McAfee Enterprise Privacy Notice
Effective Date: July 27, 2021
This Notice provides information about data we collect, use, and share, and our commitment to using the personal data we collect in a respectful fashion.
- What Kinds of Information Do We Collect?
- How Do We Use the Information We Collect?
- Third-Party Advertising
- Who Do We Share Personal Data With?
- How Do We Protect Your Data?
- What Choices Do You Have About Your Personal Data?
- How Long Does McAfee Enterprise Retain the Personal Data it Collects?
- Children’s Privacy
- Residents of the European Economic Area (EEA)
- Supervisory Authority and Complaints
- Residents of Japan, Argentina, and Canada
- Residents of California
- Residents of Nevada
- Links to Other Websites
- Contact Us
McAfee Enterprise, care deeply about privacy, security, and online safety, all of which are a significant part of our essential mission: to protect users of our products and services (“you” and “your”) from the risks of theft, disruption, and unauthorized access to their online information and activities. This Privacy Notice (“Notice”) is designed to inform you about how we collect, use, and share your personal data through our website (our “Site”), Enterprise products, services, and web-based and mobile applications (collectively, the “Products and Services”) or when you interact with us.
When you access or use our Products and Services, you acknowledge that you have read this Notice and understand its contents. Your use of our Products and Services and the Site and any dispute over privacy is subject to this Notice, any applicable Terms of Service (including any applicable limitations on damages and the resolution of disputes) and any applicable Data Processing Agreement, End User License Agreement and Cloud Services Agreement.
As McAfee Enterprise grows, our business changes, and we may update this Notice at any time as we deem appropriate to reflect those changes. If there are any material changes to this Privacy Notice, we will notify you by email, in-product notification, or as otherwise required by applicable law. It is important that you check back and make sure that you have reviewed the most current version of this Notice.
This Notice applies to all users of our Products and Services across the world. Some users, including residents of the European Economic Area, may have additional rights depending on where they are located, which are described in this Notice.
What Kinds of Information Do We Collect?
In order to provide our Products and Services, we collect information. Some information you provide directly to us, some we collect automatically through our Products and Services, and some is collected from third parties. In this Notice, “Personal Data” refers to data that could be used, alone or in combination with other data, to identify you as an individual
We collect information you provide to us. For example, we collect information when you purchase Products and Services, create an account, fill out a form, participate in a contest or promotion, request customer service, or otherwise communicate with us.
Personal Data you may provide includes:
- Contact information (such as name, email address, mailing address, and phone number);
- Payment information (including payment card numbers and associated identifiers, billing address, and bank account information); and
- Account log-in credentials (which for some Products and Services may include social network credentials).
We may also collect other information from or about you, such as information about what products you purchased, your interests, demographic information, photographs and videos, and biometric data such as fingerprints or voice prints. You may also provide us with additional data. For example, when you use our identity theft protection services, you will have the option to provide your social media log-in information so that we can monitor your social media accounts.
We automatically collect information about your interactions with the Products and Services as well as devices on which the Products and Services are installed. In some cases, we automatically collect information about other devices connected to the same network as the device on which the Products and Services are installed.
For example, we may collect and use the following:
- Information about the products you looked at or searched for and the Products and Services you used, including time spent and other statistical information.
- Details about your computers, devices, applications, and networks, including internet protocol (IP) address, cookie identifiers, mobile carrier, Bluetooth device IDs, mobile device ID, mobile advertising identifiers, MAC address, IMEI, Advertiser IDs, and other device identifiers that are automatically assigned to your computer or device when you access the Internet, browser type and language, language preferences, battery level, on/off status, geo-location information, hardware type, operating system, Internet service provider, pages that you visit before and after using the Products and Services, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the Products and Services, and other actions taken through use of the Products and Services such as preferences. We may collect this information through our Products and Services or through other methods of web analysis.
- When you use our Products and Services to protect your mobile device, we may collect geolocation data of the device on which the product is installed.
- Details about your internet, app, or network usage (including URLs or domain names of websites you visit, information about the applications installed on your device, or traffic data); and performance information, crash logs, and other aggregate or statistical information.
In order to provide you our Products and Services, including to detect and evaluate malware and spam, we may scan, collect, and store data from your files, including emails, attachments, email addresses, metadata, and URLs and traffic data.
We collect this information through our Products and Services and through technologies such as cookies, web beacons or web bugs, and clear GIFs. Please see our Cookie Notice for more information about the cookies and similar technologies that we use and the choices available to you.
Information We Collect from Third Parties
We may receive information about you from other sources and combine that information with the information we collect directly. Examples of information we may receive from other sources include: updated delivery or payment information used to correct our records; purchase or redemption information; and customer support and enrollment information.
Certain Products and Services may request permission to access your location. Where you grant this permission, we will collect information about your location using GPS, wireless, or Bluetooth technology. You can control access to precise location information through your mobile device settings. We also may look up your IP address to determine your general location.
How Do We Use the Information We Collect?
To Help Protect You
When you install or use one of our Products and Services, it will run in the background of your device or environment to help predict threats and better protect you, your devices, and your information. For example, McAfee Enterprise may use information to:
- Analyze data sent to/from your device(s) to isolate and identify threats, vulnerabilities, viruses, suspicious activity, spam, and attacks, and communicate with you about potential threats;
- Participate in threat intelligence networks, conduct research, and adapt products and services to help respond to new threats;
- Encrypt your data, lockdown a device, or back-up or recover your data;
- Check for Product and Service updates and create performance reports on our Products and Services, to ensure they are performing properly; and
- Look for misuses of your data when you use our identity monitoring products.
To Run Our Business
We also use the information we collect for other business purposes, including to:
- Authenticate your identity and prevent fraud with your biometric data;
- Analyze your behavior to measure, customize, and improve our Site, Products and Services, including developing new products and services;
- Advertise McAfee Enterprise Products and Services that we think may be of interest to you;
- Establish and manage accounts and licenses, including by collecting and processing payments and completing transactions;
- Provide customer support, troubleshoot issues, manage subscriptions, and respond to requests, questions, and comments;
- Communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions;
- Conduct market and consumer research and trend analyses;
- Enable posting on our blogs, forums, and other public communications;
- Perform accounting, auditing, billing, reconciliation, and collection activities;
- Prevent, detect, identify, investigate, and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity; and
- Comply with and enforce legal rights, requirements, agreements, and policies.
We work with third-party advertising companies to display or deliver ads to you while you are on our Site or using some Products and Services. These third-party advertisers may collect data about your interaction with the Site to measure the effectiveness of their ads and to personalize advertising content. See our Cookie Notice to learn more about how McAfee Enterprise Site and advertising partners use tracking technologies like cookies and the choices available to you.
We may use Personal Data for which we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Data or with your consent.
Who Do We Share Personal Data With?
Generally, we disclose the information we collect to provide the Products and Services, to communicate with you, to advertise or promote our Products and Services, to facilitate changes to or transfers of our business, as required by law, or with your consent.
We may share Personal Information in the following ways:
- With current and future members of the McAfee Enterprise family of companies for the purposes described in this Notice;
- With service providers who perform services for us (see the list of our sub-processors);
- If we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss, including to protect against fraud or credit risk;
- To legal, governmental, or judicial authorities as instructed or required by those authorities and applicable laws, or in relation to a legal activity, such as in response to a subpoena or investigation of suspected illicit or illegal activities, or where we believe in good faith that users may be engaged in illicit or illegal activities, or where we are bound by contract or law to enable a customer or business partner to comply with applicable laws;
- In connection with, or during negotiations for, an acquisition, merger, asset sale, or other similar business transfer that involves all or substantially all of our assets or functions where Personal Data is transferred or shared as part of the business assets (provided that such party agrees to use or disclose such Personal Data consistent with this Notice or gains your consent for other uses or disclosures);
- With your consent or at your direction, such as when you choose to share information or publicly post content and reviews (for example, social media posts); and
- With persons of your choosing and at your discretion, should the product you are subscribed to allow that functionality. We may also share aggregate data that does not identify you or any specific device with third parties.
How Do We Protect Your Data?
We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability.
What Choices Do You Have About Your Personal Data?
McAfee Enterprise Accounts
If you register a McAfee Enterprise Product, you can access and correct the Personal Data in your profile through your Product.
If you have not registered a McAfee Enterprise Product but one of our products is installed on your device, you may stop McAfee Enterprise collection of Personal Data from your device by uninstalling that product.
Some McAfee Enterprise Products give you the ability to control Personal Data sent to McAfee. To terminate your account or for support questions, please contact your account or support representative, or refer to the support documentation for your product.
To stop receiving marketing communications, click on the unsubscribe link in the email, or click here for McAfee Enterprise marketing communications page.
If you choose to no longer receive marketing information, McAfee Enterprise may still communicate with you regarding transactional, legal or administrative topics, such as security updates, product functionality, and service requests.
Individual Rights in Personal Data
In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are processing your Personal Data; (ii) obtain access to or a copy of your Personal Data; (iii) receive a portable copy of your Personal Data, or ask us to send that information to another organization (the “right of data portability”); (iv) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Data; (v) restrict our processing of your Personal Data; (vi) object to our processing of your Personal Data; and (vii) request erasure of Personal Data held about you by us, subject to certain exceptions prescribed by law.
If you would like to exercise any of these rights, please visit our Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html or contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee prior to performing your request.
How Long Does McAfee Enterprise Retain the Personal Data it Collects?
McAfee Enterprise will keep your Personal Data for the minimum period necessary for the purposes set out in this Notice, namely (i) for as long as you are a registered subscriber or user of our products or (ii) for as long as your Personal Data are necessary in connection with the lawful purposes set out in this Notice, for which we have a valid legal basis or (iii) for as long as is reasonably necessary for business purposes related to provision of the Products and Services, such as internal reporting and reconciliation purposes, warranties or to provide you with feedback or information you might request. Where required by law, we will delete your biometric data within three years of your last interaction with the Products and Services.
In addition, if any relevant legal claims are brought, we may continue to process your Personal Data for such additional periods as are necessary in connection with that claim.
Once the abovementioned periods, each to the extent applicable, have concluded, we will either permanently delete, destroy, or de-identify the relevant Personal Data so that it can no longer reasonably be tied to you.
Due to their nature McAfee Enterprise Products and Services will not be used to monitor activity, physical location, or use by children. If you believe we have collected information from your child in error or have questions or concerns about our practices relating to children, please contact us as described below. McAfee Enterprise urges parents to instruct their children never to give out their real names, addresses, or phone numbers, without parental permission. If you learn that your child has provided us with Personal Data without your consent, you may alert us by contacting us as described below. If we learn that we have collected any Personal Data from children under 13 (and in certain jurisdictions under the age of 16), we will promptly take steps to delete such information and terminate the child’s account.
McAfee Enterprise is headquartered in the United States (see Contact Us for addresses), and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your Personal Data to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it.
Residents of the European Economic Area
If you are in the European Economic (EEA), the following additional disclosures apply.
Where you purchase a McAfee’s Enterprise Products and Services, Musarubra acts as the Controller of your Personal Data.
Legal Basis for Processing
When we process your Personal Data, we will only do so in the following situations:
- We need to use your Personal Data to perform our responsibilities under our contract with you (e.g. processing payments for and providing the Products and Services you purchase or request).
- We have a legitimate interest in processing your Personal Data. For example, we have a legitimate interest in processing your Personal Data to provide, secure, and improve our Products and Services, in communicating with you about changes to our Products and Services, and in informing you about new products or services.
- We have your consent to do so. We need to process your Personal Data to comply with our legal obligations.
We transfer Personal Data to countries outside of the EEA or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses in accordance with EU law and applicable EU regulations.
Individual Rights Requests and Withdraw Consent
You may submit a request to exercise your rights in Personal Data using the mechanisms explained under “What Choices Do You Have About Your Personal Data?” above. If you initially consented to our processing of your Personal Data, you may withdraw your consent using those mechanisms or by contacting us using the contact information below.
Enterprise Product Customer End Users
Individual natural persons typically access McAfee Enterprise products and services through a a business entity/ employer that has purchased the product or service. In these instances, McAfee Enterprise acts as a data processor and only processes Personal Data in line with McAfee Enterprise Data Processing Agreement incorporated by reference in McAfee Enterprise End User License Agreement or any other executed agreement. Typically, McAfee Enterprise limits its processing of Personal Data to the data provided by the Enterprise Product customer, which acts as a controller.
Any requests relating to the exercise of individual rights about an end user’s Personal Data in McAfee Enterprise custody should be made by using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html. If you require further information about the Personal Data processed by McAfee Enterprise offered through a third party, please contact your account manager.
Supervisory Authority and Complaints
If you are an EU/EEA Data Subject and have a concern about our practices concerning the processing of Personal Data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside or in which you work, or in which the alleged infringement occurred, each as applicable, or by contacting the Irish supervisory authority for data protection issues, at https://www.dataprotection.ie/docs/Home/4.htm, or +353 57 868 4800.
Residents of Japan, Argentina, and Canada
If you are a resident of Japan, Argentina, or Canada and you have an inquiry regarding your personal information held by McAfee Enterprise, including your personal information collected through your use of our products you may request further information using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html.
Residents of California
Your California Privacy Rights - Shine the Light Law
McAfee Enterprise does not share information that identifies you personally with non-affiliated third parties for their own marketing use without your permission.
California Consumer Privacy Act
If you are a resident of California, you may submit a request to exercise your rights in Personal Data using the Individual Data Request Form available at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html. For purposes of the California Consumer Privacy Act, McAfee Enterprise does not “sell” your Personal Data.
Residents of Nevada
McAfee Enterprise does not sell information that identifies you personally with non-affiliated third parties. If you would like to make a request that we not sell identifying information about you in the future, you may make a request using the contact information below.
Links to Other Websites
Our Site, Products and Services may contain links to other websites for your convenience and information. These websites may be operated by companies not affiliated with McAfee Enterprise. Linked websites may have their own privacy policies or notices, which we strongly suggest you review if you visit those websites. We are not responsible for the content, privacy practices, or use of any websites that are not affiliated with McAfee Enterprise.
Click here to contact us regarding this Privacy Notice or other related Privacy issues. You can also write to us as follows:
In the US by registered mail:
Attn: Legal Department – Privacy Office
5000 Headquarters Drive
Plano TX 75024 USA
or call us at +1 (888) 847-8766
In the European Economic Area by registered post:
Attn: Legal Department
2000 City Gate
or call us at +353 21 467 2000
In Japan by registered mail:
McAfee Co. Ltd.
Attn. Legal Department
Shibuya Mark City West,
Tokyo, 150-0043 Japan