Privacy Policy Disclosure
on the use of Protectstar® AI Cloud

Last Updated: September 03, 2020

1. Introduction

Please read this disclosure on the use of Protectstar® AI Cloud (Protectstar® Artificial Intelligence Cloud) carefully before you agree to it. In this disclosure, which is a part of our Privacy Policy, we explain what personal data we collect from users using our Android apps and how we use and share them.

The Protectstar® AI Cloud is a cloud-based service that proactively protects users of our Android apps. It is seen as a hybrid protection model that combines anti-malware signature databases, proactive detection, and cloud services. It shares newly discovered malware or espionage apps with the users of our Android apps. Like this, even unknown threats or zero-day exploits can be detected almost in real-time.

Protecting user privacy is one of the fundamental principles that Protectstar® prioritizes when processing user data. We believe you have the right to privacy and control over your information. This fundamental belief shapes our Privacy Policy.

Please, if you have any questions or suggestions, do not hesitate to contact us at

2. What is the purpose on the use of Protectstar® AI Cloud?

The Protectstar® AI Cloud runs on Protectstar® servers and not on individual devices, like the user's smartphone. This ensures the full performance of Protectstar® AI Cloud servers and enables quick and precise analyzes. At the same time, it keeps the user devices resource-efficient with optimal performance.

The data processing ensures:

  • Identifying new threats, their behavior, their security status, and their sources.
  • Determination of the reputation of examined objects.
  • Reducing the likelihood of false alarms.
  • Increasing the performance of software components.
  • Performance increase for the rights holder's products.
  • Access to the confidential installed app information and use is directly related to the provision and improvement of Protectstar Android apps' functions.

3. What personal data do you provide?

While using Protectstar® AI Cloud, we collect and process the following Service and Device Data (in addition to Account Data and Billing Data, if relevant):
- Selective installed app package information of the apps you have installed on your device in the data type of SHA-1 checksum, SHA-256 checksum, and corresponding installed app package names.

The data will be sent to our servers at: https://api.protectstar.com

Service Data What we use it for and for how long
Identifier of the content (message) being delivered

Service Provision (up to 12 months)

  • To monitor service functionality

In-product Messaging (up to 6 months)

  • To inform users of problems that will not be solved by the currently installed product and to offer users a solution to the detected problem
IP address

Service Provision (up to 12 months)

  • To detect the approximate location of malicious software. For free and paid users, it is a part of malware infection file replaced in 30 days with city/country
Malware samples

Service Provision (up to 12 months)

  • For the functionality of malware scanning
Detections

Service Provision (up to 12 months)

  • For the functionality of malware scanning
Events and product usage

Service Provision (up to 12 months)

  • To ensure continuous functionality (installations, versions, updates, settings) and map how users interact with our product

In-product Messaging (up to 12 months)

  • To inform users of problems that will not be solved by the currently installed product and to offer users a solution to the detected problem

Product and Business Improvement

  • To better understand our users’ behavior and users’ acquisition (up to 12 months)
  • To improve the user's overall experience by developing new features and products (up to 12 months)
Device Data What we use it for and for how long
Information concerning computer or device (carrier, OS version, OS build number, Hardware ID, device model, device brand, device manufacturer)

Service Provision (up to 12 months)

  • To ensure functionalities of the product and its features

In-product Messaging (up to 12 months)

  • To inform users of problems that will not be solved by the currently installed product and to offer users a solution to the detected problem

Product and Business Improvement

  • To better understand users’ behavior (up to 12 months)
  • To improve the user's overall experience by developing new features and products (up to 12 months)
Applications

Service Provision (up to 12 months)

  • To define rules how our Android security apps should behave

In-product Messaging (up to 12 months)

  • To inform users of problems that will not be solved by the currently installed product and to offer users a solution to the detected problem

These are the third-party analytics tools we use for our Protectstar® Android products using Protectstar® AI Cloud:

  • Google Analytics
  • Google Firebase and Crashlytics Analytics for Android

4. What data do we collect?

When using Protectstar® AI Cloud, you send selective installed app package information of apps you have installed on your smartphone. The type of data we collect include the following:

  • The apps corresponding package name
  • The calculated SHA-1 checksum of the apps apk file
  • The calculated SHA-256 checksum of the apps apk file

Your data as listed above, is send anonymously and automatically to the following URL:
https://api.protectstar.com/api/get-deep-detective-packages-shas-info

The data transmission is performed in encrypted (AES-256 bit) form using the HTTPS protocol, and cannot be tracked back to individuals.

5. Why we process your personal data?

We use your Personal Data for the following purposes and on the following grounds:

The data of installed package information you send to our cloud server to https://api.protectstar.com is needed to provide the services to you, to offer you an accurate detection of malware and detect suspicious espionage threats.

Our purpose in collecting your information is to equip you with useful products and services that provide a more agile, dynamic response to new and unknown threats.

Based on fulfilling our contract with you or entering into a contract with you on your request, in order to:

  • Process purchase of our products or services from us;
  • Provision the download, activation, and performance of the product or service;
  • Keep our products or services up-to-date, safe and free of errors, including implementation of new product features and versions;
  • Verify your identity and entitlement to paid products or services, when you contact us for support or access our services;
  • Process your purchase transactions;
  • Update you on the status of your orders and licences;
  • Manage your subscriptions and user accounts; and
  • Provide you with technical and customer support.

On the basis of your consent, in order to:

  • Subscribe you to a newsletter or the MyProtectstar account;

We will always ask for your consent before any processing that requires it and provide you with the necessary information.

On the basis of legal obligations, we process your Personal Data when necessary for compliance with accounting, anti-money laundering, legal order, or other obligation to which we are subject.

Based on of our legitimate interest, we will use your Personal Data to:

  • Communicate about possible security, privacy and performance improvements and products that supplement or improve our purchased products and to optimize the content and delivery of this type of communication;
  • Evaluate and improve the performance and quality of our products, services and websites, develop new products, and to understand usage trends, and analyze user acquisitions, conversions and campaigns;
  • Allow interoperability within our applications;
  • Secure our systems and applications;
  • Allow effective performance of our business by ensuring necessary internal administrative and commercial processes (e.g. finances, controlling, business intelligence, legal & compliance, information security etc.); and
  • Establish, exercise or defend our legal rights.

For the above-mentioned processing operations, we have balanced your interests against our interests. In any case, you have the right to object, on grounds relating to our particular situation, to those processing operations.

6. How we use your data?

We do our best to disconnect or remove all direct identifiers from the Personal Data that we use:

  • For free versions, this disconnection or removal of identifiers begins when the products and services are initially activated. For paid users we keep Billing Data in a separate database and minimize its use for anything other than handling payments and our own finances.
  • For both paid and free versions, we continuously monitor for, minimize, disconnect and remove all direct identifiers during the normal performance of the products and services.

The data you provided - installed app package information data in the type of SHA-1, SHA-256, and corresponding app package name - is used to identify possible new malware and spyware.

We use your data (as listed in section 4.) on our servers to

(a) provide and operate our Services;
(b) address and respond to service, security, and customer support needs;
(c) detect or prevent your device against cybersecurity threats such as malware
(d) detect possible false positives

Transmitted user information will only be used for the aforementioned limited purposes, which the user has agreed to.

7. How long we store your Personal Data?

The data we collect from you may be stored, with risk-appropriate technical and organizational security measures applied to it, on in-house servers in Germany.

The selective extracted and transmitted data, as listed above, are stored for the duration, as is technically necessary. As a rule, this is only a few seconds before the data is securely deleted from our servers by a high-security deletion standard. For randomized sample testing, some transmitted installed package information is stored anonymized in the form of statistics.
In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.

We will hold your Personal Data on our systems for the following periods:

  • For Billing Data, for as long as we have a legal obligation or for our legitimate interests in establishing legal rights;
  • For Account Data, for as long as you maintain your account;
  • For Product Data, only as long as necessary for the purposes of a particular product or service.
  • We use rolling deletion periods which means we regularly delete collected data in the given periods starting from the collection of that respective data.

8. How we share your data with third parties?

We do NOT share or sell your collected data you send with third parties - neither with service providers, resellers, partners, nor with government-related auditors.

9. Data Subject's Rights

Protectstar® respects your control over your information. Upon request, we will confirm whether we hold or process information that we have collected from you. You also have the right to amend or update inaccurate or incomplete personal data, request deletion of your personal data, or request that we no longer use it.

You are entitled to the following rights as a data subject:

  • right to request access to your personal data from Protectstar,
  • right to rectify your personal data if inaccurate (You also have the right to have the incomplete personal data completed),
  • right to request the erasure of your personal data,
  • right to request the restriction of processing your personal data,
  • right to object to the processing as well as
  • right to data portability.

Under certain circumstances, we will not fulfill your requests, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves unnecessary cost or effort. Still, we will respond to your request within thirty (30) days and provide you an explanation in any event.

The rights holder treats the data received from the end-user as part of this statement under the privacy policy for rights holders. This guideline can be viewed at https://www.protectstar.com/en/legal-notice.

10. Changes

We reserve the right to revise or modify this Privacy Policy. Besides, we may update this Privacy Policy to reflect changes to our data practices. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or through a notice on this website before the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

11. Contact Us

If you have questions or requests relating to personal data or privacy, please contact us at https://www.protectstar.com/en/contact which allows you to make a request online or through e-mail at

Corporate Headquarters

Protectstar Inc.
301 Clematis Street
Suite 3000
West Palm Beach, FL 33401
USA

Tel : +1-561-246-3351

Web : www.protectstar.com
Email:

© 2020 PROTECTSTAR INC. All rights reserved.