Introduction
Visiting our websites
Basic processing when visiting our websites
Cookies and additional tracking tools
Advertising partners
Processor
Google Analytics
Google Tag Manager
Hotjar
OneTrust
SurveyMonkey
Zendesk
Newsletter
Data upload
Third-party services that you wish to use
Social media
Other providers
User accounts
Your My BullGuard Account
Product download
Online shop
Changes to this Privacy Policy
Introduction
We process different data when you visit our websites and create or use your account. This data may be directly or indirectly of a personal nature, i.e. it may involve other data sources.
We collect much of this data in a pseudonymized or anonymized form. Pseudonymized means that the personal data can no longer be attributed to a specific data subject without additional information. Anonymized means that the data subject can no longer be identified.
Visiting our websites
BullGuard offers a variety of product and user-optimized websites to provide you with a browsing experience tailored to your needs. We also use tools from various national and international providers. Some of the tools we use, how they work, and the type of data that are processed are explained below.
Basic processing when visiting our websites
By visiting our websites, whether by entering one of our URLs or clicking/tapping a link, you send personal data to us that our webservers process. To implement this service in a sensible manner, we use service providers on the basis of data processing agreements.
|
Purpose
|
· Provision of our internet presence
· To generate revenue
· Marketing and public relations
· Customer engagement
· Evaluations
|
|
Legal basis
|
· Provision of our websites: Art. 6(1)(f) GDPR — Our legitimate interest lies in the provision of our websites
· Provision of promotional pages: Art. 6(1)(b) GDPR — Contract initiation and performance
· Storage of metadata: Art. 6(1)(f) GDPR — Legitimate interest: IT security
|
|
Data categories
|
· Website visited
· IP address
· Request method
· Requested URL
· Response status
· User agent (browser type and version, operating system information)
· Processing time
· Time to receive the response from the upstream server
|
|
Recipient (category)
|
· Group employees
· IT service providers
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Usually 2 days
|
Cookies and additional tracking tools
In addition to the following tools, we also use cookies and tracking tools (hereinafter jointly referred to as "cookies") on our websites. We divide cookies into several categories. If we want to load more than "necessary" cookies, this is done on the basis of your consent. They are managed via our cookie tool.
This means that if no cookie tool with the option to set the use of cookies appears when you visit a website for the first time, we only use cookies on this website that are required to correctly display the website.
Please bear in mind that you may have already agreed to the use of cookies. If this is the case, no cookie tool will be displayed.
You will find all further information on this topic under Cookies.
Advertising partners
Please note that cookies can also be set by third parties or read by us. These are sometimes necessary for billing advertising partners, affiliate publishers, or for granting cashback and vouchers, for example. We process these cookies to fulfil our contractual obligations towards you or third parties as necessary.
In doing so, we act as an advertiser. We may process personal data to carry out an affiliate marketing campaign. This allows us to track which third-party website, app, or other technology provider referred potential customers to our websites and apps ("referrer"), and pay them a commission for these referrals.
In doing so, we are pursuing the legitimate interest of conducting an online advertising campaign that is remunerated according to performance.
We work together with various service providers within the framework of order processing and/or joint responsibility.
Criteo
|
Provider
|
Criteo SA, 32 Rue Blanche, 75009 Paris, France
|
|
Description
|
We use the Criteo network to enhance our marketing and advertising activities.
|
|
Purpose
|
· Marketing
· Evaluations
|
|
Legal basis
|
Art. 6(1)(a) GDPR — Consent
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
Possibly, based on Art. 44 et seq. GDPR
|
|
Retention period
|
Until such time as consent is withdrawn
|
Processor
The following list is not exhaustive:
Google Analytics
|
Tool
|
Google Analytics
|
|
Provider
|
Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
|
|
Description
|
Google Analytics is a key tool from Google for the analysis and optimization of website usage.
|
|
Purpose
|
· Operational process
· Optimization of websites
· To generate revenue
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
Google Tag Manager
|
Tool
|
Google Tag Manager
|
|
Provider
|
Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
|
|
Description
|
Google Tag Manager allows us to centrally manage the use of cookies and other tracking tools.
|
|
Purpose
|
· Operational process
· Provision of websites and their functions
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
None
|
Hotjar
|
Provider
|
Hotjar Ltd., Dragonara Business Centre 5th Floor, Dragonara Road,
Paceville St Julian's STJ 3141, Malta
|
|
Description
|
Hotjar is an analysis tool that enables us to measure website use (such as by using heatmaps) and tailor our pages to your needs.
|
|
Purpose
|
· Marketing
· Operational process
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
· Ad networks
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Until such time as consent is withdrawn
|
OneTrust
|
Provider
|
OneTrust Technology Ltd. 82 St John St, Farringdon, London, EC1M 4JN, UK
|
|
Description
|
We use the OneTrust tool for consent and cookie management on our website.
|
|
Purpose
|
· Marketing
· Implementation of legal obligations
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
UK — Safeguard: EU adequacy decision
|
|
Retention period
|
Up to 2 years
|
SurveyMonkey
|
Provider
|
SurveyMonkey Inc. 1 Curiosity Way, San Mateo, CA 94403, USA
|
|
Description
|
At some points in our offers or in the communication with us, we are interested in your opinion. For this reason, we use SurveyMonkey as a tool to conduct surveys and satisfaction evaluations. This is done on the basis of your consent.
|
|
Purpose
|
· Marketing
· Customer engagement
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Until such time as consent is withdrawn or an objection filed
|
Zendesk
|
Provider
|
Zendesk, Inc, 1019 Market Street, San Francisco, CA 94103, USA
|
|
Description
|
We use Zendesk's services as the technical basis for our support website and chat service.
|
|
Purpose
|
· Rendering of support services
· Provision of the website
· To generate revenue
· Increase customer satisfaction
· Evaluations
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
Newsletter
|
Description
|
We offer you newsletters on various topics. You can find an overview of our newsletters and your subscriptions here.
You can withdraw your consent at any time, without this affecting the lawfulness of processing based on consent before its withdrawal, in your My BullGuard Account.
|
|
Purpose
|
· Provision of our newsletter
· Marketing and public relations
· Customer engagement
· Evaluations
|
|
Legal basis
|
Art. 6(1)(a) GDPR — Consent
|
|
Recipient (category)
|
· Group employees
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Until such time as consent is withdrawn
|
Data upload
|
Description
|
You can send us suspicious files, files that trigger a false alarm in our software, and website addresses (URLs) by uploading them to us. We then analyze these files. Our signature database or the whitelist is then updated depending on the results. It is also possible to send us files by email.
|
|
Purpose
|
· Provision of the service
· To perform a contract
· Marketing
· Customer engagement
· IT security
· Evaluations
|
|
Legal basis
|
Art. 6(1)(b) GDPR — Contract performance
|
|
Recipient (category)
|
· Group employees
· IT service providers
|
|
Transfer to third countries
|
· USA — Safeguard: EU Standard Contractual Clauses
· India — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Normally 30 days
|
Third-party services that you wish to use
On our websites we offer you functions from third parties. The necessary data transfer, e.g. your IP address, only takes place when you activate the module, the placeholder, or the link by clicking it. In this moment we establish a connection to the service provider and transmit the necessary data.
Social media
Like button
In our offers you will find "Like" buttons. These are standard links, which are only activated when you click them. You will then be redirected to the service provider's page. The browser data and the IP address are transmitted for this purpose. This also tells the service provider that you have visited our website.
For this data processing, we and the service provider carry joint responsibility. However, we are only jointly responsible for the collection of the data and until the transmission is completed. We have no influence on the further processing by the service provider and are therefore not jointly responsible.
Fan pages
We operate "fan pages" on some social media platforms. We are partly responsible for this together with the service provider. In doing so, our responsibility is limited to providing you with information and therefore data on visits to our site is collected by the service provider. In some cases there is the possibility that we receive an evaluation of the user behavior. We have no influence on the further processing by the service provider and are therefore not jointly responsible.
Facebook
|
Provider
|
Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
|
|
Purpose
|
· Marketing and public relations
· Customer engagement
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://www.facebook.com/policy.php
|
Google Search and Google Maps
|
Tool
|
Google Search and Google Maps
|
|
Provider
|
Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
|
|
Description
|
We are represented as a company in Google search and in Google's map service.
|
|
Purpose
|
· Marketing and public relations
· Customer engagement
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://policies.google.com/?hl=en&gl=en
|
LinkedIn
|
Provider
|
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2
Ireland
|
|
Purpose
|
· Marketing and public relations
· Customer engagement
· Employee recruitment
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy
|
Twitter
|
Provider
|
Twitter Inc., 1355 Market Street, Suite 900
San Francisco, CA 94103, USA
|
|
Purpose
|
· Marketing and public relations
· Customer engagement
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://twitter.com/en/privacy
|
YouTube
|
Provider
|
Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
|
|
Purpose
|
· Marketing and public relations
· Customer engagement
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://policies.google.com/?hl=en&gl=en
|
Other providers
Trustpilot
|
Tool
|
Trustpilot
|
|
Provider
|
Trustpilot A/S, Pilestraede 58, 5. Etage, DK-1112 Copenhagen K, Denmark
|
|
Description
|
Trustpilot is a consumer review website. You can review our products and services on this platform.
|
|
Purpose
|
· To generate revenue
· Customer engagement
· Marketing and public relations
· Evaluations
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: Provision of user-requested content
|
|
Transfer to third countries
|
None
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://legal.trustpilot.com/for-reviewers/end-user-privacy-terms
|
Google reCAPTCHA
|
Tool
|
Google reCAPTCHA
|
|
Provider
|
Google Ireland Ltd., Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland
|
|
Description
|
To ensure data security when entering data, we use Google reCAPTCHA in certain cases. This tool helps us to prevent data input from automatic or machine systems.
|
|
Legal basis
|
Art. 6(1)(f) GDPR — Legitimate interest: IT security
|
|
Purpose
|
· IT security
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://policies.google.com/privacy?fg=1
|
User accounts
Your My BullGuard Account
We offer you a customer account to administer your data and products. You can find this function under the corresponding icon or via the address: https://myaccount.bullguard.com/login.
When you buy a product through our online shop, a customer account is automatically created for you. In addition, you may voluntarily create a corresponding account with us at any time.
This account references your email address and a password that you set.
Please note that your customer account is kept active until you choose to delete it by submitting a request to our Support Team. We reserve the right, within the contractual agreements and according to applicable laws and regulations, to delete customer accounts at any time.
When you create or use an account, you do so in accordance with our End User License Agreement and our Terms and Conditions.
|
Purpose
|
· Operational process
· Customer engagement / user management
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(b) GDPR — Contract performance
|
|
Recipient (category)
|
· Group employees
· Service providers
· IT service providers
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
Until the account is deleted
|
Product download
You can download all the products on our website as a registered or non-registered customer. Depending on the product you download, we may process personal data. You can find further information under Products.
|
Purpose
|
· Operational process
· Customer engagement / user management
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(b) GDPR — Contract performance
|
|
Recipient (category)
|
· Employees
· IT service providers
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
Online shop
The online shop linked to on our website is operated by, and is the sole responsibility, of cleverbridge AG, Cologne. cleverbridge acts as our reseller.
|
Provider
|
cleverbridge AG, Gereonstr. 43-65, 50670 Cologne, Germany
|
|
Purpose
|
· Operational process
· Distribution / sales processing
· To generate revenue
· Evaluations
|
|
Legal basis
|
Art. 6(1)(b) GDPR — Contract initiation and performance
|
|
Recipient (category)
|
· Group employees
· Service providers
· IT service providers
· SaaS vendors
|
|
Transfer to third countries
|
USA — Safeguard: EU Standard Contractual Clauses
|
|
Retention period
|
In accordance with legal requirements
|
|
Service provider's privacy policy
|
https://shop.bullguard.com/1316/?scope=opprivacy&id=LZYNAzMBox
|
Changes to this Privacy Policy
This Privacy Policy is revised on an ad-hoc basis to adapt it to current developments in relation to our company, our products and services, legal requirements, and social developments.
Version: 2021.06.28
Homepage