NortonLifeLock Global Privacy Statement

Introduction

When it comes to your personal data, NortonLifeLock, including Norton which is a division of NortonLifeLock, and LifeLock, Inc., which is a wholly owned subsidiary of NortonLifeLock (collectively referred to as “NortonLifeLock”, “Norton”, “LifeLock”, “we” or “us”), as well as our employees, contractors and service providers, are committed to providing you with transparency and choice. We process personal data in accordance with applicable legislation, while taking into account and balancing the relevant interests of our customers, ourselves and other stakeholders.

We do not, and will not without consent, sell, lease, or rent your information to third parties for monetary or other valuable consideration.

This Privacy Statement (“Statement”) provides an overview of how we, via our websites, products and services (“Services”), process and protect your personal data. This Statement applies to the NortonLifeLock websites, products and services that link to or reference this Statement and describes how we collect, process and share personal data and the choices available to you regarding collection and use of your personal data. Additional information on our personal data practices may be provided in offer descriptions, contractual terms, supplemental privacy statements, or notices provided prior to or at the time of data collection. In addition, we provide Product and Service Privacy Notices describing in more detail the collection and processing of personal data through your use of such products and services, and those can be found at nortonlifelock.com/privacy. If any other privacy notice conflicts with this Privacy Statement, such specific notice will take precedence.

If you are in the European Economic Area, and unless stipulated otherwise contractually, the Controller of your personal data is NortonLifeLock Ireland Limited, which has its principal place of business at Ballycoolin Business Park, Blanchardstown, Dublin 15, Ireland.

You need not enroll or register with us to just visit and view our Site. However, if you elect to obtain or use any of our products or services you must register or enroll (or be enrolled by an authorized third-party) with us, and you must agree to the applicable customer agreement, product end-user license agreements or service terms.

What this Statement Covers:

1) Personal Data Collection and Handling Practices

  • How we collect personal data, and from what sources;
  • The categories of personal data we collect;
  • The purpose for which we collect and process that personal data;
  • When and why we share your personal data with third-parties, and the types of third-parties with which we may share personal data;
  • Retention and deletion of your personal data;
  • Cross border transfers of personal data; and
  • How we protect your personal data.

2) Your Privacy Rights

  • Your Privacy Rights; and
  • How to contact us about privacy matters.

3) Referrals, Marketing, Opt-In/Opt-Out, and Cookies

  • Referrals;
  • Marketing and community networking;
  • How to opt out of Internet-based advertising;
  • Cookies and tracking technologies; and
  • Automated individual decision making and profiling.

4) Children’s Privacy

5) Miscellaneous

  • Changes to this Statement;
  • Links to Other Websites.

Personal Data Collection and Handling Practices

We collect personal data in the following ways from the following sources:

1) Automatically from your visits to our Sites or use of our products/services;

2) From you when you interact with our agents through calls and chat sessions and provide personal data to us (either about yourself or a third-party (e.g. customer or employment referral));

3) From third-parties (e.g. marketing leads) and public sources, subject to applicable laws and regulations.

Method and Sources of Collection:

We may collect personal data about you from the following sources:

  • From You:
    • When you visit and use our websites, products and services, we automatically may collect data about your use of our websites, products and services;
    • When you interact directly with us, we may collect personal data that you provide to us (e.g. account and payment information);
  • Third-Parties:
    • We may collect personal data about you from third-parties such as:
      • credit reporting agencies and financial institutions (used for purposes such as identity theft protection services),
      • marketing and joint-marketing partners (used for purposes such as to offer products/services and/or joint product bundles to prospective members),
      • public sources (such as The Dark Web to alert you to potential misuse of your data, and Data Broker sites allowing you to remove your data at your discretion, and other sources for purposes such as to identify prospective customers or alert customers to potential fraud).

We may collect personal data from you about other people, such as personal data about friends and family through customer or employee referrals, or data about family members who you wish to include on your account.

Additional detail on the use of your personal data can be found in the “Purposes of Processing” section below.

We collect the following categories of personal data for the following general purposes:

1) Member/Subscriber Information is collected to manage our business relationship with you;

2) Administrative Data is data collected to maintain our business records;

3) Provisioning Data is collected to deliver our products and services;

4) Security Data is collected to provide Cyber Safety services, and to prevent fraud and identity theft;

5) Diagnostic Information is collected to troubleshoot malfunctioning products and services;

6) Usage and Preference Data is collected to help us provide you with better service and user experience; and

7) Third-Party Data provided by you or collected by us is collected as necessary to deliver or promote our services or recruit for potential open employment positions.

Categories of Personal Data We collect:

The categories of personal data that we collect, and the general purposes of collection, include:

  • Member/Subscriber Information. This information includes data necessary to establish your account and method/means of payment, ship your products or provide services, and track and maintain our relationship with you. It includes:
    • Identifiers and contact details, including name, mailing address, email address, phone number and member credentials (user ID and password);
    • Shipping and billing data, including credit card and payment data;
    • Your social security number and/or state/government identifier, driver’s license number or other government-issued identifier, date of birth, age and gender, and other personal details about you as necessary to verify your identity and to provide identity theft protection services; and
    • Commercial information, including your transaction history with us.
  • Administrative Data. This is data that is generated by us and is related to your account, device or use of services. It includes license keys and internally-created member IDs, and device IDs, and serves the purposes of maintaining our business records and enforcing product license and service entitlement compliance.
  • Provisioning Data. This includes data necessary to provision applications or to facilitate installation and may include device and system information, browser type, IP address, type of operating system, and internet or other electronic network activity information.
  • Security Data. This data may include bank transaction data, credit alerts, location data, and data identified below that is collected for cyber threat intelligence, as needed to provide cyber safety and identity theft protection services, as well as to protect against fraud.
  • Diagnostic Information. This data may include application crash reports and information you provide to us for obtaining customer service, as necessary to troubleshoot any malfunctioning products and services. For example, when you call or exchange email, chat or mail with us, we may retain and review call and chat recordings and/or the contents of the messages as required/permitted by law and our recording and information management policies.
  • Usage and Preference Information. This information includes data received directly from you, and/or derived from cookies (tags, pixels, etc.) and third-parties indicating usage and preferences, and product/service and communication preferences as set by you. It helps us better understand and better serve your interests, expectations, needs and requirements.
  • Third-Party Data. This information includes data we may obtain from you about a third-party, or data about a third-party we collect from you and/or through the provision of our services, including threat intelligence data used to analyze threats and protect you, us and our other customers against fraud and cyber threats. Third-Party Data may include email and IP address of the sender of malicious malware.

We may process your personal data:

1) for the purpose of fulfilling our contract with you (e.g. for the provision of products and services, providing customer service, etc.);

2) for specified purposes on the basis of your consent (e.g. marketing, surveys, etc.);

3) for the purpose of fulfilling our legal obligations (e.g. maintaining employment and tax records, responding to lawful subpoenas, etc.), and;

4) for the purpose of pursing our legitimate business interests, including:

  • Conducting Routine Business Activities, such as marketing, product research, providing customized web experiences, etc.;
  • Combining Data to Improve our Customers’ Experience and Evaluate/Refine our Products and Services;
  • For Network and Information Security Purposes; and,
  • For Developing Cyber-threat intelligence data to better understand, anticipate and counter cyber threats.

We collect and process your personal data for the purposes outlined below as well as in the relevant Product and Service Privacy Notices on the following grounds:

1) For the purpose of fulfilling our contract with you or entering into a contract with you on your request, in order to:

  • Create and manage your account;
  • Authenticate you prior to enrolling in services;
  • Verify your identity and entitlement to products or services, when you contact us or access our services;
  • Process your purchase transactions;
  • Update you on the status of your orders;
  • Allow you to register products or services your purchase;
  • Manage your subscriptions; and
  • Provide you with technical and customer support.

2) For specific purposes based on your consent, in order to:

  • Subscribe you to newsletters, send you product updates or technical alerts;
  • Send you marketing communications and information on new products, services and assets;
  • Communicate with you about, and manage your participation in contests, offers or promotions;
  • Solicit your opinion or feedback, provide opportunities for you to test products or services;
  • Enable you to refer a friend who may be interested in our offerings, as permitted by law;
  • Where required and applicable, to enable any non-essential cookies or similar technologies;
  • Process sensitive personal data in accordance with applicable law, and
  • Provide you with interest-based ads on sites other than our own.

3) For the purpose of fulfilling our legal obligations, we may be obligated to, for instance, keep and process records for tax purposes or in order to meet legal obligations and disclosures.

4) For the purpose of promoting and operating our business and advancing our legitimate interests in the effective delivery of our products, services and communications to you as well as to our other customers and partners. Specifically, in order to:

  • Provide you with information, products and services that you request; enable participation in interactive features of our Services; and notify you about changes to our terms or this Privacy Statement;
  • Communicate commercial promotions and provide quotes for our products and services;
  • Promote and administer co-branded offers with trusted partners;
  • Confirm sales conversions and conduct lead generation activities;
  • Better administer and understand the usability, performance, and effectiveness of our Services, including troubleshooting, data analytics, testing, research, and statistical purposes;
  • Improve our Services (including developing new Services) and to ensure that content is customized and presented in the most relevant and effective manner for you and for your device, including suggestions and recommendations about things that may be of interest to you;
  • *Ensure the security of our own, and of our customers’ networks and information systems, including the development of threat intelligence resources;
  • *Develop cyber-threat intelligence resources; and
  • *Otherwise keep our Services, business and users safe and secure; to comply with applicable laws and regulations; and to protect or exercise our legal rights or defend against legal claims.

*For Network and Information Security Purposes and Cyber-threat Intelligence:

It is in our legitimate interests as well as in our customers’ interests to collect and process personal data to the extent strictly necessary and proportionate for the purposes of ensuring the security of our own, and of our customers’ networks, information systems, and the identity of the individuals using or otherwise benefitting from them. This includes the development of threat intelligence resources aimed at maintaining and improving on an ongoing basis the ability of information networks and systems to resist unlawful or malicious actions and other harmful events, such as cybercriminal activities and attempts at identity theft or fraud (“cyber and identity threats”).

The personal data we process for Network and Information Security Purposes includes, without limitation, network traffic data related to cyber and identity threats such as:

  • sender email addresses (e.g., of sources of SPAM such as phishing scams);
  • recipient email addresses (e.g., of victims of targeted email attacks);
  • reply-to email addresses (e.g., as configured by cybercriminals sending malicious email);
  • filenames and execution paths (e.g., of malicious or otherwise harmful executable files attached to emails);
  • URLs and associated page titles (e.g., of web pages broadcasting or hosting malicious or otherwise harmful contents); and/or
  • IP addresses (e.g., of web servers and connected devices involved in the generation, distribution, conveyance, hosting, caching or other storage of cyber and identity threats such as malicious or otherwise harmful contents).

Depending on the context in which such data is collected, it may contain personal data concerning you or third-parties. However, in such cases, we will process the data only to the extent strictly necessary and proportionate to the purposes of detecting, blocking, reporting (by removing any personally identifiable elements) and mitigating the cyber or identity threats of concern, or to other users relying on our products and services to protect their networks, systems and identities. When processing personal data in this context, we will only identify specific data subjects if and to the extent necessary for the remediation of the cyber or identity threats concerned, or as required by law.

If you believe that your personal data was unduly collected or is unduly processed by NortonLifeLock for such purposes, please refer to the “Your Rights” and “Contact Us” sections. Please be aware that if it is determined that personal data concerning you is processed by NortonLifeLock because it is necessary for the detection, blocking or mitigation of convicted cyber or identity threats, objection, rectification or erasure requests may be rejected in accordance with applicable law.

We only share your personal data outside the NortonLifeLock organization to such authorized third-parties as our business partners for purposes of promoting or selling our products (alone or jointly with theirs), service providers who perform necessary business services for us under written agreement, the public authorities who may obtain your personal data subject to applicable legal and regulatory authority, or where otherwise required by law. In providing restoration services, we may share your personal data with third-party vendors or financial institutions subject to your knowledge and, where applicable, consent.

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect. We do not, and will not without consent, sell, lease, or rent your information to third parties for monetary or other valuable consideration.

We do permit third-parties to collect any of the information described above through our Services and disclose information to third-parties for the following business purposes, in which case we require these recipients to comply with adequate privacy and confidentiality requirements and security standards:

Partners

We may provide your personal data to our partners for the purpose of allowing them to conduct NortonLifeLock business. Our partners go through our third-party risk management and assessment process and only afterwards are they authorized to promote and sell our products and services. Our partners may use your personal data to communicate with you and others about NortonLifeLock Services either alone or jointly with partner products and services. We may provide your personal data to partners to confirm your eligibility for joint or co-branded offers or to communicate and administer such offers (e.g. report sales conversions, verify eligibility, assess effectiveness of joint offer, etc.) Our Partners are not allowed to use personal data that they receive from us for any purpose except for communicating, evaluating, improving and administering the offer in question (NortonLifeLock branded, co-branded or joint offer). This will not affect the partner’s ability to use personal data that it may already have obtained from you or other sources. If you do not wish to receive promotional emails from our partners, you can unsubscribe directly using the unsubscribe link or tool provided in the partner’s email or other communication to you.

Service Providers Processing Data on Our Behalf

We may use contractors and service providers to process your personal data on our behalf for the purposes described in this Statement, the relevant product and service privacy notices and for business purposes such as financial auditing, data storage and security, troubleshooting and debugging, improving and operationalizing threat intelligence and counter-threat measures, and for marketing and promoting our Services. We contractually require service providers to keep data confidential and we do not allow our service providers to disclose your personal data to others without our authorization, or to sell it or use it for purposes unrelated to the services they provide (e.g. their own marketing purposes). However, if you have a separate and/or independent relationship with these service providers, their privacy statements will apply to such relationships. Such service providers may include benefit brokers, your employer (for products and services offered as an employee benefit), contact centers, payment card processors and marketing/survey/analytics suppliers.

Public Authorities

In certain instances, it may be necessary for us to disclose your personal data to public authorities or as otherwise required by applicable law. No personal data will be disclosed to any public authority except in response to:

  • A subpoena, warrant or other legal process issued by a court or other public authority of competent jurisdiction;
  • A legal process having the same consequence as a court-issued request for data, in that if we were to refuse to provide such data, it would be in breach of local law, and we or our officers, executives or employees would be subject to liability for failing to honor such legal process;
  • Where such disclosure is necessary for us to enforce our legal rights pursuant to applicable law;
  • A request for data with the purpose of identifying and/or preventing credit card fraud; or
  • Where such disclosure of personal data is necessary to prevent or lessen a serious and imminent threat of bodily or other significant harm to the data subject or other individuals potentially concerned.

Restoration Services/Third Parties

We may disclose your information to financial institutions, financial services companies, and other third-parties at your direction to provide restoration services and other Services to you.

If you access third-party services through the Services, these third-party services may be able to collect information about you in accordance with their own privacy policies.

Corporate Affiliates

We may share your information with our corporate affiliates.

Business Transfers

We may share your information in connection with a substantial corporate transaction, such as the sale of a website, a merger, acquisition, consolidation, asset sale, initial public offering, or in the unlikely event of bankruptcy.

We will only retain your personal data for as long as necessary to fulfill the purpose for which the data was collected and is processed, including our compliance with applicable laws, regulations and court orders, and the defense of our legal claims. We will securely dispose of personal data that is no longer needed.

We will hold your personal data on our systems for the longest of the following periods:

  • As long as necessary to maintain our ongoing business relationship, or as needed to provide you with the products, services or information which you are entitled to or can otherwise reasonably expect to receive from us;
  • For as long as necessary for the purpose for which we collected it or for which you supplied it to us in accordance with any product or service relevant activity or process;
  • Any retention period that is necessary to comply with our legal obligations, to resolve disputes, or to enforce our agreements;
  • The end of the period in which litigation or investigations might arise in respect of our business relations or other interactions with you;
  • At the expiry of the particular personal data retention periods specified by the supplemental information stipulated in certain products’ and services terms and/or notices.

Upon expiry of the applicable retention period, your personal data is either securely disposed of, or de-identified through the use of appropriate anonymization means, including, without limitation, aggregation, truncation, or one-way hashing.

When your personal data is transferred internationally within the NortonLifeLock organization or to third-parties, we use legally permitted and sanctioned data transfer mechanisms to ensure that your data remains consistently protected in all places.

We are a global company and, as such, we process data in many countries. To conduct our business, and in accordance with this Statement, your personal data may be transferred to NortonLifeLock and/or its subsidiaries and affiliates in the United States, and to subsidiaries and third-party vendors of NortonLifeLock located worldwide. All transfers will occur in compliance with data transfer requirements of applicable laws and regulations. Where personal data originating from the European Economic Area is transferred to NortonLifeLock subsidiaries and affiliates or to third-party vendors engaged by NortonLifeLock to process such personal data on our behalf who are located in countries that are not recognized by the European Commission as offering an adequate level of personal data protection, such transfers are covered by alternate appropriate safeguards, specifically standard data protection clauses adopted by the European Commission. If applicable to you, you may obtain copies of such safeguards by contacting us as explained below (“Contact Us”).

In the process of continuing to develop our business, we may also occasionally acquire subsidiaries or other business entities. As a result of such transactions, and for maintaining a continued relationship with you, we may transfer your personal data to a related affiliate.

If we are involved in a reorganization, merger, acquisition or sale of our assets, your personal data may be transferred as part of that transaction.

We implement rigorous physical, technical and organizational safeguards to protect your personal data in our custody, both at rest and in transit, and should these measures fail to prevent a data breach, we will promptly take the necessary remedial measures, and we will notify you as well as applicable regulators of any such breach, as required by applicable law.

Securing personal data is an important aspect of protecting privacy. We take reasonable and appropriate physical, technical, and organizational security measures in accordance with applicable laws to protect your personal data against the risk of accidental loss, compromise, or any form of unauthorized access, disclosure or processing. The relevant security controls are communicated to application owners and technology teams across the business to support the secure development of products and maintain a secure operating environment. Our security measures include:

Physical Safeguards

We lock doors and file cabinets, control access to our facilities, implement a clean desk policy, and apply secure destruction to media containing personal data.

Technical Safeguards

We endeavor to use reasonably available state-of-the-art network and information security standards, protocols and technologies, including encryption, intrusion detection and data loss prevention, and we monitor our systems and data centers to ensure that they comply with our security policies.

Organizational Safeguards

We conduct regular company-wide, as well as role-specific and targeted training and awareness programs on security and privacy, to make sure that our employees and contractors understand the importance of protecting personal data, and that they learn and maintain the necessary knowledge and skills effectively to protect it in practice.

If you have any questions about the security of your personal data or the security of the site, or wish to report a potential security issue, please contact security@lifelock.com. When reporting a potential security issue, please describe the matter in as much detail as possible and include any information that might be helpful. If you are having problems accessing your account, please contact our Member Support Center.

Your Privacy Rights

In relation to our processing of your personal data and subject to applicable law, you may have the rights of information, access (including where applicable portability), rectification, erasure, restriction of and objection to further processing, as well as the rights to withdraw your consent (where consent is the basis of processing) and express other preferences, not to be subjected to automated decision making, and to file privacy complaints with us or with competent authorities.

You can view and update your personal data through your Norton Account or Lifelock Portal.

Subject to applicable laws, you may have the right:

1) to ask us to provide you with information regarding the personal data we process concerning you;

2) to rectify, update or complement inaccurate or incomplete personal data concerning you;

3) to delete or request the erasure of personal data concerning you;

4) in certain circumstances to restrict the way in which we process personal data concerning you;

5) to withdraw any consent you may have given for us to process personal data concerning you;

6) to object to our processing of personal data concerning you on the basis of our, or of third-parties’ legitimate interests;

7) to obtain from us the portability of personal data concerning you; and

8) to lodge a privacy complaint with a supervisory authority if you are not satisfied with the way we have handled your personal data or any privacy query or request that you have raised with us.

To exercise any of your rights, to raise any other questions, concerns or complaints about our privacy practices or about our use of your personal data and its privacy, or if you are not a customer of ours and want to know what personal data we have about you, please contact us as explained below (“Contact Us”).

Once we receive your request, we will require reasonably sufficient information to verify your identity and your authorization to take the actions requested. You may be entitled, in accordance with applicable law, to submit a request through an authorized agent. To designate an authorized agent to exercise your rights and choices on your behalf, please contact Norton Support in order to verify your identity and verify your authorization for the agent to act on your behalf.

We will not discriminate against you for exercising your rights and choices, although some of the functionality and features available on a Service may change or no longer be available to you where the process of certain data is essential to the provision of the Service or feature. Any difference in the Services are related to the value provided.

You may contact us using multiple communication channels available to you, including by email to nll_privacy (at) nortonlifelock (dot) com and toll-free to Member Services at 1-800-543-3562.

Americas

  • NortonLifeLock Inc. – Global Privacy Office
    60 E. Rio Salado, Suite 1000, Tempe, AZ 85281
    Email: nll_privacy (at) nortonlifelock (dot) com

    Member Services: 1-800-543-3562

Europe – Middle-East – Africa

  • NortonLifeLock Ireland Limited – Global Privacy Office
    Ballycoolin Business Park, Blanchardstown, Dublin 15, Ireland
    Email: nll_privacy (at) nortonlifelock (dot) com
  • Independent EU GDPR Data Protection Officer
    Heward Mills, Fitzwilliam Hall
    Fitzwilliam Place
    Dublin 2
    IrelandEmail the NortonLifeLock DPO

Asia Pacific

  • NortonLifeLock Ireland Limited – Global Privacy Office
    6 Temasek Boulevard, #12-01
    Suntec Tower 4
    Singapore-038986
    Email us: nll_privacy (at) nortonlifelock (dot) com

Referrals, Marketing, Opt-In/Opt-Out, and Cookies

In some cases, you may want to refer another person to us, e.g. to try our products or services, or to apply for an open employment position. When doing so, please only share that person’s data with us if you have lawful permission to do so. We will then process that person’s personal data in accordance with this Statement and/or any specific privacy notices and/or job postings.

When you choose to provide us with personal data about third-parties, we will only use this data for the specific reason for which you elect to provide it. It is your responsibility to ensure that when you disclose to us personal data of individuals other than yourself – such as your contacts, your users or other third-parties – you abide by applicable privacy and data security laws, including informing users and third-parties that you are providing their personal data to us, informing them of how it will be transferred, used, or processed, securing appropriate legal permissions and safeguards required for such disclosures, transfers and processing. If you choose to provide us with a third-party's personal data (such as name, email, and phone number), you represent that you have the third-party's permission to do so. Examples include forwarding references or sending job referrals. You also acknowledge that when we interact with such third-party individuals whose personal data you share with us, it is our duty to inform them that we obtained their personal data from you. Where applicable, third-parties may unsubscribe from any future communication following the link provided in the initial message. If you believe that one of your contacts has provided us with your personal data and you would like to request that it be removed from our database, please contact us at nll_privacy (at) nortonlifelock (dot) com.

As permitted by applicable law and subject to your expressed preferences, we process your personal data to communicate with you in order to promote products and services, including via direct messages, interested-based advertisements, through select third-parties, as well as the online NortonLifeLock Community. We may process personal data to determine the effectiveness of our marketing programs and to better tailor them to you. Our marketing communications may include special offers from third-party partners, or joint or bundled offers with third-party partners. The Statement includes information about how to manage your preferences in regard to Marketing Communications.

You may receive marketing messages and materials from us or our affiliates, where and as permitted by applicable law.

You have choices on what communications you wish to receive from us. If you do not want to continue receiving any marketing materials from us, you can click on the unsubscribe function in the communications you receive from us. You may also unsubscribe from Norton Marketing Offers, manage your communication preferences in your Norton Account or Lifelock Portal, or contact our Member Services Department at 1-800-543-3562 or by regular mail at Attn.: Member Services, 60 East Rio Salado Parkway, Suite 1000, Tempe, AZ 85281. If you choose not to receive marketing communications from us, we will honor your request.

However, we will continue to communicate with you as needed to provide the products and services you are entitled to, to respond to your inquiries, or otherwise relay transactional product or service-related messages.

Please also be aware that you may still receive information about our products and services through other parties using their own mailing lists. For instance, marketing materials for our products and services may also be contained in messages you receive from third-parties which may include your employer if they offer our services as part of their employee benefits, or other service providers that offer our products and services as part of their special offers.

Interest-Based Ads

We may provide your data including the data about your interests in our products to third-parties for the purposes of serving you more relevant ads, in accordance with applicable law. Where we provide you with interest-based ads on a site other than our own, we do not track your other activities on that site. If you click on our ads, we will know the domain you came from. For more information, please see the Cookies & Tracking Technologies section below.

Data from Third-Parties

Third-parties may provide us with personal data they have collected about you from you or from further online and offline sources, such as marketing data from our partners and third-parties that is combined with information we already have about you, to provide you with more relevant communications and better tailored offers. We make reasonable efforts to verify that the third-parties we engage for such purposes are reputable and law-abiding and we will not solicit them to disclose to us personal data that we do not have a lawful purpose and valid legal basis (e.g., consent, where applicable) to collect and process. However, we are not liable for any processing of your personal data by such third-parties prior to, during or after them providing it to us.

NortonLifeLock Community (Norton Website Forums, Blogs and Networking Sites)

We operate forums, websites and related information services, better to assist you in using our Services, discussing technical issues and sharing your experiences. You should be aware that any data you provide in these public forums will not be kept confidential, as it may be read, collected and used by others who access them. To request removal of your personal data from any forum, contact us here. In certain circumstances, we may not be able to remove your personal data, in which case we will let you know why. Please note that your use of these community services may be subject to additional terms and conditions.

You may use a number of third-party tools to opt out of the interest-based tailoring of the ads you see on our websites or of our ads that you see on third-party sites. The full section in this Statement under this topic includes a list of certain opt-out options available to you.

We partner with third-parties to display advertising on our website or to manage our advertising on other sites. You may opt out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA). For more information and available choices for third-party ad networks participating in the NAI and DAA programs, please visit their respective websites: www.networkadvertising.org/optout_nonppii.asp (NAI) and www.aboutads.info/choices (DAA). If you are in the European Union, you may also do that by visiting Your Online Choices (click here). Please note that if you opt out, you will continue to receive generic ads not based on your interests. Opting out of these networks does not otherwise limit the collection of information described elsewhere in this Policy.

You may control our use of the information we collect about your activities on our websites to display targeted NortonLifeLock advertising during your visits to third-party websites. To opt out of receiving these targeted ads, click here. Opting out of participation in our targeted advertising does not opt you out of our use of general information for other purposes, such as analytics supporting optimization of our Site or development of new Services.

Note: If your browser is configured to reject cookies when you visit the opt-out page, or you subsequently erase your cookies, use a different computer or change web browsers, your opt-out may no longer be effective.

We use cookies and similar tracking technologies on our websites, as permitted by applicable laws and subject to your consent and choices where relevant. We permit third-parties to activate cookies, features, widgets and other similar technologies on our sites in accordance with applicable law.

Cookies

A cookie is a commonly used automated data collection tool. Cookies are small text files that are placed on your computer or device by websites that you visit or HTML-formatted emails you open, to make websites work, or work more efficiently. We and our partners use cookies and other similar tracking technologies (e.g. Web Beacons, JavaScript, clear GIFs, pixel tags, as well as HTML5 and Flash Local Storage Objects) on our websites or emails to:

  • Ensure the proper functioning of our websites and the proper delivery of legitimate electronic communications;
  • Tailor information presented to you based on your browsing preferences, such as language and geographical region;
  • Collect statistics regarding your website usage;
  • Provide us with business and marketing information; and
  • In some cases, to enable a third-party to deliver future advertising for our products and services to you when you visit certain websites owned by third-parties.

We use different kinds of cookies:

  • Essential cookies are necessary to provide you with services and features available through our websites. Without these cookies, services you may need, such as shopping carts or e-billing, cannot be provided.
  • Analytics cookies collect data that is either used in aggregate form to help us understand how the website is being used or the effectiveness of our marketing campaigns.
  • Customization cookies collect data that is used to help us customize the website for you.
  • Advertising cookies and tracking scripts are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly delivered and, in some cases, featuring ads based on your interests. On websites which include a cookie management tool, you may find a hover button at the bottom of your screen.

The cookies we use may be session cookies that are erased when you leave our websites, or they may be persistent cookies that remain on your computer's hard drive after you leave the site, in preparation for your next visit.

If you do not wish to receive cookies you may be able to refuse them by not agreeing to the use of them upon entering the website. If you do so, we may be unable to offer you some of our functionalities, services or support. If you have previously visited our websites, you may also have to delete any existing cookies from your browser.

Third-Party Data Collection

Cookies may also be placed on our websites by third-parties to deliver tailored information and content which may be of interest to you, such as promotions or offerings, when you visit third-party websites after you have left ours. We do not permit these third-parties to collect personal data about you on our sites beyond such cookies (e.g., email address) unless such data is provided to the third party in their role as a service provider acting solely on our behalf.

Social Media Features and Widgets

Our websites include social media features, such as Facebook’s “Like” button, and widgets, such as the “Share This” button, or interactive mini-programs that run on our sites. These features are usually recognizable by their third-party brand or logo and may collect your IP address, which page you are visiting on our websites, and set a cookie to enable the feature to work properly. Any collection of information through such third-party feature is governed by the privacy policy of the company providing it.

Do-Not-Track Signals and Similar Mechanisms.

Some mobile and web browsers transmit "do-not-track" signals. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.

 

Unless otherwise specified, NortonLifeLock will only use automated decision making in the interest of network and information security, for the sole purpose of protecting you, NortonLifeLock, our partners and our other customers from cyber-threats, and not for the purpose of evaluating any individual’s personal characteristics.

Where NortonLifeLock processes network traffic data for the purpose of network and information security based on our or our customers’ legitimate interest as outlined in the corresponding section of this Statement, automated decisions concerning particular data elements may occasionally be made. This could involve in particular assigning relative cybersecurity reputation scores to IP addresses and URLs based on objective cyber-threat indicators measured by our and our partners’ cyber-threat detection engines. Such indicators may be for instance the determination that malicious or otherwise harmful contents are hosted at a given URL or are emanating from a given IP address. Such automatically-assigned reputation scores may be leveraged by you, by NortonLifeLock, by our partners and by other customers to detect, block and mitigate the identified cyber-threats. They could therefore result in our products and services blocking network traffic coming from or going to such URLs and IP addresses. No such processing is intended to produce any other effect than protecting you, NortonLifeLock, our partners and our other customers from cyber-threats. Should you nevertheless consider that such automated processing is unduly affecting you in a significant way, please contact us as explained below (“Contact Us”) to raise your concerns and to seek our help in finding a satisfactory solution.

Children’s Privacy

Unless otherwise specified, our websites, products and/or services are not directed at minors (as defined by and in accordance with applicable law). You may add the protection of certain of our Services to minors in your household, but we only process that personal data at your direction and in order to provide those specified Services.

Our websites are not directed to, nor do we knowingly collect data from, minors (as defined by applicable law) except where explicitly described otherwise in the privacy notices of products and services designed specifically for purposes such as to assist you by providing child online protection features. In such cases, we will only collect and process personal data related to any child under 13 years of age which you choose to disclose to us or otherwise instruct us to collect and process. Please refer to the specific applicable notices for important additional information.

Miscellaneous

This Statement does not constitute a contract, and is subject to change, and any material changes that may affect the way we process personal data will be communicated to you. In the case of a material change to our personal data processing practices, any such change will only apply on a going-forward basis; we will not process the personal data currently in our possession in a materially different way without your prior consent.

We reserve the right to revise or modify this Statement. In addition, we may update this Privacy Statement to reflect changes to our data practices. If we make any material changes in the way we collect, process and/or share your personal data, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. In the case of a material change to our personal data processing practices, any such change will only apply on a going-forward basis; we will not process the personal data currently in our possession in a materially different way without your prior consent. We encourage you to periodically review this page for the latest information on our privacy practices.

If you navigate to third-party websites linked from our websites, please note that those third-parties’ privacy terms (and not NortonLifeLock’s) will apply to your subsequent browsing activity.

Our websites may contain links to other websites, owned or operated by other companies. If you visit any linked websites, please review their privacy statements carefully. We are not responsible for the content or privacy practices of websites that are owned by those third-parties. Our websites may also link to co-branded websites that are maintained by NortonLifeLock and one or more of our business partners, who are collecting your personal data pursuant to their own privacy practices. Please review the applicable privacy statements on any co-branded site you visit, as they may differ from ours.

EFFECTIVE DATE: January 1, 2020

click to top

Back to Top