Panda Distribution, Inc. dba Panda Security US ("Company" or "We") is committed to protecting your privacy by our compliance with this policy.
This policy describes the types of information we may collect from you or that you may provide when you visit the web page www.pandasecurity.com/en-us/ (our "Website") and our practices for collecting, protecting, maintaining, using, and disclosing that information.
This policy applies to information we collect:
- On the Website.
- In email, text, and other electronic messages between you and the Website.
- Through mobile and desktop applications you download from the Website, which provide dedicated non-browser-based interaction between you and the Website.
It does not apply to information collected by:
- Any third party (including our affiliates, parent company and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from the Website; or
- Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates, parent company and subsidiaries).
Compliance With GDPR
Children Under the Age of 18
We do not intend that our Website be used by children under 18 years of age. Children under age 18 are prohibited from providing any information on or toe the Website. We do not knowingly collect personal information from children under 18. Do not use or provide any information on this Website or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use if you are under 18. We will delete any personal information we have collected or received from a child under 18 without verification of parental consent if we learn of the same. Please contact us at firstname.lastname@example.org if you believe we might have any information from or about a child under 18.
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your California Privacy Rights for more information.
Information We Collect About You and How We Collect It
The types of information that we collect from and about users of our Website includes information:
- By which you may be personally identified, such as name, e-mail address, telephone number and postal address ("personal information");
- About the equipment you use to access our Website, your internet connection, and details of your use of our Website.
We collect this information:
- When you provide it to us.
- Automatically as you move through the site. Automatically collected information may include IP addresses, usage details and information collected through web beacons, cookies, and other tracking technologies.
- From third parties such as our business partners.
Information You Provide to Us
The information we collect on or through our Website may include:
- Information that you provide by interacting with our Website. This includes information provided at the time of purchasing our products or services, requesting further services or support or registering to use our Website. When you report a problem with our Website, products or services, we may also ask you for information.
- If you contact us, records and copies of your correspondence (including email addresses).
- Your responses to surveys that we might ask you to complete.
- Details of the fulfillment of your orders and of transactions you carry out through our Website. Before placing an order through our Website, you may be required to provide financial information.
- Any search queries you may enter on the Website.
Information We Collect Through Automatic Data Collection Technologies
We may use automatic data collection technologies to collect certain information about your browsing actions and equipment as you move through and interact with our Website, including:
- Information about your visits to our Website, including location data, traffic data, logs, and other communication data and the resources that you use and access on our Website.
- Information about your internet connection, including your IP address, browser type, operating system and computer.
The automatically collected information may include personal information, or we may associate it or maintain it with personal information receive from third parties or that we collect in other ways. Doing so helps us to deliver a better and more personalized service and to improve our Website, including by enabling us to:
- Recognize you when you return to our Website.
- Store information about your preferences, allowing us to customize our Website according to your individual interests.
- Speed up your searches.
- Estimate our audience size and usage patterns.
The automatic data collection technologies that we use may include:
- Flash Cookies. Certain features of our Website may use Flash cookies (local stored objects) to collect and store information about your navigation to, from, and on our Website and your preferences. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
- Web Beacons. Our e-mails and pages of our the Website and may contain small electronic files known as web beacons (also referred to as pixel tags, single-pixel gifs and clear gifs) that permit the us, by way of example, to count users who have opened an email visited a web page and for other related website statistics (for example, verifying system and server integrity and recording the popularity of certain website content).
Some content or applications on the Website, including advertisements, are served by third-parties, including content providers, application providers, ad networks and advertisers. These third parties may use web beacons and/or cookies or other tracking technologies to collect information about you when you use our website. They may association the information they collect with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. You should contact the responsible third party if you have any questions about an advertisement or other targeted content. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
How We Use Your Information
The information that you provide to us or that we collect about you including any personal information is used:
- To present our Website and its contents to you.
- To notify you about changes to our Website or any products or services we offer or provide though it.
- To provide you with information, products, or services that you request from us.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To fulfill any other purpose for which you provide it.
- In any other way we may describe when you provide the information.
- For any other purpose with your consent.
We may also use your information to contact you about goods and services that may be of interest to you. For more information, see Choices About How We Use and Disclose Your Information.
We also may use the information to display advertisements to our advertisers' target audiences.
Disclosure of Your Information
We may disclose information that does not identify any individual and aggregated information about our users without restriction.
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
- To our subsidiaries and affiliates.
- To fulfill the purpose for which you provide it.
- To third parties to market their products or services to you if you have not opted out of these disclosures. For more information, see Choices About How We Use and Disclose Your Information].
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your personal information:
- If we believe disclosure is necessary or appropriate to protect our rights, property, or safety, those of our customers, or others. This may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
Choices About How We Use and Disclose Your Information
You have the following options with respect to your information:
- Promotional Offers from the Company. If you do not wish us to use your email address/contact information to promote our own or third parties' products or services, you can opt-out by checking the relevant box located on the form on which we collect your data (the order form/registration form) or at any other time by logging into our webiste and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to email@example.com If we have sent you a promotional email, you may check the unsubscribe link located at the bottom of the email message, to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, product service experience or other transactions.
Third parties' collection or use of your information to serve interest-based advertising is not controlled by us. These third parties, however, may offer you ways to opt out of having your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative ("NAI") on the NAI's website.
California residents may have additional rights and choices relating to personal information. Please see [Your California Privacy Rights] for more information.
Accessing and Correcting Your Information
To request access to, correct or delete any personal information that you have provided to us, please send us an email at firstname.lastname@example.org. Please note that to delete your personal information we must also delete your user account. If we believe a requested change would violate any law or legal requirement or cause the information to be incorrect, we may refuse to agree to the request.
California residents may have additional personal information rights and choices. Please see [Your California Privacy Rights] for more information.
Your California Privacy Rights
California residents may request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com
You are responsible for the safety and security of your information. If you have selected or we have provided a password for access to certain parts of our Website, you must keep that password confidential. Do not share your password with anyone.
Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. The transmission of information via the internet is not completely secure. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
In compliance with the conditions laid down in the European Union General Data Protection Regulation (“GDPR”), below we provide you with detailed information regarding the processing of your personal data.
I. Data controller
Panda Security, S.L. (the “Society”), with VAT number B-48435218, registered in the Mercantile Register of Bilbao, Tome BI-59, Book 134, Sheet BI-767-B, 1st inscription, with registered offices at Santiago de Compostela, 12, 1st floor, 48003 Bilbao, Bizkaia (Spain), and contact email firstname.lastname@example.org
II. Data Protection Officer (DPO)
The Data Protection Officer (DPO) is the person responsible for ensuring that the Society processes personal data in compliance with the applicable data protection rules. You may contact the DPO at the following email address email@example.com
III. Purpose and legal basis for the processing
Your personal data will be processed for the following purposes:
- To manage the pre-contractual and/or contractual relationship with you, including, if appropriate, to monitor and actively manage your devices for the purpose of providing the service, manage complaints and improve customer service, provide technical support, and send you reminders when the software license you have purchased is about to expire.
In this respect, the fulfillment of the pre-contractual and/or contractual relationship with you constitutes the legal basis for the processing.
- If you do not consent to providing the mandatory and indispensable personal data requested, it will not be possible to fulfill the pre-contractual and/or contractual relationship with you, resulting in the product provision not being formalized..
In any event, you have the right to object to the processing of your personal data for the purpose and in the manner set out above.
- In particular, our products for Android require the following data for its operation:
User contact data. Email addresses are used to create the Panda Account for authorization on the Panda web portals, which enables users to manage their licenses and their devices for anti-theft, parental, and employee control purposes. Email addresses are also used to send welcome emails during the onboarding process and security messages to the users. They can also be used for marketing purposes. Contact information is provided by users at their own discretion.
Location. Anti-theft, Family, and Employee Control features obtain and store the location of the user’s devices to track them and send them alerts in case of entry/exit of control zones. The app needs to use the device's location to provide the said features even when it is closed or not in use. This location information is not shared with third parties or used for advertising purposes, and is only accessible by the account owner, the supervisor users from their devices, and the Web consoles of the Anti-Theft, Family and Employee Control features.
Installed apps. The product uses the list of apps installed on the device to perform an antivirus scan of them for threats and to get the list of installed apps to monitor their use and apply usage restrictions on them for parental/employee control purposes.
Application usage statistics. Application usage statistics are obtained so that supervisors can monitor the use of the applications by the supervised devices.
Contacts. The user's contact information is used to block calls from unknown numbers and provide call block reports grouped by contact.
Statistic data/Analytics. Information about the user's interaction with the product is uploaded to optimize the user experience and to detect and correct possible errors when they appear.
Camera. A photo is taken when the user requests it in the context of an anti-theft action on a lost or stolen device.
Unique identifier of the mobile device. This ID is generated by Android and is unique per device up to Android 7, or per device and application signature from Android 8 onwards. It is required to manage and perform actions on a specific device (anti-theft, family, etc.).
- To enable the Society to send you offers or advertising and promotional communications by any means (including email) concerning other products or services offered by Panda Security, or to carry out other marketing activities such as sending newsletters to registered users. In this respect, your expressed consent constitutes the legal basis for the processing, should you have granted it. If you do not consent to the processing of your personal data for the purpose set out above, you will not receive any marketing communications from Panda Security.
- To retain your personal data in the event that the contractual relationship is not formalized, for the purpose of managing future requests you may make, and, if appropriate, sending you information improving the conditions of an offer you didn’t contract. In this respect, the Society's legitimate interest in managing and satisfying any future requests or queries you may have constitutes the legal basis for the processing. In any event, you have the right to object to the processing of your personal data if the contractual relationship is not formalized.
IV. Data retention period
The Society will store your personal data for as long as the contractual relationship with you is in force and, once it is terminated, for as long as the applicable fiscal, economic, civil and criminal regulations are in effect. In addition, in the event that the contractual relationship with you is finally not formalized, the data retention period will be six years.
V. Recipients of the personal data
We inform you that under no circumstances will your personal data be passed on to any third party, unless required by a legal obligation, and to the corresponding public bodies.
Furthermore, we inform you that your personal data may be accessed, as data processors, by the following parties: (i) Technology service providers (such as software or hardware developers as well as developers of applications related to the software license) in order to effectively provide the computing services related to the software license granted to you, as well as optimizing it; (ii) marketing and advertising service providers involved in the launch of product offers and promotions; (iii) companies belonging to the Society's group in order to effectively fulfill the contractual relationship with you; and (iv) product distributors.
VI. International transfers of personal data
To allow the aforementioned third-party providers to access your personal data, said data may be shared with the following international data processors outside of the EU:
|Category of recipient
|Marketing service provider
||USI Techonologies, Inc.
||Ensures an adequate level of protection by signing the standard contractual clauses set out in Decision 2002/16/EC of February 5, 2010.
|Technology service provider
||Ensures an adequate level of protection in compliance with the EU Directive 2011/61/EC of January 31, 2011.
You can obtain a copy of the aforementioned safeguards by contacting the Data Protection Officer at firstname.lastname@example.org
VII. Rights available to data subjects
We inform you that you are entitled to exercise the following rights:
(i) Right of access: Right to find out what kind of personal information is being processed, and the processing activities performed on said data;
(ii) Right of rectification: Right to ask for your information to be corrected;
(iii) Right to erasure: Right to have your personal information deleted;
(iv) Right to object: Right to object to the processing of your personal data, for reasons related to your personal situation;
(v) Right to withdraw your consent when your consent is the legal basis for the processing of your personal data;
(vi) Right to restriction of processing: Right to ask for your personal information to stop being processed in certain cases (e.g. If you believe that the personal information about you is incorrect, for a period enabling the controller to verify the accuracy of the personal data); and
(vii) Right to portability: Right to receive a copy of the information which you have provided to the Society in a structured, commonly used and machine-readable format, and right to transmit that data to another controller.
To exercise these rights, you must submit your request in writing to email@example.com
, or to the Society's registered offices (indicated above.
Your request to exercise your rights must include your full name as well as the right to be exercised, along with a copy of your national ID card or equivalent personal identification document.
In addition, you are entitled to lodge a complaint with the Spanish Data Protection Agency, if you consider that you have not been satisfied when exercising your rights.
You may exercise any of these rights free of charge.