Privacy

We believe in your right to privacy. We defend it tirelessly.

Privacy principles

WithSecure privacy principles

1. We respect your right to privacy

First and foremost, we respect your privacy in everything we do. Your trust is important to us. We respect your control of your personal data and digital content, and it's our priority to prevent unauthorized access to it by anyone. Whenever we ask you for information, it is to better serve you: If we don't need it, we won't ask for it.

2. We will protect you

Not only do we live up to our principles, we also seek to protect you against external threats. We do this through our services and by sharing our insights on digital ecosystems with you. Your digital life should be nobody else's business but yours.

3. You decide how much you share with us

To provide you even better services and relevant messages, we collect information about how our applications are found and used. This means that when you're using our services, we track things like which features are used most and which actions trigger error messages. However, if you are uncomfortable with tracking, we completely appreciate that and therefore WithSecure products offer opt-out possibilities from non-critical data collection.

4. No backdoors

We do not build backdoors into our services or software for access by authorities or anyone else. Officials who want information for criminal investigations must enter through our front door with a warrant.

5. There is no privacy without security

Secure services help keep valuable data safe from malicious intentions and prying eyes. Without security, there is no guarantee of privacy. With our dedication to privacy and expertise in security, we can offer true digital freedom.

6. We keep our messaging relevant

We want to engage you and help you stay safe in the digital world. One way we do this is through relevant messages. Our messages are not just marketing. They are intended to be informative, fun and useful and to help you get the most out of our services. You can always opt out from our messaging if you prefer.

7. We choose service providers we can trust

As part of the Internet ecosystem, like any provider of digital services we must also use external solutions. However, we carefully partner with service providers who share our commitment to privacy and security. We don't share any more data with them than is absolutely necessary.

8. We are the good guys

Great software always has great people behind it. At WithSecure, honesty and integrity are part of our culture. We believe a free and open Internet is for the betterment of humanity, and we can stand for privacy and digital freedom because we have the people to back it up.

9. Transparency

We will be open and honest with you. We won't use your personal data for hidden purposes. We strive for clear and easy to understand communications – not jargon.

 

Support tools

Support tool privacy policy

January 2023

In brief

When the WithSecure™ Support tool is run, it gathers information about your computer system and configuration, as well as the logs created by our services. The information is used for troubleshooting and solving problems in our services.

In most cases, you may review and edit the information before you send the archive file to customer support.

In full

This privacy policy focuses on the items we believe are the most relevant for you. Such items are in particular:

  1. the type of personal and private data that the service collects,
  2. what we use it for,
  3. our justification,
  4. typical disclosures, and
  5. for how long we store it.

More information on such topics as well as on other aspects (data subject rights, contact information, etc.) of the processing of your personal data is also available via the embedded links to our General privacy policy.

What do we collect and what do we do with it?

Information collected from WithSecure service logs

The information includes WithSecure service logs. This information contains detailed information of the service activity, for example downloading and installing updates, communication between the service components, engaging a feature, and security events. The information may contain service crash dumps, file paths, banking web sites, and blocked web pages.

Information collected from the operating systems logs

The information contains the current configuration of your operating system, for example the network configuration, installed applications, operating system services (e.g. OS update services) and running processes and applications (e.g. internet browser), mapped drives and device and user names, system crash dumps and logs. The submitted information also includes a snapshot of the system event history.

Purposes

Service log information is collected to establish whether our service has operated as intended, including resolving potential incorrectly categorized issues. Operating system information is collected for the purpose of troubleshooting problems in cases where our own service logs provide insufficient information. The archive file is also used as a data source to support our development activities, so that we can prevent the re-occurrence of the issue on your device or on those of other customers.

What do we do with it?

The interaction and service-specific privacy policies and notices set out the specific purposes for using the personal data collected by each service or processed in such activity.

In addition to such specific purposes, the following general purposes of personal data use apply across all of our services:

  • Provisioning of services. To deliver our services to you, we process the data for the following purposes:
    • Customer journey. To identify authorized users, process and track transactions, administer user accounts, as well as for shipping, invoicing, and managing licenses.
    • Deliver, fix, and enhance. Delivering, maintaining, and developing our services and websites, and to provide help and support for the services.
    • Analyze. To track that our services are taken into use and how they are used so that we can improve the services, manage your customer relationship, and approach you with relevant messages.
  • Communicate. To send you information relating to the services, conduct customer surveys, and market our services to you. The actual communication may be handled either by WithSecure or by our partners.
  • Regulatory. To prevent fraudulent, illegal, or infringing activities and to comply with legal or regulatory requirements.

Adjustments

If you have been asked (by WithSecure Customer Care or by our partners or your company IT administrator) to change the logging level to "full" prior to (re)running this tool to record information from an WithSecure service, the following scan performed by this tool includes additional data compared to the above. The type of collected additional data varies according to the target of the debugging activity. Our Customer Care can advise you on what kind of data would be likely collected for the issue at hand. We typically need to do this when we do not have enough data to diagnose the problems on your device.

If you are manually running the support tool yourself – i.e. the tool is not activated remotely – the information collected by the tool is saved as an archive file to your desktop or computer. In such cases, you can extract the files and edit the information before recompressing and sending it to us.

Legal grounds

The collection of the above data is necessary for us to be able to effectively provide you / your employer with our support services. Absent of this data, it will be more difficult to help you to solve the incident with our services.

If you are a corporate customer or employee of our corporate customers, we have a legitimate interest to use the collected / submitted data to solve the problems that have given rise to support cases and also to store the data for the time that is necessary to prevent the incident from re-occurring in our services. Regardless of our justification, you retain control over whether to send / allow sending of the information package to WithSecure.

Transfers and disclosures

The archive file may be handled by WithSecure Corporation, our affiliated companies, relevant subcontractors, and our support partners, but only for the purposes set out in this policy. Where the service has been provided to you via our corporate reseller or operator partner, your support contact is likely via these entities. These entities will typically forward the archive file to WithSecure for analysis and in-depth problem resolution activities. In some cases, the archive file may also be handled by such reseller if they have the capability to perform the problem resolution activities independently from WithSecure.

More information on transfers and disclosures is available in our General Privacy Policy.

Retention

The file is stored by WithSecure as long as necessary for ascertaining that the encountered issues will be fixed and will remain fixed in future service releases and for a maximum of two years from closing the support case.

While the archive file is under WithSecure care, we respect the possibly private and confidential nature of the information in the archive file and do not use it or share it except as necessary for the above purposes.

Please read our General privacy policy for possible exceptions or typical reasons why we may need to deviate from the primary retention rules set out above.

Security

We apply strict security measures to protect the confidentiality, integrity, and availability of your personal data when transferring, storing, or processing it.

We use physical, administrative, and technical security measures to reduce the risk of loss, misuse, or unauthorized access, disclosure, or modification of your personal data.

All personal data is stored on secure servers operated by WithSecure or our partners with access limited to authorized personnel only.

Your rights

Please read our General privacy policy for information on your statutory rights and how to contact us.

General

Please note that this privacy policy will regularly be updated to reflect any changes in the way we handle your personal data or any changes in applicable laws. 

This version of the policy clarifies, updates, and replaces the previous version. To continue keeping this document up to date, we will make changes and additions to this from time to time. 

More information on definitions and change management is available in our General privacy policy.

Surveys

Survey

In brief

In this privacy policy, we at WithSecure explain how we handle personal data in our surveys.

We collect survey data on our customers’ experience of working with us and our products and services. We use your responses to improve our products, services, and for other collaboration with our customers.

In full

WithSecure deploys customer surveys to acquire feedback on security services. We use this feedback to increase our customer understanding and consequently to improve our products and services, as well as the way that we operate on the market.

This privacy policy focuses on the items we believe are the most relevant for you. Such items are in particular:

  1. the type of personal and private data that the service collects,
  2. what we use it for,
  3. our justification,
  4. typical disclosures, and
  5. for how long we store it.

More information on such topics as well as on other aspects (data subject rights, contact information, etc.) of the processing of your personal data is also available via the embedded links to our General privacy policy.

What data do we collect?

We prepopulate our survey with the data that we have on you. This typically includes your email address, phone number, name, language, country, and other customer relationship data. We may additionally ask for some more information, such as age and gender, to help categorize responses. In the survey we ask about your experience with us.

Choices

We collect this data only where you consent to it by responding to our survey. You do not have to respond to us. However, we would very much appreciate that you do so, so that we know what you value to better serve you.

Partners

In some cases, we also conduct surveys on our partners’ end customers. To effectively approach you as an partner’s end customer and to get usable results, the partner provides us with baseline data on intended survey recipients. Such data typically includes email addresses, names, phone numbers, contact IDs, number of activated licenses, details on the offer (e.g. fixed or mobile, number of paid licenses). We may share your responses with the partner for analysis and as feedback for future improvements. The partner processes and stores such data according to their own practices.

  • If the partner manages the communication preferences and/or holds all identifying data for the recipient, the partner is responsible for removing those end customers who have opted out.
  • If WithSecure™ manages the communication preferences relating to distributed security services for the recipient, WithSecure™ is responsible for removing the recipients who have opted out.

The partner is the first point of contact for any additional queries from the survey recipient.

Transfers and disclosures

We share our customers’ contact data with our affiliates and subcontractors to enable our affiliates and subcontractors to contact customers for conducting surveys and to provide visibility of survey results to the relevant affiliates. The affiliates and subcontractors agree to process personal data solely as instructed by WithSecure. They are not allowed to use survey data for any other purposes. They are themselves responsible for cookie practices on their sites.

For more information on our transfers and disclosures please read our General privacy policy.

Retention

If you are our corporate customer or partner, your survey responses are stored in our customer registry in accordance with its retention rules set out in our General privacy policy.

The purpose for retention is to ensure enough time for conducting a successful survey and analyzing the data. After this, the results will be anonymized and continue to be stored as aggregate results.

Security

We apply strict security measures to protect the confidentiality, integrity, and availability of your personal data when transferring, storing, or processing it.

We use physical, administrative, and technical security measures to reduce the risk of loss, misuse, or unauthorized access, disclosure, or modification of your personal data.

All personal data is stored on secure servers operated by WithSecure or our partners with access limited to authorized personnel only.

Your rights

Please read our General privacy policy for information on your statutory rights and how to contact us.

General

Please note that this privacy policy will regularly be updated to reflect any changes in the way we handle your personal data or any changes in applicable laws. 

This version of the policy clarifies, updates, and replaces the previous version. To continue keeping this document up to date, we will make changes and additions to this from time to time. 

For information on definitions and change management please read our General privacy policy.

Website

Website

In brief

  • We use cookies, web beacons, and other tracking technologies to learn how our websites are used and how they perform.
  • We do this to improve your experience on the sites, and to be better able to market our products and services to you.
  • The specific set of technologies used varies depending on the product, service, and site you are interested in or use.

 

In full

This policy describes the privacy practices on our websites. By websites (or sites) this description refers to groups of pages within the WithSecure.com domain. Our online resellers (e.g. Cleverbridge AG) have their own privacy policies and are not included in this policy. For our personal data processing practices in general, please see the WithSecure privacy statement. If you are looking for information about how we process your data in a particular service, you may also find our service-specific privacy policies, e.g. that of the EPP privacy policy, relevant to you.

We use cookies on our websites to assist us in content personalization, website improvements and development, and to create relevant online marketing activities. When you visit our sites, you agree to the use of such cookies. You can also adjust your choices from our cookie preference settings. Your cookie preferences remain active for one year from your choice. The expiration date of a cookie is dependent on the cookie provider. If you wish to remove the cookies prior to their expiration date, you can do so from your browser settings.

Some cookies (functional cookies) are required for proper functioning of the site or for security reasons, and are always set. For the sake of keeping this document relevant, such essential cookies are not discussed herein.

Website personalization and development

The information collected via cookies and other web technologies helps us understand when and how visitors discover, interact with, and leave our websites. We then use this information to

  • improve the visibility and usability of our sites,
  • locate and address technical issues you might experience,
  • deliver customized and relevant content, including pricing, to you, and
  • direct you to the most relevant localized web page (based on geographic IP address).

By default, we do not use cookies to identify the individuals who visit our websites. However, if you have voluntarily submitted your contact information to WithSecure — when purchasing a product, downloading a product trial, completing a survey or entering a contest, for example — we may, with your consent, tie your website usage to your individual record through the use of cookies. If you are a visitor interested in our corporate-oriented communication, this will also include your previous browsing on WithSecure websites. If you already have a business relationship with WithSecure, this will be combined with the pre-existing information we have about you stored in our Customer Relations Management platform. Read more.

We generate statistics and aggregate reports for internal use, as well as for sharing with WithSecure group companies, partners, and subcontractors. Our third-party web analytic providers may also create and publish aggregate reports of the data collected. The statistics and aggregate reports do not contain any data that could be linked to an individual website visitor.

Chatbot Experience and Privacy

On our website, we offer a chatbot experience provided by a third-party vendor, Qualified.com, Inc. This chatbot tool automatically performs reverse IP lookups if a visitor has not accepted cookies. By using the visitor’s IP address, we can identify details such as the company name and location. However, any personal information requires explicit consent from the user before interacting with the chatbot.

User-Provided Information

Information such as the user’s name, email address, or phone number is only collected when the user voluntarily provides it. This information is necessary if the user wants to utilize features like the meeting booker or live chat provided by the chatbot experience.

Qualified’s Data Access

When using the chatbot Qualified has access to specific information, including the user’s name, contact details, IP address (for data enrichment), and cookie data (to track activities within the WithSecure website). Importantly, users are not tracked across different domains, and no profiles are built.

For more details, please refer to Qualified’s Privacy Policy.

Web marketing activities

The data we collect can also be used for marketing purposes. Information about the pages you have visited or the products you bought in the past helps us market more relevant services to you in the future.

We also work with data aggregators and ecommerce sites to provide targeted advertising to our customers. In practice, this means that when you visit our site or a third-party website we have partnered with, or click an advertisement for WithSecure products or services, your activity may be tracked through cookies. These cookies are generated by our marketing partners and used to display personalized WithSecure-related advertisements on other websites.

We do not sell your personal data to any third parties. Information that is not personally identifiable may be shared with our advertising or business partners. They may also use cookies to track what advertisements you have seen and what products or services you appear to be interested in.

General information about cookies

Cookies help us collect information about the use of our website. This information includes, among other things,

  • the web browsers and operating systems used,
  • the domains of referring sites (traffic origin),
  • the date, time, number, and duration of visits,
  • which pages or elements within pages were viewed,
  • which links, buttons, or other items were clicked,
  • and what was typed into text fields in forms.

Cookies may contain IDs, typically random strings of numbers and letters, that are unique to your browser. This helps us recognize your browser when you visit our website again.

We use both first-party (set by WithSecure) and third-party cookies (set by a vendor other than WithSecure). Third-party cookies convey information to that third-party site upon your visit to an WithSecure site.

Cookies are also used to track your reaction to emails sent to you, so that we know whether we have been successful in relaying the messaging to you.

Change your cookie settings

You can discontinue cookie-based data collection at any time, by opting out from the cookies (see the options below) or by adjusting your browser settings. Do note that some features of our website rely on cookies to function.

Please note that these opt-out mechanisms work by placing a cookie on your browser. Therefore, your browser must be configured to accept cookies for your preference to take effect. If you delete your cookies or switch to a different web browser, you will need to set your preferences again.

Third-party cookie providers

We use the following service providers to achieve some of the collection of data via cookies, as described above.

Cookie providerCookie purposeRead more
DemandbaseWebsite measuring and improvement, providing relevant advertisementsRead more
FacebookProviding relevant advertisementsRead more
Google AdsProviding relevant advertisements (including via Google signals)Read more
Google AnalyticsWebsite measuring and improvement (including via Google signals)Read more
Google Marketing PlatformProviding relevant advertisements (including via Google signals)Read more
HotjarWebsite measuring and improvementRead more
LinkedInProviding relevant advertisementsRead more
Microsoft AdvertisingProviding relevant advertisementsRead more
TaboolaProviding relevant advertisementsRead more
TwitterProviding relevant advertisementsRead more

 

Third-party websites

We are not responsible for any third-party websites you enter via our website, and their practices are not covered by this policy. Our website privacy policy does not cover data collected by any third-party websites, so you should read the privacy statements of those websites carefully.

WithSecure does not control cookies from third-party websites. The third parties are responsible for how these cookies work and how the personal data is processed.

The practices related to accepting or blocking third-party cookies vary by marketing campaign and are defined by the third party and applicable laws.