אנחנו תומכים בדפדפנים, לא בדינוזאורים. אם ברצונך לראות את תוכן הדף הזה כמו שצריך, עדכן את הדפדפן.

Business Partner and Public Relations Privacy Notice

As the world’s most trusted antivirus software company, we build our credibility on trusted partnerships among businesses. To do so, we collect your personal data over the course of conducting business with you or business that you represent. We do not take your trust for granted so we’ve developed a Business Partner Privacy Policy that covers how we collect, use, disclose, transfer, and store your personal data.

This Business Partner Privacy Policy was last updated on November 30, 2020.

Who We Are 

This Business Partner Privacy Policy applies to Avast group (collectively referred to as “we,” “us” or “our”), which acts as a controller having its principal place of business at 1737/1A Pikrtova, Prague 4, Czech Republic, 140 00.

Business Partner Policy Contents

This Business Partner Privacy Policy describes how we handle and protect your personal data and the rights available to you regarding the relevant processing operations, if you act in the capacity of a business partner, our business customer (or their representative), media contact or other non-business contact person, as described below.

If you are a user of our products and services independent of this capacity, the privacy notice that applies to you is located here: General Privacy Policy.

This privacy notice sets forth:

  • · Why We Process Your Personal Data
    • · Product and Service Provision
    • · Legal Obligations
    • · Other Specific Purposes
  • · What Personal Data We Process
    • · Resellers and Distributors
    • · Business Customers
    • · Public Relations (“PR”)
    • · Other Non-Business Partners
  • · How We Process Your Personal Data
  • · How We Disclose Your Personal Data
  • · How We Protect Your Personal Data
  • · How Long We Store Your Personal Data
  • · Location of Your Personal Data
  • · Your Privacy Rights
  • · Contact Us
  • · Data Protection Officer
  • · Changes to this Privacy Policy

Additional information on our personal data practices may be provided in special notices provided prior to or at the time of data collection.

Keep in mind that if you disclose to us personal data of employees or any other natural persons acting on your behalf or in cooperation with you, you have to inform them that we will process their personal data in accordance with this policy.

Why We Process Your Personal Data

Product and Service Provision

Generally, if your company or you directly (in case that you are a sole proprietor) contract with us to provide us with your products or services, or obtain products or services from us, such relationship requires processing of certain information for entering into contract, its performance and facilitating management of such relationship, including customer support. 

Legal Obligations

On the basis of legal obligations, we process your personal data when it is necessary for compliance with our tax, accounting, anti-money laundering, or other legal obligations to which we are subject.

Other Specific Purposes

In addition, there may be other situations where we may need to process certain personal data in connection with operating our company, such as for public relations reasons or engaging in non-business communication. When we process personal data in this context we rely on our legitimate interest and other legal bases as stipulated below. 

What Personal Data We Process

The relevant data subjects to whom the personal data processed by us relate, include employees and representatives of our business partners and other subjects, or, in case that you are a sole proprietor, of you personally. 

The data processed for these purposes includes contact information, such as name, surname, title (position), email address, phone number, business and its seat, and other information relevant to the type of relationship with you, which may vary, such as, payment information, applicable rates, or discounts.

There may be special circumstances of processing applicable to the relevant category of business partners or other subjects which go as follows: 

Resellers and Distributors

In order to sell our business-oriented products and services, we partner with resellers and distributors. If you are one of them, the following applies to you. 

Partner Portal

In addition to the data use described above, by acting as a reseller or distributor, you have access to and have all information linked to you recorded in your account in our databases. This helps Avast and you, in particular, with business management, deal registration and partner location, which is in our mutual legitimate interests. 

You provide your personal data to us when you register as our partner through the Partner Portal. The information stored in our databases includes general identification and contact information we collect about our business partners in general (as described above), overview of communication and customer care cases, information about payments, lifetime value based on purchase, your credit with us (credit volume, available credit, etc.), applicable discounts, and preferences concerning newsletter subscriptions and Partner Locator participation (see below). Through our databases, we can also identify which license IDs relating to our products have been provided or sold by which reseller or distributor to sell. We also collect each registered and activated end user license key.

We have put in place a Partner Locator functionality, which allows our customers to find our reseller or distributor near them. The information published in Partner Locator includes business name and address and contact details, such as phone number and/or email contact. Participation in the Partner Locator is voluntary, and your data will not be published through Partner Locator if you have not granted your consent to such publication.

Business Intelligence

We also process certain service and device data for product and business improvement (i.e. business intelligence) to understand how you use our products, including websites, so that we can optimize and improve your user experience, as well as evaluate and improve our campaigns. We use necessary data to understand user conversions, acquisitions and campaign performance through various distribution channels, and users’ download, activation and interactions with our products. The insights that we learn in the process help us improve functionality, effectiveness, security and reliability of our current and future products and business activities. With respect to business intelligence, we rely on our legitimate interest as a legal basis for processing your personal data.

While we generally prefer using our own tools, we sometimes need to partner with other parties, which have developed and provided us with their own tools and expertise. If you use one of our products, you can find specific data used for product and business improvement and third-party tools used for this purpose listed under each product in our Products Policy.

Feedback

When you decide to fill out a questionnaire or give us feedback in another form, we will use this information as a proxy for gauging the overall satisfaction with our products or services. We rely on our legitimate interest when processing your personal data for this purpose.

Commercial Communication

If you are our customer, or if you have subscribed to receiving commercial communication from us, we may send you newsletters or offers, which inform you of our new products and related opportunities. You may unsubscribe from receiving these newsletters and offers directly through the link in each email sent to you any time you want. 

Business Customers

If your company or you directly (in case that you are a sole proprietor) use any of our products or services, it is necessary for us to process certain information to manage our business relationship with you. In addition to what is stated above, we may also process content of your communication with us. We process this data to be able to provide our products and services to you or your company.

Customer Portal

In addition to the data use described above, you provide your personal data to us when you create an account for premium support. The information stored with the account in our databases includes general identification and contact information we collect about business customers in general (as described above), and contact details of persons entitled by you to premium support. Through our databases, we can also identify which license IDs relating to our products have been provided or sold to you. 

Within our Customer Portal, you can decide to communicate with our chatbot, a service powered by artificial intelligence. We will process the information provided by you to respond on-the-fly to your questions and also to improve the chatbot, as it learns from your communication. The more questions you ask, the more helpful our chatbot will be in the future. 

Business Intelligence

We also process certain service and device data for product and business improvement (i.e. business intelligence) to understand how you use our products, including websites, so that we can optimize and improve your user experience, as well as evaluate and improve our campaigns. We use necessary data to understand user conversions, acquisitions and campaign performance through various distribution channels, and users’ download, activation and interactions with our products. The insights that we learn in the process help us improve functionality, effectiveness, security and reliability of our current and future products and business activities. With respect to business intelligence, we rely on our legitimate interest as a legal basis for processing your personal data.

While we generally prefer using our own tools, we sometimes need to partner with other parties, which have developed and provided us with their own tools and expertise. If you use one of our products, you can find specific data used for product and business improvement and third-party tools used for this purpose listed under each product in our Products Policy.

Feedback

When you decide to fill out a questionnaire or give us feedback in another form, we will use this information as a proxy for gauging the overall satisfaction with our products or services. We rely on our legitimate interest when processing your personal data for this purpose.

Commercial Communication

If you are our customer, or if you have subscribed to receiving commercial communication from us, we may send you newsletters or offers, which inform you of our new products and related opportunities. You may unsubscribe from receiving these newsletters and offers directly through the link in each e email sent to you any time you want.

Public Relations

We conduct activities in the area of public relations and associated external communications, through communication with journalists, media and other external communications concerning our activities or other events which are relevant or important to us. 

If we process your contact information for these purposes, we use it to provide you in your capacity as a journalist or member or a representative of another media outlet to provide you with press releases, official statements or other similar information. 

Other Non-Business Communications

We conduct our other non-business communications for the purposes of organizing, carrying out, supporting and promoting our non-profit activities, supporting education and raising awareness about cybersecurity and privacy issues.

In this respect, we may use your personal data in order to contact you in connection with organizing and performing various types of events concerning these issues, such as workshops, seminars, panels or other educational or awareness-raising activities. We may reach out to you for this purpose if you are a member of a group or organization which concerns itself with these issues, an expert in the field or, a state authority which has granted its support to our activities, or, as the case may be, a school representative.

The sources of your personal data, including your contact information, other than the ones described below, may also include state authorities which have granted their support to our activities.

Processing of personal data during our live events is governed by our General Privacy Policy.

How We Process Your Personal Data 

We gain your personal data described usually from communication with your company or directly from you, or from publicly available sources, such as company’s websites, if your company or you published this data for this purpose.

No Automated Decision-Making, Including Profiling

We do not take any decisions involving the use of algorithms or profiling that significantly affects you.

How We Disclose Your Personal Data 

We only disclose your personal data within our group, with service providers that process data on our behalf and with public authorities, as required by applicable law. 

If we disclose your personal data, we require its recipients to comply with adequate privacy and confidentiality requirements, and security standards.

Service Providers

We may use contractors and service providers to process your personal data for the purposes described in this Business Partner Privacy Policy. 

Such service providers may include in particular professional consultants (including for defense or exercise of our rights), and marketing/survey/analytics/software suppliers. 

For partners and business customers, these are our long-term partners and their tools which we use to process relevant personal data:

  • · Five9, Inc. for building contact center services;
  • · Digital River Inc. for payments processing; and
  • · salesforce.com, Inc. for customer relationship management.

Furthermore, if you use one of our products, you can find relevant third-party tools listed under each product in our Products Policy.

Sometimes service providers, such as professional consultants, will be independent controllers of your data and their terms and conditions and privacy statements will apply to such relationships.

Public Authorities

In certain instances, it may be necessary for us to disclose your personal data to public authorities or as otherwise required by applicable law. 

No personal data will be disclosed to any public authority except in response to:

  • · A subpoena, warrant or other process issued by a court or other public authority of competent jurisdiction;
  • · A legal process having the same consequence as a court-issued request for data, in that if we were to refuse to provide such data, it would be in breach of local law, and we or our officers, executives or employees would be subject to liability for failing to honor such legal process; or 
  • · Where such disclosure is necessary for us to enforce our legal rights pursuant to applicable law.

Mergers, Acquisitions and Corporate Restructuring

Like any other company, we too go through our own cycle of growth, expansion, streamlining and optimization. Our business decisions and market developments therefore affect our structure. As a result of such transactions, and for maintaining a continued relationship with you, we may transfer your personal data to a related affiliate.

If we are involved in a reorganization, merger, acquisition or sale of our assets, your personal data may be transferred as part of that transaction. We will notify you of any such deal and outline your choices in that event, when applicable.

Cross-Border Transfers of Personal Data among Avast Entities and to Third-Party Vendors

We are a global business that provides its products and services all around the world. In order to reach all of our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be located in a country different than the one where you live. In some instances, these may be countries outside of the European Economic Area (“EEA”). Regardless, we provide the same GDPR-level of protection to all personal data we process.

At the same time, when we transfer personal data outside of the EEA, we always make sure to put in place appropriate and suitable safeguards, such as standardized contractual clauses approved by the European Commission, to ensure that your data remains safe and secure at all times and that your rights are protected.

Situations where we transfer personal data outside of the EEA include provision of our products and services, third-party analytic tools and the provision of support services. Further, an outside-EEA transfer may also occur in case of a merger, acquisition or a restructuring, where the acquirer is located outside of the EEA (see the Mergers, Acquisitions and Restructurings section).

How We Protect Your Personal Data 

We maintain administrative, technical, and physical safeguards for the protection of your personal data.

Administrative Safeguards

Access to personal data is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support, or who service accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. 

These third parties are contractually bound by confidentiality clauses, even when they leave. Where an individual employee no longer requires access, that individual's credentials are revoked.

Technical Safeguards

We store your personal data in our database using the protections described above. In addition, we utilize up-to-date firewall protection for an additional layer of security. We use high-quality antivirus and anti-malware software, and regularly update our virus definitions. Third parties who we hire to provide services and who have access to data are required to implement privacy and security practices that we deem adequate.

Physical Safeguards

Access to personal data in our database by Internet requires using an encrypted VPN, except for email which requires user authentication. Otherwise, access is limited to our physical premises. Physical removal of personal data from our location is forbidden. Third-party contractors who process personal data on our behalf agree to provide reasonable physical safeguards.

Proportionality

We strive to collect no more personal data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.

How Long We Store Your Personal Data

We will hold your personal data on our systems only for the minimum period required to achieve the purpose for which it is processed:

  • · If we are bound by a contract, we store your data for its lifetime and longer, if required by law or for exercise or defense of legal claims. 
  • · If you contact our customer support, we will store our communication for 6 years and 6 months. 
  • · If you are our reseller or distributor or use one of our products, we process your personal data for the purpose of business intelligence for up to 50 months depending on which third-party tools we are using and what their minimum retention periods are. If you use one of our products, you can find specific retention periods listed under each product in our Products Policy.
  • · If you provide us with your feedback, we will process such data for the period of 2 years after its submission. 
  • · If you are our customer, represent our customer or act as reseller/distributor, we may keep your contact details to send you offers during the existence of our relationship and up to 6 months after its termination. You can opt-out from such commercial communication anytime you want.

Location of Your Personal Data

The data we collect from you may be stored, with risk-appropriate technical and organizational security measures applied to it, on in-house as well as third-party servers in the Czech Republic, in the United States, as well as anywhere we or our trusted service providers and partners operate.

In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.

Your Privacy Rights

You have the right to information about whether and how we process your personal data, the right of access to your personal data, and the right to rectification and erasure of personal data or restriction of processing. You have the right to object to the processing of your personal data as well as the right to data portability. You also have the right to lodge a complaint with the supervisory authority. Where the processing of your personal data is based on consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal. More details about your rights can be found in our General Privacy Policy.

You have the following rights regarding the processing of your personal data:

  • · Right to information - Right to receive information about the processing of your personal data, prior to processing as well as during the processing, upon request.
  • · Right of access - Aside from the information about the processing of your personal data, you have the right to receive a copy of your personal data undergoing processing.
  • · Right to rectification - We should process accurate personal data; if you discover inaccuracy, you have the right to seek rectification of inaccurate personal data. 
  • · Right to erasure ("right to be forgotten") - You have the right to erasure of your personal data, but only in specific cases stipulated by law, e.g., if there is no legally recognized title on our part for further processing of your personal data (incl. protection of our legitimate interests and rights).
  • · Right to data portability - The right to receive personal data which you have provided and is being processed on the basis of consent or where it is necessary for the purpose of conclusion and performance of a contract, in machine-readable format. This right applies exclusively to personal data which processing is carried out by automated means.
  • · Right to object - Applies to cases of processing carried out in legitimate interest. You have the right to object to such processing, on grounds relating to your particular situation, and we are required to assess the processing in order to ensure compliance with all legally binding rules and applicable regulations. In case of direct marketing, we shall cease processing personal data for such purposes after the objection.
  • · Right to withdraw consent - In the case of processing based on your consent for the purpose of sending newsletters and offers you can withdraw your consent at any time, by using the same method (if technically possible) you used to provide it to us (the exact method will be described in more detail with each consent when you provide it). The withdrawal of consent shall not affect the lawfulness of processing based on your consent before its withdrawal.
  • · Right to restriction of processing - You have the right to restriction of processing of your personal data if: You are contesting the accuracy of your personal data, for a period enabling us to verify the accuracy of your personal data; the processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead; we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; or you have objected to processing of your personal data, and there is a pending verification whether our legitimate grounds override your interests.
  • · Right to contact supervisory authority, court - You may contact and lodge a complaint with the supervisory authority – The Office for Personal Data Protection (Czech: Úřad na ochranu osobních údajů – www.uoou.cz) or your local authority or a relevant court.

The fulfillment of data subject rights listed above will depend on the category of personal data and the processing activity. In all cases, we strive to fulfill your request.

We will action your request within one month of receiving a request from you concerning any one of your rights as a data subject. Should we be inundated with requests or particularly complicated requests, the time limit may be extended to a maximum of another two months. If we fail to meet these deadlines, we would, of course, prefer that you contact us to resolve the situation informally.

Where requests we receive are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or (b) refuse to act on the request.

Contact Us

To exercise any of your rights, or if you have any other questions or complaints about our use of your Personal Data and its privacy, write to our Privacy Team through the most convenient channel below:

We are registered as Avast Software s.r.o. and our registered address is Pikrtova 1737/1a, 140 00 Prague 4, Nusle, Postal Code 140 00, Czech Republic. You can always reach us by email at customerservice@avast.com.

Please type “PRIVACY REQUEST” in the message line of your email so we can have the appropriate member of the Avast team respond.

If you prefer, you can send paper mail to AVAST Software s.r.o., Pikrtova 1737/1a, 140 00 Prague 4, Czech Republic. Be sure to write "Attention: PRIVACY" in the address so we know where to direct your correspondence.

Data Protection Officer

As required under the GDPR, we have a data protection officer (DPO) to monitor our compliance with the GDPR, provide advice where requested and cooperate with supervisory authorities. You can contact our data protection officer via dpo@avast.com.

Changes to this Privacy Policy

We reserve the right to revise or modify this Privacy Policy. In addition, we may update this Privacy Policy to reflect changes to our data practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.