Last Revised: April 22, 2020.
1. Who We Are
We are EnigmaSoft Limited, a company incorporated under the laws of Ireland with company registration number 597114, whose registered office is at 1 Castle Street, 3rd Floor, Dublin 2, D02 XD82, Ireland ("we", "us", or "our").
We are dedicated to establishing a trusting relationship with our users, based on respect for personal identity and information and by promoting the use of fair information practices. We want to demonstrate our commitment to our users' privacy and establish our users' trust in our ability to protect their information.
- The information we collect.
- How we use the information.
- The legal bases we rely on to collect this information.
- With whom we share information.
- The choices available to users regarding collection, use and distribution of the information.
- The types of security procedures that are in place to protect information under our control.
- A user's rights, how a user can contact us and update or correct any inaccuracies in their information that we collect.
PART B - INFORMATION COLLECTION
For the purpose of the GDPR, EnigmaSoft Limited is the controller of your personal data.
We collect information from our users at several different points on our products and services, in accordance with the Data Protection Legislation and other applicable data protection laws, strictly for the purposes necessary to our business and our users' convenience.
All information will be obtained fairly. The information we collect will be adequate, relevant and not excessive in relation to the purposes for which it was obtained. These purposes include:
In order to use the paid subscription version of our products and services, a user must first complete the registration form. During registration, a user is required to provide contact information (such as name and email address). We will also collect the user's internet protocol ("IP") address and hardware ID.
2. Ordering and Payment
We may use a distribution partner(s) and a trusted third party payment processor(s) to help us manage ordering, invoicing and processing of payments for our products and services. When a user pays for a subscription to, or purchases, one of our products or services, the user has to enter information through an online order form. A user, or someone in the user's organization, must provide contact information (such as name, company name, telephone number, email, and billing address) and financial information (such as credit card number and expiration date). We and our distribution partners and third-party payment processors may also collect the user's internet protocol ("IP") address and hardware ID. We may request and receive from the distribution partner and third party payment processor a copy of the payment history between the user and us.
We may receive a user's financial information (such as the credit card type, expiration date, and the last four digits of the credit card number) from the third party payment processor, along with other personal data. The third party payment processor may also provide us with unique authentication tokens to make payment requests. This information is used to make payment requests or to register the user for an auto-renewing subscription that requires automatic payments in the future.
3. Supplementation of Information
4. When Using Our Products and Services
We collect and use the information a user directly provides to us or one of our trusted partners, such as the information a user provides when they access, use or purchase our products and services, information about how a user accesses and uses our products and services, and information a user provides when communicating with us, including for customer support. We may also process and analyse information from the scans a user conducts using our products and services, as further described in Section 5 (Information from Scans) below.
If a user is using a paid subscription product or service, their username and password is sent and received during each communication for security, authentication and verification purposes and to help resolve billing disputes. Payment card and other financial information is collected by us and our third party payment processors.
To facilitate renewal or reinstatement of a subscription we or our third party payment processors may also retain non-financial contact information and support and scan logs for customers whose licenses have expired.
5. SpyHunter 5 and SpyHunter for Mac (collectively "SpyHunter Software"): Information from Scans
Reports: When a SpyHunter Software scan is started, a diagnostic report from the user's system will be transmitted to us. For SpyHunter 5 Software in particular, when a user clicks on "Generate Report" within the "Diagnostic Report" tab in the "Spyware HelpDesk" section of the user interface, SpyHunter 5 will transmit an additional diagnostic report to us. In addition to these diagnostic reports, SpyHunter Software sends us the SpyHunter Software version number and language, the IP address of the computer on which SpyHunter Software is installed and the user's hardware ID. We collect this information for the purposes of diagnosing existing threats, identifying new threats, providing customer support and for tracking the location of malware infections. For users with a paid subscription, SpyHunter Software also transmits their username and password.
Program Classification Information: SpyHunter Software's aim is to identify potentially unwanted or harmful files, programs and software. To help accomplish this, SpyHunter Software receives and analyses data on unknown executable files that a user attempts to launch or access, and examines files and programs that start automatically or that are active on the user's system. Once SpyHunter Software identifies those files and programs, SpyHunter Software attempts to classify them based on its estimation of the threat they pose.
SpyHunter Software sends us (a) a list of the executable programs that are currently running in memory on the user's system; (b) a copy of any executable files that a user attempts to launch or access where such files are 'unknown' in SpyHunter Software's database; (c) the name, location, size, digital signature and md5 hash of each file that is set to start automatically on the user's computer; and (d) information about when and how those files and programs operate. In addition to this information, SpyHunter Software sends us the SpyHunter Software version number and language, the IP address of the computer on which SpyHunter Software is installed and your hardware ID. For users with a paid subscription, SpyHunter Software also transmits their username and password. All of the file information and identifying information is encrypted before being sent, and the identifying information is not stored.
SpyHunter Software compares the file and program information that it receives, against the information in its databases and then returns relevant classification information to the user. Statistics regarding information on programs and files received and analysed are kept indefinitely, but the actual transmission is purged. Geolocation information is analysed so that infections can be reflected in SpyHunter Software's Malware Tracker tool. IP addresses are not stored, other than in ordinary server logs, which are purged regularly.
Information from Updates to SpyHunter Software: If a user clicks the "Check for updates" button on the user interface, and whenever SpyHunter Software automatically updates, SpyHunter Software sends us the SpyHunter Software version number and language, the user's hardware ID and the IP address of the computer on which SpyHunter Software is installed. The SpyHunter version number and hardware ID are used to identify the specific updates to transmit, to help resolve billing queries and to allow a specific copy of SpyHunter Software to be de-activated for the security and safety of our users, our products and services or our systems. In relation to updates, no geolocation or IP address information is analysed or stored by SpyHunter Software, other than in ordinary server logs, which are purged regularly.
SpyHunter Software also transmits username(s), password(s) and/or activation key(s). This information is used for verification purposes, to ensure that a user receives the proper updates and, if a user is entitled to receive customer support, to provide that support.
6. Server Log Files
Our servers use log files to analyse trends, administer our products and services, track the different locations a user may use our products and services in the aggregate, and gather broad demographic information for aggregate use. This information may include IP addresses, geolocation information, hardware ID, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
7. Flash LSOs
We may use Local Shared Objects (LSOs), such as Flash, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon a user's web browsing activity may use LSOs such as Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. To manage Flash LSOs, please visit https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
8. Cookies and Other Tracking Technologies
What is a Cookie?
Cookies are small text files sent from a server and stored to a user’s computer or other device. When a user visits a website or application more than once, the browser sends Cookies back to the website or application, allowing the website or application to recognise the user and remember things like their personalised details and preferences. More information about Cookies and details of how to manage or disable them can be found on https://www.aboutcookies.org.
Yes. We may obtain information about your general Internet usage by using Cookies that are typically stored on the hard drive of your computer or on other devices.
What Types of Cookies Do We Use?
Preferences: We use temporary 'session' cookies which enables your browser to remember which pages on our website have already been visited and the language you have selected. This information may be used to help us to improve, administer and diagnose problems with our website and servers.
Third Party Cookies
Some Cookies that have been set on our services may not be related to or controlled by us and may originate from one of our partners, affiliates or service providers. We do not control the use of these Cookies and cannot access them due to the way Cookies work, as Cookies can only be accessed by the party which originally set them.
You should check the applicable third party's website for more information about these Cookies.
You can change your browser or application settings so your device warns you each time a Cookie is sent, or to turn off all Cookies. Each web browser or application is different, so please look at your browser or application "help" menu to learn how to modify your Cookies preferences. However, if you disable Cookies you will not have access to certain features that may make your browsing of our website and use of our services smoother, and some of our services may not be available to you.
Most browsers allow you to choose whether you accept cookies or not. We have included links to some of the cookie preference pages of web browsers:
- Google Chrome - https://support.google.com/chrome/answer/95647
- Internet Explorer - https://support.microsoft.com/en-ie/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox - https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Safari - https://support.apple.com/kb/ph21411?locale=en_US
- Safari Mobile - https://support.apple.com/en-us/HT201265
- Opera - https://www.opera.com/help/tutorials/security/cookies
You always have a choice as to whether or how you interact with an advertisement (for example, by clicking to learn more about an offer). You agree that during use or access, our products may show you ads for our other products and offers. We may also place ads for our products on various third party websites and platforms, and, as a result, you may see ads for our products when visiting Google, YouTube, Facebook, and/or a variety of other websites and platforms. We may ask the proprietors of these websites/platforms to present our ads to particular demographic groups, for example, women over 25 years of age, or all visitors to a website who are in Ireland. The third party websites/platforms may use information they already have about the user, or may place cookies or similar tracking technologies in the user's browser, in order to decide what ads the user will see, including potentially our ads. If you wish to opt out of interest-based advertising and you are located in the European Union please visit the following URL: https://www.youronlinechoices.eu. If you are located anywhere else please visit the following URL: https://preferences-mgr.truste.com. You will still see ads but the ads you see will likely be less relevant to you and your interests. If a user has any questions or concerns about the ads they see on any of these third party websites/platforms or if they have questions generally about the privacy practices of those sites, we encourage them to consult the privacy policies of those sites or enquire with the proprietors of those sites.
With your consent, if and as may be applicable and/or required or as otherwise generally allowed, we may use your information for us, our affiliate companies, and/or trusted business/commercial partners to contact you or send you promotional/marketing communications and/or contact you directly by email, post, phone, mobile, text message, SMS, or other electronic means for any purpose, including to provide information about various apps, services, products, special offers, discounts, coupons, news, and events which may interest you. You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, you can follow our Unsubscribe process such as found in our product materials for "Unsubscribe" or the "Unsubscribe" link in the marketing communications to advise us.
PART C – INFORMATION USE
1. Information Use
Your personal data will be kept only for clear and legal purposes. All personal data will be processed fairly and in keeping with the purposes for which it was obtained.
We use your information for the following purposes:
- providing our products and services to you;
- determining your suitability for our products and services, and for personalisation;
- maintaining and improving our products and services, and developing new ones;
- administering and managing the products and services we provide to you, to provide customer support, to authenticate you as a user, to charge you and process payment, investigate disputes and billing queries, collect any amounts you may owe us, and to fulfill orders for our products and services;
- promoting the safety and security of our products and services, our staff, other users and members of the public, and investigating suspicious activity or violations of our policies;
- providing you with information about our products and services and those of our related companies and affiliates;
- conducting surveys (as set out in Part E (Third Party Links and Content)) and analytics to enhance and improve the quality of the products and services we offer; and/or
- as permitted or required by any law or regulation applicable to us or arising from your interaction with us.
- as is necessary to enable your use of our website, apps, software, services and other products;
- where you have consented to the processing, which you may revoke at any time;
- for us to comply with a legal obligation, a court order, or to exercise legal rights or defend legal claims;
- when necessary to protect your vital interests, or those of others;
- when necessary to ensure performance of a contract;
- where you have made the information manifestly public;
- where necessary in the public interest; and/or
- where necessary for the purposes of our or a third party's legitimate interests.
Our Legitimate Interests
We process your information in furtherance of some or all of the following legitimate interests:
- Keeping the products and services safe and secure: We use your information as it is necessary to pursue our and our customers' legitimate interests in ensuring our products and services are secure, such as by implementing and enhancing security measures and protections, protecting against security breaches, fraud, and spam.
- Providing, improving and developing the products and services: We use your information to provide and further develop the products and services. We do so as it is necessary to pursue our legitimate interests of providing a secure offering to all our customers on a continuing basis.
- Providing seamless services across our group of companies: Where the products and services require the engagement of our affiliates, subsidiaries or related companies, we share your information with them to provide, administer and improve the services and products.
2. Customer Service
We may communicate with users to assist with enquiries and to provide users with better customer service. To do so, we may reply via email, in-app message, or phone. If you contact us directly for any reason, and if we are able to provide support or service to you, we will use the information you have provided in order to respond to you, to assist with enquiries you have and to maintain our records.
3. Service Announcements
On occasion it is necessary to send out a service related announcement. For instance, if one of our products or services is temporarily suspended for maintenance or we want to notify you about changes to our products and services, we might send users an email or other communication. These communications are not promotional in nature.
Generally, spamming means the use of electronic messaging systems to send unsolicited messages. We have a zero tolerance policy for abuse through spamming.
PART D - INFORMATION SHARING WITH OTHERS
1. Sharing of Information
The information we collect from you may be transferred to third parties in connection with operating our business. It may also be processed by these third parties and/or by our and their respective employees and service providers. We will take steps to ensure that these third parties will only process data in accordance with our instructions, and take appropriate security measures to protect your data.
By submitting your information, you agree to this transfer, storing or processing of your personal data by us.
We may disclose your information to the following third parties:
- our related companies, subsidiaries, affiliates or our distribution or commercial partners and other businesses we work with;
- our professional advisers in order for them to provide us with advice;
- third party service providers, such as our payment processors, where necessary for them to provide us with services or to provide products and services that you have requested;
- our technology providers, including those which host your data on our behalf and provide certain IT support and IT professional services to us; and/or
- business partners and/or possible acquirers or investors (and our and/or their advisors) in the context of facilitating or implementing a business re-organisation or a transfer/sale of all or part of our assets or business.
Where required or authorised by law, we reserve the right to release personal data without your consent and/or without consulting you, when we believe that this is appropriate to comply with our legal obligations, to protect the security of our products, services, systems and related technologies, to prevent and minimise the effects of fraud, and otherwise to protect our legitimate interests and/or the legitimate interests of our staff, users or members of the public.
2. International Data Transfers
We operate on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the European Union that are subject to different standards of data protection. We will take appropriate steps to ensure that the transfer of personal information is in accordance with applicable law and is managed carefully to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights. Accordingly:
- where we transfer your personal information outside Enigma or to third parties who assist us to provide our products, we obtain contractual commitments from them to protect your personal information, in particular through standard contractual clauses adopted by the European Commission; or
- where we receive requests for information from law enforcement or regulators, we consider these requests carefully before any personal information is disclosed.
You have a right to contact us for more information about the safeguards that we have put in place to ensure the adequate protection of your personal information when it is transferred as described in this section 2.
PART E - THIRD PARTY LINKS AND CONTENT
Periodically, our site may request information from users via surveys. Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. The requested information typically includes contact information (such as name and address), and demographic information (such as post code or zip code). Survey information will be used for purposes of monitoring or improving the use and satisfaction of our products and services. Though we may use an intermediary to conduct these surveys, they may not use customers' personal data for any secondary marketing purposes.
4. Social Media Widgets
PART F – SECURITY AND THE PROTECTION OF YOUR INFORMATION
When our registration/order forms ask users to enter financial information, such as a credit card number, that information is encrypted and is protected with an encryption protocol. Most modern web browsers should indicate when a user is on a secure page, for example some web browsers show a locked padlock icon at the bottom of the screen.
While we take these steps to maintain the security of your information, you should be aware of the many information security risks that exist and take appropriate care to help safeguard your information. The nature of the internet is such that we cannot guarantee the security of the information you transmit to us electronically, and any transmission is at your own risk. We store information you provide to us on secure servers and deploy appropriate technical and organisational security measures in the storage and disclosure of your personal data to try to prevent unauthorised access or loss.
If you pay for a subscription to our products and services we also rely on you to maintain the security of your account with us.
PART G – NOTICE TO CALIFORNIA CONSUMERS/RESIDENTS
- California Consumer Privacy Act of 2018 ("CCPA")
Under the CCPA, California consumers have the following rights towards their personal information:
- right to notice
- right to access
- right to request deletion
- right to opt-out of sales of personal information
- right to equal services and prices
Depending upon individual user circumstances and our business operations, the following rights may exist for California consumers of our products:
Right to equal services and prices prohibits businesses from discriminating against consumers who exercise their CCPA rights. Today, our services in this regard are free.
Should the foregoing CCPA rights become applicable, you, depending on the circumstances, may also have the right to appoint an authorized agent to make requests under the CCPA on your behalf. The right to make an appointment of an authorized agent by you, should it become available, will be conditioned and dependent upon the submission of a letter of authorization appointing an agent and sufficient documentary proof validating such appointment was properly made by you, in forms sufficient to ensure proper application of the law.
If you should have any questions regarding the CCPA and the foregoing, please contact us at email@example.com or call us at +1 (888) 360-0646 and please type in "Request for California Privacy Information" in the subject line and in the body of your message.
- California Shine The Light Provisions
Under California's "Shine the Light" law, California residents who provide certain personal data in connection with obtaining products or services for personal, family, or household use are entitled to request and obtain from us once per calendar year information about the information that we shared with other businesses for their own direct marketing uses. If this legal provision should become applicable to you (depending upon the business operations and circumstances of EnigmaSoft Limited), this information would include the categories of information and the names and addresses of those businesses with whom we shared information for the immediately prior calendar year. To obtain this information, please contact us at firstname.lastname@example.org or call us at +1 (888) 360-0646 with "Request for California Privacy Information" in the subject line and in the body of your message. If applicable, we will provide the requested information to you at your email address in response. Please be aware that not all information sharing is covered by the "Shine the Light" requirements, and only information on covered sharing will be included in our response. We may ask for additional information to verify your identity.
Consumer Rights Notice. Under California Civil Code Section 1789.3, we hereby provide California residents with the following specific consumer rights information:
- This website is owned and operated by EnigmaSoft Limited/Enigma Software Group USA, LLC.
- Unless otherwise expressly stated, this website is provided without charge (although, naturally, the product(s) may have charges as described in the website materials).
- To file a complaint regarding this website or to receive further information regarding use of this website, please contact us via email at email@example.com or call us at +1 (888) 360-0646. You also may contact the Complaint Assistance Unit of the Division of Consumer Services of California's Department of Consumer Affairs in writing at 400 R Street, Suite 1080, Sacramento, California 95814 or by telephone at (916) 445-1254 or (800) 952-5210.
PART H – SOME FINAL TERMS
1. Retention of Data
We retain your personal data for no longer than is necessary with regard to the purposes for which it was collected or lawfully further processed, or for so long as may be necessary in light of our legal or statutory obligations (for example, as may be required to comply with audit requirements) or in order to exercise our legal rights or defend legal claims. We commit to undertaking periodic reviews of the personal data we hold to ensure personal data is not held for any longer than is necessary.
2. Your Rights and Subject Access Requests
You have rights under the General Data Protection Regulation (2016/679) or GDPR ("Data Protection Legislation"). As an EU resident, you have the right to obtain confirmation from us as to whether or not your personal data is being processed, to request a copy of your information, request that your personal data is updated, corrected or that any inaccuracies in your personal data are deleted. You may withdraw your consent to our processing of your personal data at any time. You can access, correct or delete certain personal data and update your privacy preferences by sending an email to firstname.lastname@example.org, email@example.com or by writing to us at 1 Castle Street, 3rd Floor, Dublin 2, D02 XD82, Ireland.
Despite this, we retain the right to collect, process and maintain information provided by and collected about you, and disclose this information to the extent required to comply with our reasonable business and legal obligations.
If you choose not to provide certain information to us or if you withdraw your consent to our processing of your personal data, we may not be able to continue to provide you with the products or services you require and/or it may affect our ability to better respond to your needs. If you have paid for a subscription to our products and services and no longer consent to provide the information that we require to provide you with our products and services, please refer to our Terms of Sale and End User Licence Agreement for information on how to cancel your subscription.
Further information on your data privacy rights is available on the website of the Irish Data Protection Commissioner at https://www.dataprotection.ie. You can contact or bring any complaints to the Irish Data Protection Commission through their website at https://forms.dataprotection.ie/contact or by telephone +353 578 684 800. You can find out more about your data protection rights on the website of the Irish Data Protection Commission (https://www.dataprotection.ie/).
5. Do Not Track ("DNT")
We may not recognize Do Not Track ("DNT") signals from your browser or device. There is not yet a universally accepted standard on how to interpret and respond to DNT signals, which often conflict with other settings. If a standard approach is established, we will re-examine how we can appropriately respond to DNT signals.
6. Contacting Us