Information collected by Symantec Protection Engine
Automatically collected and transmitted information at install-time
Symantec Protection Engine collects from your environment, and automatically transmits to Symantec, the following data, without limitation:
- Licensed software version
- SKU
- OS name, version, and language
- UniqueSSEID
- Memory and disk size
- Hashed domain name
- Deployment use case (e.g., mail, web proxy)
- Status of URL filtering feature (whether enabled or disabled)
- Status of Symantec Insight (reputation) functionality (whether enabled or disabled) which uses a security technology that puts files in context using age, frequency, location, and more to expose threats otherwise missed
- URL of the portable executable file being scanned
- AppName
- Guid
- Timestamp
- Product name
- Language
- Module error
- Module name
- Build
- Architecture
- InstallPath
- InstallType
- Locale
- ProcessorCoreCount
- TotalFreeMemoryInMB
- FreeDiskSpaceInGB
- TotalMemoryInMB
- TotalUsedMemoryInMB
- VendorName
- VirtualGuest
Automatically collected and transmitted information at run-time
Symantec Protection Engine sends run-time telemetry data that contains the following details to Symantec:
- TotalFilesScanned
- Threats
- FilesScanned
- TotalMegabytesScanned
- MegabytesScanned
- URLsScanned
- URLsBlocks
- APKReputationViolations
- Product name
- Licensed software version
- Build
- Language
- Module error
- Module name
- UniqueSSEID
- AppName
- Deployment
- DomainNameHash
- InstallType
- Reputation
- SKU
- Threats
- URL
Symantec collects this telemetry data to know about the threats, APK violations, and blocked URLs from the overall files and URLs scanned.
The details are sent on 1st day of every month if Symantec Protection Engine is running on that day. If Symantec Protection Engine is not running on the first of the month, report for that month is not sent.
Automatically collected and stored data
Symantec Protection Engine may collect from your environment, and store in your environment, the following data, without limitation:
- Quarantined files on a quarantine server (if configured)
- Conviction metadata, including user name, computer name, file name, and IP address
- Internet Protocol (IP) address and/or Media Access Control address and the machine ID of the system on which the licensed software is installed
- Source IP address; and/or URL of the portable executable file being scanned.
The stored data may be transmitted to Symantec only if you choose to do so, either manually or by configuring Symantec Protection Engine. Transmitting stored data to Symantec is optional, and you will be able to use Symantec Protection Engine even if you do not transfer this data to Symantec.
How is your data used?
Your transmitted data, stored data and/or personal information (collectively, “Information”) may be used as follows:
- Enabling and optimizing the performance of Symantec Protection Engine
- Providing support or debug assistance
- Research and development, such as improving Symantec’s products or services (e.g., to protect your network, end-users, devices and/or data)
- License administration
- Combating actual or potential fraudulent, criminal, illegal, or unauthorized activity
- For any other purpose with your consent; and/or
- In an anonymized and/or aggregated form for general security research purposes of statistical analysis of product deployment, including analysis of trends and comparisons in our aggregated install base.
For purposes of this Privacy Notice, “personal information” means the information that can be used to reasonably identify an individual. We may also collect your personal information when you contact us about any Symantec product or service, such as for technical support.
Storing or retaining your information
We are a global organization and may transfer your Information to other countries, including countries that may have less protective data protection laws than the country in which you are located (including the European Union). For the purposes described in this Privacy Notice, your Information may be stored or processed manually and/or electronically through global systems and tools. Your Information may also be retained if necessary to combat actual or potential fraudulent, criminal, illegal or unauthorized activity, or as otherwise required or permitted by law.
Disclosing your information
We may disclose your information (i) to vendors or third parties that process data on behalf of Symantec; (ii) in connection with any proposed or actual sale or other transfer of some or all assets of Symantec in the event of a reorganization, merger, acquisition, or sale of our assets; and/or (iii) as otherwise permitted by you.
To promote research, awareness, detection, or prevention of security risks, Symantec may disclose Information to relevant public and/or private entities, such as cybersecurity research organizations and security software vendors. In such cases, we will endeavor to anonymize such information or to minimize any personal information in it to the extent reasonably possible without defeating purposes of security risk research, awareness, detection, or prevention.
Subject to applicable laws, Symantec reserves the right to cooperate with any legal process, or any law enforcement or other government inquiry, related to your use of Symantec Protection Engine, including disclosing Information if relevant to a court subpoena or to a law enforcement or other government investigation, or as otherwise required by our legal obligations.
How we protect your information
To protect Information, we have taken reasonable and appropriate administrative, technical, organizational and physical security and risk management measures, in accordance with applicable laws.
Your obligation to personal information
It is your responsibility to ensure that any disclosure by you to Symantec of personal information of your users or third parties is in compliance with applicable privacy and data security laws, including informing users and third parties that you are providing their personal information to Symantec, informing them of how it will be transferred, used or processed, and gathering appropriate consents or other legal measures required for such transfer, use or processing.
Data access
Under certain circumstances and subject to this Privacy Notice, you may be able to request to access, update, correct, or remove personal information we have about you.
Contact us
Please contact us at [email protected] if you have any questions.
Changes to this Privacy Notice
We reserve the right to revise or modify this Privacy Notice, and will note the date of its most recent revision above. If we make significant changes to this Privacy Notice, and where required by applicable law, we will either notify you either by prominently posting a notice of such changes prior to implementing the changes or by directly sending you a notification.