Last Revised: 25 April 2018.
1. Who We Are
We are EnigmaSoft Limited, a company incorporated under the laws of Ireland with company registration number 597114, whose registered office is at 1 Castle Street, 3rd Floor, Dublin 2, D02 XD82, Ireland ("we", "us", or "our").
We are dedicated to establishing a trusting relationship with our users, based on respect for personal identity and information and by promoting the use of fair information practices. We want to demonstrate our commitment to our users' privacy and establish our users' trust in our ability to protect their information.
- The information we collect.
- How we use the information.
- The legal bases we rely on to collect this information.
- With whom we share information.
- The choices available to users regarding collection, use and distribution of the information.
- The types of security procedures that are in place to protect information under our control.
- A user's rights, how a user can contact us and update or correct any inaccuracies in their information that we collect.
PART B - INFORMATION COLLECTION
For the purpose of the GDPR, EnigmaSoft Limited is the controller of your personal data.
We collect information from our users at several different points on our products and services, in accordance with the Data Protection Legislation and other applicable data protection laws, strictly for the purposes necessary to our business and our users' convenience.
All information will be obtained fairly. The information we collect will be adequate, relevant and not excessive in relation to the purposes for which it was obtained. These purposes include:
In order to use the paid subscription version of our products and services, a user must first complete the registration form. During registration, a user is required to provide contact information (such as name and email address). We will also collect the user's internet protocol (IP) address and hardware ID.
2. Ordering and Payment
We may use a distribution partner(s) and a trusted third party payment processor(s) to help us manage ordering, invoicing and processing of payments for our products and services. When a user pays for a subscription to, or purchases, one of our products or services, the user has to enter information through an online order form. A user, or someone in the user's organization, must provide contact information (such as name, company name, telephone number, email, and billing address) and financial information (such as credit card number and expiration date). We and our distribution partners and third-party payment processors may also collect the user's internet protocol (IP) address and hardware ID. We may request and receive from the distribution partner and third party payment processor a copy of the payment history between the user and us.
We may receive a user's financial information (such as the credit card type, expiration date, and the last four digits of the credit card number) from the third party payment processor, along with other personal data. The third party payment processor may also provide us with unique authentication tokens to make payment requests. This information is used to make payment requests or to register the user for an auto-renewing subscription that requires automatic payments in the future.
3. Supplementation of Information
4. When Using Our Products and Services
We collect and use the information a user directly provides to us or one of our trusted partners, such as the information a user provides when they access, use or purchase our products and services, information about how a user accesses and uses our products and services, and information a user provides when communicating with us, including for customer support. We may also process and analyse information from the scans a user conducts using our products and services, as further described in Section 5 (Information from Scans) below.
If a user is using a paid subscription product or service, their username and password is sent and received during each communication for security, authentication and verification purposes and to help resolve billing disputes. Payment card and other financial information is collected by us and our third party payment processors.
To facilitate renewal or reinstatement of a subscription we or our third party payment processors may also retain non-financial contact information and support and scan logs for customers whose licenses have expired.
5. SpyHunter 5: Information from Scans
Reports: When a SpyHunter 5 scan is started, a diagnostic report from the user's system will be transmitted to us. When a user clicks on 'Generate Report' within the 'Diagnostic Report' tab in the 'Spyware Helpdesk' section of the user interface, SpyHunter 5 will transmit an additional diagnostic report to us. In addition to these diagnostic reports, SpyHunter 5 sends us the SpyHunter version number and language, the IP address of the computer on which SpyHunter 5 is installed and the user's hardware ID. We collect this information for the purposes of diagnosing existing threats, identifying new threats, providing customer support and for tracking the location of malware infections. For users with a paid subscription, SpyHunter 5 also transmits their username and password.
Program Classification Information: SpyHunter 5's aim is to identify potentially unwanted or harmful files, programs and software. To help accomplish this, SpyHunter 5 receives and analyses data on unknown executable files that a user attempts to launch or access, and examines files and programs that start automatically or that are active on the user's system. Once SpyHunter 5 identifies those files and programs, SpyHunter 5 attempts to classify them based on its estimation of the threat they pose.
SpyHunter 5 sends us (a) a list of the executable programs that are currently running in memory on the user's system; (b) a copy of any executable files that a user attempts to launch or access where such files are 'unknown' in SpyHunter 5's database; (c) the name, location, size, digital signature and md5 hash of each file that is set to start automatically on the user's computer; and (d) information about when and how those files and programs operate. In addition to this information, SpyHunter 5 sends us the SpyHunter version number and language, the IP address of the computer on which SpyHunter 5 is installed and your hardware ID. For users with a paid subscription, SpyHunter 5 also transmits their username and password. All of the file information and identifying information is encrypted before being sent, and the identifying information is not stored.
SpyHunter 5 compares the file and program information that it receives, against the information in its databases and then returns relevant classification information to the user. Statistics regarding information on programs and files received and analysed are kept indefinitely, but the actual transmission is purged. Geolocation information is analysed so that infections can be reflected in SpyHunter 5's Malware Tracker tool. IP addresses are not stored, other than in ordinary server logs, which are purged regularly.
Information from Updates to SpyHunter 5: If a user clicks the "Check for updates" button on the user interface, and whenever SpyHunter 5 automatically updates, SpyHunter 5 sends us the SpyHunter version number and language, the user's hardware ID and the IP address of the computer on which SpyHunter 5 is installed. The SpyHunter version number and hardware ID are used to identify the specific updates to transmit, to help resolve billing queries and to allow a specific copy of SpyHunter 5 to be de-activated for the security and safety of our users, our products and services or our systems. In relation to updates, no geolocation or IP address information is analysed or stored by SpyHunter 5, other than in ordinary server logs, which are purged regularly.
For users with a paid subscription, SpyHunter 5 also transmits their username and password. This information is used for verification purposes, to ensure that a user receives the proper updates and, if a user is entitled to receive customer support, to provide that support.
6. Server Log Files
Our servers use log files to analyse trends, administer our products and services, track the different locations a user may use our products and services in the aggregate, and gather broad demographic information for aggregate use. This information may include IP addresses, geolocation information, hardware ID, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
7. Flash LSOs
We may use Local Shared Objects (LSOs), such as Flash, to store content information and preferences. Third parties with whom we partner to provide certain features on our website or to display advertising based upon a user's web browsing activity may use LSOs such as Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. To manage Flash LSOs, please visit https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
8. Cookies and Other Tracking Technologies
What is a Cookie?
Cookies are small text files sent from a server and stored to a user’s computer or other device. When a user visits a website or application more than once, the browser sends Cookies back to the website or application, allowing the website or application to recognise the user and remember things like their personalised details and preferences. More information about Cookies and details of how to manage or disable them can be found on aboutcookies.org.
Yes. We may obtain information about your general internet usage by using Cookies that are typically stored on the hard drive of your computer or on other device.
What Types of Cookies Do We Use?
Preferences: We use temporary 'session' cookies which enables your browser to remember which pages on our website have already been visited and the language you have selected. This information may be used to help us to improve, administer and diagnose problems with our website and servers.
Third Party Cookies
Some Cookies that have been set on our services may not be related to or controlled by us and may originate from one of our partners, affiliates or service providers. We do not control the use of these Cookies and cannot access them due to the way Cookies work, as Cookies can only be accessed by the party which originally set them.
You should check the applicable third party's website for more information about these Cookies.
You can change your browser or application settings so your device warns you each time a Cookie is sent, or to turn off all Cookies. Each web browser or application is different, so please look at your browser or application "help" menu to learn how to modify your Cookies preferences. However, if you disable Cookies you will not have access to certain features that may make your browsing of our website and use of our services smoother, and some of our services may not be available to you.
You always have a choice as to whether or how you interact with an advertisement (for example, by clicking to learn more about an offer). We may place ads for our products on other products we provide or on various third party websites and platforms, and as a result, you may see ads for our products when visiting Google, YouTube, Facebook, and/or a variety of other websites and platforms. We may ask the proprietors of these websites/platforms to present our ads to particular demographic groups, for example, women over 25 years of age, or all visitors to a website who are in Ireland. The third party websites/platforms may use information they already have about the user, or may place cookies or similar tracking technologies in the user's browser, in order to decide what ads the user will see, including potentially our ads. If a user has questions or concerns about the ads they see on any of these third party websites/platforms or if they have questions generally about their privacy practices, we encourage them to consult the privacy policies of those sites or enquire with the proprietors of those sites.
PART C – INFORMATION USE
1. Information Use
Your personal data will be kept only for clear and legal purposes. All personal data will be processed fairly and in keeping with the purposes for which it was obtained.
We use your information for the following purposes:
- providing our products and services to you;
- determining your suitability for our products and services, and for personalisation;
- maintaining and improving our products and services, and developing new ones;
- administering and managing the products and services we provide to you, to provide customer support, to authenticate you as a user, to charge you and process payment, investigate disputes and billing queries, collect any amounts you may owe us, and to fulfill orders for our products and services;
- promoting the safety and security of our products and services, our staff, other users and members of the public, and investigating suspicious activity or violations of our policies;
- providing you with information about our products and services and those of our related companies and affiliates;
- conducting surveys (as set out in Part E (Third Party Links and Content)) and analytics to enhance and improve the quality of the products and services we offer; and/or
- as permitted or required by any law or regulation applicable to us or arising from your interaction with us.
- as is necessary to enable your use of our website, apps, software, services and other products;
- where you have consented to the processing, which you may revoke at any time;
- for us to comply with a legal obligation, a court order, or to exercise legal rights or defend legal claims;
- when necessary to protect your vital interests, or those of others;
- when necessary to ensure performance of a contract;
- where you have made the information manifestly public;
- where necessary in the public interest; and/or
- where necessary for the purposes of our or a third party's legitimate interests,
Our legitimate interests
We process your information in furtherance of some or all of the following legitimate interests:
- Keeping the products and services safe and secure: We use your information as it is necessary to pursue our and our customers' legitimate interests in ensuring our products and services are secure, such as by implementing and enhancing security measures and protections, protecting against security breaches, fraud, and spam.
- Providing, improving and developing the products and services: We use your information to provide and further develop the products and services. We do so as it is necessary to pursue our legitimate interests of providing a secure offering to all our customers on a continuing basis.
- Providing seamless services across our group of companies: Where the products and services require the engagement of our affiliates, subsidiaries or related companies, we share your information with them to provide, administer and improve the services and products.
2. Customer Service
We may communicate with users to assist with enquiries and to provide users with better customer service. To do so, we may reply via email, in-app message, or phone. If you contact us directly for any reason, and if we are able to provide support or service to you, we will use the information you have provided in order to respond to you, to assist with enquiries you have and to maintain our records.
3. Service Announcements
On occasion it is necessary to send out a service related announcement. For instance, if one of our products or services is temporarily suspended for maintenance or we want to notify you about changes to our products and services, we might send users an email or other communication. These communications are not promotional in nature.
Generally, spamming means the use of electronic messaging systems to send unsolicited messages. We have a zero tolerance policy for abuse through spamming.
PART D - INFORMATION SHARING WITH OTHERS
1. Sharing of Information
The information we collect from you may be transferred to third parties in connection with operating our business. It may also be processed by these third parties and/or by our and their respective employees and service providers. We will take steps to ensure that these third parties will only process data in accordance with our instructions, and take appropriate security measures to protect your data.
By submitting your information, you agree to this transfer, storing or processing of your personal data by us.
We may disclose your information to the following third parties:
- our related companies, subsidiaries, affiliates or our distribution or commercial partners and other businesses we work with;
- our professional advisers in order for them to provide us with advice;
- third party service providers, such as our payment processors, where necessary for them to provide us with services or to provide products and services that you have requested;
- our technology providers, including those which host your data on our behalf and provide certain IT support and IT professional services to us; and/or
- business partners and/or possible acquirers or investors (and our and/or their advisors) in the context of a facilitating or implementing a business re-organisation or a transfer/sale of all or part of our assets or business.
Where required or authorised by law, we reserve the right to release personal data without your consent and/or without consulting you, when we believe that this is appropriate to comply with our legal obligations, to protect the security of our products, services, systems and related technologies, to prevent and minimise the effects of fraud, and otherwise to protect our legitimate interests and/or the legitimate interests of our staff, users or members of the public.
2. International Data Transfers
PART E - THIRD PARTY LINKS AND CONTENT
Periodically, our site may request information from users via surveys. Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. The requested information typically includes contact information (such as name and address), and demographic information (such as post code or zip code). Survey information will be used for purposes of monitoring or improving the use and satisfaction of our products and services. Though we may use an intermediary to conduct these surveys, they may not use customers' personal data for any secondary marketing purposes.
4. Social Media Widgets
PART F – SECURITY AND THE PROTECTION OF YOUR INFORMATION
When our registration/order forms ask users to enter financial information, such as a credit card number, that information is encrypted and is protected with an encryption protocol. Most modern web browsers should indicate when a user is on a secure page, for example some web browsers show a locked padlock icon at the bottom of the screen.
While we take these steps to maintain the security of your information, you should be aware of the many information security risks that exist and take appropriate care to help safeguard your information. The nature of the internet is such that we cannot guarantee the security of the information you transmit to us electronically, and any transmission is at your own risk. We store information you provide to us on secure servers and deploy appropriate technical and organisational security measures in the storage and disclosure of your personal data to try to prevent unauthorised access or loss.
If you pay for a subscription to our products and services we also rely on you to maintain the security of your account with us.
PART G – SOME FINAL TERMS
1. Retention of Data
We retain your personal data for no longer than is necessary with regard to the purposes for which it was collected or lawfully further processed, or for so long as may be necessary in light of our legal or statutory obligations (for example, as may be required to comply with audit requirements) or in order to exercise our legal rights or defend legal claims. We commit to undertaking periodic reviews of the personal data we hold to ensure personal data is not held for any longer than is necessary.
2. Your Rights and Subject Access Requests
You have rights under the Data Protection Acts 1988 and 2003, and, from 25 May 2018, the General Data Protection Regulation (2016/679) ("Data Protection Legislation"). As an EU resident, you have the right to obtain confirmation from us as to whether or not your personal data is being processed, to request a copy of your information, request that your personal data is updated, corrected or that any inaccuracies in your personal data are deleted. You may withdraw your consent to our processing of your personal data at any time. You can access, correct or delete certain personal data and update your privacy preferences by sending an email to firstname.lastname@example.org or by writing to us at 1 Castle Street, 3rd Floor, Dublin 2, D02 XD82, Ireland.
Despite this, we retain the right to collect, process and maintain information provided by and collected about you, and disclose this information to the extent required to comply with our reasonable business and legal obligations.
If you choose not to provide certain information to us or if you withdraw your consent to our processing of your personal data, we may not be able to continue to provide you with the products or services you require and/or it may affect our ability to better respond to your needs. If you have paid for a subscription to our products and services and no longer consent to provide the information that we require to provide you with our products and services, please refer to our Terms of Sale and End User Licence Agreement for information on how to cancel your subscription.
Further information on your data privacy rights is available on the website of the Irish Data Protection Commissioner at https://www.dataprotection.ie. You may bring any complaints to the attention of the Irish Data Protection Commissioner by emailing email@example.com.
5. Contacting Us