F-Secure SAFE privacy policy

In brief

F‑Secure SAFE is a security solution to protect computers, tablets, and smartphones. More recent versions also include a management portal, My F‑Secure, to help you better manage your licenses across your devices and those of your family members.

To summarize SAFE and privacy:

  • we ask for your name, email address, and/or phone number;
  • we collect anonymous security data to protect your device;
  • the focus of data collection is not on you, but on your device and our service; and
  • the portal provides limited visibility among those who share the same subscription.

In full

This product-specific policy is an add-on to the F‑Secure privacy statement. This add-on policy focuses on 1) the type of personal and private data that we collect from you in this service and 2) what we use it for and for how long. We focus on these two items because we believe that they matter to you the most. For other aspects regarding the processing of your personal data, see the F‑Secure privacy statement, which applies to all of our services.

This policy is split into the following parts:

  • User data
  • My F‑Secure
  • Security Cloud
  • Legal grounds
  • Analytics
  • Retention
  • Communications
  • Operator partners

User data

We ask for your name, user name, email address, and phone number.

The service also automatically collects the following data about you, your device, and the service:

  • all the users in the group (first name, last name, user name);
  • license creation time, number of purchased licenses, and types of services that each user has subscribed to;
  • language;
  • device model, name, operating system, and version, as well as unique identifiers, including your device's IMEI and MSISDN code;
  • device location for location-based services, if the user needs to locate their device;
  • service statistics per device, e.g. how many times the user has locked or unlocked the device or what kind of setting profiles the user has enabled or created;
  • other substantially similar device and service data.

We use this data to:

  • deliver the services to you (including identifying authorized users and managing licenses);
  • provide help and support to you;
  • maintain, develop, and enhance the services and your customer experience and do troubleshooting and performance measurement;
  • improve the functionality of the services and related websites;
  • track the services that you have bought and used so that we can manage your customer relationship and communicate with you;
  • send you information about the services, for example to inform you of expiring licenses, new versions and features, digital security in general, related services; arrange competitions and conduct customer satisfaction surveys.

My F‑Secure

To help you in managing your subscriptions and settings and to help us better help you in case of problems, the following data from all of the devices and users in the subscription is visible to those who share the same subscription: user / device name, profile name, first name, last name.

You can use the My F‑Secure service to locate your misplaced devices. In such cases, the location data is processed for your use only for a limited amount of time, after which we will either delete it or make it anonymous. The location data of past queries is only stored for those queries that are visible in the service. A user can only locate their own device or the devices of their children when using Family Rules, not other registered users' devices.

When you query your device location using a third-party map service, the provider of the location data utilizes such data based on its own terms, privacy statements, and laws applicable to it. On the publication date of this policy, F‑Secure is using Google Maps to show the location of your queried device and Google privacy policies shall apply to such use. The data is not accessible to other third parties and it is not used for any other value-added services.

Legal grounds

We process your data so that we can provide you with our services that you have made a contract for or are in the process of doing so. Such contracts may be made either directly with us or with another entity (such as our webstore or operator partner) that has tendered our services to you. Tendering of services may take the form of a purchase or be free of charge.

In the case of data that is not strictly necessary to provide you with the services – but would help us in providing you with better services in the long run – we collect such data only with your consent.

The service user interface may also provide you with other settings to adjust your preferences.

Analytics

The service also collects analytical data on service and website use (such as which features are used and how often). We do this so that we can create services that are of value to you and our other customers. Our interest is the needs and behavior of our users as a group, not in the names of those users. Our analytics are explained in more detail in the analytics section of our privacy statement.

Retention

Personally identifiable user data is retained for the duration of an active service subscription. This retention period is extended for six months to allow customers to re-engage their expired subscription. After said retention period, the customer account will be scheduled for removal.

If you have purchased the service via our operator partners, the account deletion is controlled by that operator partner. When the partner notifies us that your subscription has been terminated, F‑Secure subsequently removes the account and deletes or anonymizes personal data related to the account.

Analytics data collected with the user's consent is retained for statistical purposes and is not deleted on removal of personal data and the user account. Analytics data is pseudonymized so that it cannot be linked to an identifiable user or account.

Security Cloud

The core of the service is our 'Security Cloud', to which the service sends queries on potentially malicious activity on your device. These queries – such as URLs and file identifiers – cannot be connected to an individual user. The Security Cloud data collection is explained in more detail in its dedicated privacy statement.

Communications

We strive to provide you with relevant communications. You can adjust the kind of messages you receive from us in the service marketing preferences portal.

Operator partners

If you have subscribed to the service via your operator, we may collect your email, name, and phone number directly from the operator systems upon your subscription to our services. We also exchange such above listed data as is necessary (e.g. status of your subscription, data collected for resolving a technical support case) with the operator. We do this to provide you with a smooth customer experience and support services, and to communicate with you in a consistent manner.

With your permission, the operator may also access your account to provide you with customer support.

Data privacy compliance

F‑Secure always applies strict security measures to protect the confidentiality and integrity of your personal data.

Device Administrator rights are required for the application to perform, and F‑Secure is using the respective permissions in full accordance with Google Play policies and with the active consent of the end user. Device Administrator permissions are used for the Finder and Parental Control features, in particular:

  • The remote alarm, wipe, and locate functionalities used in the Finder feature
  • To prevent children from removing the application without parental guidance
  • Browsing Protection

April 2018