Personal Data File for Vulnerability Reward Program Payment Information
|1. Controller|| F-Secure Corporation |
Business ID FI0705579-2
P.O.Box 24 FI-00181
Tel. +358 9 2520 0700
Fax +358 9 2520 5001
|2. Contact person for privacy issues related to registry|| Antti Vähä-Sipilä, Senior Manager, Software Security |
Calvin Gan, Team Lead, Customer Care, Threat Response
The primary contact point is by email to email@example.com. Non-electronic communication should be directed to the postal address above, addressed to the contact person(s).
|3. Name of the description of a file||Payment information for F-Secure Vulnerability Reward Program|
|4. The purpose of processing personal data|| |
1. Paying, tracking and auditing vulnerability rewards related to the F-Secure Vulnerability Reward Program (a.k.a. Bug Bounty Program)
2. Informing the Finnish Tax Administration of vulnerability reward payments
|5. Registry Contents|| |
Data subjects are recipients of vulnerability reward payments (a "recipient", below).
1. Name of the recipient
|6. Regular Sources of Information||Data is provided by the recipient of the reward upon request.|
|7. Regular destinations of disclosed data.|| |
1. The financial institution(s) that are used to perform the payment. For Single Euro Payments Area (SEPA) payments, this includes data items 1 and 3a (and optionally 2), for non-SEPA payments, data items 1, 2 and 3b.
Some of F-Secure's affiliated companies are located outside the European Economic Area (EEA). Where personal data is transferred from the EEA to outside of the EEA, F-Secure undertakes to safeguard the security and integrity of processing by appropriate safeguards as required by the law by imposing appropriate contractual safeguards towards such data importers, e.g., by using data transfer clauses approved by the European Union.
|8. Description of the principles in accordance to which the data file has been secured.|| |
We strongly suggest that the reward recipients send the information to us in an encrypted email.
|9. Changes||F-Secure reserves the right to change this description of a file from time-to-time to comply with its legal obligations.|
|10. Right of access||Data subjects have the legal rights to access their data as defined in the applicable Finnish data protection legislation.|