McAfee LLC and our affiliates (collectively “McAfee”, “Company”, “we”, “us”, “our”), are sensitive to privacy issues, and it is important to us to protect the information provided to us. This Privacy Notice is designed to help you understand how we collect, use, process, and share your Personal Information, and to help you understand and exercise your privacy rights. For residents of California and other states that provide additional rights, more information about the data we collect is available in our California Notice at Collection and Supplemental Notice for Residents of Certain Other States, which is found here.

1. SCOPE AND UPDATES TO THIS PRIVACY NOTICE
2. PERSONAL INFORMATION WE COLLECT
3. HOW WE USE YOUR PERSONAL INFORMATION
4. HOW WE DISCLOSE YOUR PERSONAL INFORMATION
5. YOUR PRIVACY CHOICES AND RIGHTS
6. SECURITY OF YOUR INFORMATION
7. INTERNATIONAL DATA TRANSFERS
8. RETENTION OF PERSONAL INFORMATION
9. NOTICE AT COLLECTION AND SUPPLEMENTAL NOTICE FOR CALIFORNIA RESIDENTS AND RESIDENTS OF CERTAIN STATES
10. SUPPLEMENTAL NOTICE FOR CERTAIN INTERNATIONAL COUNTRIES
11. CHILDREN’S INFORMATION
12. OTHER PROVISIONS
13. CONTACT US

1. SCOPE AND UPDATES TO THIS PRIVACY NOTICE

This Privacy Notice applies to Personal Information processed by McAfee and its affiliates (collectively “Company,” “we,” “us,” or “our”), including on our websites, mobile applications, and other online or offline offerings (“collectively “Services”). To make this Privacy Notice easier to read, our websites, mobile applications, and other offerings are collectively called the “Services.” To find details of the entity in our corporate group most relevant to you, please see the end of this Privacy Notice.

McAfee sells Services directly to consumers (you can find more information about those products here: https://www.mcafee.com/en-us/consumer-products.html). You may engage with our Services because you: (i) visit our online properties; (ii) purchased one of our products directly from us; (iii) activated a free trial subscription to our Services; (vi) purchased a device pre-installed with McAfee software; (v) submitted your information to us online to dispute a URL or malware classification or submit a virus or email scam sample; or (vi) engaged with our customer service representatives or support community.

When you access or use our Services, you acknowledge that you have read this Privacy Notice and understand its contents. Your use of our Services is subject to this Privacy Notice, any applicable Terms of Service (including any applicable limitations on damages and the resolution of disputes) and any applicable End User License Agreement.

Certain third parties may provide our Services directly to their own customers. Where that third party provides its own privacy notice to you for the processing of your Personal Information to provide those Services, their privacy notice will apply, not ours. If you access or use our Services through one of these third parties, you should direct any questions or requests relating to your Personal Information directly to them.

Changes to our Privacy Notice. We may revise this Privacy Notice from time to time in our sole discretion. If there are any material changes to this Privacy Notice, we will notify you as required by applicable law. You understand that the updated Privacy Notice will apply if you continue to use our Services after the new Privacy Notice takes effect.

2. PERSONAL INFORMATION WE COLLECT

The categories of Personal Information we collect depend on how you interact with us, our Services, and the requirements of applicable law. We collect Personal Information that you provide to us, information we obtain automatically when you use our Services, and information from other sources such as third-party services and organizations, as described below. To learn about the information we collect when you use certain products or features, see “Personal Information Collected from Specific Products and Features,” below. For residents of certain states, additional disclosures about the information we collect is available in our supplemental disclosure below.

1. Personal Information You Provide to Us DirectlyWe may collect Personal Information that you provide to us.
   • Account Creation. We may collect Personal Information when you create an account, such as name, email address, username, and what country or state you are located in.
   • Purchases. We may collect Personal Information and details associated with your purchases, including payment information and address, ZIP or Postal Code. Any payments made via our Services are processed by third-party payment processors.
   • Your Communications with Us. We may collect Personal Information, such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter or loyalty program, request customer or technical support, or otherwise communicate with us.
   • Surveys. We may contact you to participate in surveys. If you decide to participate, we may collect Personal Information from you in connection with the survey.
   • Interactive Features. We and others who use our Services may collect Personal Information that you submit or make available through our interactive features (e.g., messaging and chat features, commenting functionalities, forums, blogs, and social media pages). Any information you provide using the public sharing features of the Services will be considered “public,” unless otherwise required by applicable law, and is not subject to the privacy protections referenced herein. Please exercise caution before revealing any information that may identify you in the real world to other users.
   • Conferences, Trade Shows, and Other Events. We may collect Personal Information from individuals when we attend or host conferences, trade shows, and other events.
   • Business Development and Strategic Partnerships. We may collect Personal Information from individuals and third parties to assess and pursue potential business opportunities.
   • Job Applications. We may post job openings and opportunities on our Sites. If you respond to one of these postings, we may collect your Personal Information, such as your application, CV, cover letter, and/or any other information you provide to us. The Personal Information you provide us as an employee or as part of an application to one of our job postings is governed by separate employment-specific privacy notices which we provide to job applicants and employees.
   • Other Personal Information you may provide. We may also collect other information from you, such as information about what products you purchased, your interests, and demographic information. You may also provide us with additional data. For example, when you use our identity monitoring services, you will have the option to provide your social media log-in information so that we can monitor your social media accounts, or as further set out in the specific products and features below.
   Where we need to collect this Personal Information because we are legally required to do so, or perform a contract we have with you (or take pre-contract steps you have requested), and you do not provide us with your Personal Information, we may be unable to provide products or services to you or correspond with you about them. This may also lead to us cancelling or stopping the provision of products or services to you.You are under no statutory or contractual obligation to provide us with your Personal Information. However, we require the information listed above to deal with you as a prospective customer or customer in an efficient and effective manner. Where the law allows, we may combine information we receive from other sources with information you give to us and information we collect about you.
2. Personal Information Collected AutomaticallyWe may collect Personal Information automatically when you use our Services.
   • Automatic Collection of Personal Information. We may collect certain information automatically when you use our Services, such as your Internet Protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, browser or device information, location information (including approximate location derived from IP address), and Internet service provider. We may also automatically collect information regarding your use of our Services, such as pages that you visit before, during and after using our Services, information about the links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our Services.
     • Crash Reports. If you choose to provide us with crash reports related to our Services, we may collect Personal Information related to such crash reports, including detailed diagnostic information about your device and the activities that led to the crash.
     • Location Information. Certain Services may request permission to access your approximate location. Where you grant this permission, we will collect information about your location using GPS, wireless, or Bluetooth technology. You can control access through your device settings. We may also look up your IP address to determine your approximate location.
   • Cookies and Other Technologies (Cookie Policy). As described in more detail in our Cookie Notice, we, as well as third parties that provide content, advertising, or other functionality on our Services, may use cookies, pixel tags, and other technologies (“Technologies”) to automatically collect information through your use of our Services.
     See “Your Privacy Choices and Rights” below to understand your choices regarding these Technologies.
   • Social Media Platforms. We use a number of different social media platforms to communicate with you and to promote products and services. We process your Personal Information using these platforms in a variety of ways, as follows:
     • Pages. We use your Personal Information when you post content or otherwise interact with us on our official pages on Facebook, Instagram, LinkedIn, Twitter, Snapchat, TikTok and other social media platforms. We also use the Page Insights service for Facebook, Instagram and LinkedIn to view statistical information and reports regarding your interactions with the pages we administer on those platforms and their content.
     • Plugins. Our Services may contain social media buttons (built using code known as ‘plugins’), that link to platforms such as Facebook, YouTube, LinkedIn, and X and which might include widgets such as the “share this” button or other interactive mini programs to enable you to share our content with your network or to interact with us via social media platforms. These features may collect Personal Information such as interactive and behavioural data, your IP address, geo-location, browser type and version, operating system, date and time of your visit, browsing country, areas of interest, and which page you are visiting on our Services, and may set a cookie to enable the feature to function properly (see further below).
     • Cookies & Ad-Targeting. Social media cookies can be used to track you across different sites, building up a profile of your interests. We may then use the cookies and similar technologies in our Services to collect and send information to social media platforms about actions you take on our website. For example, we may use such cookies and similar technologies to collect and send information to Meta about actions you take on our website and applications. Meta (who operates the Facebook and Instagram platforms) uses this information to provide services to us and also for further processing for its own business purposes. You can find out more about these technologies by visiting our Cookie Notice. The services we receive from Meta that use this information are delivered to us through Meta Business Tools, which include Meta Pixel, Social Plugins and Website Custom Audiences. These tools allow us to target advertising to you within Meta’s social media platforms by creating audiences based on your actions on our Website and allow Meta to improve and optimise the targeting and delivery of our advertising campaigns for us. We may also use Meta’s products to target advertisements to you based solely on Personal Information held by Meta, in which case, we do not generally receive or have access to such information.
3. Personal Information Collected from Other Sources
   We may also obtain Personal Information about you from the following sources:
   • Credit Reference Agencies. We may obtain Personal Information about you (such as your address) from credit reference agencies to help verify your identity as a customer and to help us assess any fraud, credit, or security risks.
   • Payment Processors. We may obtain Personal Information about you from payment processors (such as details of transactions) in order to facilitate and conclude payments from you for our Services.
   • Third-Party Services and Sources. We may obtain Personal Information about you from other sources, including through third-party services and organizations. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect Personal Information about you from that third-party application that you have made available via your privacy settings.
   • Referrals and Sharing Features. Our Services may offer various tools and functionalities that allow you to provide Personal Information about your friends through our referral service. Third parties may also use the Services to upload Personal Information about you, including when they tag you. Our referral services may also allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services. Please only share with us contact information of people with whom you have a relationship (e.g., relative, friend, neighbor, or co-worker).
4. Personal Information Collected from Specific Products and FeaturesIn addition to the above, we may collect additional Personal Information if you choose to use one of our Services that involve features such as scam detection, deepfake detection, credit monitoring, dark web monitoring, personal data cleanup, online account clean up, and others. This Privacy Notice will apply to your use of these products. Certain products and offerings may have their own privacy notices and terms, in which case those notices and terms shall apply in addition to this Privacy Notice.Protecting your Device
   • Anti-virus. If you use our anti-virus software, we will collect your device ID, telemetry, McAfee ID, and IP address to protect your device and keep you safe online.
   • Wifi Scan & Advanced Firewall. If you use our wifi-scan or advanced firewall Services, we will collect telemetry data to protect your device and information.
   • PC Optimizer. If you use PC Optimizer, we may scan your drives for any unwanted data or unnecessary software.
   • File Shredder. If you use File Shredder, we will permanently delete the items you select from your PC.
    Protecting you Online
   • Anti-tracker. If you use Anti-tracker, we may scan, collect, and store information about your web browsing activity, including domains, and traffic data to help prevent companies and advertisers from tracking or collecting your online activity.
   • TrueKey or Password Manager. If you use TrueKey or Password Manager, we will collect your login credentials, account IDs, login IDs, passwords, and notes you provide to us to provide a centralized dashboard for those items.
   • Secure Search. If you use Secure Search, we will collect your search information to protect you while you search and browse online.
   • Safe Shopping. If you use Safe Shopping, we collect your web browsing and online shopping to protect you whilst you make purchases online.
   • WebAdvisor. If you download our WebAdvisor extension and install it in your internet browser, in addition to the information listed elsewhere in this notice, we may scan, collect, and store information about your web browsing activity, including URLs, search information and traffic data, and device information including device IDs, IP addresses, as well as metadata about files downloaded from the Internet, such as name and size.
    Protecting your Identity
   • Personal Data Cleanup. If you choose to use this feature, we will regularly scan a list of publicly available data broker sites and tell you which ones have your data so that you can take steps to try to remove it. To provide you with this Service, when we scan these sites we will collect your information from them, such as addresses, phone numbers, email addresses, the names of your relatives, date of birth and gender information, and information related to your education and employment, if this information is available on those sites. We only collect this data to display to you and will delete it if your subscription expires and you choose not to renew.
   • Online Account Cleanup. If you choose to use this feature, we, or our service provider acting on our behalf, will use the Personal Information, we collect from you (your email address and the name associated with that email address) to access information from your email in order to find online accounts associated with your email address and help you delete them. The information we collect includes the subject line of emails, sender's email address, timestamps of email messages received related to the online accounts, the existence of email attachments, and the first line of the email message as presented in your mailbox. We do not otherwise process or collect the content of any email message in your mailbox during this process, nor do we collect any email messages. We will not disclose the information we access in your email mailbox. In some cases, we may use the specific interactions between you and the online account companies with regard to your deletion requests (in a redacted form and without any Personal Information) to train our Personal Information assistant, so we can provide you with better suggested answers for the deletion request.
   • Social Privacy Manager. If you choose to use this Service, we use your Personal Information to scan your privacy settings on social media platforms to check for weak spots and provide recommendations that can help improve your privacy. To provide this feature, we collect a login token relating to the platform and information during scans, namely details of your privacy settings and URL information (which may include your name and profile information).
   • Identity monitoring (Dark Web Monitoring). If you choose to use this Service, you will be asked to provide information which we will use to monitor for data breaches containing your Personal Information. This may include information such as your driver’s license or other ID number, social security number, tax identification number, email addresses, username, phone number, financial account numbers, or credit card numbers. We will only monitor the specific pieces of Personal Information which you provide to us, and we will not share this data with anyone outside of McAfee.
   • ID theft coverage and restoration support. By signing up for a McAfee account which entitles you to ID theft protection, we or our service provider may collect your email address or phone number to enroll you in products such as identity restoration services, identity theft coverage, etc.
   • Credit Monitoring / Credit Lock. If you use our Credit Monitoring or Credit Lock Services, we may collect your name, address including country of residence, email address, phone number, date of birth, social security number/identification document number and limited credit-related information: your credit bucket, credit factors, and credit alerts received. We use this credit-related information only for the purposes of providing you with the Services and for user experience and product improvement.
    Protecting your FinancesIf you use the following monitoring/protection Services, we, or our service provider acting on our behalf, will collect financial account login data and financial transaction information:
   • Transaction (account and payment) protection
   • Financial transaction monitoring
   • Bank account takeover/payday loan monitoring
   • 401(k), investment, and loan transaction monitoring
   • Safe Cards
    AI Protection
   • Text Scam Detector. If you use Text Scam Detector, we will use our AI-powered technology to alert you of suspicious text messages you receive. We do this via our mobile application for scam text message detection. If, however, we mis-categorize any text message as suspicious, you can notify us of this and submit the content of the mis-categorized text message to us. Our team will review the submitted content, and may use discrete elements of it to improve our AI-powered scam detection services. These elements include the sender’s telephone number and the content of the text message.
   • Email Scam Detector. If you use Email Scam Detector, we will use our AI-powered technology to alert you of suspicious emails you receive. We do this by integrating our services with your email service provider (such as Google or Microsoft, if you use Gmail or Outlook). If, however, we mis-categorize any email as suspicious, you can notify us of this and submit the mis-categorized email to us. In order to check your email, we download it whole, including the email login token, email addresses, the subject and content of the email such as links and attachments it contains, as well as the timestamp and other metadata. If you consent, we can store emails for in-depth analysis and to keep our detection models up to date. To connect to Gmail accounts, we need to ask Google for permission to use its APIs. Google allows companies to use its APIs only if they undertake to limit its use of information accessed through the APIs. As a result, our product’s use and transfer to any other product of information received from these Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
   • Deepfake Detector. When you enable Deepfake Detector, our AI detection process will detect and notify you when the audio in a video you are playing on your device is likely generated or manipulated by AI. The detection process will have access to any publicly available site from which you are playing the video input but will run on your device and will not store any browsing history. You can disable Deepfake Detector at any time.
   
   Device Protection for Samsung Mobile UsersThe general statements made in this Notice regarding the information that we may collect do not apply to this product. This is a Samsung product powered by McAfee, which means that McAfee only runs the malware scan functionality within this application. If you use this product, we generate a unique, randomized number for your device. We use these identifier numbers to ensure that we have an accurate user count, but they cannot be linked back to information about individual end users, nor be used to identify users. We do collect limited details about your device, including model name, SIM operator, operating system, and product version to better inform us as to how the product is being used. We also collect limited details about third party applications on your device, in order to operate the malware scan functionality and internally report and analyze malware, if it is detected.

3. HOW WE USE YOUR PERSONAL INFORMATION

We use your Personal Information for a variety of business purposes, including to provide our Services, for administrative purposes, and to market our products and Services, as described below.

1. Provide Our ServicesWe use also your information to fulfill our contracts with you and provide you with our unique Services. These specific uses include processing such as:
   • Establish and manage accounts and licenses, including by collecting and processing payments and completing transactions;
   • Provide access to features of our Services;
   • Communicating with you about your account, activities on our Services, and privacy notice changes;
   • Protecting your identity, devices, and information. When you install or use one of our Services, it will run in the background of your device or environment to help predict threats and better protect you, your devices, and your information. For example, McAfee may use information to:
   • Analyze data sent to/from your device(s) to isolate and identify threats, vulnerabilities, viruses, phishing attempts, suspicious activity, spam, and attacks, and communicate with you about potential threats;
   • Participate in threat intelligence networks, conduct research, and adapt products and services to help respond to new threats;
   • Encrypt your data, lockdown a device, or back-up or recover your data;
   • Check for Service updates and create performance reports on our Services, to ensure they are performing properly;
   • Look for misuses of your data when you use our identity monitoring products;
   • Identify deepfake scams and misinformation;
   • In some cases, we use artificial intelligence (“AI”) to provide Services to our customers, assist our developers in creating new services and products, and provide customer support for our Services. The AI features use the information we collect to improve the Services we provide to you, or to improve the support we provide to you in connection with our services.
   • Authenticate your identity with the use of a validation from a third party biometric authentication resident on your device; and
   • Analyze your behavior to measure, customize, and improve our Site and Services, including developing new products and services.
2. To Run Our BusinessWe also use the information we collect for business and contractual purposes, including to:
   • Pursuing our legitimate interests such as direct marketing, research, and development (including market research), network and information security, and fraud prevention;
   • Advertise McAfee products and services that we think may be of interest to you, including short-term, transient use, such as contextual customization of ads;
   • Provide customer support, troubleshoot issues, manage your information and subscriptions, and respond to requests, questions, and comments;
   • Communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions;
   • Processing applications if you apply for a job we post on our Services;
   • Conduct market and consumer research and trend analyses;
   • Improving, upgrading, or enhancing our Services;
   • Developing new products and Services;
   • Internal quality control and safety;
   • Enable posting on our blogs, forums, and other public communications;
   • Perform accounting, auditing, billing, reconciliation, and collection activities;
   • Debugging to identify and repair errors with our Services;
   • Sharing information with third parties as needed to provide the Services;
   • Prevent, detect, identify, investigate, and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity;
   • Comply with and enforce legal rights, requirements, agreements, and policies;
   • Carrying out other activities that are required to comply with our legal obligations; and
   • Use online Technologies such as cookies, tags, and pixels to track and record your interactions with our Site.
   We may use your information for other legitimate business purposes as permitted by law.
3. Marketing and Advertising our Products and ServicesWe may use Personal Information to tailor and provide you with content and advertisements, we may provide you with these materials as permitted by applicable law.Some of the ways we market to you include email campaigns, text campaigns, custom audiences advertising, and interest-based or personalized advertising, including through cross-device tracking.We also work with third-party advertising companies to display or deliver ads to you while you are on our Site or using some Services. These third-party advertisers may collect data about your interaction with the Site or Services or others' sites or services to measure the effectiveness of their ads and to personalize advertising content. See our Cookie Notice to learn more about how McAfee and these advertising partners use tracking technologies like cookies and the choices available to you. You may opt out of targeted advertising by completing our Individual Data Request form at https://www.mcafee.com/en-us/consumer-support/policy/legal/data-request.html and selecting “I would like to Opt Out of McAfee selling or sharing my Personal Information.”If you have consented to allow our Services to access to your location, our mobile advertising partners may use your location to target advertisements to you. You may use the location settings on your device to withdraw access to information about your location.If you have any questions about our marketing practices or if you would like to opt-out of the use of your Personal Information for marketing purposes, you may contact us at any time as set forth in the “Contact Us” below.
4. With Your ConsentWe may use Personal Information for other purposes that are clearly disclosed to you at the time you provide Personal Information or with your consent.
5. Other PurposesWe also use your Personal Information for other purposes as requested by you or as permitted by applicable law.
   • Automated Decision Making. We may engage in automated decision making, including profiling. For example, we may engage in automated decision making to offer you a subscription discount. Our processing of your Personal Information will not result in a decision based solely on automated processing that significantly affects you unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are permitted by law to engage in such automated decision making. If you have a question about our automated decision making you may contact us as set forth in “Contact Us” below.
   • De-identified and aggregated information. We may use Personal Information to create de-identified and / or aggregated information. For example, we may create aggregate reports detailing the total number of users we have in a given jurisdiction. We may use de-identified and/or aggregated information for any legally permissible purpose.

4. HOW WE DISCLOSE YOUR PERSONAL INFORMATION

We disclose your Personal Information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, with your consent, or asset transfer, as described below.

1. Disclosures to Provide our ServicesThe categories of third parties with whom we may share your Personal Information are described below.
   • Service Providers. We may share your Personal Information with our third-party service providers and vendors that assist us with the provision of our Services and process Personal Information on our behalf. This includes service providers and vendors that provide us with IT support, hosting, payment processing, customer service, and related services. Please see the table below for a summary of the types of service providers and vendors we may engage.Recipient / relationship to usIndustry sector (& sub-sector)Advertising, PR, digital and creative agenciesMedia (Advertising & PR)Cloud software system providers, including database, email and document management providersIT (Cloud Services)Customer care/services providersCustomer Services (Support)Delivery and mailing services providersLogistics (Delivery Service)Facilities and technology service providers including scanning and data destruction providersIT (Data Management)Social media platformsMedia (Social Media)Gift card service providersCustomer Services (Support)Market and customer research providersMedia (Market Research)Website and data analytics platform providersIT (Data Analytics)Website and app developersIT (Software Development)Website hosting services providersIT (Hosting)
   • Professional Advisors. We may share your Personal Information with our professional advisors that support and advise us to provide consultancy, legal, insurance, tax, and accounting services. This includes insurance providers, tax consulting firms, auditors, accountants, and legal advisors.
   • Credit Reference Agencies. We may share your Personal Information with credit reference agencies as part of our customer verification and compliance procedures and to help us assess any fraud, credit, or security risks.
   • Payment Processors and Banks. We may share your Personal Information with payment processors and banks to enable us to process any card transactions or payments from you for our Services.
   • Insurers. We may share your Personal Information insurance companies and brokers in connection with our insurance policies and insurance claims.
   • Government Authorities and Law Enforcement. We may share your Personal Information with law enforcement or governmental or judicial authorities in relation to the prevention or detection of crime and fraud, for national security purposes, the apprehension or prosecution of offenders, or the assessment or collection of tax or duty.
   • Business Partners. We may share your Personal Information with business partners to provide you with a product or service you have requested. We may also share your Personal Information with business partners with whom we jointly offer products or services.
   • Affiliates. We may share your Personal Information with our company affiliates for example: for our administrative purposes, IT management, or for them to provide services to you or support and supplement the Services we provide.
   • Other Users or Third Parties You Share or Interact With. As described above in “Personal Information We Collect,” our Services may allow you to share Personal Information or interact with other users and third parties (including individuals and third parties who do not use our Services and the general public).
   • Advertising and Analytics Partners. We may share your Personal Information with third-party advertising and analytics partners. These third-party advertising partners may set Technologies and other tracking tools on our Services to collect information regarding your activities and your device (e.g., your IP address, cookie identifiers, page(s) visited, location, time of day). These advertising partners may use this information (and similar information collected from other services) for purposes of delivering personalized advertisements to you when you visit digital properties within their networks. This practice is commonly referred to as “interest-based advertising,” “cross-context behavioral advertising,” “targeted advertising,” or “personalized advertising.”
   • APIs/SDKs. We may use third-party application program interfaces (“APIs”) and software development kits (“SDKs”) as part of the functionality of our Services. If you have questions about our use of APIs and SDKs, please contact us as set forth in “Contact Us” below.
   We may also share your information with third parties as appropriate and permitted by law or where instructed to do so by court order. The privacy choices you may have about your Personal Information are determined by applicable law and are described in Section 5 below.
2. Disclosures to Protect Us or OthersWe may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to prevent physical, financial, or other harm, injury, or loss, including to protect against fraud or credit risk; comply with law enforcement, national security requests, governmental, or judicial authorities as instructed or required by those authorities and applicable laws, or in relation to a legal process, such as in response to a subpoena or investigation of suspected illicit or illegal activities, or where we believe in good faith that users may be engaged in illicit or illegal activities, to enforce our policies or contracts or where we are bound by contract or law to enable a customer or business partner to comply with applicable laws; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.
3. Disclosure in the Event of Merger, Sale, or Other Asset TransfersIn connection with, or during negotiations for, an actual or proposed acquisition, merger, asset sale, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, transition of service to another provide, or other similar business transfer that involves all or substantially all of our assets or functions where Personal Information is sold, transferred, or shared as part of the business assets in connection with such a transaction, as permitted by law and / or contract.
4. With your consent or at your direction, such as when you choose to share information or publicly post content and reviews (for example, social media posts).
5. With persons of your choosing and at your discretion, if the product you are subscribed to allows that functionality.
6. We may also share aggregate data that does not identify you or any specific device with third parties.

5. YOUR PRIVACY CHOICES AND RIGHTS

Your Privacy Choices. The privacy choices you may have about your Personal Information are determined by applicable law and are described below.

McAfee Accounts. If you register a McAfee Consumer Product, you can access and correct the Personal Information in your profile at any time by logging into your account at https://home.mcafee.com/Secure/MyAccount/DashBoard.aspx, or contacting us as described below.

If you have not registered a McAfee product but one of our products is installed on your device, you may stop McAfee's collection of Personal Information from your device by uninstalling that product.

To close your account and for other support questions, please visit the McAfee Customer Service page at https://www.mcafee.com/support/; click “Contact Support” and then select your country and preferred language.

Email Marketing Communications. To stop receiving marketing communications, click on the unsubscribe link in the email you receive from McAfee, or visit https://home.mcafee.com/supportpages/unsub.aspx to unsubscribe from marketing communications.

If you opt-out of marketing communications, McAfee may still communicate with you regarding transactional, legal or administrative topics, such as security updates, product functionality, and service requests.

Push Notifications. We may send you push notifications through our mobile application in accordance with applicable privacy laws. You may opt out from receiving these push notifications by changing the settings on your device.

Precise geo-location. With your consent we may also collect precise location-based information via our mobile application. You may opt-out of this collection by changing the settings on your mobile device.

Phone Calls. If you receive an unwanted phone call from us, you may opt out of receiving future phone calls from us by following the instructions which may be available on the call or by otherwise contacting us as set forth in the “Contact Us” below.

Cookies and Personalized Advertising. You can control our use of certain cookies and other tracking technologies (“Technologies”) that we use for targeted or cross contextual behavioral advertising in the following ways:

• Cookie Preference Tool. Where our website includes a cookie preference tool, you can use this to indicate your cookie preferences.
• Browser and Device Controls. You may also stop the placement of Technologies on your Device or remove them by adjusting your preferences as your browser or Device permits.
• Ad Industry Opt-outs. In addition, the online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these websites and learn more about targeted advertising and consumer choice and privacy by visiting the Network Advertising Initiative, the Digital Advertising Alliance, the European Digital Advertising Alliance, and the Digital Advertising Alliance of Canada. Please note you must separately opt out in each browser and on each device.
• Web Form. You may opt out of targeted advertising by completing our Individual Data Request form at https://www.mcafee.com/en-us/consumer-support/policy/legal/data-request.html and selecting “I would like to Opt Out of McAfee selling or sharing my Personal Information.”
• Do Not Track/Global Privacy Control. Do Not Track is a privacy preference that users can set in certain web browsers. Additionally, some browsers or plug-ins use a Global Privacy Control (“GPC”), which you can learn more about at https://globalprivacycontrol.org/. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers. However, if our site detects a GPC signal from your device, we will interpret it as either a Do Not Sell request or a request to limit the sale or sharing of Personal Information for targeted advertising depending on the law applicable to your jurisdiction. Please note that your request to opt-out of sale/sharing will be linked to your browser identifier only. If you use a different computer or Internet browser to access our sites, you will need to renew your opt-out request.

Your Privacy Rights. In accordance with applicable law, you may have the right to:

• Access to and Portability of Personal Information about you, including: (i) confirming whether we are processing your Personal Information; (ii) obtaining access to or a copy of your Personal Information;
• Request Correction of your Personal Information where it is inaccurate, incomplete, or outdated;
• Request Data Deletion, Anonymization, or Blocking of your Personal Information when processing is based on your consent or when processing is unnecessary, excessive, or noncompliant;
• Request Restriction of or Object to our processing of your Personal Information when processing is noncompliant;
• Withdraw your Consent to our processing of your Personal Information. Please note that your withdrawal will only take effect for future processing, and will not affect the lawfulness of processing before the withdrawal. If you refrain from providing Personal Information or withdraw your consent to processing, some features of our Services may not be available;
• Request data portability and receive an electronic copy of Personal Information that you have provided to us;
• Be informed about how we handle your Personal Information and the third parties with which your Personal Information has been shared; and
• Request the review of decisions taken exclusively based on automated processing if these decisions could have a legal or other significant impact on you.

Exercising Your Privacy Rights

To exercise your rights to access, correct, or delete your data, you may be able to do so by using our product features:

• If you register a McAfee Consumer Product, you can access and correct the Personal Information in your profile at any time by logging into your account at https://home.mcafee.com/Secure/MyAccount/DashBoard.aspx, or contacting us as described below.
• If you have not registered a McAfee product but one of our products is installed on your device, you may stop McAfee's collection of Personal Information from your device by uninstalling that product.
• To close your account and for other support questions, please visit the McAfee Customer Service page at https://www.mcafee.com/support/; click “Contact Support” and then select your country and preferred language.

You may also exercise any of your privacy rights, please visit our Individual Data Request Form available at, or email us at protectprivacy@mcafee.com. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request, which we do by using the information you provide to us in the Individual Data Request Form. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee prior to performing your request. We will process such requests in accordance with applicable laws.

6. SECURITY OF YOUR INFORMATION

We take steps to ensure that your information is treated securely and in accordance with this Privacy Notice. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized access, use, disclosure, or loss of Personal Information.

By using our Services or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Services, by mail, or by sending an email to you.

7. INTERNATIONAL DATA TRANSFERS

McAfee is headquartered in the United States (see Contact Us for addresses), and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your Personal Information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it.

A. Residents of the European Economic Area and the United Kingdom

If you are in the European Economic (EEA) or the United Kingdom (UK), the following also applies:

Data Controller. Where you purchase or download one of McAfee's consumer products, McAfee Ireland Limited acts as the Controller of your Personal Information. In addition, we sometimes work with other organisations in connection with some of the processing activities described in this notice, such as social media platforms. Where that information is collected and sent to other organisations for processing that is for a common purpose or purposes, we will be making decisions together in relation to that particular processing and will be ‘joint controllers’ with the organisations involved. As joint controllers, we and the other organisations involved in making these decisions will be jointly responsible to you under data protection laws for this processing.

Lawful Basis for Processing. When we process your Personal Information, we will only do so for purposes listed below (also known as ‘lawful bases’ in European data protection laws):

• Contractual Performance. We need to use your Personal Information to perform our responsibilities under our contract with you (e.g. providing the Services you purchase or request) or to take steps you request before we enter into the contract with you (e.g. respond to your sales enquiries). We rely on this basis to share your Personal Information with third parties where this is required to fulfil our obligations to you in connection with the use of the Services. If you apply for a job with McAfee, we also rely on this basis to process your applications.
• Legitimate Interests. We may use and process your Personal Information as set out below where it is necessary for us to carry out activities in our legitimate interests as a business to do so. We rely on this basis to process your Personal Information for the following purposes, which we have categorized by the relevant legitimate interests:
  • Processing that is in our legitimate interest to support customers with sales and other enquiries
    • to respond to correspondence, provide customer support, troubleshoot issues, manage your information and subscriptions; and
    • to respond to requests, questions, complaints, and comments from you.
  • Processing that is in our legitimate interest for us to understand our customers’ needs
    • to undertake market analysis, development and research; and
    • to contact you with customer surveys so that we can better understand you as a customer and enhance your customer experience.
  • Processing that is in our legitimate interest for us to operate the administrative and technical aspects of our business efficiently and effectively:
    • to verify the accuracy of information that we hold about you and create a better understanding of you as a customer;
    • for network and information security purposes i.e. in order for us to take steps to protect your information against loss, damage, theft or unauthorised access;
    • to maintain the security of our staff, customers, venues, systems, premises or property and to investigate any actual, suspected or threatened breach of that security;
    • for prevention of fraud and other criminal activities;
    • to support our compliance with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
    • to facilitate the processing of payments made by you to us;
    • to administer our websites, applications, social media pages and accounts and our products, and for internal operations, including troubleshooting, testing, training, and statistical purposes;
    • for internal quality control and safety purposes;
    • to enable posting on our blogs, forums, and other public communications;
    • to perform accounting, auditing, billing, reconciliation, and collection activities;
    • to prevent, detect, identify, investigate, bring, defend, establish, and respond to, potential or actual claims or other legal proceedings;
    • to enforce legal rights, requirements, agreements, and policies;
    • for cookies that are essential for our websites to function properly (please see our Cookie Policy for more information);
    • for the purposes of corporate restructure or reorganisation or sale or purchase of businesses or assets; and
    • for efficiency, accuracy or other improvements of our products, services, business processes, databases and systems, for example, by combining systems or consolidating records we hold about you.
• Consent. Where the law requires us to obtain your consent and where we have done so, we may use and process your Personal Information for the following purposes:
  • To contact you from time to time through email and/or text campaigns about promotions, events, products, services or information which we think may be of interest to you;
  • To use non-essential cookies for the purposes set out in our Cookie Notice;
  • To send invitations to surveys to you by email and/or text to surveys or carry out other market research activities;
  You can withdraw your consent at any time by contacting us at the details in the “Contact Us” section below or, in relation to any marketing messages you receive, by using the unsubscribe option included in those messages. The withdrawal of your consent shall not affect the lawfulness of our processing based on consent before its withdrawal.
• Legal Obligation. We may need to process your Personal Information to comply with our legal or regulatory obligations. This includes:
  • to assist or respond to a request for information from law enforcement, any governmental or authority public authority, a regulated body or court where required by law;
  • to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists to be able to comply with your request);
  • to keep a record relating to the exercise of any of your rights relating to our processing of your Personal Information;
  • to anonymise or delete your Personal Information when it is no longer required for the purposes described in this Privacy Notice; and
  • to comply with court orders or other notices where failure to do so would breach the law.

Meta & LinkedIn. We are joint controllers for certain processing with Meta (who operates Facebook and Instagram) and LinkedIn as a result of our use of their services, as follows:

• Page Insights. We also use the Page Insights service for Facebook, Instagram and LinkedIn to view statistical information and reports regarding your interactions with the pages we administer on those platforms and their content. Where those interactions are recorded and form part of the information we access through these Page Insights services, we and the relevant platform are joint controllers of the processing necessary to provide that service to us.
• Meta Plugins & Cookies. We and Meta are joint data controllers of the processing involved in collecting and sending your Personal Information to Meta using its plugins and cookies and similar technologies as each of us has a business interest in Meta receiving this information. You can find out more about these technologies by visiting our Cookie Notice.

As we are joint data controllers with these social media platforms for certain processing, where applicable, we and each platform have:

• entered into agreements in which we have agreed each of our data protection responsibilities for the processing of your Personal Information described above;
• agreed that we are responsible for providing to you the information in this privacy notice about our relationship with each platform; and/or
• agreed that each platform is responsible for responding to you when you exercise your rights under data protection law in relation to that platform’s processing of your Personal Information as a joint data controller.

The Meta company that is a joint data controller of your Personal Information is Meta Platforms, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA (if you are a UK-registered user) or Meta Platforms Ireland Limited, Block J, Serpentine Avenue, Dublin 4, Ireland (if you are an EEA-registered user). The LinkedIn company that is a joint data controller of your Personal Information is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. For further information regarding these platforms and their use of your Personal Information, please see:

• Meta’s Controller Addendum for Page Insights and UK Controller Addendum for Business Tools (for users located in the UK) and Controller Addendum (for users located in the EEA), and LinkedIn’s Page Insights Joint Controller Addendum, which include information which include information regarding how our and these platforms’ responsibilities to you are allocated as controllers of your Personal Information;
• Meta’s Privacy Center including its Privacy Policy at https://www.facebook.com/privacy and LinkedIn’s Privacy Policy which include details of the legal reasons (known as ‘lawful bases’) on which each platform relies to process your Personal Information, together with details regarding your data protection rights
• Meta’s help pages regarding its Page Insights and Business Tools and its terms and conditions relating to those tools
• LinkedIn’s help pages regarding its Page Insights and its terms and conditions relating to its advertising services, including LinkedIn Insight Tag

Meta and LinkedIn also process, as our processor, contact information that we submit for the purposes of matching, online targeting, measurement, reporting and analytics purposes. These services include the processing these platforms carry out when they display our advertisements to you in your news feed at our request after matching contact details for you that we have uploaded to the social media platforms they operate. These advertisements may include forms through which we collect contact information you give to us.

To find out more information about our relationship with other social media platforms, please see the privacy policy of the platform and the terms of the applicable data sharing agreement that we have entered into.

Data Transfers. We may transfer your Personal Information to countries outside of the UK and EEA. Those countries may not have similar data protection laws to your country of residence and so may not protect the use of your Personal Information to the same standard. Where we transfer your information to those countries, we will take steps with the aim of ensuring that your Personal Information continues to be protected as outlined in this Privacy Notice. These steps include:

• relying on decisions issued by the relevant governmental or other body declaring that a country or a company certifying to an international framework is adequately protective of Personal Information to a degree that allows us to safely transfer your Personal Information to that country or company;
• our use of contracts that incorporate the Standard Contractual Clauses and other legal and technical safeguards issued by regulators or other relevant bodies to provide adequate protection in accordance with UK, EU and Swiss law and applicable regulations; and
• relying on 'binding corporate rules' put in place by recipients of your Personal Information that have been approved by relevant data protection regulators.

Individual Rights Requests and Withdraw Consent. You may submit a request to exercise your rights in Personal Information using the mechanisms explained under “What Choices Do You Have About Your Personal Information?” above. If you initially consented to our processing of your Personal Information, you may withdraw your consent using those mechanisms or by contacting us using the contact information below.

Supervisory Authority and Complaints. If you are an EU/EEA Data Subject and have a concern about our practices concerning the processing of Personal Information that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside or in which you work, or in which the alleged infringement occurred, each as applicable, or by contacting the Irish supervisory authority for data protection issues, at https://www.dataprotection.ie/docs/Home/4.htm, or +353 57 868 4800. If you are a UK Data Subject, you have the same rights and may exercise them by contacting the UK Information Commissioner's Office at https://ico.org.uk/, or +44 303 123 1113.

B. Residents of Japan, Argentina, and Canada

If you are a resident of Japan, Argentina, or Canada and you have an inquiry regarding your Personal Information held by McAfee, including your Personal Information collected through your use of our products you may request further information using the Individual Data Request Form available at https://www.mcafee.com/en-us/consumer-support/policy/legal/data-request.html.

C. Public Notice for Transfer of Personal Information

The assets and employees of McAfee Korea Limited will be transferred to and operated by Musarubra Korea Limited.
As a result of this transfer, Personal Information will be transferred to Musarubra Korea Limited. For more details, please review our public notice on the transfer of Personal Information, available at https://www.mcafee.com/content/dam/consumer/en-us/docs/legal/public-notice-for-personal-information-transfer-korea.pdf.

8. RETENTION OF PERSONAL INFORMATION

McAfee endeavors to retain Personal Information in accordance with applicable law. We will keep your Personal Information for the minimum period necessary for the purposes set out in this Notice, namely (i) for as long as you are a registered subscriber or user of our products; or (ii) for as long as your Personal Information is necessary in connection with the lawful purposes set out in this Notice, for which we have a valid legal basis; (iii) for as long as is reasonably necessary for business purposes related to provision of the Services, such as internal reporting and reconciliation purposes, warranties, or to provide you with feedback or information you might request; or (iv) for as long as is reasonable necessary to resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, comply with applicable laws, or based upon other criteria, including but not limited to the sensitivity and volume of such data.

9. NOTICE AT COLLECTION AND SUPPLEMENTAL NOTICE FOR CALIFORNIA RESIDENTS AND RESIDENTS OF CERTAIN U.S. STATES

This Notice at Collection and Supplemental Notice is for residents of U.S. states that have adopted comprehensive privacy legislation and others that may come into effect from time to time, including, but not limited to, California, Connecticut, Colorado, Nevada, Oregon, Virginia, and Utah (to the extent applicable to processing of residents Personal Information, “Applicable State Laws”).

The following table describes the categories of Personal Information McAfee has collected and whether we disclosed that Personal Information for a business purpose (e.g., to a service provider) or for certain advertising purposes to a third-party.

Category of Personal Information Collected	Category of Third Parties Personal Information is Disclosed to for a Business Purpose	Retention Period Criteria	Category of Third Parties Personal Information is Shared with for Advertising Purposes
Contact information, Credentials, & Other Identifiers, such as name, mailing address, email address, account log-in credentials, including online identifiers, billing address, or other similar identifiers.	McAfee’s group of companiesThird-party service providers that provide services to us, such as IT support, customer service support, and payment processingGovernment authorities or other parties pursuant to law	We use the following criteria to determine the period of time for which we retain each category of Personal Information:The length of time we have an ongoing relationship with you (for example, for as long as you have an account with us or keep subscribing to or using our products);For as long as reasonably necessary for business purposes related to providing you with services (for example, for internal reporting and reconciliation purposes, warranties, or to provide you with feedback or information you might request);Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); orWhether retention is necessary in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).	No
Contact information, such as name, mailing address, email address	McAfee’s group of companiesThird-party service providers that provide services to us, such as IT support, customer service support, and payment processingGovernment authorities or other parties pursuant to law	See above	Yes; marketing and advertising networks for targeted advertising
Online identifiers, such as a unique cookie value, hashed email address, or IP address, combined with information on a consumer's interaction with a website, application, or advertisement	McAfee’s group of companiesThird-party service providers that provide services to us, such as IT support, customer service support, and payment processingGovernment authorities or other parties pursuant to law	See above	Yes; marketing and advertising networks for targeted advertising
Financial information, such as payment information or bank account information	McAfee’s group of companiesThird-party service providers that provide services to us, such as IT support, customer service support, and payment processingGovernment authorities or other parties pursuant to law	See above	No
Characteristics of protected classifications under California or federal law, such as age.	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Commercial information, such as history of products or Services purchased, obtained or considered, or other purchasing or consuming histories or tendencies.	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	Yes; marketing and advertising networks for conversion tracking and attribution
Internet or other similar network activity, such as browsing history, search history.	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Geolocation data, such as precise physical location or movements.	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Inferences drawn from other Personal Information to create a consumer's profile reflecting personal preferences or characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Pictures a consumer may choose to upload to the Services, such as profile pictures or “avatars”, which are not used for the purpose of uniquely identifying a consumer	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to lawWith persons of your choosing, if the product you are subscribed to allows that functionality	See above	No

Below, we provide this information related to Sensitive Personal Information:

Category of Sensitive Personal Information Collected	Disclosed to Which Categories of Third Parties for Operational Business Purposes	Retention Period Criteria	Shared for targeted advertising? If so, to Which Categories of Third Parties
A consumer's account log-in, financial account, debit card, or credit card number in combination with any required security or access codes, password, or credentials allowing access to an account	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Precise geolocation of the consumer	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Consumer's racial or ethnic origin, religious or philosophical beliefs, or union membership	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No
Contents of consumer's email (other than content in messages sent to us)	McAfee’s group of companiesThird-party service providersGovernment authorities or other parties pursuant to law	See above	No

“Sales” of Personal Information, including under California’s CCPA and Opting Out of Targeted Advertising.

For purposes of Applicable State Laws, we do not “sell” Personal Information, nor do we have actual knowledge of any “sale” of Personal Information of minors under 18 years of age. That said, we may share information with third-party advertising partners for the purpose of promoting our Services as described above, such as for cross-context behavioral advertising and targeted advertising. To the extent that such sharing is considered “sharing” or disclosing for targeted advertising under California or other Applicable State Law, you may limit such sharing by:

• Exercising Your Privacy Choices and Rights by following the instructions found above in the section titled, Your Privacy Choices and Rights > Your Privacy Choices > Cookies and Personalized Advertising.
• Request Form. Completing our online request form at our https://www.mcafee.com/en-us/consumer-support/policy/legal/data-request.html and selecting “I would like to Opt Out of McAfee selling or sharing my Personal Information.”
• Contact Us. Contacting us as set forth in “Contact Us” below.
• Managing Your Cookie Preferences.

Sources of Personal Information We Collect

Purposes for which We May Use the Information We Collect

Retention of Personal Information.

Processing Sensitive Information.

Under applicable laws, you may have the right to limit the processing of sensitive Personal Information for certain purposes such as profiling or inferring characteristics about you. You may request that we limit our use of Sensitive Personal Information that we have collected about you to that which is necessary to perform the services that we provide to you.

To request that we limit our use of your Sensitive Personal Information, please visit our “Limit the Use of My Sensitive Personal Information” page https://www.mcafee.com/en-us/consumer-support/policy/legal/data-request.html.

Additional Privacy Rights for Residents of Certain States

Subject to Applicable Law, if you are a resident of certain states you may have the rights described in the section titled Your Privacy Choices and Rights, in the Privacy Policy, which you may include the following rights: The right to know and access the person we have collected about you; the right to delete Personal Information we have collected; the right to opt-out or restrict the processing of Personal Information for specified purposes, such as targeted or cross contextual advertising, and, the right to correct inaccurate Personal Information.

In accordance with Applicable State Law, you may also have the following rights:

Non-Discrimination. We will not discriminate against you, in terms of price or services that we offer, if you exercise any of the rights listed above.

Authorized Agent. Depending on where you live, you may have the right to use an authorized agent on their behalf to exercise a privacy right discussed above. If you are an authorized agent acting on behalf of a user to communicate with us or to exercise a privacy right discussed above, you must be able to demonstrate that you have the requisite authorization to act on behalf of the user, and have sufficient access to that user’s laptop, desktop, or mobile device to exercise that user’s right digitally. If you are an authorized agent trying to exercise rights on behalf of one of our users, then you can make a request on the user’s behalf by contacting us as set forth below in the “Contact Us” section: Such requests must include the following information: (1) a written authorization from the consumer that includes the consumer’s full name, address, telephone number and valid email address used by the consumer to interact with us, that is signed by the consumer and clearly bestows upon the agent the proper authority; and (2) a certificate of good standing with your state of organization. Alternatively, an acting agent can provide a valid power of attorney signed by the consumer on the agent’s behalf and a valid email address used by the consumer to interact with us. The email address of the consumer will be used to separately verify the agent’s authority with the consumer.

Verification. We are required by law to take reasonable steps to verify your identity prior to responding to your request. Please note that your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., the maintenance of legal privilege). If we are unable to process your request via you authenticating yourself on the Services, we may verify your request by asking for information sufficient to confirm your identity, based on the information we have on file. Requests to exercise these rights may be granted in whole, in part, or not at all, depending on the scope and nature of the request and as permitted by applicable law. Where required by applicable law, we will notify you if we reject your request, and notify you of the reasons we are unable to honor your request.

We will respond to your request within forty-five (45) days or within the time provided for under Applicable State Law. However, in certain circumstances, we may require additional time to process your request, as permitted by Applicable State Law. We will advise you within forty-five (45) days after receiving your request if such an extension is necessary and why it is needed. If we cannot fulfill your request, our response to you will also explain the reason why we cannot fulfill your request.

We do not charge a fee to process or respond to your consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. We will not discriminate against you for exercising your privacy rights.

Appeal. You may have the right to appeal our decision or response to your request. To exercise your right to appeal, you can submit an appeal request using the same method used to submit your original request, including by contacting us as set forth in “Contact Us” below.

De-Identified Information. If we create or receive de-identified information, we will not attempt to reidentify such information, except to comply with Applicable Law or in accordance with our Privacy Policy.

Notice of Financial Incentives. From time to time, we may offer a program, benefit, or other offering in exchange for the collection, retention, sale, or sharing of Personal Information to us (collectively, “Financial Incentive”), such as your contact information. Any discount we provide will be based upon our reasonable but sole determination of the estimated value of your Personal Information, taking into consideration, without limitation, estimates regarding anticipated revenue generated from such information, the anticipated expenses which might be incurred in the collection, storage, and use of such information in the operation of our business, and other relevant factors related to the estimated value of such information to our business, as permitted under applicable law. We may provide additional notice of the details of the particular Financial Incentive as required, and participation in any Financial Incentive programs is on an opt-in basis. If you later wish to opt-out of a Financial Incentive program on a going-forward basis, you may submit a request to us using the contact details with the “Contact Us” section.

De-Identified Information. If we create or receive de-identified information, we will not attempt to reidentify such information, except to comply with applicable law.

Metrics.

Type of Request	Number Received	Number Complied With (In Whole or In Part)	Number Denied	Average Days to Respond
Delete	509	229	280	17
Correct	0	0	0	0
Know/Access	159	85	74	24
Opt-out	274	0	0	9
Limit use	34	0	0	8

California Shine the Light. The California “Shine the Light” law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their Personal Information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of Personal Information disclosed to those parties.

Right for minors to remove posted content. Where required by law, California residents under the age of 18 may request to have their posted content or information removed from the publicly-viewable portions of the Services by contacting us directly as set forth in Contact Us below or logging into their account and removing the content or information using our self-service tools.

10. SUPPLEMENTAL NOTICE FOR CERTAIN INTERNATIONAL COUNTRIES

A. Supplemental Notice for Australia

This Supplemental Notice for Australia only applies to our processing of Personal Information that is subject to the applicable data protection laws of Australia.

1. Sensitive Personal Information. We do not generally require you to disclose any sensitive Personal Information (e.g., details of race, religious belief, sexual orientation, or membership of a trade union) to us. If you do provide us with sensitive Personal Information for any reason, you consent to us collecting that information and using and disclosing that information for the purpose for which you disclosed it to us and as permitted by the Australian Privacy Act 1988 (Cth) (“Privacy Act”).
2. Marketing. We will only use and disclose your Personal Information for the purposes of marketing our Services or services of third-party organizations where you have consented to us doing so, or as otherwise permitted by law.
3. International Transfers. Except in some cases where we may rely on an exception under the Privacy Act, we will take reasonable steps to ensure that any overseas recipients of Personal Information which originates in Australia do not breach the Australian Privacy Principles in the Privacy Act in relation to such information.
4. Children’s Information. If an individual indicates they are under 15 and we are required to obtain the individual’s consent (for example, for the collection of sensitive information), we will seek consent from the individual’s parent or legal guardian.

B. Supplemental Notice for Canada

This Supplemental Notice for Canada only applies to our processing of Personal Information that is subject to the applicable data protection laws of Canada.

1. Security of Your Information. The files and records containing your Personal Information will be kept in our offices and/or on our servers or those of our service providers, and only those employees that require it for the purposes of their duties will have access to these files.
2. International Transfers and Access. Personal Information may be accessible to the courts and the law enforcement and national security authorities of the United States. To obtain more information about McAfee’s policies and practices with respect to service providers outside of Canada, please contact us as set forth in Contact Us below.

C. Supplemental Notice for China

This Supplemental Notice for China only applies to our processing of Personal Information that is subject to the applicable data protection laws of China, including the Personal Information Protection Law (“PIPL”).

D. Your Privacy Rights. In addition to the applicable rights listed above in Section 5, you have the following additional data subject rights: the right to request an explanation on how your Personal Information is handled, the right to file a lawsuit, and the right to allow your next of kin to exercise any of your rights unless other arrangements have been made before your death. For purposes of the PIPL, the Data Privacy Officer is your data handler, and data subject requests may be directed to the contact information provided in Section 8 above.

E. International Transfers. When transferring Personal Information which originates in China internationally, we will comply with the applicable requirements governing the transfer and processing of such data. Providing Us information for employment or otherwise during the Services or through the website constitutes your consent for our international transfer of your data.

F. List of Entrusted Persons. If permitted under applicable law, data subjects may request a copy of our service providers (entrusted persons).

G. Supplemental Notice for Italy

This Supplemental Notice for Italy only applies to our processing of Personal Information that is subject to the applicable data protection laws of Italy.

• Cookies and Other Technologies. Where required by applicable law, our use of Technologies (as described above) is subject to your consent.

For more information about the specific providers of the Targeting and Analytics cookies used on McAfee’s Services and how to opt out of these cookies, please see our Cookie Notice.

H. Supplemental Notice for Japan

This Supplemental Notice for Japan only applies to our processing of Personal Information that is subject to the applicable data protection laws of Japan.

• How We Disclose Your Personal Information. We may use the following third parties to process your Personal Information:

Entrusted Third Party	Location of Entrusted Third Party	Entrusted Work
Saymine Technologies Ltd.	Israel	Online Account Cleanup (link to product description above)

I. Supplemental Notice for South Korea

This Supplemental Notice for South Korea only applies to our processing of Personal Information that is subject to the applicable data protection laws of South Korea.

• Retention of Personal Information. We will destroy the collected Personal Information when it becomes unnecessary. We will permanently delete your Personal Information in the form of an electronic file in a non-recoverable manner, and shred or incinerate other records, printed matters, and other written media, in accordance with applicable law.
  
  We will retain your information to meet our legal obligations as follows:
  1. Act on Consumer Protection in Electronic Commerce
     • Record of indication and advertisement: 6 months
     • Record of contract or withdrawal of subscription: 5 years
     • Record of payment and supply of goods: 5 years
     • Record of consumer complaints or disputes: 3 years
  2. Electronic Financial Transactions Act
     • Record on electronic finance: 5 Years
  3. Protection of Communications Secrets Act
     • Login history: 3 months

J. Supplemental Notice for Türkiye

This Supplemental Notice for Turkey only applies to our processing of Personal Information that is subject to the applicable data protection laws of Türkiye.

• McAfee Information. McAfee is duly incorporated under the laws of United States and located at the address indicated below and is the controller of your Personal Information within the scope of the Turkish Law on the Protection of Personal Data numbered 6698 (“Turkish Law”).
• Automatic Collection. We may collect your Personal Information through non-automatic methods, which may include methods that are part of our data recording systems.
• Use of Personal Information. We may collect your Personal Information in accordance with the laws based on the reasons stated under Articles 5 and 6 of Turkish Law and within the scope of fulfilling our obligations, carrying out the business process and/or creating of a common database with our shareholder(s), as necessary to process your Personal Information (including but not limited to sensitive Personal Information) of the parties to an agreement. We will process this Personal Information, provided that it is directly related to setting up of an agreement or its performance and it is necessary to process Personal Information (including but not limited to sensitive Personal Information) for our legitimate interests, without damaging your fundamental rights and freedoms.
• Consent for Sensitive Personal Information. In some situations, we may need your explicit consent to process your sensitive Personal Information (e.g., health information, government issued identification, genetic information) for the purpose of providing Services and/or other purposes stated in this Privacy Notice, in each case as required by applicable law.
• How We Disclose Your Personal Information. We may also share your Personal Information (including but not limited to sensitive Personal Information) within the country or abroad to our affiliates, through an online system, within the framework of the objectives and principles mentioned above and our internal rules, and in accordance with the methods and conditions indicated in Turkish Law.
• Security of Sensitive Personal Information. We determine and implement systematic, clearly defined, manageable and sustainable policies and procedures for the security of your sensitive Personal Information.
  Within the scope of your sensitive Personal Information stored in our electronic media or accessible in these environments:
  • We protect your sensitive Personal Information using cryptographic methods;
  • We keep cryptographic keys in secure and different environments;
  • We securely log transaction records of all transactions performed on your sensitive Personal Information;
  • We continuously monitor the security updates of the environments where your sensitive Personal Information is located, regularly conduct necessary security tests and record test results;
  • In cases where your sensitive Personal Information is accessed via software, we fulfill the user authorizations of this software and regularly perform the security tests of these software and record the test results in question;
  • We provide at least a two-step authentication system if remote access to your sensitive Personal Information is required; and
  • We prevent unauthorized entry and exit in order to ensure the physical security of these environments by taking adequate safe precautions and routinely inspecting your sensitive Personal Information processed, stored and/or accessible in our physical environments.
• International Transfers. International transfers of Personal Information shall be carried out in accordance with applicable legal provisions and by obtaining your explicit consent in any way.
  When transferring your sensitive Personal Information:
  • If your sensitive Personal Information is transmitted via e-mail, it is transferred encrypted with a corporate e-mail address;
  • If the portable memory needs to be transferred via media such as CDs and DVDs, it is encrypted with cryptographic methods and the cryptographic key is kept in a different environment;
  • If transfer is made between servers in different physical environments, data transfer is performed by establishing VPN between servers; and
  • Even if the sensitive Personal Information is required to be transferred through paper medium, necessary precautions are taken against risks such as theft, loss or being seen by unauthorized persons of confidential information and/or documents containing your sensitive Personal Information, and the document is sent in the category of “classified documents.”
• Compensation for Damages. Where provided by Turkish Law, you may have the right to request compensation for any damage caused by our illegal processing of your Personal Information.

11. CHILDREN’S INFORMATION

Protecting children’s privacy online is very important to us. Some of McAfee's Services provide security features that parents may use to monitor their child's activity online, physical location, or use of a registered device. These Services require parental consent, and we do not knowingly use the Personal Information we collect from children's devices for any purpose except to deliver the Services. These products allow parents to delete their child's profile at any time. If you believe we have collected information from your child in error or have questions or concerns about our practices relating to children, please contact us as described below. If you are under the age of 18, you must have your parent's permission to access the Services. McAfee urges parents to instruct their children never to give out their real names, addresses, or phone numbers, without parental permission. If you learn that your child has provided us with Personal Information without your consent, you may alert us by contacting us as described in “Contact Us” below. If we learn that we have collected any Personal Information from children under 13 (and in certain jurisdictions under the age of 16), we will promptly take steps to delete such information and terminate the child's account.

12. OTHER PROVISIONS

Third-Party Websites/Applications. The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Providing Personal Information to third-party websites or applications is at your own risk.

Supervisory Authority. If your Personal Information is subject to the applicable data protection laws of Australia, Brazil, the European Economic Area, Switzerland, or, the United Kingdom, you have the right to lodge a complaint with the competent supervisory authority or attorney general if you believe our processing of your Personal Information violates applicable law.

• Office of the Australian Information Commissioner
• Autoridade Nacionalde Proteçãode Dados (ANPD)
• EEA Data Protection Authorities (DPAs)
• Swiss Federal Data Protection and Information Commissioner (FDPIC)
• UK Information Commissioner’s Office (ICO)

13. CONTACT US

McAfee is the controller of the Personal Information we process under this Privacy Notice

You can see further information about the country specific controllers related to where you reside.

Country	Data Controller Details
Argentina	McAfee Consumer Argentina S.A. Address: Libertador Avenue 101 10th Floor, Buenos Aires, Argentina
Australia	McAfee Security Australia Pty. Ltd. Address: 45 Evans Street, Sydney, New South Wales 2041, Australia
Brazil	McAfee Brasil Comércio e Serviços de Tecnologia Ltda. Address: Av. Dra. Ruth Cardoso 8501, 17 andar, Edificio Eldorado Business Towers, Pinheiros,Sao Paulo, Brazil 05425-070, Brazil
Canada	McAfee Canada ULC Address: 451 Phillip Street Unit 130,Waterloo, Ontario N2L3X2, Canada
Chile	McAfee Tecnologías Chile Limitada Address: Avenida Pedro N0193, piso 4, Comuna de Providencia, Santiago, Chile, Chile
China	McAfee (Beijing) Technology Co., Ltd. Address: Room 1566-1567, Unit 01-06, 15/F, Building A, No. 9 Dongdaqiao Road,Chaoyang District, Beijing 100020, China
China	McAfee (Shanghai) Software Co., Ltd. Address: Room 982, 9/F,, No. 1000 Lujiazui Ring Road, Pilot Free Trade Zone, Shanghai, China
Colombia	McAfee Colombia Ltda Address: Carrera 11 No. 79-66,Bogota, Colombia, Colombia
EU / EEA	McAfee Ireland Limited Address: Waterfront Square, 1 Horgans Quay,Cork, Republic of Ireland T23PPT8, Ireland
India	McAfee Software (India) Private Limited Address: Fairway Business Park Survey Nos, 10/1, 11/2, 12/2b of Challaghatta Villiage, Next to Embassy Golf Links, Domlur, Bangalore, Karnataka 560071, India
Israel	McAfee Consumer (Israel) Ltd. Address: 9 Hamenofim St, Ackerstein Towers, Tower A, 8th fl, Hertzelia Pituach, Israel 4672560, Israel
Japan	McAfee Co., Ltd. Address: Dai-ichi Life Hibiya First, 1-13-2 Yurakucho, Chiyoda-ku, Tokyo, Japan
Republic of Korea	McAfee Korea Limited Address: (Samseong-dong) 33 Floor, 511 Youngdong-daero,Gangnam-gu, Seoul, South Korea
Mexico	McAfee Technologies Mexico, S. de R.L. de C.V. Address: Avenida Presidente Masaryk 111, Piso 1, Col. Polanco V Seccion, Miguel Hidalgo,, Mexico City, Distrito Federal, Mexico C.P. 11560, Mexico
Peru	McAfee Security Perú S.R.L. Address: Av Emilio Cavenecia 151, Int. 701,Lima, Miraflores, Peru 27, Peru
Kingdom of Saudi Arabia	McAfee Ireland Limited Saudi Arabia Branch Address: 6664 Prince Mohammed bin Salman Road, AlRabi, Riyadh 6664-13316, Saudi Arabia
Singapore	McAfee (Singapore) Pte. Ltd. Address: Level 9 Tampines Junction, 300 Tampines Avenue 5,Singapore, Singapore 529653, Singapore
Taiwan	McAfee (Singapore) Pte. Ltd., Taiwan Branch Address: Taipei Landmark Centre, 29F, No. 68, Sec. 5, Zhongxiao East Rd. Xinyi Dist,Taipei, Taiwan 11065, Taiwan
Türkiye	McAfee Turkey Guvenlik Hizmetleri Limited Sirketi Address: Parima Residence, 14th floor,, Maltepe Neighborhood Old Cirpici Street, No: 8,Cevizlibag, Istanbul 34010, Türkiye
United Arab Emirates	McAfee Netherlands B.V. - Dubai Branch Address: TECOM ZONE, Dubai Internet City - Zone DIC, 01 Ground Floor, EO13, Dubai Internet City, United Arab Emirates
United Kingdom	McAfee Security UK Ltd Address: Jubilee House, Third Avenue Globe Park, Marlow, Buckinghamshire SL71EY, United Kingdom

If you have any questions about our privacy practices or this Privacy Notice, or to exercise your rights as detailed in this Privacy Notice, please contact us at mbprotectprivacy@mcafee.com.
Click https://www.mcafee.com/en-us/consumer-support/policy/legal/privacy-contact.html to contact us regarding this Privacy Notice or other related Privacy issues. You can also write to us as follows: