The Avast Software group (collectively referred to as “Avast” or “we”), processes personal data as a controller. The aim of this privacy notice is to provide information about the relevant processing operations, which apply to natural persons with whom we cooperate over the course of our business. This privacy notice sets forth:
· General business relationships;
· Resellers and Distributors;
· Public Relations (“PR”);
· Other Non-Business Partners;
· Data Sources, Sharing, Storage and Transfers; and
· Obligatory statement.
Keep in mind that if you disclose to us personal data of employees or any other natural persons acting on your behalf or in cooperation with you, you have to inform them Avast will process their personal data in accordance with this notice.
· General Business Relationships
If your company or you directly (in case that you are a sole proprietor) contract with Avast in order to provide Avast with your products or services, it is necessary for Avast to process certain information in order for Avast and you to manage the business relationship, facilitate communication in order to ensure that the business relationship is supported, achieves its aims, to exercise the rights and obligations, respectively), and to deal with any potential issues, including disputes.
The relevant data subjects to whom the personal data processed by Avast relate, include employees and representatives of Avast’s business partner, or, in case that you are a sole proprietor, of you personally. The data processed by Avast for these purposes includes contact names, title (position), business address, contact information (email addresses and phone numbers), and other information relevant to the performance of our contract, which may vary depending on the contract, such as, payment information, applicable rates, or discounts.
We process this data to enter into and perform our contract with you and to provision our products and services to the end users.
In order to sell its business-oriented products and services, Avast partners with resellers and distributors. If you are Avast’s reseller or a distributor, the following applies to you.
· Resellers and Distributors
In addition to the data use described above, resellers or distributors have access to and have their information recorded in our databases. You provide your personal data to us when you register as our partner through the Avast Partner Portal.
Each reseller or distributor is assigned a unique number. The information stored in our databases with respect to each reseller or distributor includes general identification and contact information we collect about our business partners in general (as described above), information about payments, your credit with Avast (credit volume, available credit, etc.), applicable discounts, and preferences concerning newsletter subscriptions and Partner Locator participation (see below). Through our databases, we can also identify which license IDs relating to our products have been provided or sold by which reseller or distributor to sell. We also collect each registered and activated end user license key.
Avast has put in place a Partner Locator functionality, which allows our customers to find an Avast reseller or distributor near them. The information published in Partner Locator includes business name and address and contact details, such as phone number and/or email contact. Participation in the Partner Locator is voluntary, and your data will not be published through Partner Locator if you have not granted your consent to such publication.
We send our resellers and distributors newsletters, which inform them of our new products and opportunities for reselling.
· Public Relations and Other Non-Business Communications
Over the course of carrying out its activities, Avast, like any other business, communicates with various parties outside of its business relationships. To that end, it utilizes contact information of relevant persons. In some instances, such contact information may represent personal data of employees or representatives of these persons, such as names, titles (work positions), work (business) addresses, emails or phone numbers of these employees or representatives. The same applies to the situations in which these individuals operate individually, for instance, if they are freelancers or sole proprietors.
When we communicate with you as a result of public relations and other non-business activities, such as educational and other non-profit institutions, we process your data only as necessary to fulfill the communication to you, to provide the necessary information and organize events and to promote, and improve our activities and events). Specific information about how we use your personal data is below.
· Public Relations
Avast conducts activities in the area of public relations and associated external communications, through communication with journalists, media and other external communications concerning Avast activities or other events which are relevant or important to our company. If we process your personal data for these purposes, we will use it to communicate with you in your capacity as a journalist or member or a representative of another media outlet. As part of this communication, we may contact you for the purposes of providing you with press releases, official statements or other similar information or in connection with organizing and holding press events.
· Other Non-Business Communications
We conduct our other non-business communications for the purposes of organizing, carrying out, supporting and promoting our non-profit activities, supporting education and raising awareness about cybersecurity and privacy issues.
In this respect, we may use your personal data in order to contact you in connection with organizing and performing various types of events concerning these issues, such as workshops, seminars, panels or other educational or awareness-raising activities. We will contact you for this purpose if you are a member of a group or organization which concerns itself with these issues, an expert in the field or, a state authority which has granted its support to our activities, or, as the case may be, a school representative.
The sources of your personal data, including your contact information, other than the ones described below, may also include state authorities which have granted their support to our activities.
· Data Sources, Sharing, Storage and Transfers
The source of the personal data described above is usually our communication with your company (organization) or directly with you, or publically available sources, such as websites, if your company (organization) or you published this data.
Avast, as a general rule, does not share personal data with any third parties. There may, however, be specific situations when your information, including potentially your personal data, could be published by Avast, but only if you have consented to it (for instance, as a distributor, reseller or a representative of a reseller or distributor in the Partner Locator Portal). At the same time, “third parties” do not include (i) other companies within the Avast group, (ii) Avast’s processors, (iii) service providers, if this is necessary in order to perform our contract with you or them, or (iv) legal, financial or other expert advisor or counsel, and Avast may, as the situation or nature of your relationship with Avast requires, share your personal data with these entities.
If we are obligated to do so by law or where we are defending our rights and legitimate interests, for instance, in case of potential legal claims, we may have to share your personal data with third parties, such as the relevant state authorities or courts.
We will store your personal data for as long as they are relevant to Avast. Where the processing of your personal data is based on consent, we will erase your personal data without undue delay after you have withdrawn it, unless we need those personal data for other legitimate reasons.
Due to the fact that Avast operates as a global business, your personal data may be transferred to countries outside of the European Economic Area, which have different legal rules concerning protection of your personal data. That being said, our data collection and management practices do not vary by location. We follow the same data protection standards as are granted to residents of the European Union with respect to all personal data in our possession.
As regards our general approach to transfers of personal data outside of the European Economic Area, regardless of whether data is being transferred to another Avast entity or a party that is not a member of our group, Avast puts in place appropriate and suitable safeguards, such as standardized contracts approved by the European Commission, which legally bind the receiving party to adhere to a high level of protection, and to ensure that your data remains safe and secure at all times and that your rights are protected.
· Obligatory Statement
You can exercise your rights by sending an email with the words “PRIVACY REQUEST” in its subject line to email@example.com. You may also send paper mail to Avast Software s.r.o., Pikrtova 1737/1a, 140 00, Prague 4, Czech Republic. Please write "Attention: PRIVACY" in the address. Avast has appointed a Data Protection Officer whom you can contact by sending an email to firstname.lastname@example.org.