Skip to Main Content
Norton Support
LifeLock Support
Norton Sign In
LifeLock Sign In

/

Product and Services Privacy Notices

  1. Privacy
  2. Product Privacy Notices

In our ongoing quest for transparency, Norton publishes these product and service-specific privacy notices to provide detailed information about how and why our products and services collect, process, and share your personal data. For more information about our data processing practices and any rights you may have, please see our Global Privacy Statement.

Norton Security Products

Norton Security Products (including Norton 360, Norton AntiVirus, Norton Internet Security, Norton One, Norton Small Business, Norton Security Protection, and Norton Security On-The-Go) provide endpoint security which defends against ransomware, viruses, spyware, malware, and other online threats. Norton Security Products are also offered as a bundled product with other Norton products. Norton Power Eraser is a free virus removal tool. 

  Categories of Data and Personal Data Processed (How Long It is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Security Data may include:

  • Emails reported as potential threats (1 year)
  • Malware Detections chosen to be reported (up to 3 years)
  • File backups as selected by User (if purchasing/using Norton Online Backup) (encrypted)
 Security Data: This data is processed to deliver the product by evaluating for potential security risks and/or blocking emails, enforcing the rules and policies defined by the User for their controlled profiles, and helping the User detect misuse of Personal Data associated with such profiles. Additionally, emails and malwares files provided by Users help in improving the product’s detection rate and reducing false positives.
Data We Collect/Access:

Location Data may include:

  • IP Address (36 months)
  • Approximate Location derived from IP address (50 months)

Device Data may include:

  • Product Serial Number (while active or 36 months)
  • Internal installation identifiers (50 months)
  • Operating system version and settings (50 months)
  • Device manufacturer and model (50 months)
  • Device names and/or assigned names (50 months)
  • Device identifiers including MAC address (while active or 50 months)
  • Internal Device identifiers - Norton Machine ID (36 months)
  • Other security software and apps running on the device, including our apps (36 months)
  • Browsers installed and default browser (50 months)

Security Data may include:

  • URLs/Websites visited and associated metadata (36 months)
  • Files identified as potential or known malware (36 months)
  • Application names and versions (36 months)
  • File metadata including file paths (36 months)

Service Data may include:

  • Network data and connection activity (36 months)
  • User interactions with Norton websites and Norton extensions download pages (26 months)
  • Emails if Norton Safe Email is enabled (not stored)
  • Events and product usage such as number and result of scans, error logs and screen flows (50 months)
  • Failure diagnostics including crash dumps and system logs (36 months)

Location Data: This data is used to determine appropriate language settings for communicating with you and for determining country of origin for threats detected.

Device Data: This data is used and generated internally at Gen for the purpose of tracking account activity between internal company systems, applications, and architecture. It is also used to deliver the product in accordance with your device(s) as well as tracking and determining trends in threats detected and communicating about potential solutions to detected threats.

Security Data: This data is used to deliver the product by informing you about site safety and blocking browsing to unsafe websites, improving the detection of malware and cyber-threats (e.g., through file sample analysis), and pursuing general cybersecurity research.

Service Data: This data is used to understand product usage and to further develop and improve the product performance, communicating about potential solutions to detected threats as well as telemetry.
Data We Collect/Access from Third Parties: Service Data may include:
  • Failure diagnostics including crash dumps and system logs (36 months)
 Service Data: This data is processed for the purposes of understanding product usage and improving the product.

Norton 360 Mobile Apps (Android and iOS)

Norton 360 mobile applications (“Norton 360 App”) are designed to provide protected Users’ and their selected smartphone and tablet devices with protection against digital threats and allow Users to keep digital information private and secure over the network and monitor their identity.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data and How Long We Keep It
Data You Provide:

If purchasing the Norton 360 App through the eStore, please see the Norton Enrollment Process for additional information. If purchasing through the Apple AppStore or Google PlayStore, please see the below information.

Account Data may include:

  • Email (while active or 36 months)
  • Norton account password (while active or 36 months)
  • Country (while active or 36 months)
 Account Data: This data is processed to administer the account including establishing and authenticating it as well as communicating with you and providing services connected with your account.
Data We Collect/Access:

Device Data may include:

  • IP Address (36 months)
  • Mobile device identifiers (while active or 36 months)
  • Internal identifiers including installation ID (50 months)
  • Device name and type (while active or 36 months)
  • Operating system platform and version (while active or 36 months)
  • Approximate Location derived from IP Address (50 months)

Security Data may include:

  • Files identified as potential or known malware (36 months)
  • File metadata including file paths (36 months)
  • Applications including characteristics such as permissions, signing certs, package and library info, app versions (36 months)
  • File and application data (limited to App store data, applications downloaded, and browsing data. iOS devices will also collect malicious links from calendar invites) (36 months)
  • Web-browsing and URLs accessed (36 months)
  • If the SMS security is enabled, text messages with malicious URLs or sent by senders not in your contact list are collected and analyzed for threats. The text messages are deidentified, meaning we do not connect them to our customers. These texts may include data such as: phone numbers, emails, crypto, or other identifiers associated with the text message. Includes identifiers offered to user as target for user’s requested response. (URLs and other sender identifiers are stored up to 5 years since the last sighting for suspected malicious data or 1 year since sighting for unknown data, text messages are kept for 30 days and then personal information is removed and the result is kept for 1 year)

Service Data may include:

  • Events and product usage such as number and result of scans, network service information, download and use frequency, log data) (36 months)
  • Error reports/crash dumps (36 months)
  • Device/phone settings (including but not limited to device model and manufacturers) (50 months)
 Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and determining appropriate language settings for communicating with you. It is also processed for the purposes of delivering the product in accordance with your device(s) as well as tracking and determining trends in threats detected and communications about potential solutions to detected threats.

Security Data: This data is processed for the purposes of delivering the product by alerting you to potentially malicious applications, malware, and links (including links in emails, text messages or data downloaded to SD cards), communicating about potential solutions to detected threats as well as improving the app security feature (malicious malware and applications blocking feature and SD card are only available on the Android OS).

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance, communicating about potential solutions to detected threats as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting data based on metadata collected by product (limited to number of Users by general geolocations/regions, and operating systems) (25 months)
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton AntiTrack

Norton AntiTrack is an app and browser extension that keeps your online activities and digital footprint private. Its key features help to obscure your identity from tracking and fingerprinting attempts made by browsers and individual websites.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Norton AntiTrack does not require you to provide any data outside of the enrollment and billing processes.
  • If you choose to use the Private Email feature, you may provide additional email addresses (36 months)

 

 Account Data: Norton AntiTrack does not require you to provide any data outside of the enrollment and billing processes, so no additional personal data is processed.
Data We Collect/Access:

Service Data may include:

  • Browser activity (not stored)
  • Cookie origin domain (not actual content of cookies) (not stored)
  • Reported URL problems (36 months)
  • Domain with trackers and fingerprints that user reviewed, added or removed from exclusion for detection through the app (36 months)
  • Emails, if Private Email is enabled (not stored)
  • Crash/hang dumps and Error reports (90 days)
  • Reporting data based on metadata collected by product (36 months)
  • Usage data to assist with debugging a problem with the service (36 months)
  • Usage information (36 months)
  • Aggregated statistics about trackers and fingerprints blocked (36 months)
  • License identifier (36 months)

Device Data may include:

  • Operating system version and language (36 months)
  • Web browser name, version, language (36 months)
 Service Data: This data is used to deliver the services and features that you have selected. This data is processed for the purposes of understanding product usage to further develop and improve the product performance as well as telemetry.

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and determining appropriate language settings for communicating with you. 
Data We Collect/Access from Third Parties: Service Data may include:
  • Reporting data based on metadata collected by product (e.g., number of Users by browser types, general geolocations/regions, and operating systems) (36 months)
 Service Data: This data is processed for the purposes of understanding product usage and improving the product.

Norton Password Manager/ Norton Safe Web Plus (Mac App)

Norton Password Manager has five variants: (1) a component of the Norton Security product and plugin for Internet Explorer browser; (2) browser extensions for all major browsers except Internet Explorer; (3) mobile apps for Android and iOS; (4) a web application requiring no additional installation of software or browser extensions; and (5) Norton Safe Web Plus is a Mac app that supplies the functionality of Norton Password Manager and Safe Web. All variants are a password manager which manages usernames, passwords, and other information useful for performing online activities.

  Categories of Data and Personal Data Processed (How Long It is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Username(s) (while active or 6 months)
  • Password(s) (while active or 6 months)
  • Phone number (while active or 6 months)
  • Physical address(es) (including city, state, and postal code) (while active or 6 months)
  • Additional payment information (Credit/Debit Card Information, specifically account numbers, card type, and expiration dates; bank account number and name of bank) (while active or 6 months)
  • Gender (including title) (while active or 6 months
  • Additional email(s) (while active or 6 months)
  • Date of birth (while active or 6 months)
  • Freeform notes / text (while active or 36 months)
 Account Data: This data is provided by you if you choose to and is collected for the purposes of delivering the product functionality including conveniently filling web forms with this data and examining the data for security risks.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored) 
  • Geolocation (26 months)

Device Data may include:

  • Web browser type/version (26 months)
  • Product version and preferred language (26 months)
  • Operating system (Including version or platform) (26 months)
  • Website domains for stored logins (while active or 36 months)
  • Free form text (as provided by User) (while active or 36 months)

Service Data may include:

  • Metadata (including number of accounts stored with products and number of websites visited, number of product features used) (26 months)

Location Data: This data is processed for the purposes of determining appropriate language settings for communicating with the User and for reporting about product usage based on general location.

Device Data: This data is processed for the purpose of delivering the product in accordance with your device(s) and by providing login services and analyzing product usage.

Service Data: This data is for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Security Data may include:

  • Potentially compromised passwords (specific usernames/passwords are never known to Gen services nor to third parties) (while active or 36 months)
 Security Data: This data is processed for the purposes of delivering the product by identifying and informing you of potentially compromised passwords stored within your device(s).

Norton VPN Products

Norton VPN products safeguard the User’s data by encrypting the User’s information on any Internet connection to prevent the ability of third parties to monitor browsing activities. The service does not log users' browsing history, traffic information, or IP addresses used to access the Internet via our services. This notice applies to the VPN provided in Norton Secure VPN, Norton Ultra VPN, Norton Ultra VPN Plus and Norton 360.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Norton VPN does not require Users to provide any data outside of the enrollment and billing processes

Account Data: Norton Secure VPN does not require Users to provide any data outside of the enrollment and billing processes, so no additional personal data is processed.
Data We Collect/Access:

Device Data may include:

  • Install and device identifier (while active or 36 months)
  • Device name and type (while active or 36 months)
  • OS version (while active or 36 months)
  • Language (while active or 36 months)

Security Data may include:

  • Aggregate bandwidth usage (limited to the number of bytes transferred using the service) (while active or 36 months)

Diagnostic Data may include:

  • Error state in installation/usage of app (Install Identifier from app to give error status) (while active or 36 months)
  • Data to assist with debugging connectivity problems (device identifier from app) (7 days)
  • Crash reports (24 months)
  • Connection and application events (24 months)
  • Timestamps (35 days)

VPN Service Data may include:

  • Data to monitor compliance with the terms of use (if suspicious patterns are detected or blocked: device identifier from app, frequency of abuse of services) (7 days)

Application Data may include:

  • License identifier (while active or 36 months)
  • IP address (not stored)

Device Data: This data is processed for the purpose of delivering the product and content in accordance to your device(s).

Security Data: This data is used for billing the account for the product used as well as network operations and support.

Diagnostic Data: This data is used for research and development to improve products and services and to better protect your network, devices, data, and identity.

VPN Service Data: This data is used to prevent abuse of services, to protect our network, and ensure compliance with the terms of use.

Application Data: This data is used for the purpose of (a) delivering the product by selecting the most appropriate server to connect to, and (b) to prevent abuse of services to protect our network and ensure compliance with the terms of use.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting metadata on product and application usage (while active or 36 months)

Service Data: This data is used to help us understand product usage and to further develop and improve product performance as well as telemetry.

Norton Utilities Premium 

Norton Utilities helps analyze, configure, optimize, and maintain a computer of the User to keep it running like new. It also includes the Cloud Cleaner feature that helps users manage their cloud storage (optimize, remove duplicates) by checking metadata associated with stored files and pictures. Files and pictures are not downloaded or stored by us. To connect to Google Drive, we need to ask Google for permission to use its APIs. Google allows companies to use its APIs only if they undertake to limit its use of information accessed through the APIs. As a result, Product’s use and transfer to any other product of information received from these Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Norton Utilities does not require Users to provide any information outside of enrollment and billing processes
 Account Data: Norton Utilities does not require Users to provide any information outside of enrollment and billing processes.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored)

Device Data may include:

  • Activation data (limited to status of installation of product on device) (not stored)
  • Device ID (not stored)

Service Data may include:

  • File meta data - checksum, archive_state, created_date, modified_date, folder_path, file_name, file_size, file_type, file_id and thumbnail_link (24 hours)
  • User reviews/feedback (not stored)

Location Data: This data is processed for the purposes of determining appropriate language settings for communicating with you.

Device Data: This data is used for the purpose of providing the service and delivering the product in accordance with your device(s).

Service Data: This data is used for the purpose of providing the service and understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Metadata based on User reviews/feedback (not stored)
 Service Data: This data is used for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Family

Norton Family helps protect Users and their devices with parental controls applied through User-defined and User-managed protection settings and features.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Child name (while active or 60 days)
  • Restriction level (child’s age range) (while active or 60 days)
  • Picture (for avatar, if chosen) (while active or 60 days)
  • Restriction settings as determined by parent (while active or 60 days)
  • Emergency contact information (such as parent’s phone) (while active or 60 days)
  • Location identifying labels (such as “home” or “school,” as defined by parent) (while active or 60 days)
 Account Data: This data is provided by you and is processed for the purposes of delivering the product by helping you to supervise the online activities on your protected device(s) and helping to enforce your defined rules for the online activities on your protected device(s).
Data We Collect/Access:

Location Data may include:

  • Parent’s time zone (while active or 60 days)
  • Child’s geolocation (as permitted by region, and if enabled by parent) collected in the background (while active or 60 days)

Device Data may include:

  • Child’s operating system platform and version (36 months) 
  • Installation status of the Norton Family client software on subscriber or protected User’s device (36 months) 
  • Child policy configurations as determined by parent (36 months) 
  • Device name (while active or 60 days)
  • Device name, type, language, hardware, software, and application inventory (only applicable to Android mobile devices) (36 months)
  • Browser type and version (36 months)
  • Device identifiers such as IDFA (only applicable to iOS mobile devices (36 months)

Security Data may include:

  • Setting configurations deviations performed by child (while active or 60 days)
  • Application exception and workflow failure logs (12 months)
  • URLs visited by child and search terms (while active or 60 days)
  • Device usage time (while active or 60 days)
  • Application usage time (while active or 60 days)

Service Data may include:

  • Crash logs for PC (36 months)
  • Product usage telemetry (limited to pages visited with Product) (12 months)
  • License ID, status, and entitlement information (while active or 60 days)

Location Data: This data is processed to determine appropriate language settings for communicating with you and delivering the product by helping you to supervise the location of your protected device.

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s), helping you to supervise the online activities on your protected device(s), and helping to enforce your defined rules for the online activities on your protected device(s). Device identifiers are used to track information about app usage such as which in-app events a user triggers.

Security Data: This data is processed for the purposes of delivering the product in accordance with your device(s) as well as improving the product’s installation success rate by providing input for research and development to improve products and services to better protect your network, devices, data, and identity.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Crash logs for mobile devices (90 days)
  • Metadata reports on product usage (12 months)
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Genie

Norton Genie is scam detection technology, that helps to identify scams and keep you safer from financial fraud and identity theft. Norton Genie will analyze a message, email, social post or website in seconds to look for signs of a potential scam. Norton Genie can also provide tips on what to do next, and answer follow-up questions you might have.

  Categories of Data and Personal Data Processed (How Long It is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Security Data may include:

  • Screenshots and images of suspected scams which could be photos, emails, social posts, web sites, text messages and all information contained in them (30 days)
  • Original text, email or image submissions and any personal information contained in the submission including metadata (e.g. email headers) (30 days)
  • Text submissions and text extracted from image and text submissions with personal data removed from the submission (1 year)
  • Phone numbers from submissions (30 days)
  • Apple ID, for beta testers only (3 years)

Service Data may include:

  • User conversations. Questions or anything you submit to the app (36 months)
  • Email addresses from which you send the submissions (30 days)

Security Data: This data is processed for the purposes of detecting scams, evaluating potential security risks, and helping to assess risks involved in the submitted information. Additionally, submissions provided by Users help in improving the product’s scam detection rate.

Apple ID is used to assist with testing and development of the product.

Service Data: This data is processed for effective functioning of the product and for the purpose of responding to the questions or other inputs and for improving the quality of future conversations.
Data We Collect/Access:

Location Data may include:

  • IP Address (not stored) 

Device Data may include:

  • Internal installation identifier (while active or 36 months)
  • Device operating system (while active or 36 months)

Security Data may include:

  • Submission Timestamps
  • Extracted submission content including malicious URLs
  • Extracts of submissions determined to be unknown or suspected to be malicious. These include data that may identify the malicious sender: phone numbers, emails, crypto, or other sender identifier types. Includes identifiers offered to user as target for user’s requested response. (up to 5 years since the last sighting for suspected malicious data and false-positive data, or 1 year since sighting for unclassified data, forever if the number is also publicly available and classified)

Service Data may include:

  • Failure diagnostics including crash dumps and system logs (36 months)

Location Data: This data is processed for the purposes of determining the country, and city of the user and to identify scam locations to improve scam detection rates.

Device Data: This data is used for the purposes of delivering the product in accordance with your device(s) as well as tracking and determining trends in threats detected.

Security Data: This data is processed for the purposes of delivering the product by alerting you to potentially malicious submissions and for improving the detection of scams (e.g., through file sample analysis), and pursuing general cybersecurity research.

Service Data: This data is processed for the purposes of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Security Data may include:

  • Submissions of other users of the product (30 days)
  • Phone numbers from publicly available sources (as long as necessary for the service)

Service Data may include:

  • Failure diagnostics including crash dumps and system logs (36 months)
  • Reporting data based on metadata collected by product (limited to number of Users by general geolocations/regions, and operating systems) (25 months)
 Security Data: This data is processed for the purposes of delivering the product by alerting you to potentially malicious submissions and for improving the detection of scams (e.g., through file sample analysis), and pursuing general cybersecurity research.

Service Data: This data is processed for the purposes of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Ultimate Help Desk

Norton Ultimate Help Desk allows the User to contact an expert to assist with technical issues ranging from network setup to device diagnostics and troubleshooting. All personal data processed for this product is not connected to your Norton account unless you choose to do so.

  Categories of Data and Personal Data Processed Data Use and Processing
Data You Provide:

Account Data, if chosen may include:

  • Issue description and details
 Account Data: This data is processed for the purpose of delivering the product by communicating with you and identifying the root causes of the issues posed.
Data We Collect/Access:

Device Data may include:

  • Operating system and settings
  • Security settings (e.g., active firewall, antivirus software)
  • System configurations (e.g., active ports, hosts file, installed programs, active processes, open memory, log file, and registry data)

Service Data may include:

  • Scan statistics (e.g., number of scanned files, number of threats found, fixed, or remaining and date and time of scan)

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and identifying the root causes of the issues posed.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties: Norton Ultimate Help Desk does not collect/access personal data from third parties as part of its services. Norton Ultimate Help Desk does not collect/access personal data from third parties as part of its services.

Norton Computer Tune-Up

Norton Computer Tune-Up is a feature within Norton Ultimate Help Desk, that helps to keep the User’s device running like new, using diagnostics.

  Categories of Data and Personal Data Collected Purpose of Processing Your Personal Data
Data You Provide:

Account Data if chosen may include:

  • Issue description and details
 Account Data if chosen may include: This data is processed for the purpose of delivering the product by communicating with you and identifying the root causes of the issues posed.
Data We Collect/Access:

Device Data may include:

  • Operating system and settings
  • Security settings (e.g., active firewall, antivirus software)
  • System configurations (e.g., active ports, hosts file, installed programs, active processes, open memory and CPU utilization, log file and registry data)

Service Data may include:

  • Scan statistics (e.g., number of scanned files, number of threats found, fixed, or remaining, and date and time of scan)

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and identifying the root causes of the issues posed.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties: Norton Computer Tune-Up does not collect/access personal data from third parties as part of its services. Norton Computer Tune-Up does not collect/access personal data from third parties as part of its services.

Norton Driver Updater

Norton Driver Updater provides scan and potential update or fix of outdated drivers on a users’ PC to optimize it for better performance and avoid potential crashes or malfunctions.

  Categories of Data and Personal Data Processed (How Long It is Stored) Purpose of Processing Your Personal Data
Data You Provide:

No personal data provided directly except for what is required for enrollment and payment.

 No personal data provided directly except for what is required for enrollment and payment.
Data We Collect/Access:

Device Data may include:

  • Device information such as type, vendor, model, manufacturer, version (12 months)
  • Device identifiers (12 months)
  • Driver information such as versions, updated dates, names, matching device id, driver rank, driver flags (12 months)

Service Data may include:

  • Events and product usage information (12 months)
  • Scan statistics (12 months)

Location Data may include:

  • IP address (not stored)
 Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and identifying the root causes of the issues posed.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as to ensure continuous functionality (installations, versions, updates, settings) and map how users interact with our product.

Location Data: This data is processed for the purposes of delivering the product in accordance with your device(s), determining appropriate language settings for communicating with you, and reporting about product usage based on general location.
Data We Collect/Access from Third Parties: This product does not collect data from third parties. This product does not collect data from third parties.

Norton Mobile Security

Norton Mobile Security provides protection for smartphones and tablets against digital threats.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data

Data You Provide:

If purchasing the Norton Mobile Security through the eStore, please see the Norton Enrollment Process for additional information. If purchasing through the Apple AppStore or Google PlayStore, please see the below information.

Account Data may include:

  • Email (while active or 36 months)
  • Norton account password (while active or 36 months)
  • Country (while active or 36 months)
 Account Data: This data is processed to administer the account including establishing and authenticating your account as well as communicating with you.
Data We Collect/Access:

Device Data may include:

  • Mobile device IDs (UDID, IMEI, and IDFA) (while active or 36 months)
  • Device name and type (including Wi-Fi MAC Address) (while active or 36 months)
  • Operating system platform and version (while active or 36 months)

Security Data may include:

  • File and application data (limited to app store data, applications downloaded, and browsing data. Android devices will also collect calendar and SD contents) (3 years)
  • Web-browsing and URLs accessed (3 years)
  • User interface and screen activity (limited to keyword tags and actions) (25 months)

Service Data may include:

  • Usage information (e.g., network service information, download and use frequency, log data) (12 months)
  • Error reports/crash dumps (90 days)
  • Device/phone settings (including but not limited to device model and manufacturers) (90 days)

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and determining appropriate language settings for communicating with you.

Security Data: This data is processed for the purposes of delivering the product by alerting you to potentially malicious applications, malware, and links (including links in emails or data downloaded to SD cards) as well as improving the app security feature (malicious malware and applications blocking feature and SD card are only available on the Android OS).

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting data based on metadata collected by product (limited to number of Users by general geolocations/regions, and operating systems) (25 months)
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

NortonLive Spyware and Virus Removal

NortonLive Spyware and Virus Removal is a one-time product that remediates one (1) virus per device to help get the device running again. NortonLive Spyware and Virus Removal is offered as a feature as part of the Norton Security products but may also be purchased as a separate one-time service. All personal data processed for this product is not connected to your account, unless you choose to do so.

  Categories of Data and Personal Data Processed Purpose of Processing Your Personal Data
Data You Provide:

Account Data if chosen may include:

  • Issue description and details
 Account Data: This data is processed for the purpose of delivering the product by communicating with you and identifying the root causes of the issues posed.
Data We Collect/Access:

Device Data may include:

  • Application names and versions
  • Norton machine ID (anonymized)
  • Operating system information
  • Security settings (e.g., active firewall, antivirus software)
  • System configurations (e.g., active ports, hosts file, installed programs, active processes, open memory, log file, and registry data)

Service Data may include:

  • Crash dump information (specifically related to Norton product crash)
  • Scan statistics (e.g., number of scanned files, number of threats found, fixed, or remaining, and date and time of scan)

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and identifying the root causes of the issues posed.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties: NortonLive Spyware and Virus Removal does not collect/access personal data from third parties as part of its services. NortonLive Spyware and Virus Removal does not collect/access personal data from third parties as part of its services.

Norton Safe Web (Website, Browser Extension, Mac App) and Norton Safe Web Plus (Mac App)

Norton Safe Web is a website that displays risk information for various websites. It also manages a community of online Users, offering the ability for Users to submit their own website ratings and provide comments on website ratings. The community features also display statistics for the community and a site rating (e.g., the most ratings by Users, the most-rated websites). The Norton Safe Web website also manages services for website owners to register their ownership and perform rating review requests. Users may use the website without supplying any data if they wish to browse and view website rating information. To participate in the User community or with the site owner features, Users must have a Norton Account (see Norton Enrollment process).

Norton Safe Web/Safe Web Plus is also a browser extension and Mac app that monitors browsing activity and web page content for unsafe risks. It uses reputation services and web page content analysis to help protect the User from malicious website content, phishing, and other threats. This extension includes features that permit browsing of potentially risky websites in a special isolation mode to help provide additional protection. This extension also helps protect Users from unsafe website access when using your webmail and social media websites. 

All personal data proceed for this product is not connected to your Norton account.

  Categories of Data and Personal Data Processed Purpose of Processing Your Personal Data
Data You Provide:

Norton Safe Web does not require Users to provide any data outside of enrollment and billing processes. Norton Safe Web can be used as a free extension tool. If used as such, no User Data is required to be provided.

 Norton Safe Web does not require Users to provide any data outside of enrollment and billing processes. Norton Safe Web can be used as a free extension tool. If used as such, no User Data is used or processed.

Data We Collect/Access:

Location Data may include:

  • IP address

Device Data may include:

  • Web browser type/version
  • Product version and preferred language
  • Operating system (including version or platform)
  • Browser application and settings

Security Data may include:

  • Browsing activity

Service Data if enabled by User may include:

  • Metadata (limited to number of blocked websites and number of unsafe websites clicked)

Location Data: This data is processed for the purposes of delivering the product in accordance with your device(s), determining appropriate language settings for communicating with you, and reporting about product usage based on general location.

Device Data: This data is processed for the purpose of product functionality in delivering the product in accordance with your device(s).

Security Data: This data is processed for the purposes of delivering the product functionality by informing you about site safety information and/or blocking unsafe websites.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as measure usage trends.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting data based on metadata collected by product (e.g., number of Users by browser types, general geolocations/regions, and operating systems)
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Safe Search (Website and Browser Extension)

Norton Safe Search (website) is a search website that helps protect the User from unsafe websites by filtering search results and providing website safety ratings to the User to provide a safer web browsing experience. Norton Safe Search (browser extension) has two variants. The first variant overrides the browser’s default search engine to the Norton Safe Search website. The second variant performs the same search engine override but also combines the features of the Norton Safe Web and Norton Home Page browser extensions into a single browser extension.

  Categories of Data and Personal Data Processed Purpose of Processing Your Personal Data
Data You Provide:

Norton Safe Search does not require Users to provide any data outside of enrollment and billing processes. Norton Safe Search can be used as a free extension tool or website. If used as such, no User Data is collected.

 Norton Safe Search does not require Users to provide any data outside of enrollment and billing processes. Norton Safe Search can be used as a free extension tool or website. If used as such, no User Data is used or processed.
Data We Collect/Access:

Location Data may include:

  • IP address

Device Data may include:

  • Product version and preferred Language
  • Operating system (including version or platform)
  • Browser type, version, and settings

Security Data may include:

  • Browsing activity
  • Search terms

Service Data may include (if User permission is given to enable product telemetry):

  • URL of blocked websites
  • Metadata (e.g., number of blocked websites and number of unsafe websites clicked)

Location Data: This data is processed for the purposes of delivering the product in accordance with your device(s), determining appropriate language settings for communicating with you, and reporting about product usage based on general location.

Device Data: This data is processed for the purpose of delivering the product in accordance with your device(s).

Security Data: This data is processed for the purposes of delivering the product by informing you about site safety and/or blocking unsafe websites, and tailoring ads to your interests.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting data based on metadata collected by product (e.g., number of Users by browser types, general geolocations/regions, and operating systems)
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Private Browser

Norton Private Browser is a web browser with security features such as Web Shield, which helps block fake and dangerous websites, URLs, downloads, and scams. The browser also includes Privacy Guard to help block ads and trackers as you browse, and Norton Coupons, which scans the websites you visit to find available coupons to help you generate savings while shopping online. Please see here for additional Norton Coupons privacy information Norton Private Browser gives you the option to use Norton Safe Search as your search engine, which flags safe and potentially dangerous results in your search.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide: This product does not require Users to provide any data to use the product

This product does not require Users to provide any data to use the product.
Data We Collect/Access:

Device Data may include:

  • Account, Device, and or Installation Identifiers (36 months)
  • Google Client ID, Android ID, Firebase Analytics ID (36 months)
  • Location (36 months)
  • Information concerning the computer or device (36 months)
  • Applications on the device (36 months)
  • Network connection type, number of devices in network (36 months)

Security Data may include:

  • Subset of URLs and referrers (36 months)
  • Malware samples, suspicious files (3 years)
  • IP Address (not stored)

Service Data may include:

  • IP Address (not stored) 
  • Browsers (installed, default) (36 months)
  • Other products/licenses on the device and their status (36 months)
  • Extensions installed in the browser (36 months)
  • Event logs, crash logs and error logs (36 months)
  • In-Product messaging parameters (36 months)

By default, Private Browser for Desktop processes locally on your system the following data:

  • Browsing history information; for example, Private Browser for Desktop may store the URLs of pages that you visit, a cache of text, images, and other resources from those pages. If the pre-rendering feature is turned on, a list of IP addresses linked to those pages may also be stored for some period of time
  • Name, surname, email, or passwords to help you fill out forms or signs into sites you visit
  • Permission that you have granted to websites
  • Cookies or data from websites that you visit
  • Data saved by add-ons
  • Record of what you downloaded from websites
  • IP addresses are not stored, only used for product localization and analytics purposes based on approximate location (city/country level)

Device Data: This data is used and generated internally at Gen for the purpose of tracking account activity between internal company systems, applications, and architecture. It is also processed for the purposes of delivering the product in accordance with your device(s), and to introduce new features or products based on previous experience. Location is used to set up proper product language version for Windows

Security Data: This data is processed for the purposes of delivering the product by informing you about site safety and blocking browsing to unsafe websites, improving the detection of malware and cyber-threats (e.g., through file sample analysis), and pursuing general cybersecurity research.

Service Data: This data is processed for the purposes of recognizing what features should be enabled or disabled, what product should be installed or uninstalled, to better understand user’s behavior, to provide import functionality, to improve user onboarding and product experience, and for understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

 

No data is collected from Third Parties

 

No data is collected from Third Parties

Norton Home Page

Norton Home Page provides a search box to initiate searches using the Safe Search engine (which provides safety information for search results), controls to access popular websites quickly, and links to topical informational articles covering security news and updates. All personal data processed for this product is not connected to your account.

  Categories of Data and Personal Data Processed Purpose of Processing Your Personal Data
Data You Provide:

Norton Home Page does not require Users to provide any User Data.

 Norton Home Page does not require Users to provide any User Data, as such no User Data is processed.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored)

Device Data may include:

  • Product version and preferred language
  • Operating system (including version or platform)
  • Browser type and version and settings

Security Data may include:

  • Search terms

Service Data may include (if User has provided permission to access):

  • Feature usage telemetry

Location Data: This data is processed for the purposes of delivering the product in accordance with your device(s), determining appropriate language settings for communicating with you, and reporting about product usage based on general location.

Device Data: This data is processed for the purpose of delivering the product in accordance with your device(s).

Security Data: This data is processed for the purposes of delivering the product by informing you about site safety information and/or blocking unsafe websites, and tailoring ads to your interests.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
Data We Collect/Access from Third Parties:

Service Data may include:

  • Reporting data based on telemetry collected by product (e.g., number of Users by browser types, general geolocations/regions, and operating systems).
 Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.

Norton Password Generator

Norton Password Generator is a free service offered in select countries or as a feature to Norton Password Manager that generates a random strong password for any individual to use for their applications, devices, or any other accounts.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Norton Password Generator does not require Users to provide any data outside of enrollment and billing processes.

 Norton Password Generator does not require Users to provide any data outside of enrollment and billing processes.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored)
  • Geolocation (26 months)

Device Data may include:

  • Web browser name (26 months)
  • Version and preferred language (26 months)
  • Operating system (including version or platform) (26 months)

Location Data: This data is processed for the purposes of delivering the product in accordance with your device(s), determining appropriate language settings for communicating with you, and reporting about product usage based on general location.

Device Data: This data is processed for the purpose of delivering the product in accordance with your device(s).
Data We Collect/Access from Third Parties: Norton Password Generator does not collect/access personal data from third parties as part of its services. Norton Password Generator does not collect/access personal data from third parties as part of its services.

Privacy Monitor and Privacy Monitor Assistant

The Privacy Monitor product searches a pre-defined list of data broker websites for member personal information, and then presents the member with the results. Members can then manually opt out of identified data broker websites individually. The Privacy Monitor Assistant provides an agent-assisted process to opt out members from these websites. Privacy Monitor is currently embedded in some LifeLock and Norton products. Privacy Monitor Assistant is offered as an add-on or stand-alone product. The Online Account Cleanup feature is a cloud-based service which scans emails from supported providers and provides you with the opportunity to request removal of your data by companies who send you emails. This feature uses information about e-mail and its content for its functionality. To connect to Gmail accounts, we need to ask Google for permission to use its APIs. Google allows companies to use its APIs only if they undertake to limit its use of information accessed through the APIs. As a result, Product’s use and transfer to any other product of information received from these Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. For more information on how we protect your personal data, please see Section 7 of our Global Privacy Statement.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • First name (while active or 36 months)
  • Middle name (while active or 36 months)
  • Last name (while active or 36 months)
  • City (while active or 36 months)
  • State (while active or 36 months)

Identity Data may include:

  • Date of Birth (while active or 36 months)
  • Driver’s license (optional) (while active or 90 days)
  • Authorized Agent appointment (optional) (while active or 30 days)
    • Date of birth
    • Email
    • Phone number
    • Address
    • First and last name
    • Digital signature

Account Data: This data is processed to establish and authenticate your account and to communicate with you. Your data is also used to deliver the services and features that you have selected.

Identity Data: This data is used to deliver the services and features that you have selected.
Data We Collect/Access:

Device Data may include:

  • Member ID (while active or 36 months)
  • LifeLock ID (while active or 36 months)

Service Data may include:

  • Usage data to assist with debugging a problem with the service (12 months)
Service Data Collected from your email provider, if you enable this:
  • In order to check your email, we download it whole, together with metadata. We keep it in our systems only during the processing, we don't store it. (seconds)
  • Subject of emails (28 days)
  • When an email is detected to be a commercial email, the following data is collected:
    • hash of the userID
    • email subject
    • sender email address
    • domain address of sender
    • Unsubscribe links within the email

Device Data: This data is used for the purpose of delivering services.

Service Data: This data is processed to deliver product services and functionality, and to allow understanding of product usage and telemetry, to further develop and improve product performance.
Data We Collect/Access from Third Parties:

Identity Data may include:

  • First name (12 months)
  • Middle name (12 months)
  • Last name (12 months)
  • City (12 months)
  • State (12 months)
  • Date of birth (12 months)
  • Driver’s license (optional) (90 days)
  • Relatives’ names (12 months)

Service Data Collected from your email provider, if you enable this:

  • In order to check your email, we download it whole, together with metadata. We keep it in our systems only during the processing, we don't store it. (seconds)
  • Subject of emails (28 days)
  • When an email is detected to be a commercial email, the following data is collected:
    • hash of the userID
    • email subject
    • sender email address
    • domain address of sender
    • Unsubscribe links within the email

Identity Data: This data is collected for the purpose of determining and displaying what User Data is contained on certain third-party websites. 

Service Data Collected from your email provider: This data is processed for the purpose of delivering product services and functionality. This data is not shared with third-parties. 

LifeLock Identity Protection / Identity Advisor / Home Title Protect

The LifeLock Identity Protection Services may include identity monitoring, theft protection, dark web monitoring, financial, credit and social media monitoring, and identity restoration services to customers. The LifeLock Product is also offered as a bundled solution with the Norton Security Products. Identity Advisor is a related LifeLock product offered outside of the United States which offers a subset of the identity protection services that LifeLock offers and can be offered as a bundled solution with the Norton Security Products or as a separate product. Depending on the jurisdiction, it may also include services such as: ID Vault (monitoring and securely storing identity documents or other documents), Privacy Advisor and Scam Verification Specialist features. Home Title Monitoring is included as a feature of LifeLock and is also offered as a separate product called Home Title Protect with more functionality. 

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Name (while active or 36 months)
  • Email (while active or 36 months)
  • LifeLock account password (while active or 36 months)
  • Phone number (while active or 36 months)
  • Social Security Number or other National Personal Identifier (while active or 6 months)
  • Physical address (while active or 36 months)
  • Date of birth (while active or 6 months)
  • Billing address (while active or 36 months)
  • Payment information (depending on method can include Credit/Debit Card Information or PayPal account) (while active or 6 months)
  • Power of attorney (if purchasing LifeLock Senior) (while active or 36 months)
Identity Data may include:
  • Name (while active or 36 months)
  • Email (while active or 36 months)
  • Phone Number (while active or 36 months)
  • Social Security Number or other National Personal Identifier (while active or 6 months)
  • Physical address (while active or 36 months)
  • Date of birth (while active or 6 months)
  • Alternate physical address (while active or 36 months)
  • Alternate phone address (while active or 36 months)
  • Bank account information (while active or 6 months)
  • Driver’s license number (while active or 6 months)
  • Alternate Credit/Debit Card information (while active or 6 months)
  • Mother’s maiden name (while active or 6 months)
  • Verbal passcode (while active or 6 months)
  • Insurance number/information (while active or 6 months)
  • Social account information (while active or 6 months)
  • Child’s name (if purchasing LifeLock Junior) (while active or 36 months)
  • Child’s Social Security Number (if purchasing LifeLock Junior) (while active or 6 months)
  • Child’s date of birth (if purchasing LifeLock Junior) (while active or 6 months)
  • Child’s address (if purchasing LifeLock Junior) (while active or 36 months)
  • Child’s email address (if purchasing LifeLock Junior) (while active or 36 months)
  • Childs phone number (if purchasing LifeLock Junior) (while active or 36 months)

Service Data:

  • Texts – for Scam Verification Specialist feature (screenshots of suspicious texts or emails) (while active plus 24 months) 

Account Data: This data is processed for the purpose of establishing and authenticating your account, as well as communicating with us. Your data is also used to deliver the services and features that you have selected.

Identity Data. Your data is also used to deliver the services and features that you have selected.

Service Data. This data is used to deliver the services and features that you have selected.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored)
  • Geolocation (26 months)

Device Data may include:

  • Member ID (while active or 36 months)
  • Device ID (26 months)
  • Operating system version and settings (26 months)
  • Device manufacturer and model (26 months)
  • Device names and/or assigned names (26 months)
  • Web browser name and version (12 months)
  • Preferred language (while active or 36 months)

Security Data may include:

  • Credit scores (while active or 36 months)
  • Credit reports (while active or 36 months)
  • Bank transactions (while active or 36 months)
  • Alert information (limited to data elements selected for monitoring by the User) (while active or 36 months)
  • Photos – for ID Vault features (documents such as photos of identity documents, credit cards, driver’s license and passports) (while active plus 180 days)

Service Data may include:

  • Restorations case number (for filed Restorations cases only) (while active or 36 months)
  • Complaint case number (for lodged complaints only) (while active or 36 months)
  • Parent case number (for disputed alerts only) (while active or 36 months)
  • Applications error reports (12 months)
  • Crash dumps logs (12 months)
  • App-related usage data (while active or 36 months)

Location Data: This data is processed for the purpose of establishing and authenticating your account, as well as communicating with you. This data is also used to deliver the services and features that you have selected.

Device Data: This data is processed for the purposes of delivering the product in accordance with your device(s) and determining appropriate language settings for communicating with you. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats.

Security Data: This data is used to monitor your identity by providing the alerts you have set up on your account which can help protect you when potentially fraudulent activity is detected or for other services that you have selected. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats.

Service Data: This data is processed for the purpose of understanding product usage to further develop and improve the product performance, communicating about potential solutions to detected threats as well as telemetry.
Data We Collect/Access from Third Parties:

Identity Data may include:

  • Verified name (not stored)
  • Verified Social Security Number (not stored)
  • Verified physical address (not stored)
  • Verified date of birth (not stored)

Security Data may include:

  • Credit scores (not stored)
  • Credit reports (not stored)
  • Bank transactions (not stored)
  • Alert information (limited to data elements selected for monitoring by the User) (not stored)

Service Data may include:

  • Reporting metadata on product and application usage (not stored)
 Identity Data: This data is processed by our third-party service providers to help us verify and authenticate you before we enroll you. Some third-party service providers may assist you in creating a new account with us or helping you to log into your account with us.

Security Data: This data is processed by our third-party service providers to monitor your identity and provide monitoring and protective alerts based on the features you select within our products. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats. 

Service Data: This data is used for the purpose of helping us to further understand the usage and develop and improve the performance of our products.

Dark Web Monitoring

Dark Web Monitoring provides search services to Users to identify and detect personal information on the dark web and provide an alert back to the Users. Dark Web Monitoring is also offered as a feature of the LifeLock Products.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Account Data may include:

  • Name (only if previously purchased through a LifeLock product offering) (while active or 36 months)
  • Email (while active or 36 months)
  • Preferred language (while active or 36 months)
Identity Data may include:
  • Email (while active or 36 months)
  • First phone number (while active or 36 months)
  • First physical address (while active or 36 months)
  • Alternative email address (while active or 36 months)
  • Alternate phone number(s) (while active or 36 months)
  • Alternate physical address(es) (while active or 36 months)
  • Bank account information (while active or 6 months)
  • Credit/debit card information (while active or 6 months)
  • Mother’s maiden name (while active or 36 months)
  • Insurance information (while active or 36 months)
  • Loyalty Card information (while active or 36 months)
  • Driver’s license number (while active or 6 months)
  • Passport number (while active or 6 months)
  • Social Security Number or other National Personal Identifie (only if previously purchased through a LifeLock product offering) (while active or 6 months)
  • Date of birth (only if previously purchased through a LifeLock product offering) (while active or 6 months)
  • Gamertag (while active or 36 months)

Account Data: This data is processed for the purpose of establishing and authenticating your account, as well as communicating with you. Your data is also used to deliver the services and features that you have selected, including the search criteria for the product within the dark web.

Identity Data: This data is processed for the purpose of delivering the services and features that you have selected, including the search criteria for the product within the dark web.
Data We Collect/Access:

Location Data may include:

  • IP address (not stored)
  • Geolocation (26 months)

Device Data may include:

  • LifeLock member ID (if previously purchased through a LifeLock product) (while active or 36 months)
  • Norton GUID (if previously purchased through a Norton product) (while active or 36 months)
  • Member GUID (while active or 36 months)
  • Web browser name and version (12 months)
  • Device ID (26 months)
  • Operating system version and settings (26 months)

Service Data may include:

  • Applications error report (12 months)
  • Crash dumps logs (12 months)
  • App-related usage data (12 months)

Location Data: This data is processed to determine the appropriate language setting to communicate with you.

Device Data: This data is used for the purpose of delivering services. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats. 

Service Data: This data is used for the purpose of helping us to further understand the usage and develop and improve the performance of our products. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats.
Data We Collect/Access from Third Parties:

Security Data may include:

  • Alert information (limited to dark web monitoring) (while active or 36 months)
  • Analytics reports (while active or 36 months)
 Security Data: This data is used to provide alerts to you about personal information that is found on the dark web. It is also processed for the purposes of delivering product services as well as communications about potential solutions to detected threats.

SurfEasy

SurfEasy VPN protects the User’s devices and safeguards the User’s data by encrypting the User’s information on any internet connection and preserving the User’s privacy.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

User Data may include:

  • SurfEasy VPN does not require Users to provide any data outside of the enrollment and billing processes
 User Data: SurfEasy VPN does not require Users to provide any data outside of the enrollment and billing processes, so no additional personal data is processed.
Data We Collect/Access:

User Data may include:

  • IP address (not stored)
  • Install identifier (while active or 36 months)
  • License identifier (while active or 36 months)

Administrative Data may include:

  • Device name and type (while active or 36 months)
  • OS version (for mobile devices only) (while active or 36 months)
  • Language (while active or 36 months)

Security Data may include:

  • Aggregate bandwidth usage (limited to the number of bytes transferred using the service) (while active or 36 months)

Diagnostic Data may include:

  • Data to assist with debugging connectivity problems (device identifier from app) (7 days)

VPN Service Data may include:

  • Data to monitor compliance with the terms of use (if suspicious behavior is detected or blocked: device identifier from app, frequency of abuse of services) (7 days)

Application Data may include:

  • IP address (not stored)

User Data: This data is processed for the purposes of delivering the content in accordance with your device(s) and determining the appropriate language settings for communicating with you.

Administrative Data: This data is processed for the purpose of delivering the product to your device(s).

Security Data: This data is used for the purposes of billing the account of the product used as well as network operations and support.

Diagnostic Data: This data is used for research and development to improve products and services and to better protect your network, devices, data, and identity.

VPN Service Data: This data is used for the purpose of prevent abuse of services, to protect our network, and ensure compliance with the terms of use.

Application Data: This data is used for the purpose of (a) delivering the product by selecting the most appropriate server to connect to, and (b) to prevent abuse of services to protect our network and ensure compliance with the terms of use.
Data We Collect/Access from Third Parties:

Diagnostic Data may include:

  • Reporting metadata on product and application usage (while active or 36 months)
 Diagnostic Data: This data is used for the purpose of understanding the product usage to further develop and improve the product performance as well as telemetry.

Norton Safe Email

Norton Safe Email is a cloud-based service which monitors emails from supported providers for potential threats. By default, we don’t store the emails, but we create and store non-personal numeric representations of the text to detect potential scam and other unwanted messages. You can allow us to store the whole email message (EML file with message metadata) we identified as suspected malicious by consenting to it in the product. This helps us keep better detections and improve the protection against scams. Our human reviewers may check the email message in case it is needed to investigate the accuracy of our detections (esp. in case of false negatives or false positives). Suspicious messages in the raw form are stored for 30 days and then we remove personal identifiers and keep them in our malware database. To connect to Gmail accounts, we need to ask Google for permission to use its APIs. Google allows companies to use its APIs only if they undertake to limit its use of information accessed through the APIs. As a result, Product’s use and transfer to any other product of information received from these Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

  Categories of Data and Personal Data Processed (How Long It Is Stored) Purpose of Processing Your Personal Data
Data You Provide:

Connection to the email account you wish to monitor.

 To allow the product to monitor emails for threats.
Data We Collect/Access:

Security Data may include:

  • Malicious URLs and referrers (36 months)
  • Malware samples, suspicious files (36 months)

Service Data may include:

  • IP Address of SMTP mail servers (36 months)
  • In order to check your email, we download it whole, together with metadata and attachments. By default, we keep it in our systems only during the processing, and we don't store it. If you consent, we can store suspicious email messages for in-depth analysis and to keep our detection models up to date (30 days in raw form, then de-identified)
  • Subject of emails (28 days)
  • Malicious identifiers (URL, phone, email, crypto, or other identifier types that may be identified as significant for threat detection) (60 months) 
  • When an email is detected to be malicious, the following data is collected (36 months):
    • hash of the userID
    • email subject
    • hash of sender email address
    • domain address of sender
    • detection type and name
    • name of the attachments and their hashes
    • country of the user

Security Data: This data is processed for the purposes of delivering the product by informing you about the safety of an email, improving the detection of malware and cyber-threats (e.g., through file sample analysis), and pursuing general cybersecurity research.

Service Data: This data is processed for the purposes of the functionality of malware scanning and evaluation of sender reputation. This data is also used to ensure proper functionality and fix bugs. This data is also used to collect threat statistics and perform internal analysis and research.
click to top

Back to Top

About NortonLifeLock |
Careers |
News |
Sitemap |
Legal |
License Agreement |
Privacy |
Cookies |
Accessibility Policy |
Contact Us |
System Status

© 2019–2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries.

Other names may be trademarks of their respective owners.

Twitter Facebook Youtube Instagram LinkedIn
World mapCanada

© 2019–2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries.

Other names may be trademarks of their respective owners.