Privacy policy
ESET, spol. s r. o., having its registered office at Einsteinova 24, 851 01 Bratislava, Slovak Republic, registered in the Commercial Register administered by Bratislava I District Court, Section Sro, Entry No 3586/B, Business Registration Number: 31333532 as a Data Controller (“ESET” or “We”) would like to be transparent when it comes to processing of personal data and privacy of our customers, website visitors, and every individual (“You”) whose personal data and information are subject to processing under the terms of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). To achieve this goal, We are publishing this Privacy Policy with the sole purpose of informing You about following the topics:
•Processing of Personal Data,
•General Rules,
•Data Confidentiality,
•Data Subject’s Rights.
Processing of Personal Data
All services incorporated in these web sites and other web sites under the control of ESET are governed by this Privacy Policy, including those which are governed by specific Terms of Use with data processing rules. Some parts of the web sites may be administered by local ESET Partners, using the ESET web site platform, which may be governed by specific terms and conditions based on local legislation.
Generally, You may use our web sites for information purposes without giving personal information and informing ESET who you are. On the other hand, some of our services need to collect more information:
•ESET may collect personal information for the purposes of direct communication with You in order to respond to your questions, and fulfill your requests. If You send us product orders, service requirements, other requests or if you upload any materials to our website, we may have to contact you in order to gain additional information necessary for processing or in order to fulfill your order, request or requirement. For this purpose, as well as for the purpose of requested performance of services, we need to process your details provided via web forms, email or applications.
•If You are an End User of our products or services, the processing of your data is covered by the specific End User License Agreement or Terms of Use and Privacy Policy related to that product or service. For more information concerning data processing, please visit our online help documentation dedicated to our products and services. You can access it directly from the graphic user interface of your product by clicking on the “?” symbol. The maximum storage period for invoicing data is determined by law and We are legally required to keep the data for a period of 10 years. Unlike the invoicing data, we only store licensing data for the period which does not exceed 12 months from the expiration date of your license, and statistics without the requirement of End User’s identification are processed for the period of 4 years.
•If You already are our customer or if You agree with processing of your data for the purposes of marketing communication, We may use your details to administer marketing communication until You unsubscribe or send us a withdrawal of your consent.
•Contact information and data contained in your support requests are required for service of technical or other support nature provided by ESET. Based on the channel You choose to contact us, We may collect your email address, phone number, license information, product details and description of your support case. You may be asked to provide us with other information to facilitate service of support such as generated log files or dumps. The data from support may only be used for the provision of support service and for enhancing customer experience while providing support. The maximum storage period is limited by the time necessary for support provisioning and reviewing, and even in a pseudonymized form it cannot exceed the period of 10 years.
•Customer feedback, answer or request, may be provided by You via our web forms. For the purpose of follow-up, your contact details including email address or other data may be requested based on the nature or purpose of our communication. Data storage periods may differ based on the nature or purpose of communication explicitly in compliance with this Privacy Policy.
•ESET may collect information about your computer, including your IP address where available, operating system and browser type, for system administration and to report aggregate information to our advertisers under the legitimate interest legal basis. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalized service. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of the Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.
•We are doing our best while helping you to enjoy safer technology. Your input is very valuable for us and there are various channels available to provide us with samples of malicious or suspicious software. Samples and its metadata will be processed and stored based on public interest as well as legitimate interest of ESET, which is cybersecurity.
General Rules
There are only few legal bases for data processing which We use according to the GDPR legislative framework. Our activities are mainly covered by
•Contractual necessity legal base is applicable when it comes to our products and services provided under End User License Agreements or Terms of Use.
•Legitimate interest legal base or even public interest concerning cybersecurity entitling us to collect samples and service data for analysis, to provide You with even better protection, support and experience We can offer. Even marketing is recognized by GDPR as a legitimate interest, therefore we rely on this concept when it comes to cookies used by our web sites and communication with our customers.
•Consent, if required by legislation.
•Compliance with legal obligation e.g. stipulating requirements for electronic communication, invoicing or billing.
The goal of this Privacy Policy is to provide a general overview of legal basis and data processing principles of ESET. If You are looking for more information concerning data collection facilitated by particular ESET product or service, visit our dedicated websites.
Data Confidentiality
ESET is a company operating worldwide via affiliated entities or partners as part of our distribution, service, and support network. Information processed by ESET may be transferred to and from affiliated entities or partners for the performance of the Terms, such as the provision of services, support, or billing. Based on your location and service You choose to use, We might be required to transfer your data to a country with the absence of an adequacy decision issued by the European Commission. Even in this case, every transfer of information is subject to the regulation of data protection legislation and takes place only if required. Standard Contractual Clauses, Binding Corporate Rules, or another appropriate safeguard must be established without any exception.
We are doing our best to prevent data from being stored longer than necessary while providing services under the Terms. Our retention period might be longer than the validity of your license just to give You time for easy and comfortable renewal. Minimized and pseudonymized statistics and anonymized data may be further processed for statistical purposes.
ESET implements appropriate technical and organizational measures to ensure a level of security which is appropriate to potential risks. We are doing our best to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and Services. However, in case of data breach resulting in a risk to your rights and freedoms, We are ready to notify supervisory authority as well as data subjects. Data Subject has a right to lodge a complaint with a supervisory authority.
Data Subject’s Rights
ESET is subject to regulation of Slovak laws and We are bound by data protection legislation as part of European Union. Subject to conditions laid down by applicable data protection laws, You are entitled to following rights as a data subject:
•right to request access to your personal data from ESET,
•right to rectification of your personal data if inaccurate (You also have the right to have the incomplete personal data completed),
•right to request erasure of your personal data,
•right to request restriction of processing your personal data,
•right to object to processing,
•right to lodge a complaint as well as,
•right to data portability.
We believe that every information we process is valuable and necessary for the purpose of our legitimate interest which is provision of services and products to our customers.
If You would like to exercise your right as a data subject or You have a question or concern, send us a message at:
ESET, spol. s r.o.
Data Protection Officer
Einsteinova 24
85101 Bratislava
Slovak Republic
dpo@eset.sk