A. What categories of personal data does Trend Micro collect about you when you use the Service?
“Personal Data” means and is limited to one or more data elements supplied by you relating to an identified or identifiable natural person that can be used to identify, directly or indirectly, such natural person to the extent such data is regulated, protected, restricted, or controlled under applicable laws for the protection of that natural person's privacy and related rights. Trend Micro will collect process and use the following categories and types of data, some of which is Personal Data.
1. Trend Micro will collect, process and use the following data relating to your use of the Service:
- IP address
- File name
- File path
2. Children’s Personal Data. The Service is not directed to, nor does Trend Micro knowingly collect Personal Data from children under the age of 16. If we are informed that we have collected the Personal Data of a child under the age of 16, we will delete that Personal Data from our systems. If you believe we might have inadvertently collected Personal Data from or about a child under the age of 16, please contact us at email@example.com.
3. Trend Micro does not wish to receive, or need any sensitive personal information, such as personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.
B. Why does Trend Micro need to collect, process and use your Personal Data?
The Personal Data you provide is processed by Trend Micro, for the following purposes:
1. Web filtering Service:
- We collect the IP address of your router to communicate with our back end web filtering services that prevents you from accessing malicious websites. We collect the IP address of each device connected to your network to detect and obtain information about any malicious attack on each connected device. We collect the IP address of the source and destination of malicious attacks on your network and devices.
- We collect URL’s you access to check against our threat intelligence database to prevent you from accessing malicious websites. This allows Linksys Shield to shut down access to malicious websites and prevents them from contaminating your home network through one URL.
- We collect File name and File path data to check them against our threat intelligence database in order to prevent you from accessing malicious files. This allows Linksys Shield to identify malicious files before they are opened or accessed and preventing them from contaminating your home network through one file.
- We collect File path to check against our threat intelligence database to prevent you from accessing malicious files
- We collect device recognition data to allow Linksys Shield to identify devices connected to your home network. This way we can make sure that each device connected to your home network is regularly checked for malware and security vulnerabilities and can better protect your home network as a whole.
- We collect Virtual Patch data (including Source IP address and Destination IP address) to provide network-based intrusion protection for connected devices in your home network. This is accomplished by detecting and blocking intrusions before they can infect your home network.
3. IoT Reputation Services:
- We collect IP addresses to block incoming and outgoing communication from potentially infected or malicious, devices and servers.
We will collect and process Personal Data set forth in Section B above if we have a lawful basis to do so, for reasons explained in this Privacy Notice.
One of the legal bases that we rely on to process your Personal Data is “legitimate interests”. Where we talk about “legitimate interests” of Trend Micro or third parties, this can include:
- Making sure the Service is working properly.
- Providing adequate security of your personal data within the Service.
- To provide you the cloud features and functionality set forth in Section B above.
Trend Micro is a global organization and may share Personal Data with its affiliated companies in order to provide the Service.
It may be necessary by law, legal process, litigation and/or requests from public and governmental authorities in any country where Trend Micro operates, for Trend Micro to disclose Personal Data received in relation to the use of the Service. We may also disclose such Personal Data if we determine that, for purposes of national security, law enforcement or other issues of public importance, disclosure is necessary or appropriate.
Trend Micro may also disclose Personal Data if we determine that disclosure is necessary to enforce our terms and conditions or protect the Service or its users. In addition, in the event of a reorganization, merger or sale, we may disclose and transfer any and all Personal Data we collect to the relevant third party.
E. Transfers over the internet to countries located outside the EEA (EEA individuals only)
Trend Micro is a global organization, with affiliated legal entities, business processes, management structures, and technical systems that cross borders. We may process user's Personal Data outside the country in which they are located, including at data centers in the United States as well as other locations operated by Trend Micro, affiliates of Trend Micro or data processors engaged by Trend Micro. When we share Personal Data among Trend Micro affiliates globally, we will do this on the basis of standard data protection clauses.
We may also transfer Personal Data to our contractors based in various countries in the world where we do business, who carry out data processing on behalf of Trend Micro. Some of these countries may provide less legal protection than others for Personal Data. However, in such case the data transfer will be subject to appropriate safeguards, namely EU Standard Contractual Clauses. Copies of the EU Standard Contractual Clauses in place can be obtained by e-mail at firstname.lastname@example.org.
F. Contact and Data Protection Officer
- Individuals based outside the EEA, with any questions, requests, comments or concerns regarding this Privacy Notice, can contact us using the details below:
Trend Micro Incorporated
c/o Legal Department
225 East John Carpenter Freeway
- For individuals based inside the EEA, the contact details of the data protection officers designated by Trend Micro are:
Trend Micro (EMEA) Limited
IDA Business & Technology Park
Model Farm Road
Telephone: +44 203 54 93 304
G. Updates to this Privacy Notice
We may update this Privacy Notice from time to time, so please review it frequently. If we change our Privacy Notice, we will post the revised version here, with an updated revision date. If we make material changes to our Privacy Notice, we will notify you by email or prominently post a notice on the Trend Micro website.
Dated: January 2019