McAfee Privacy Notice
Effective Date: January 1, 2020
This Notice provides information about data we collect, use, and share, and our commitment to using the personal data we collect in a respectful fashion.
- What Kinds of Information Do We Collect?
- How Do We Use the Information We Collect?
- Third-Party Advertising
- Who Do We Share Personal Data With?
- How Do We Protect Your Data?
- What Choices Do You Have About Your Personal Data?
- How Long Does McAfee Retain the Personal Data it Collects?
- Children’s Privacy
- Residents of the European Economic Area (EEA)
- Supervisory Authority and Complaints
- Residents of Japan, Argentina, and Canada
- Residents of California
- Residents of Nevada
- Links to Other Websites
- Contact Us
We at McAfee, LLC, including our affiliates (“McAfee”, “we”, “us”, “our”), care deeply about privacy, security, and online safety, all of which are a significant part of our essential mission: to protect users of our products and services (“you” and “your”) from the risks of theft, disruption, and unauthorized access to their online information and activities. This Privacy Notice (“Notice”) is designed to inform you about how we collect, use, and share your personal data through our website (our “Site”), products, services, and web-based and mobile applications (collectively, the “Services”) or when you interact with us.
McAfee sells products and services directly to consumers (you can find more information about those products here,“Consumer Products”), as well as to corporations and business customers (you can find more information about those products here, “Enterprise Products”). This Privacy Notice applies both to the information we collect from you or your device when you download one of our Services and to the information we collect when one of our distribution partners or business customers installs our Services on your device.
When you access or use our Services, you acknowledge that you have read this Notice and understand its contents. Your use of our Services and the Site and any dispute over privacy is subject to this Notice, any applicable Terms of Service (including any applicable limitations on damages and the resolution of disputes) and any applicable End User License Agreement.
As McAfee grows, our business changes, and we may update this Notice at any time as we deem appropriate to reflect those changes. If there are any material changes to this Privacy Notice, we will notify you by email, in-product notification, or as otherwise required by applicable law. It is important that you check back and make sure that you have reviewed the most current version of this Notice.
This Notice applies to all users of our Services across the world. Some users, including residents of the European Economic Area, may have additional rights depending on where they are located, which are described in this Notice.
What Kinds of Information Do We Collect?
In order to provide our Services, we collect information. Some information you provide directly to us, some we collect automatically through our Services, and some is collected from third parties. In this Notice, “Personal Data” refers to data that could be used, alone or in combination with other data, to identify you as an individual.
We collect information you provide to us. For example, we collect information when you purchase a product or service, create an account, fill out a form, participate in a contest or promotion, request customer service, or otherwise communicate with us.
The types of Personal Data you may provide includes:
- Contact information (such as name, email address, mailing address, and phone number);
- Payment information (including payment card numbers and associated identifiers, billing address, and bank account information); and
- Account log-in credentials (which for some Services may include social network credentials).
We may also collect other information from or about you, such as information about what products you purchased, your interests, demographic information, photographs and videos, and biometric data such as fingerprints or voice prints. You may also provide us with additional data. For example, when you use our identity theft protection services, you will have the option to provide your social media log-in information so that we can monitor your social media accounts.
We automatically collect information about your interactions with the Services as well as devices on which the Services are installed. In some cases, we automatically collect information about other devices connected to the same network as the device on which the Services are installed.
For example, we may collect and use the following:
- Information about the products you looked at or searched for and the Services you used, including time spent and other statistical information.
- Details about your computers, devices, applications, and networks, including internet protocol (IP) address, cookie identifiers, mobile carrier, Bluetooth device IDs, mobile device ID, mobile advertising identifiers, MAC address, IMEI, Advertiser IDs, and other device identifiers that are automatically assigned to your computer or device when you access the Internet, browser type and language, language preferences, battery level, on/off status, geo-location information, hardware type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the Services, and other actions taken through use of the Services such as preferences. We may collect this information through our Services or through other methods of web analysis.
- When you use our products to protect your mobile device, we collect geolocation data of the device on which the product is installed.
- Details about your internet, app, or network usage (including URLs or domain names of websites you visit, information about the applications installed on your device, or traffic data); and performance information, crash logs, and other aggregate or statistical information.
In order to provide you our Services, including to detect and evaluate malware and spam, we may scan, collect, and store data from your files, including emails, attachments, email addresses, metadata, and URLs and traffic data.
We collect this information through our Services and through technologies such as cookies, web beacons or web bugs, and clear GIFs. Please see our Cookie Notice for more information about the cookies and similar technologies that we use and the choices available to you.
Information We Collect from Third Parties
We may receive information about you from other sources and combine that information with the information we collect directly. Examples of information we may receive from other sources include: updated delivery or payment information used to correct our records; purchase or redemption information; and customer support and enrollment information. For our identity protection Consumer Products, we also may collect credit or identity information which we use to help prevent and detect fraud.
Certain Services may request permission to access your location. Where you grant this permission, we will collect information about your location using GPS, wireless, or Bluetooth technology. You can control access to precise location information through your mobile device settings. We also may look up your IP address to determine your general location.
How Do We Use the Information We Collect?
To Help Protect You
When you install or use one of our Services, it will run in the background of your device or environment to help predict threats and better protect you, your devices, and your information. For example, McAfee may use information to:
- Analyze data sent to/from your device(s) to isolate and identify threats, vulnerabilities, viruses, suspicious activity, spam, and attacks, and communicate with you about potential threats;
- Participate in threat intelligence networks, conduct research, and adapt products and services to help respond to new threats;
- Encrypt your data, lockdown a device, or back-up or recover your data;
- Check for Service updates and create performance reports on our Services, to ensure they are performing properly; and
- Look for misuses of your data when you use our identity monitoring products.
To Run Our Business
We also use the information we collect for other business purposes, including to:
- Authenticate your identity and prevent fraud with your biometric data;
- Analyze your behavior to measure, customize, and improve our Site and Services, including developing new products and services;
- Advertise McAfee products and services that we think may be of interest to you;
- Establish and manage accounts and licenses, including by collecting and processing payments and completing transactions;
- Provide customer support, troubleshoot issues, manage subscriptions, and respond to requests, questions, and comments;
- Communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions;
- Conduct market and consumer research and trend analyses;
- Enable posting on our blogs, forums, and other public communications;
- Perform accounting, auditing, billing, reconciliation, and collection activities;
- Prevent, detect, identify, investigate, and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity; and
- Comply with and enforce legal rights, requirements, agreements, and policies.
We work with third-party advertising companies to display or deliver ads to you while you are on our Site or using some Services. These third-party advertisers may collect data about your interaction with the Site or Services or others’ sites or services to measure the effectiveness of their ads and to personalize advertising content. See our Cookie Notice to learn more about how McAfee and these advertising partners use tracking technologies like cookies and the choices available to you.
If you have consented to allow our Services to access to your location, our mobile advertising partners may use your location to target advertisements to you. You may use the location settings on your device to withdraw access to information about your location.
We may use Personal Data for which we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Data or with your consent.
Who Do We Share Personal Data With?
Generally, we disclose the information we collect to provide the Services, to communicate with you, to advertise or promote our Services, to facilitate changes to or transfers of our business, as required by law, or with your consent.
We may share Personal Information in the following ways:
- With current and future members of the McAfee family of companies for the purposes described in this Notice;
- With service providers who perform services for us (see the list of our sub-processors, available here for Consumer Products, and here for Enterprise Products);
- If we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss, including to protect against fraud or credit risk;
- To legal, governmental, or judicial authorities as instructed or required by those authorities and applicable laws, or in relation to a legal activity, such as in response to a subpoena or investigation of suspected illicit or illegal activities, or where we believe in good faith that users may be engaged in illicit or illegal activities, or where we are bound by contract or law to enable a customer or business partner to comply with applicable laws;
- In connection with, or during negotiations for, an acquisition, merger, asset sale, or other similar business transfer that involves all or substantially all of our assets or functions where Personal Data is transferred or shared as part of the business assets (provided that such party agrees to use or disclose such Personal Data consistent with this Notice or gains your consent for other uses or disclosures);
- With your consent or at your direction, such as when you choose to share information or publicly post content and reviews (for example, social media posts); and
- With persons of your choosing and at your discretion, should the product you are subscribed to allow that functionality.We may also share aggregate data that does not identify you or any specific device with third parties.
How Do We Protect Your Data?
We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability.
What Choices Do You Have About Your Personal Data?
If you register a McAfee Consumer Product, you can access and correct the Personal Data in your profile at any time by visiting My Account or contacting us as described below.
If you have not registered a McAfee product but one of our products is installed on your device, you may stop McAfee’s collection of Personal Data from your device by uninstalling that product.
To close your account and for other support questions, please visit the McAfee Contact Us page and click on “Support” tab and then select your "Country".
If you choose to no longer receive marketing information, McAfee may still communicate with you regarding transactional, legal or administrative topics, such as security updates, product functionality, and service requests.
Individual Rights in Personal Data
In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are processing your Personal Data; (ii) obtain access to or a copy of your Personal Data; (iii) receive a portable copy of your Personal Data, or ask us to send that information to another organization (the “right of data portability”); (iv) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Data; (v) restrict our processing of your Personal Data; (vi) object to our processing of your Personal Data; and (vii) request erasure of Personal Data held about you by us, subject to certain exceptions prescribed by law.
If you would like to exercise any of these rights, please visit our Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html or contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee prior to performing your request.
How Long Does McAfee Retain the Personal Data it Collects?
McAfee will keep your Personal Data for the minimum period necessary for the purposes set out in this Notice, namely (i) for as long as you are a registered subscriber or user of our products or (ii) for as long as your Personal Data are necessary in connection with the lawful purposes set out in this Notice, for which we have a valid legal basis or (iii) for as long as is reasonably necessary for business purposes related to provision of the Services, such as internal reporting and reconciliation purposes, warranties or to provide you with feedback or information you might request. Where required by law, we will delete your biometric data within three years of your last interaction with the Services.
In addition, if any relevant legal claims are brought, we may continue to process your Personal Data for such additional periods as are necessary in connection with that claim.
Once the abovementioned periods, each to the extent applicable, have concluded, we will either permanently delete, destroy, or de-identify the relevant Personal Data so that it can no longer reasonably be tied to you.
Some of McAfee’s Services provide security features that parents may use to monitor their child’s activity online, physical location, or use of a registered device. These Services require parental consent, and we do not knowingly use the Personal Data we collect from children’s devices for any purpose except to deliver the Services. These products allow parents to delete their child’s profile at any time. If you believe we have collected information from your child in error or have questions or concerns about our practices relating to children, please contact us as described below. If you are under the age of 18, you must have your parent’s permission to access the Services. McAfee urges parents to instruct their children never to give out their real names, addresses, or phone numbers, without parental permission. If you learn that your child has provided us with Personal Data without your consent, you may alert us by contacting us as described below. If we learn that we have collected any Personal Data from children under 13 (and in certain jurisdictions under the age of 16), we will promptly take steps to delete such information and terminate the child’s account.
McAfee is headquartered in the United States (see Contact Us for addresses), and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your Personal Data to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it.
Residents of the European Economic Area
If you are in the European Economic (EEA), the following additional disclosures apply.
Where you purchase one of McAfee’s consumer products, McAfee Ireland Limited acts as the Controller of your Personal Data.
Legal Basis for Processing
When we process your Personal Data, we will only do so in the following situations:
- We need to use your Personal Data to perform our responsibilities under our contract with you (e.g. processing payments for and providing the Services you purchase or request).
- We have a legitimate interest in processing your Personal Data. For example, we have a legitimate interest in processing your Personal Data to provide, secure, and improve our Services, in communicating with you about changes to our Services, and in informing you about new services or products.
- We have your consent to do so.We need to process your Personal Data to comply with our legal obligations.
We transfer Personal Data to countries outside of the EEA or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses in accordance with EU law and applicable EU regulations.
Individual Rights Requests and Withdraw Consent
You may submit a request to exercise your rights in Personal Data using the mechanisms explained under “What Choices Do You Have About Your Personal Data?” above. If you initially consented to our processing of your Personal Data, you may withdraw your consent using those mechanisms or by contacting us using the contact information below.
For Enterprise/Business Customers Only
Sometimes McAfee products and services are offered through a third party such as an employer. In these instances, McAfee acts as a data processor and only processes Personal Data in line with instructions received from its customers.
Any requests relating to the exercise of individual rights in Personal Data processed as part of a service offered by a third party should be made by an authorized individual using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html. If you require further information about the Personal Data processed by the McAfee offered through a third party, please contact your account manager.
Supervisory Authority and Complaints
If you are an EU/EEA Data Subject and have a concern about our practices concerning the processing of Personal Data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside or in which you work, or in which the alleged infringement occurred, each as applicable, or by contacting the Irish supervisory authority for data protection issues, at https://www.dataprotection.ie/docs/Home/4.htm, or +353 57 868 4800.
Residents of Japan, Argentina, and Canada
If you are a resident of Japan, Argentina, or Canada and you have an inquiry regarding your personal information held by McAfee, including your personal information collected through your use of our products you may request further information using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html.
Residents of California
Your California Privacy Rights - Shine the Light Law
McAfee does not share information that identifies you personally with non-affiliated third parties for their own marketing use without your permission.
California Consumer Privacy Act
If you are a resident of California, you may submit a request to exercise your rights in Personal Data using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html. For purposes of the California Consumer Privacy Act, McAfee does not “sell” your Personal Data.
Residents of Nevada
McAfee does not sell information that identifies you personally with non-affiliated third parties. If you would like to make a request that we not sell identifying information about you in the future, you may make a request using the contact information below.
Links to Other Websites
Our Site and Services may contain links to other websites for your convenience and information. These websites may be operated by companies not affiliated with McAfee. Linked websites may have their own privacy policies or notices, which we strongly suggest you review if you visit those websites. We are not responsible for the content, privacy practices, or use of any websites that are not affiliated with McAfee.
Click here to contact us regarding this Privacy Notice or other related Privacy issues. You can also write to us as follows:
In the US by registered mail:
Attn: Legal Department – Privacy Office
5000 Headquarters Drive
Plano TX 75024 USA
or call us at +1 (888) 847-8766
In the European Economic Area by registered post:
Attn: Legal Department
2000 City Gate
or call us at +353 21 467 2000
In Japan by registered mail:
McAfee Co. Ltd.
Attn. Legal Department
Shibuya Mark City West,
Tokyo, 150-0043 Japan