Experiencing a breach?
Select Language
Request demo
Request demo

WithSecure privacy principles

1. We respect your right to privacy

First and foremost, we respect your privacy in everything we do. Your trust is important to us. We respect your control of your personal data and digital content, and it’s our priority to prevent unauthorized access to it by anyone. Whenever we ask you for information, it is to better serve you: If we don’t need it, we won’t ask for it.

2. We will protect you

Not only do we live up to our principles, we also seek to protect you against external threats. We do this through our services and by sharing our insights on digital ecosystems with you. Your digital life should be nobody else’s business but yours.

3. You decide how much you share with us

To provide you even better services and relevant messages, we collect information about how our applications are found and used. This means that when you’re using our services, we track things like which features are used most and which actions trigger error messages. However, if you are uncomfortable with tracking, we completely appreciate that and therefore WithSecure products offer opt-out possibilities from non-critical data collection.

4. No backdoors

We do not build backdoors into our services or software for access by authorities or anyone else. Officials who want information for criminal investigations must enter through our front door with a warrant.

5. There is no privacy without security

Secure services help keep valuable data safe from malicious intentions and prying eyes. Without security, there is no guarantee of privacy. With our dedication to privacy and expertise in security, we can offer true digital freedom.

6. We keep our messaging relevant

We want to engage you and help you stay safe in the digital world. One way we do this is through relevant messages. Our messages are not just marketing. They are intended to be informative, fun and useful and to help you get the most out of our services. You can always opt out from our messaging if you prefer.

7. We choose service providers we can trust

As part of the Internet ecosystem, like any provider of digital services we must also use external solutions. However, we carefully partner with service providers who share our commitment to privacy and security. We don’t share any more data with them than is absolutely necessary.

8. We are the good guys

Great software always has great people behind it. At WithSecure, honesty and integrity are part of our culture. We believe a free and open Internet is for the betterment of humanity, and we can stand for privacy and digital freedom because we have the people to back it up.

9. Transparency

We will be open and honest with you. We won’t use your personal data for hidden purposes. We strive for clear and easy to understand communications – not jargon.

Support tool privacy policy

January 2023

In brief

When the WithSecure™ Support tool is run, it gathers information about your computer system and configuration, as well as the logs created by our services. The information is used for troubleshooting and solving problems in our services.

In most cases, you may review and edit the information before you send the archive file to customer support.

In full

This privacy policy focuses on the items we believe are the most relevant for you. Such items are in particular:

  1. the type of personal and private data that the service collects,
  2. what we use it for,
  3. our justification,
  4. typical disclosures, and
  5. for how long we store it.

More information on such topics as well as on other aspects (data subject rights, contact information, etc.) of the processing of your personal data is also available via the embedded links to our General privacy policy.

What do we collect and what do we do with it?

Information collected from WithSecure service logs

The information includes WithSecure service logs. This information contains detailed information of the service activity, for example downloading and installing updates, communication between the service components, engaging a feature, and security events. The information may contain service crash dumps, file paths, banking web sites, and blocked web pages.

Information collected from the operating systems logs

The information contains the current configuration of your operating system, for example the network configuration, installed applications, operating system services (e.g. OS update services) and running processes and applications (e.g. internet browser), mapped drives and device and user names, system crash dumps and logs. The submitted information also includes a snapshot of the system event history.

Purposes

Service log information is collected to establish whether our service has operated as intended, including resolving potential incorrectly categorized issues. Operating system information is collected for the purpose of troubleshooting problems in cases where our own service logs provide insufficient information. The archive file is also used as a data source to support our development activities, so that we can prevent the re-occurrence of the issue on your device or on those of other customers.

What do we do with it?

The interaction and service-specific privacy policies and notices set out the specific purposes for using the personal data collected by each service or processed in such activity.

In addition to such specific purposes, the following general purposes of personal data use apply across all of our services:

  • Provisioning of services. To deliver our services to you, we process the data for the following purposes:
    • Customer journey. To identify authorized users, process and track transactions, administer user accounts, as well as for shipping, invoicing, and managing licenses.
    • Deliver, fix, and enhance. Delivering, maintaining, and developing our services and websites, and to provide help and support for the services.
    • Analyze. To track that our services are taken into use and how they are used so that we can improve the services, manage your customer relationship, and approach you with relevant messages.
  • Communicate. To send you information relating to the services, conduct customer surveys, and market our services to you. The actual communication may be handled either by WithSecure or by our partners.
  • Regulatory. To prevent fraudulent, illegal, or infringing activities and to comply with legal or regulatory requirements.

Adjustments

If you have been asked (by WithSecure Customer Care or by our partners or your company IT administrator) to change the logging level to “full” prior to (re)running this tool to record information from an WithSecure service, the following scan performed by this tool includes additional data compared to the above. The type of collected additional data varies according to the target of the debugging activity. Our Customer Care can advise you on what kind of data would be likely collected for the issue at hand. We typically need to do this when we do not have enough data to diagnose the problems on your device.

If you are manually running the support tool yourself – i.e. the tool is not activated remotely – the information collected by the tool is saved as an archive file to your desktop or computer. In such cases, you can extract the files and edit the information before recompressing and sending it to us.

Legal grounds

The collection of the above data is necessary for us to be able to effectively provide you / your employer with our support services. Absent of this data, it will be more difficult to help you to solve the incident with our services.

If you are a corporate customer or employee of our corporate customers, we have a legitimate interest to use the collected / submitted data to solve the problems that have given rise to support cases and also to store the data for the time that is necessary to prevent the incident from re-occurring in our services. Regardless of our justification, you retain control over whether to send / allow sending of the information package to WithSecure.

Transfers and disclosures

The archive file may be handled by WithSecure Corporation, our affiliated companies, relevant subcontractors, and our support partners, but only for the purposes set out in this policy. Where the service has been provided to you via our corporate reseller or operator partner, your support contact is likely via these entities. These entities will typically forward the archive file to WithSecure for analysis and in-depth problem resolution activities. In some cases, the archive file may also be handled by such reseller if they have the capability to perform the problem resolution activities independently from WithSecure.

More information on transfers and disclosures is available in our General Privacy Policy.

Retention

The file is stored by WithSecure as long as necessary for ascertaining that the encountered issues will be fixed and will remain fixed in future service releases and for a maximum of two years from closing the support case.

While the archive file is under WithSecure care, we respect the possibly private and confidential nature of the information in the archive file and do not use it or share it except as necessary for the above purposes.

Please read our General privacy policy for possible exceptions or typical reasons why we may need to deviate from the primary retention rules set out above.

Security

We apply strict security measures to protect the confidentiality, integrity, and availability of your personal data when transferring, storing, or processing it.

We use physical, administrative, and technical security measures to reduce the risk of loss, misuse, or unauthorized access, disclosure, or modification of your personal data.

All personal data is stored on secure servers operated by WithSecure or our partners with access limited to authorized personnel only.

Your rights

Please read our General privacy policy for information on your statutory rights and how to contact us.

General

Please note that this privacy policy will regularly be updated to reflect any changes in the way we handle your personal data or any changes in applicable laws.

This version of the policy clarifies, updates, and replaces the previous version. To continue keeping this document up to date, we will make changes and additions to this from time to time.

More information on definitions and change management is available in our General privacy policy.

Support tool privacy policy

January 2023

In brief

When the WithSecure™ Support tool is run, it gathers information about your computer system and configuration, as well as the logs created by our services. The information is used for troubleshooting and solving problems in our services.

In most cases, you may review and edit the information before you send the archive file to customer support.

In full

This privacy policy focuses on the items we believe are the most relevant for you. Such items are in particular:

  1. the type of personal and private data that the service collects,
  2. what we use it for,
  3. our justification,
  4. typical disclosures, and
  5. for how long we store it.

More information on such topics as well as on other aspects (data subject rights, contact information, etc.) of the processing of your personal data is also available via the embedded links to our General privacy policy.

What do we collect and what do we do with it?

Information collected from WithSecure service logs

The information includes WithSecure service logs. This information contains detailed information of the service activity, for example downloading and installing updates, communication between the service components, engaging a feature, and security events. The information may contain service crash dumps, file paths, banking web sites, and blocked web pages.

Information collected from the operating systems logs

The information contains the current configuration of your operating system, for example the network configuration, installed applications, operating system services (e.g. OS update services) and running processes and applications (e.g. internet browser), mapped drives and device and user names, system crash dumps and logs. The submitted information also includes a snapshot of the system event history.

Purposes

Service log information is collected to establish whether our service has operated as intended, including resolving potential incorrectly categorized issues. Operating system information is collected for the purpose of troubleshooting problems in cases where our own service logs provide insufficient information. The archive file is also used as a data source to support our development activities, so that we can prevent the re-occurrence of the issue on your device or on those of other customers.

What do we do with it?

The interaction and service-specific privacy policies and notices set out the specific purposes for using the personal data collected by each service or processed in such activity.

In addition to such specific purposes, the following general purposes of personal data use apply across all of our services:

  • Provisioning of services. To deliver our services to you, we process the data for the following purposes:
    • Customer journey. To identify authorized users, process and track transactions, administer user accounts, as well as for shipping, invoicing, and managing licenses.
    • Deliver, fix, and enhance. Delivering, maintaining, and developing our services and websites, and to provide help and support for the services.
    • Analyze. To track that our services are taken into use and how they are used so that we can improve the services, manage your customer relationship, and approach you with relevant messages.
  • Communicate. To send you information relating to the services, conduct customer surveys, and market our services to you. The actual communication may be handled either by WithSecure or by our partners.
  • Regulatory. To prevent fraudulent, illegal, or infringing activities and to comply with legal or regulatory requirements.

Adjustments

If you have been asked (by WithSecure Customer Care or by our partners or your company IT administrator) to change the logging level to “full” prior to (re)running this tool to record information from an WithSecure service, the following scan performed by this tool includes additional data compared to the above. The type of collected additional data varies according to the target of the debugging activity. Our Customer Care can advise you on what kind of data would be likely collected for the issue at hand. We typically need to do this when we do not have enough data to diagnose the problems on your device.

If you are manually running the support tool yourself – i.e. the tool is not activated remotely – the information collected by the tool is saved as an archive file to your desktop or computer. In such cases, you can extract the files and edit the information before recompressing and sending it to us.

Legal grounds

The collection of the above data is necessary for us to be able to effectively provide you / your employer with our support services. Absent of this data, it will be more difficult to help you to solve the incident with our services.

If you are a corporate customer or employee of our corporate customers, we have a legitimate interest to use the collected / submitted data to solve the problems that have given rise to support cases and also to store the data for the time that is necessary to prevent the incident from re-occurring in our services. Regardless of our justification, you retain control over whether to send / allow sending of the information package to WithSecure.

Transfers and disclosures

The archive file may be handled by WithSecure Corporation, our affiliated companies, relevant subcontractors, and our support partners, but only for the purposes set out in this policy. Where the service has been provided to you via our corporate reseller or operator partner, your support contact is likely via these entities. These entities will typically forward the archive file to WithSecure for analysis and in-depth problem resolution activities. In some cases, the archive file may also be handled by such reseller if they have the capability to perform the problem resolution activities independently from WithSecure.

More information on transfers and disclosures is available in our General Privacy Policy.

Retention

The file is stored by WithSecure as long as necessary for ascertaining that the encountered issues will be fixed and will remain fixed in future service releases and for a maximum of two years from closing the support case.

While the archive file is under WithSecure care, we respect the possibly private and confidential nature of the information in the archive file and do not use it or share it except as necessary for the above purposes.

Please read our General privacy policy for possible exceptions or typical reasons why we may need to deviate from the primary retention rules set out above.

Security

We apply strict security measures to protect the confidentiality, integrity, and availability of your personal data when transferring, storing, or processing it.

We use physical, administrative, and technical security measures to reduce the risk of loss, misuse, or unauthorized access, disclosure, or modification of your personal data.

All personal data is stored on secure servers operated by WithSecure or our partners with access limited to authorized personnel only.

Your rights

Please read our General privacy policy for information on your statutory rights and how to contact us.

General

Please note that this privacy policy will regularly be updated to reflect any changes in the way we handle your personal data or any changes in applicable laws.

This version of the policy clarifies, updates, and replaces the previous version. To continue keeping this document up to date, we will make changes and additions to this from time to time.

More information on definitions and change management is available in our General privacy policy.