Privacy Policy

As an emerging and upcoming company providing efficient cybersecurity services which are reliable, our aim is to assist you with defense against all kinds of cyberthreats.

For doing this, we might have to gather your personal information to provide you the best tools and the maximum updated security services. Our major objective is to maintain a trustworthy relationship with our clients and that is why we have generated a privacy policy that entails how we gather, utilize, disclose, transfer and store your personal information.

Who We Are

This general privacy policy is applicable to the Norton setup group (collectively “we”, “us”, or “our”).

Your personal information is controlled by the Norton software which has its principal place of business spread worldwide.

Privacy Policy Details

The following privacy policy explains how we manage and protect your personal information along with the options available to the client. Extra information regarding our personal information management practices might be available in product settings, contractual terms or notices given before or at the time of information collection.

Kindly refer to our privacy policy explaining the specifics of personal information processing within the products and services provided by us.

This privacy policy is built for the users of our products and services. In case you are our business partner, the privacy policy that is applicable to you is located here- Business partner policy.

Personal Information Processed By Us

Personal information is related to any type of data that is related to an individual person who is identified or identifiable.

We might gather information or ask you to provide some specific information when you visit our websites or utilize our products and services. The sources from which we gather personal information include-

  • Information gathered directly from the client or the device related to an identified or identifiable individual (Data subject). It might include direct identifiers like name, postal address, email address, contact number, online or indirect identifiers like login account, login password, marketing choices, social media account or IP address.
  • If we link other information with the clients personal data, that linked information will be treated as personal data.
  • We might also gather personal data from other trusted third party sources which involves distributors, resellers, app stores, contact centers and involve third parties like marketing, survey, analytics or software providers to gather personal data to help us.
  • We never process special categories of personal information like information concerning health, race, ethnicity, political opinions, etc, or analyze this type of data in any way from the information we gather within our products.
  • The personal data we process is organized into these basic categories- Billing data, Account data, and Product data.

Billing Data

It includes the client’s name, email address, billing address, their contact number, payment information, (depending on the method be it, information related to credit card, debit card, or paypal account) and device fingerprint ID.

The different types of usages regarding the inclusions of billing data-

  1. Email address- For sending the client the receipts of their purchases.
  2. Name and billing address- For maintaining the billing records.
  3. Payment information (payment card info, regarding businesses only VAT/Tax ID, and business ID- For processing the payment and billing records.
  4. Identifiers (product and license keys or numbers, Wallet IDs, Auto bill IDs, Payment transaction IDs- For identifying the product and allowing features based on the purchased license in order to track account activities between internal company systems, applications and architecture.

This information is also processed for the objective of delivering the product in alignment with your devices as well as regarding trade compliances and fraud check.

  1. Renewability- To check if a subscription that is provided can be renewed under similar terms.
  2. Expiry date- To verify if a license is current or not.
  3. Device fingerprint ID- For validating the authenticity of the payment transaction that is done, and to verify that the payment card and account are suitable for billing.

In some instances, the client buys the products and services from a trustworthy third party provider, reseller or app store. In such cases, the client’s billing data is processed by the relevant third party and we receive only a subset of this information to maintain accurate business records.

Specifically, we only keep your masked credit card/ debit card number and not your complete payment details.

Account Data

It includes data used to set up or customize your account like your name, email ID and username along with information linked with our services. These services can involve product, license and device information.

Creating an account is crucial for some of our products and their functions. The uses of account data ranges from customer management and engagement, generating revenue, optimizing and evaluating operational, sales and business procedures.

The different types of usages regarding the inclusions of account data are-

  1. Name- For customizing our communication by addressing the client by their name.
  2. Email ID- For sending the clients communication regarding their licenses and support along with offering them our other products and services.
  3. Username- For managing the client’s account and facilitating their login into the service.
  4. Account usage information (events like requesting to end subscription, subscription related data)- For enabling the activation of premium features, providing tailored life cycle experience and communicating with customer support, allowing acceptable product interface content.
  5. Date for renewing subscription- To assist us in validating the period the license was active.
  6. Trial user- To attach a grace period before the paid period of the subscription.

An account is also crucial for some of our forum’s features. In the forum, the user is provided the option to give extra information within their account such as personal texts, disclosing their date of birth, identifying their gender,  number for instant messaging, messenger username, website address and username, disclosing their physical location and choosing a personalized picture.

In order to register with us, or to be able to log in later on our pages or products, we provide you, in addition to our own process, the choice to do this through the services of Facebook connect, Google and Apple ID. For this objective, we will redirect you to the corresponding provider’s page.

Information from the provider ( email, platform ID, optional name), is then given to build the account. The customer account will be valid until you delete it actively in the account’s user administration section.

You can also get in touch with our support, in case you would like to delete the account.

Product Data

It involves two sub-categories-

  • Device data which involves information regarding the operating system, hardware, location of the device (city/country), IP address, error logs of the device, browser, network, applications that are running on the device. It also includes Norton’s products.
  • Service data which includes information regarding product usage and events related to the use of products by the client. This data includes samples, detection details, and files used for malware protection, information regarding the URLs of websites, utility statistics ( activation, crashes, scans, errors).

These subcategories are different for each product or service. If the client requires more details regarding device and service data, we process on a product basis, they should kindly refer to our products policy.

Why do we process your personal information?

We utilize your personal information for the following reasons and on the basis of the following-

On the basis of fulfilling our contract with the client or entering in a contract with them on their request for-

  • To process the purchase of products and services from us, the online stores of our partners and trusted third party service providers, and to bill for the purchased features and products.
  • To supply the download, activation and performance of the product or service.
  • To keep the products and services updated, safe and free from errors, which includes implementing new product features and versions.
  • To verify your identity along with entitlement to paid products and services at the time of the client contacting us for supporting or accessing our services.
  • To process the client’s purchase transactions
  • To update them on the status of their orders and licenses.
  • Managing their subscription and user accounts.
  • Offering them technical and user support. It can include remote access to the client’s device to solve their issues in a better manner.

On the grounds of the client’s consent, the following actions are taken-

  • Provide the client a subscription of the newsletter or the Norton forum.
  • To enable the facilitation of third party advertisements in product messages.
  • To enable the facilitation of personalized advertisements to support specific free products.
  • To enable the organization to record phone conversation when the client contacts the tech support by phone.

Norton always seeks your consent before going through with any processing which it requires and we will give you the crucial information via our consent policy or as deemed applicable otherwise.

For fulfilling the legal obligations, your personal data is processed by us whenever it is necessary for compliance with a legal tax, accounting, anti-money laundering, legal order, sanction checks or other obligations to which we are subjected to.

On the grounds of our legitimate interest, your personal data is utilized by us for-

  • For communicating about possible improvements regarding security, privacy and performance along with products supplementing or improving our purchased products to optimize the content and the execution of this kind of communication.
  • For evaluating and improving the performance and the quality of our websites, products and services, develop new products, provide our employees training and to understand the usage trends, and analyze the acquisitions, conversions and campaigns of our users.
  • For maintaining and developing resources for threat intelligence, specifically to have the ability to detect and block malware.
  • To increase the security of our systems and applications.
  • For maintaining the efficiency of our business performance, through ensuring the required internal administrative and commercial procedures. For example- finances, controlling, business intelligence, legal and compliance, fraud check, information security, etc.
  • To form, exercise and defend our legal rights.

The interests of our clients are a major aspect of our decision making procedure and are considered in all of the processing activities that are mentioned above.

In any circumstance, the client has the right to object, on the basis of the relevancy of our specific situation to those processing operations.

For more information, see the section “Your Privacy Rights”.

Balancing Legitimate Interests

Before depending on our legitimate interests, we balance them against the client’s interests and ensure that they are convincing enough. In regards to the purposes mentioned below, we find it necessary to explain our interests in detail.

Security and Threat Intelligence

Your personal information is processed by us in order to support network and information security efforts. In alignment with the data protection laws, companies have a recognized legitimate interest in gathering and processing personal information in a proportionate way for the purpose of ensuring network and information security.

This completes our network’s or our information system’s ability to resist events , attacks , or unlawful and suspicious actions that have the ability to compromise the availability, authenticity, integrity and privacy of the data that is stored, transmitted, or the security of the services offered by, or accessibility through those networks and systems.

Moreover, being a member of the security community, we also cooperate with other firms across the security landscape, particularly, by exchanging resources regarding threat intelligences, as well as by aiding in research and developing new security solutions.

The personal information processed by us for the purpose that is mentioned above, includes without restrictions, network traffic information related to cyber threats like-

  • Email ID of the sender (for ex- sources for spam)
  • Email ID of the recipient (for ex- victims of targeted email cyberattacks like phishing).
  • Detail of the email header which includes addresses and intermediary systems ( for ex- as constructed by cybercriminals sending malicious emails).
  • Filenames and implementation paths ( for ex- of malicious or potentially damaging executable files).
  • Samples ( for ex- of malicious or potentially damaging executable files).
  • URLs and the related page titles (for ex- of web pages broadcasting or hosting potentially damaging content).
  • IP addresses (for ex- of web servers and linked devices engaged in the generation, distribution, conveyance, hosting, or storage of cyberthreats like malicious or other damaging content).

Improvements in the Privacy Policy

We have the right to amend or modify this privacy policy. Additionally, we might update this privacy policy to reflect improvements in our data practices. If we make any type of material improvements, you will be notified by us through the mail. It will be informed to you on your registered email address before the change is implemented. We advise you to review this page from time to time for the most updated information regarding our privacy practices.