This privacy policy describes the policies and practices of Comodo Security Solutions, Inc. and Comodo Security Solutions Ltd. (collectively and individually referred to herein as "Comodo"), and any Comodo affiliates on whose web site this policy is posted in collecting, using, and safeguarding the personal information that may be obtained through the use of Comodo’s products, services and websites (collectively, the "Services") . This privacy policy applies to each of the Comodo entities, but not to Comodo's partners or affiliates, which may have separate privacy policies. This privacy policy does not extend to any information that is beyond the control of Comodo.

By using the Services and site, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy, and agree to Comodo’s Terms of Use, which are incorporated by reference. If you do not agree, please do not use or access the Site.

QUICK GUIDE TO CONTENTS

1. WHO WE ARE

Comodo is a global leader in cyber security solutions including antivirus, internet security, firewall, endpoint security , cloud based solutions and other PC security software for enterprises and consumers .

Data Controller

For residents of the European Economic Area (EEA), Comodo Security Solutions, Limited (Registration number 06505055) is the data controller responsible for your personal data

2. INFORMATION COLLECTION

There are several ways we may obtain information about you, including through (A) information you provide to us directly; (B) information that we automatically collect; and (C) information we receive from third parties. This includes data that identifies you personally whether directly (i.e. your name) or indirectly (i.e. information about your online use). See more at : CSS Information Collection.

Information You Provide

Personal information is collected from you when you choose to share it, such as when you are prompted for information when you subscribe to the Services, us e a Comodo website, download a product, sign up for email, or request further information. The information we collect may include your name, address, email address, telephone or mobile number, IP address, and – if you’re making a purchase – payment information.

You may also provide us with certain information in connection with specific actions

  • Services , Product Downloads and Access

Enrolling in Comodo's subscription service may require you to provide certain personal information and enter into a Subscriber Agreement. Nothing in this Privacy Policy is intended to modify the terms in the Subscrib er Agreement. Downloading or accessing a product will often require you to provide personal information. With your consent, this information will be used by Comodo or its affiliates to contact the customer about Comodo's products and services, including pr oduct updates and associated promotional material. This information may also be used as collated general demographic information to improve Comodo's products and services.

If you make a purchase from us, we store an anonymized token and information (such a s the last four digits and expiration date of a credit card , and billing address), or other payment information (such as via PayPal or Apple Pay), depending on the form of payment you choose.

  • Forums, Bulletin Boards, Testimonials, Chat Rooms, and Surveys

Personal information submitted through a forum, bulletin board, testimonial, or chat room operated by Comodo may be collected, used, and read by third parties, including other users. Comodo is not responsible for any information submitted through these services. We occasionally request information from customers via surveys. Participation in these customer surveys is voluntary. Survey information is used to improve this web site and our services and products

Information Automatically Collected

With your consent, Comodo may contact customers about offers and opportunities from Comodo or its business partners, to conduct surveys, and gather feedback.

Personal information includes data that identifies you personally whether directly (i.e., your na me) or indirectly (i.e., information about your online use). If you are located in California, IP addresses are considered personal information .

For Comodo Security Solutions, Inc. products and services, additional information collection is described in t he policy at CSS Information Collection

  • Cookies & Other Computing Information

A cookie is a piece of data stored on a computer's hard disk containing information about the owner. Comodo may employ the use of cookies for measuring the success of advertising and affiliate network membership. Cookies may be collected automatically or passively. Our partners may use cookies. Comodo does not exercise any access or control of such c ookies.

Comodo's websites use Google Analytics, a web analytics service provided by Google, Inc. ("Google"), to evaluate the use of the Comodo site. Google Analytics places a third party cookie on your computer that is then used to compile reports of visi tor traffic and internet usage. Google Analytics does not have a database of individual profiles for each visitor and only collects aggregate data

We may automatically collect your IP address , which can be collected as part of web server log s , or other unique identifier or information from the computer, mobile device, tablet or other device you use to access the Services, including the browser type, device type, operating system, software and software version, hardware model, mobile network information, and the domain name from which you accessed the Services. We also may collect information about your use of the Site, including the date and time you visit the Services, the areas or pages of the Services that you visit, the amount of time you spend viewing or using the Services, the number of times you return to the Services, other click - stream or site usage data, emails that you open, forward or click - through to our Services, and other sites that you may visit The data may be used to help diagnose problems with our servers, analyze trends, track users’ web page, email and mobile application movements/activities, help identify or gather broad demographic information for aggregate use .

  • Location

We collect general information about where traffic and purchases on our Services are coming from around the world. This is used at an aggregate level (that does not identify individual users) to create reports to better understand our engagement with users.

  • Permissions

With your express permission, certain Comodo Services, such as Comodo Mobile Security and Comodo Anti - Theft, allow the applications access to Global Positioning Data (GPS), cellular network, Google Analytics or other similar data. When requested by you, these applications also specifically access, modify and delete personal data and may send emails or messages from your device. Please review the end - user licensing agreement for each application or product and the associated permissions to obtain further details for a particular Service .

Information from Third Parties

We may also receive personal information from third parties.

Third Party Features

In the event that third party features and functionalities are incorporated in or made available in or through Comodo products, then the policies of those third parties apply. Please visit each third party’s license agreement and privacy policy to better understand their terms of use and data collection practices.

3. INFORMATION USE

We may use the information we collect from and about you for a variety of business purposes; in general to provide the services, improve customer experience and engagement and develop the Services. We are committed to protecting and maintaining the privacy of your information and we will process your data only in accordance with applicable data protection law and this Privacy Policy.

We will have a lawful basis for processing your data if:

  • we need to process your information in order to provide you with the products or service you have requested or to enter into a contract;
  • you have consented to such processing;
  • we have a legitimate interest for processing your data – e.g ., for fraud prevention; direct marketing; network and information systems security; data analytics; enhancing modifying or improving our services; identifying usage trends; determining the effectiveness of promotional campaigns; and advertising personalisation of the service using data to make it easier and faster for you to place orders; and/or
  • we are legally obliged to process it.

We may use your information when we have a lawful basis for processing such information, including for customer services and transactional purposes, and advertising customization and analytics purposes

We may also use the information we collect from and about you for any of the following purposes:

  • To respond to your inquiries, fulfill orders, and contact and communicate with you when necessary;
  • To enhance your online experience, including as a way to recognize you and welcome you to the Services;
  • To review the usage and operations of our Services, develop new products or services, and conduct analysis to enhance or improve our content, products,and services;
  • To provide you with customized Services content, targeted offers, and advertising on the Services, via email, or across other websites, mobile applications, social media or online services;
  • To contact you with information, newsletters and promotional materials from Comodo or on behalf of our partners and affiliates;
  • To use your data in an aggregated non-specific format for analytical and demographic purposes (this processing may involve profiling–for example to create audiences based on demographic or location based information for marketing and customization purposes);
  • To protect the security or integrity of the Services and our business, such as by protecting against and preventing fraud, unauthorized transactions, claims and other liabilities, and managing risk exposure, including by identifying potential hackers and other unauthorized users;
  • To use and disclose your credit/debit card information only to process payments and prevent fraud; and For other purposes disclosed at the time you provide your information or otherwise with your consent.
  • For other purposes disclosed at the time you provide your information or otherwise with your consent.

Additionally, if you use the Services to connect with third party services you authorize us to use information from and about you, on your behalf, to interact with these third party services based on your requests.

4.INFORMATION SHARING

Comodo will share aggregated demographic and other inf ormation with our partners and affiliates (such as our sponsors, partners, advertisers, advertising networks, advertising servers and analytics companies or other third parties in connection with marketing, promotional, and other offers, as well as product information). It may also be shared in the event of the sale of a business or business assets. Your information may also be shared with third parties we identify at the time you provide your personal information or otherwise with your consent. You have the option to opt - in to receive direct marketing from these selected third parties .

Information provided to Comodo will be protected by Comodo and not sold or rented to any unrelated third parties without your express consent, except that Comodo may discl ose data to its affiliates and business partners who have established similar privacy standards, when legally obligated to do so, or if disclosure is required to protect the rights over Comodo, Comodo's customers, or the users of Comodo's services. Comodo may also share aggregate demographic data that does not contain any personal information.

5. HOW LONG YOUR INFORMATION IS RETAINED FOR

We will keep your personal data for as long as we need it for the purpose it is being processed for. For example, we will retain your information for as long as your account is active or as needed to provide you services; and after that, we will keep the personal information for a period which enables us to handle or respond to any complaints, queries or concerns relating to your account. Your information may also be retained so that we can continue to improve your experience with us .

We retain the identifiable data we collect directly for marketing purposes for as little time as possible, after which we employ measures to permanently delete it or, in some cases, anonymize or de - identify the data. We will periodically review the personal information we hold and delete it securely, or in some cases anonymize it, when there is no longer a legal, business, or consumer need for it to be retained.

6. YOUR RIGHTS

We respect your privacy rights and provide you with reasonable access and rights to the p ersonal d ata that you may have provided through your use of the Services. If you live in the European Economic Area (EEA), and wish to access, amend, delete, or transfer any personal information we hold about you, you may contact us as set forth in the "Contact Us" section.

You may update, correct, or delete your account information and preferences at any time by accessing your Account settings page on the Service. Please note that while any changes you make will be reflected in active user databases instantly or w ithin a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

You may decline to share certain personal information with us, in which case we may not be able to provide to you some of the features and functionality of the Services. 052518 At any time, you may object to the processing of your personal information, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact privacy@comodo.com . You also have a right to lodge a complaint with data protection authorities

Cookies, Tracking Options and California Do Not Track Disclosures

For California Residents : Certain parts of our Services require cookies. You are free to adjust your device or Internet browser settings to limit certain trackin g or to decline cookies, but by doing so, you may not be able to use certain features on the Services or take full advantage of all of our offerings. Please refer to your device’s settings or your Internet browser’s "Help" section for more information on how to delete and/or disable your device or browser from receiving cookies or controlling your tracking preferences.

Our system may not respond to Do Not Track requests or headers from some or all Internet browsers. We may use cookies or other technologies to deliver more relevant advertising and to link data collected across other computers or devices that you may use.

Interest-Based Advertising Choices

To understand your choices for receiving more relevant advertising provided on the Service or across other websites and online services, please review the information below:

To learn more about such interest - based advertising, and to opt out of such collection and use for interest - based advertising by the Digital Advertising Alliance (DAA) participating companies, please visit http://www.aboutads.info/choices/ . To opt out from the use of information about your online activities for interest - based advertising by Network Advertising Initiative (NAI) member companies, please visit http://www.networkadvertising.org/choices/.

  • If you wish to prevent your data from being used by Google Analytics, Google has developed the Google Analytics opt - out browser add - on available here.
  • On your mobile device, you may also adjust your privacy and advertising settings to control whether you want to receive more relevant advertising.

Even if you opt out, you still may receive advertising from us that is not customized based on your use of the Services or usage information, or advertising from other third parties if they are not a DAA or NAI participating company

Other Choices Concerni ng the Use and Disclosure of Your Information

You may occasionally receive information on products, services, and special deals from Comodo or may receive informational newsletters. Customers are given the opportunity to 'opt - out' of having information used for purposes not directly related to the Comodo service at the point where the information is requested. Customers who consented to receive marketing from Comodo may also elect not to receive additional promotional communications using the opt - out link provided in each promotional email or by emailing optout@comodo.com . Customers may not opt - out of receiving service announcement updates as they contain important security information about the services. If you receive marketing communications from one or more Comodo affiliates, you must opt - out individually from each of the affiliates from which you are receiving brand - specific marketing communications.

Your California Privacy Right

If you are a California resident, you may request information about our disclosure of personal information to third parties or affiliated companies for their direct marketing purposes . To make such a request, please contact us . You must put the statement "Your California Privacy Rights" in the subject field. We are not responsible for notices that are not labeled or sent properly, or do not have complete information.

Non - affiliated third parties are independent from Comodo and if you wish to receive info rmation about your disclosure choices or stop communications from such third parties, you will need to contact those non - affiliated third parties directly.

7. CHILDREN’S PRIVACY

Comodo sites, products and services are not directed to children under the age of 13 (up to age 16 in some countries) and we do not knowingly collect personal information from children under the age of 13 (up to age 16 in some countries) . If we become aware that a child under the age of 13 (up to age 16 in some countries) has provided us with personal information, we will take steps to delete such information from our files as soon as possible .

8. SECURITY

Comodo protects information both online and off - line. The transmission of information, including any payment information, is encrypted and protected using secure sockets layer (SSL) technology . Stored customer information is kept in a secure environment where access is restricted to employees who need the information to perform a specific job (for example billing administration or the development team). Employees are required to use password - protected screen - savers and keep their computers up - to - date.

9. INTERNATIONAL TRANSFERS

Comodo is a global business and it, or its service providers, may process, transfer, and store information about our users on servers located in a number of countries outside the European Economic Area (EEA), including in the United States. Since we are committed to protecting your information, we take steps to ensure that there are appropriate safeguards in place when we transfer that data.

In the course of providing Services or otherwise, your data will be transferred to numerous countries including the United States . In some of these locations, data protection laws may be less stringent than in your country. To ensure that your data is adequately protected, we transfer your data subject to suitable safeguards being in place.

In particular, where we transfer your information outside the EEA , we rely on standard EU Model Clauses approved by the European Commission and we transfer the information in accordance with applicable laws and using adequate and appropriate safeguards.

To find out more about how we safeguard your information (including obtaining a copy of such safeguards) in relation to transfers outs ide the EEA, please contact us at DPO - GDPR@comodo.com.

10. REVISIONS TO THIS PRIVACY POLIC

Comodo reserves the right to revise this privacy policy at any time. Any revisions will be made by posting the changes to the website. Customers must check the website periodically to be aware of any changes to the privacy statement. Your continued use of the website or S ervice constitutes your acceptance of those changes.

11. CONTACT US

If you have any questions or concerns about this Privacy Policy or our practices, you may contact us at:

For individuals outside the European Economic Area:

Comodo Security Solutions, Inc.
3rd Floor, 26 Office Village,
Bloomfield, New Jersey, U.S.A.



Attention: Privacy Coordinato
Email: privacy@comodo.com

For individuals in the European Economic Area:

Comodo Security Solutions, Ltd
3rd Floor, 26 Office Village,
Exchange Quay
Trafford Road, Salford
Manchester, M5 3EQ, United Kingdom
Attention: Data Protection Officer
Email: DPO-GDPR@comodo.com

12. EXTERNAL LINKS

The Comodo website contains links to external websites which are outside the scope of this privacy statement. Comodo is not responsible for the privacy practices of such other sites and does not control the accuracy of information displayed by such websites



Comodo Mobile Security

1. INFORMATION WE COLLECT

We collect your personal information for the user experience. Without some information about you, such as your email address, the service provided by the app is greatly diminished and loses its value. We also collect information generated as you use our services, as well as information from third parties, like when you access our services through your Facebook Login or your Google Login.

1.1 Information you give us

You may choose to give us certain information when using our services. This includes:

  • When you create an account in some of our services, you can create the account with your Facebook or Google Login. You can also create the account using an email address and password of your choosing. CMS requires passwords that are encrypted at the point of creation and then further protected by an access-token. There is no direct access to services via the password after login. All tokens are encrypted, and passwords are encrypted in the database. CMS users cannot see the free-text raw password; they can only do a reset.
  • To use certain features in our services, you may allow us to access features of the hardware part of your smart device, such as the camera. Depending on your device, mobile operating system will ask for your permission before allowing us to access these features.
  • Payment related information, such as a credit card number, is handled separately through the Apple App Store or Google Play and CSS does not collect any of this information.
  • Features that allow you to share content about your use of our services with your connections or through your social network.
  • We may also collect your information when you use our app, such as when you post or share material, upload data, request further services or make selections using our app, if such functionality is vailable in the app. However, in order to understand if our CMS users are enjoying the app, we do receive anonymized statistics from our analytics partners about what features users like and don’t like.
  • If you contact our support team, we collect the information you give us when you report a problem, contact or communicate with us. In our VPN feature, we do not connect this information to your internet browsing activities through our VPN.
  • From time to time, we may request your opinions, suggestions, or modification and improvement ideas ("Feedback") through surveys, or other similar requests. Any responses you provide are oluntary, however you agree that any Feedback you provide shall be owned CSS and may be used by CSS in our sole discretion
1.2 Information we receive from others

In addition to the information you provide us directly, we receive information about you from others, including:

  • Social Media: You may be able to use your social media account(s) to login to create an account. When you use this feature, we may receive any of your information you provide or permit to be provided to us via a social network or public forum provider. This data may include your use of our app on such public forums and/or social networks, including with whom you share our app. For further information as to how and for what purpose the social network or public forum provider collects, uses and shares your data, as well as how you can set your privacy preferences on their site or apps, please see their privacy policy.
  • Other Partners: We may receive information about you from our partners, for instance where our ads are published on a partner's website or platform (in which case they may pass along details on a campaign's success). If you purchase a subscription in our apps, neither Google nor Apple provide us with any personal information of the subscription purchaser (like name, email or payment information). Only anonymized data gets passed to CSS.
1.3 Information collected when you use our services

When you use our services, we collect information about which features you've used, how you've used them and the devices you use to access our services. See below for more details:

Usage Information: We collect information about your activity on our services, for instance how you use them (e.g., date and time you logged in, time spent in the app, features you've been using, advertising that you click on).

Movement Data: Movement data (GPS location data) is collected as part of the protection services (e.g. CMS' anti-theft feature, which is an upcoming feature.)

Device information: We collect information from and about the device(s) you use to access our services, including:

  • geolocation data (in some of our apps), which is any information which indicates the geographical position of your device and which may include the time the location was recorded, and may include precise (e.g., GPS-level) location data. Some apps may collect this data when the app is not open or actively in use. This may help us or third parties to customize information, content, or offers to you, for instance.
  • hardware and software information such as IP address, device type, app crashes, app version, advertising IDs (such as Google's Advertising ID and Apple's IDFA, both of which are randomly generated numbers that you can reset by going into your device's settings), browser type, version and language, operating system, time zones, identifiers associated with cookies or other technologies that may uniquely identify your device or browser (e.g., IMEI/UDID and MAC address).
1.4 Information we collect when you use our VPN feature

Our VPN feature is intended to provide for secure and private internet browsing to be used in accordance with all applicable laws. In our VPN feature, we collect information from and about the device(s) you use to access our VPN feature, including:

From when you open the VPN feature

  • Our servers automatically record information about how a person uses the app, including things like app install source, IP address, app version, operating system, device model and device language.
  • From time to time, we might show you subscription offers - but at no time will you see an advertisement in our VPN feature
  • At no time will we ask you for access to your precise device location data in our VPN feature.
  • From the moment you turn on the VPN software:
    • Your browsing activity (including your IP address) becomes encrypted, meaning it becomes invisible to ISPs, third party snoopers and even us.
    • We have a strict no-logs policy when it comes to seeing user activity online. Your IP address is deleted after you disconnect from the VPN.
2. COOKIES AND OTHER SIMILAR DATA COLLECTION TECHNOLOGIES

CSS does not use cookies as part of the App. As described in Sections 3 and 5 of this Privacy Policy, we sometimes work with third parties to deliver ads or offers. Sometimes we or these third parties do so through a mobile "SDK." The SDK is a bit of computer code that app developers can include in their apps to enable data to be collected and ads to be shown. We may use this and similar technology to deliver certain advertising through mobile applications and browsers based on data associated with your mobile device, and we may work with third parties who likewise embed their SDKs into our services, for third party advertising. If you'd like to opt-out from having ads tailored to you in this way on your mobile device, please follow the instructions below or in the app (as applicable).

If you wish to opt out of interest-based tracking through your mobile device, you can do so through your device "settings", as follows (but please note that the below is for informational purposes only and Apple, Google, or other device platforms may change the manner in which their "opt out" settings work at any time): Please note that if you opt out through these settings, you will continue to receive advertising after you opt-out, but it may not be tailored to your interests. For instance, that advertising may be based on your real-time or "contextual"application usage or general location inferred from IP address.

3. HOW WE USE INFORMATION

The reason we use your information is to deliver and improve our services. Additionally, we may use your information to help keep you safe and to communicate with you. Read on for a more detailed explanation of the various reasons we use your information, together with practical examples.

3.1 In our VPN feature specifically
  • When you connect to the VPN, we collect your IP address, immediately encrypt it and store it only for the duration of your VPN session. Your IP address is deleted after you disconnect from the VPN. We do not associate your IP address with your online activities and we do not store or log your IP address after you disconnect from the VPN
  • We do use the unique device id
  • We do not keep logs of your online activities and never associate any domains, or applications that you access while the VPN is connected with you or your device.
  • We DO NOT use your non-personal information (meaning information that, by itself, does not identify who you are such as device information) for targeted online marketing through tools like those included with social media to contact interested parties.
3.2 In our Safe Browsing feature specifically
  • When you connect through the mobile device browser, the CMS app will first determine if the selected URL is on a block-list providing a red-page warning. The URL block list is maintained by CSS and is a list of known malicious web sites.
  • This feature does not use any device information or information related to you.
3.3 In our Anti-ID-Theft feature specifically
  • When you use the anti-theft-ID feature, CMS uses one or more of your personal data items that you choose to supply, such as email address, credit card, and US social security number, to check whether your data may be found compromised in the “dark web.” This is an alerting feature to detect if any of your information has been compromised and is available for sale in the dark web.
3.4 To administer your account and provide our services to you, such as:
  • To deliver our services to you and ensure their optimal functionality and operation.
  • To identify, establish and manage your account and our relationship with you.
  • To provide you with customer support and respond to your requests.
  • Should you provide us with this information, we may use your email address, name, country and language for customized marketing purposes.
  • When we collect your precise geolocation data (subject to your consent) (which may be via the device's cellular, Wi-Fi, Global Positioning System (GPS) networks and/or Bluetooth information), we do so to provide you with our location-related products and services. For example to provide you with forecast and weather alerts for your location, and also to facilitate, measure, or otherwise support advertising by third parties (through our apps or third parties' apps) that may be related to your location over time.
  • Some of our apps may offer you the ability to register and login using your third-party social media account details (like your Facebook or Google Play logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the app you are using, and on the social media provider concerned, but may often include your name, surname, e-mail address. If you login using your Facebook account, your e-mail address will be received with a unique ID in connection with this login. This is solely used for confirmation purposes and is kept separate from all other online identifiers. We will use the information we receive only for the purposes that are described in this Privacy Policy or that are otherwise made clear to you in the app you are using. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you see their privacy policy to understand how they collect, use and share your information, and how you can set your privacy preferences on their sites and apps.
3.5 In some services, to ensure a consistent experience across your devices

Link the various apps and devices you use, so that you can enjoy a consistent experience of our services on all of them. This will allow us to form a single view of your use of our services, so you can easily access your content on multiple devices. For this purpose and better user experience generally, we may use and combine your personal information which we collect across different services used by you.

3.6 To improve our services and develop new ones
  • Develop new features and services (for example, we may decide to build a new feature further to requests or feedback received from users).
  • CMS uses the Google Firebase and Appsflyer in order to carry out analysis on information which is gathered by our apps. Device information and other information which we gather are provided to Google in order to enable them to carry out data analysis. Any information which is provided to Google will become subject to Google's privacy policy which is located here: www.google.com/privacy.html and AppsFlyer privacy policy is here https://www.appsflyer.com/privacy-policy. For further information on how Google's Firebase analytics tool uses data, please see the site "How Google uses data when you use our partners' sites or apps", (located at www.google.com/policies/privacy/partners/).
  • Conduct research and analysis of your behavior about your use of, or interest in, our products, services, or content to improve our services and content (for instance, we may decide to change the look and feel or even substantially modify a given feature based on users' behavior). This software may record information such as how often you use the services, what happens within the services, aggregated usage, performance data, app errors and debugging information, and from where the apps were downloaded.
  • For monetizing our app, we are using a third party, TapJoy. Operating System information and network information which we gather are provided to TapJoy in order to enable them to carry out data analysis. Any information which is provided to TapJoy will become subject to TapJoy‘s privacy policy:
  • https://www.tapjoy.com/legal/#privacy-policy
3.7 To communicate with you
  • We communicate with you by telephone and/or mobile devices (including through inapplication advertising) about products or services that may be of interest to you either from us, our parent or subsidiary companies or other third parties. If you do not wish to receive in-application advertising, in some cases you can upgrade to the paid version of the app.
  • We do not use any user social media information, like Facebook or others, to share some information about our services or products, but the user can share our app when using social media.
  • With your consent (where needed), to send you email marketing in order to provide you with information about services that you may find of interest. You can opt-out of receiving direct marketing communications from us by following the unsubscribe instructions included in our marketing communications. We also send you nonmarketing emails or messages, such as those related to transactions, your account, security, or product changes. Examples of service-related messages include an email address confirmation/welcome email when you register your account, service availability or modification of key features or functions.
3.8 To serve you relevant offers and ads
  • Develop and display content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness. When you are using our services, third-party ad partners may provide you with advertising based upon your interests. These companies may use technologies to collect data about users, including precise device location data, to help them tailor relevant ads and measure ads' effectiveness. These companies may collect this data through SDKs or from users who view or interact with their advertisements. Most of these ad partners are independent controllers of your information, which means that they are responsible for providing and complying with their own policies relating to any personal information they obtain in connection with the services. It also means that if you are a Facebook app user for example – you provided consent to Facebook in your Facebook app to allow them to show you personalized ads inside of our services.
3.9 To prevent, detect and fight fraud or other illegal or unauthorized activities
  • Perform data analysis to better understand and design countermeasures against these activities
  • Retain data related to fraudulent activities to prevent against recurrences
3.10 To ensure legal compliance
  • Comply with legal requirements
  • Assist law enforcement
  • Enforce or exercise our rights, for example our EULA
  • To process your information as described above, we rely on the following legal bases:
    • Provide our service to you: Most of the time, the reason we process your information is to perform the contract that you have with us. For instance, as you go about using our service, we use your information to maintain your account and provide our features to you.
    • Legitimate interests: We may use your information where we have legitimate interests to do so. For instance, we analyze users' behavior on our services to continuously improve our offerings and we process information for administrative, fraud detection and other legal purposes.
    • Consent: From time to time, we may ask for your consent to use your information for certain specific reasons. You may withdraw your consent at any time where indicated in the services or by contacting us at the address provided at the end of this Privacy Policy.
4. HOW WE SHARE YOUR INFORMATION

Since our goal is to provide the best service we can to you, the main sharing of users' information is with service providers and partners who assist us in operating the services, with other CSS companies and, in some cases, legal authorities. Read on for more details about how your information is shared with others.

4.1 With our service providers and partners
  • We use third parties to help us operate and improve our services. These third parties assist us with various tasks, including data hosting and maintenance, analytics, marketing, advertising and security operations. These service providers may have limited access to your information, which is needed to perform their functions, but are not permitted to share or use such information for any other purposes. For example, we use your non-personal information (meaning information that, by itself, does not identify who you are such as device information) for targeted online marketing through tools like Facebook Custom Audience to contact interested parties.
  • In addition, we may share aggregated information we collect, under any of the above circumstances, with third parties, including advisors, advertisers, for the purpose of conducting general business analysis or other legitimate business purposes. Please note that such aggregated information will not include any information which allows third parties to identity you.
4.2 With our VPN service providers
  • Our VPN service providers may have limited access to your information, which is needed to perform their functions, but are not permitted to share or use such information for any other purposes.
  • We do not log, and prohibit our VPN service providers from logging, your internet browsing activities when you use our VPN.
4.3 With other CSS companies

CSS is part of the Comodo Group family of businesses which, as of the date of this Privacy Policy, includes Comodo websites and apps (for more details, click https://comodo.com/).

We share your information with other CSS companies to:

  • assist us in technical processing operations, such as data hosting and maintenance, finance, legal, HR and accounting assistance, securing our data and systems and fighting against spam, abuse, fraud, infringement and other wrongdoings.
  • for legitimate business purposes such as corporate audit, analysis and consolidated reporting as well as compliance with applicable laws.
4.4 For corporate transactions

We may transfer your information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.

4.5 When required by law

We may disclose your information if reasonably necessary: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; or (iii) to protect and defend the rights, property or safety of our company, our users, our employees, or others.

4.6 To enforce legal rights

We may also share information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties and/or to comply with applicable law; (iii) to enforce our agreements or policies with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.

4.7 With your consent or at your request

We may ask for your consent to share your information with third parties. In any such case, we will make it clear why we want to share the information.

5. HOW WE PROTECT YOUR INFORMATION

We follow generally accepted standards to protect the personal information submitted to us, both during transmission and after it is received. CSS security protections are meant to protect against unauthorized access to or alteration, disclosure or destruction of your personal information. As with all technology companies, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information will always remain secure. We regularly monitor our systems for possible vulnerabilities and attacks and regularly review our information collection, storage and processing practices to update our physical, technical and organizational security measures.

We may suspend your use of all or part of the services without notice if we suspect or detect any breach of security. If you believe that your account or information is no longer secure, please notify us immediately at dpo-gdpr@comodo.com

6. INFORMATION RELATING TO CHILDREN

Our services are intended for general audiences over the age of 13 years old (or over the age of 16 if you are resident in the EEA). We do not knowingly collect information from children under the age of 13 years old, or 16 years old in the EEA. If you are not over 13 years old (or 16 years old in the EEA) then DO NOT DOWNLOAD OR USE THE SERVICES. If you believe that we may have personal information from or about a child under the age of 13 years old (or over the age of 16 if you are resident in the EEA), please contact us at dpo-gdpr@comodo.com and we will promptly delete that personal information.

7. YOUR RIGHTS

We want you to be in control of your information and be aware of your privacy rights, so here are a few key points to remember:

Depending on your location you may have some or all of the following rights in relation to how we use your personal information:

  • Access: you may request access to your personal information and receive copies of it;
  • Correction: you may have inaccurate/incomplete personal information corrected and updated;
  • Object to, or Limit or Restrict, Use of Data: you can ask us to stop using all or some of your personal information or to limit our use of it.
  • Deletion: in certain circumstances, you can request a right "to be forgotten" (this is a right to have your information deleted or our use of your data restricted). We will honor such requests unless we have to retain this information to comply with a legal obligation or unless we have an overriding interest to retain it.
  • Portability: in certain circumstances, exercise the right to data portability (this is a right to obtain a transferable version of your personal information to transfer to another provider)
  • Consent Management: where we rely on consent to process your personal data, you may withdraw consent at any time. You do not have to provide a reason for your withdrawal where processing is based on consent.

If you wish to exercise any of these rights or wish to object to our use of your information, please write to us at the address listed below and we will consider your request in accordance with applicable laws.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on the rights and freedoms of another person. For example, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.

For your protection, we may ask you to provide proof of identity before we can answer the above requests.

8. CROSS-BORDER DATA TRANSFERS

Sharing of information sometimes involves cross-border data transfers, for instance to the United States of America and other jurisdictions. The United States, European Economic Area ("EEA") Member States, and other countries all have different laws. When your information is moved from your home country to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from those in the country in which you live.

The European Commission has adopted standard contractual clauses (also known as Model Clauses), which provide safeguards for personal information that is transferred outside of the EEA. We use these Model Clauses.

9. HOW LONG WE STORE YOUR INFORMATION

We retain your information only for as long as is necessary for the purposes set out in this policy, for as long as your account is active or as needed to provide the services to you. We will also retain and use your information to the extent necessary:

  • to comply with applicable law;
  • to evidence our compliance with applicable law;
  • if there is an outstanding issue, claim or dispute requiring us to keep the relevant information until it is resolved; or
  • if the information must be kept for our legitimate business interests, such as enforcing our terms or fraud prevention. For example, information may need to be kept in order to prevent a user who was banned for security incidents from opening a new account.

Keep in mind that even though our systems are designed to carry out data deletion processes according to the above guidelines, we cannot promise that all data will be deleted within a specific timeframe due to technical constraints.

10. PRIVACY POLICY CHANGES

This policy may change over time. We will notify you of any material changes so that you have time to review the changes.

11. DATA PROTECTION OFFICER

For our European users, our Data Protection Officer is responsible for ensuring your rights are respected and to review and oversee how we collect and use your personal information. The Data Protection Officer can be reached by contacting dpo-gdpr@comodo.com.

12. HOW TO CONTACT US

If you have questions about this Privacy Policy, here's how you can reach us:

If you live in the EEA:

Comodo Security Solutions, Ltd.
26 Office Village (3rd floor)
Exchange Quay, Trafford Road, Salford
Manchester, M5 3EQ, United Kingdom

If you live outside the EEA:

Comodo Security Solutions, Inc.
200 Broadacres Drive, 2nd Floor
Bloomfield, NJ 07003, USA
Attn: Privacy Officer/Legal Dept

If you live in the EEA, you may also file a complaint with your local data protection regulator.

For additional information, please refer to our general privacy policy found at https://www.comodo.com/repository/Comodo-Privacy-Policy-(05252018).pdf