliates and subcontractors based on the principles set out under "Transfers" in its privacy statement.
We process your data so that we can provide you with our services that you have made a contract for or are in the process of doing so. Such contracts may be made either directly with us or with another entity (such as our webstore or operator partner) that has tendered our services to you. Tendering of services may take the form of a purchase or be free of charge.
In the case of data that is not strictly necessary to provide you with the services – but would help us in providing you with better services in the long run – we collect such data only with your consent.
The service user interface may also provide you with other settings to adjust your preferences.
For devices with Windows, Mac, and Android operating systems, if the endpoint protection app is installed, the anti-virus scanner in the app also checks the reputation of your application files. If a file is not known to be safe, the service may send it to Security Cloud to be scanned. Once the file is scanned, Security Cloud sends the scan result back to the service. When the service scans content in Security Cloud, it does not collect any personal data. Scanned files are stored for a time as necessary for Security Cloud to work as intended.
Security Cloud collects security data only on applications that do not have a known reputation and on files that are suspicious or known to be malware. The collected security data includes the package name, the current version and the origin of the file, and the permissions that it requires. This is explained in more detail in the 'Security Cloud privacy policy'.
To protect your privacy, we separate the above security data from any other data collected on your use of the service, we treat it as anonymous, and we destroy it when we no longer need it for the above purposes.
The service analytics data that we receive consists of two main data streams.
To respect our own core privacy promise, we do not have any third-party usage analytics that would target your actual communications traffic.
You can naturally opt out from the majority of the analytics data collection at any time in the service settings. This is explained towards the end of the main F-Secure privacy statement under 'Your choices with analytics and marketing'.
We store your account data based on the length of your subscription as set out in more detail in the F-Secure privacy statement. Additionally, some data is subject to their dedicated data retention practices.
You can also anonymize the technical service data in the SENSE device whenever you reset the device to the factory settings.
(April 2018)