Privacy Policy for G DATA Mobile Applications

With G DATA Mobile Security for Android, you may use our malware scanner to scan your device memory or downloads for malicious software such as trojans, viruses or spyware and analyse the permissions of installed apps in order to find out about suspicious behaviour and phishing.

G DATA Mobile Security for Android contains several components in which we process personal data. Detailed information on individual modules can be found below:

 

Malware-Scan / Malware Information Initiative

G DATA Mobile Security for Android performs malware scans to identify malware, detect suspicious behaviour of applications and improve our detection techniques. For this purpose, we process unique identifiers (IMEI, IMSI, IP address, random ID) and files identified by our application as potentially malicious for each device and application installation. To give our customers an additional layer of security, we are using the cloud solution from our technology partner Bitdefender during our malware scan. The processing of this data will be carried out to fulfil our contract with you regarding the use of G DATA Mobile Security for Android. We also use this data for statistical analysis of detected malware and its spread.

If you have consented to participate in the Malware Information Initiative, we will process further personal data in the case of malware scans on the basis of your consent, e. g. complete file paths as well as the number of applications installed on your device. We use this information to improve our applications and for statistical analysis of detected malware.

 

App registration / In-app purchases

If you decide to purchase a license for G DATA Mobile Security for Android, we will ask you for your name, address, contact address (email) and, if applicable, dealer name to complete the license registration. Additionally we transfer unique identifiers e.g. a random ID and the device name. We use this information to activate your license and ensure proper licensing of our application. If you purchase a license through an in-app purchase, we will receive information from Google about the successful purchase process. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security for Android.

 

Updates

G DATA Mobile Security for Android performs regular signature updates to maintain malware protection. We process your IP address and the information provided at registration to verify your license status. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security for Android.

 

Anti-Phishing

If you activate the Anti-Phishing module, G DATA Mobile Security for Android sends URLs accessed by your device to our server. We process this data in order to provide you with an assessment of the security of the accessed URL. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security for Android.

 

Connection with the G DATA ActionCenter

G DATA Mobile Security for Android allows you to connect your device to the G DATA ActionCenter. To register or connect your device with the G DATA ActionCenter, we process unique device identifiers, your data entered during registration and the location data provided by your device. In addition, location data is transmitted to the G DATA ActionCenter when you trigger the location lookup of your device. For location lookups, G DATA Mobile Security for Android accesses the location features of the Android operating system provided by Google. Some services in the G DATA ActionCenter allow you to send information to other connected devices in an emergency or to delete information on your device via other devices. Please keep any access or login information confidential. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security for Android or the use of the G DATA ActionCenter.

 

Crash reports

If G DATA Mobile Security for Android is unexpectedly terminated, you may consent to send us a crash report. We will ask you each time if you would like to send a report. In addition to information on the cause of the crash, we collect data to identify your device. We process these data for quality assurance purposes.

 

Analytics tools

a. Matomo

The G DATA Mobile Security App for Android uses the analysis service Matomo (formerly Piwik), a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769, which is hosted by G DATA, to analyze and regularly improve the use of our app. This data is collected, stored and evaluated for statistical purposes and to ensure system security for further improvement of the software.

The following data is recorded when our app is started:

  • •    App version
    •    App flavour
    •    Android version
    •    Manufacturer
    •    Device model
  •  
  • The legal basis for the processing of personal data is our legitimate interest in the sense of Art. 6 para. 1 lit. f) GDPR. To protect your data, we have configured Matomo so that your IP address is only recorded in a shortened form. We therefore process your personal usage data anonymously. A conclusion on your person is not possible for us.

Further information on the Matomo terms of use and the data protection regulations can be found at: matomo.org/privacy/. You can object to the saving and evaluation of this data by Matomo at any time by deactivating the option under the menu item "Help". In this case your App will not collect any data for storage and evaluation in the future.

b. Adjust

We use Adjust, an app-analytics service of Adjust GmbH, Saarbrücker Str. 37A, 10405 Berlin, Germany ("Adjust"). With this technology it is possible for us to maintain and extend our range of apps. We can use reports to measure and evaluate our app and optimize our content. For the protection of our users and partners, we can also detect and defend against fraud and security risks. Adjust processes your personal data on our behalf, in particular IP addresses (connection initiation) and Google Advertising ID. Adjust also collects the number of installations. It is not possible for us to identify you with this data.

If you do not wish to participate in app-analytics by Adjust, you may opt-out to this at any time with effect for the future by changing your settings in the "Terms of Use" or by visiting this link.

 

Opt-out 

If the processing of your data is based on your consent you may opt-out at any time with effect for the future. For this purpose, you can contact us, for example, by e-mail to the following contact address.

 

Right to object to processing

In the event of the processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    There are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or

•    The processing is necessary for the establishment, exercise, or defense of legal claims

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to gdpr@remove-this.gdata.de

 

The right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller under the meaning of data protection regulations. You can submit contact requests to gdpr@remove-this.gdata.de.

Our data protection officer is Ali Tschakari, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. He can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection to gdpr@remove-this.gdata.de.

Privacy Policy for G DATA Mobile Security iOS

With G DATA Mobile Security iOS, you may analyse different system parameter of your device or use the browser within the app, in order to find out about suspicious behaviour and phishing.

G DATA Mobile Security iOS contains several components in which we process personal data. Detailed information on individual modules can be found below:

 

App registration / In-app purchases

If you decide to purchase a license for G DATA Mobile Security iOS, we will ask you for your name, address and contact address (email), to complete the license registration. Additionally we transfer unique identifiers e.g. a random ID and the device name. We use this information to activate your license and ensure proper licensing of our application. If you purchase a license through an in-app purchase, we will receive information from Apple about the successful purchase process. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security iOS.

 

Anti-Phishing / Parental Control

If you are using the "Browser" module, G DATA Mobile Security iOS sends URLs accessed by your device to our server. We process this data in order to provide you with an assessment of the security of the accessed URL. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security iOS.

 

Connection with the G DATA ActionCenter

G DATA Mobile Security iOS allows you to connect your device to the G DATA ActionCenter. To register or connect your device with the G DATA ActionCenter, we process unique device identifiers, your data entered during registration and the location data provided by your device. In addition, location data is transmitted to the G DATA ActionCenter when you trigger the location lookup of your device. For location lookups, G DATA Mobile Security iOS accesses the location features of the iOS operating system provided by Apple. Some services in the G DATA ActionCenter allow you to send information to other connected devices in an emergency or to delete information on your device via other devices. Please keep any access or login information confidential. This data is processed in order to fulfil our contract with you regarding the use of G DATA Mobile Security iOS or the use of the G DATA ActionCenter.

 

VPN

When you activate the VPN module of G DATA Mobile Security iOS it builds an encrypted tunnel that connects you to one of the secure internet gateways provided by our technology partner Private Communications Corporation (PCC). All the data you send and receive is then sent to the internet using this encrypted tunnel. Your internet activity during the usage of VPN will neither be monitored nor recorded. The only information that is processed with regard to individual users is the time on and off PCC’s network and the number of the total bytes transmitted. The processing of this data will be carried out to fulfill our contract with you regarding the use of G DATA Mobile Security iOS.

 

Opt-out 

If the processing of your data is based on your consent you may opt-out at any time with effect for the future. For this purpose, you can contact us, for example, by e-mail to the following contact address.

 

Right to object to processing

In the event of the processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    There are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or

•    The processing is necessary for the establishment, exercise, or defense of legal claims

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to gdpr@remove-this.gdata.de

 

The right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller under the meaning of data protection regulations. You can submit contact requests to gdpr@remove-this.gdata.de.

Our data protection officer is Ali Tschakari, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. He can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection to gdpr@remove-this.gdata.de.

 

Privacy Policy for G DATA QR Code Scanner

G DATA QR Code Scanner examines QR codes scanned by you and checks information packed in the codes to detect suspicious behavior and phishing.
G DATA QR Code Scanner contains the G DATA Anti-Phishing component in which we process personal data. Detailed information about the module can be found below:

 

Anti-Phishing

If you use the G DATA QR Code Scanner the software sends URLs accessed by your device to our server. We process this data in order to provide you with an assessment of the security of the accessed URL. This data is processed in order to fulfil our contract with you regarding the use of G DATA QR Code Scanner.

 

Right to object to processing

In the event of the processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    There are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or

•    The processing is necessary for the establishment, exercise, or defense of legal claims

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to gdpr@remove-this.gdata.de

 

The right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller under the meaning of data protection regulations. You can submit contact requests to gdpr@remove-this.gdata.de.

Our data protection officer is Ali Tschakari, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. He can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection to gdpr@remove-this.gdata.de.

Privacy Policy for G DATA QR Code Generator

Thank you for your interest in G DATA products. The protection and security of our customers’ and users’ data is important to us. We have therefore designed our products and business processes to minimize the amount of personal data we collect or process. The following data privacy statement explains which information we record during your use of our application (referred to as “app” below) and which of this information is used in what ways.

 

G DATA QR Code Generator

The G DATA QR Code Generator app generates QR codes from the information you have entered so that you can share it securely and easily.

 

Downloading our app from the app store

When you download our app, the following data in particular is automatically processed by the respective operator of the app store (Google Play):

  • •    User name in the app store
  • •    E-mail address entered in the app store
  • •    Customer number of your app store account
  • •    Time of the download
  • •    Payment information

•    Individual device ID

We have no influence on and are not responsible for this collection of data. Further information about data processing can be found in the Privacy Policy of the respective app store operator: Google Play Store

 

Statistical analysis – tracking

We use tracking technologies in the G DATA QR Code Generator to rate and evaluate our app, and to optimize our content. We are also able to identify fraud and security risks to protect our users and partners. The legal basis for this processing of data is your consent, which is granted to us voluntarily (Article 6(1)(a) of the GDPR). At no point is the content of the QR code recorded.

 

G DATA Analytics

We use G DATA Analytics to analyze use of the app. The data gained from this process is used to optimize our app and promotional measures. G DATA Analytics is an analysis service operated and provided by us, G DATA CyberDefense AG, Königsallee 178, 44799 Bochum, Germany. The legal basis for this processing of data is your consent, which is granted to us voluntarily (Article 6(1)(a) of the GDPR).

The following data is recorded when you use the app:

  • •    Device manufacturer and model
  • •    The Android version installed
  • •    The use of QR codes (creation, editing, and deletion)

•    Your IP address

This data is transmitted to a G DATA server in Germany, and is not shared with third parties. The server receives this data and extracts the information. The IP address is subsequently discarded. A randomly generated user ID which can be used for grouping future data is transmitted for the server-side assignment of this data. The recorded data is stored together with the randomly generated user ID, enabling the evaluation of pseudonymized user profiles. However, it is not possible for us to identify you personally after the IP address is discarded.

The stored data is erased automatically every 12 months.

If you do not consent to data recording, you can deactivate this at any time with future effect under the menu item “Help us!” in the app.

 

Your rights as a data subject

Please note: You have the right to request information at any time from G DATA CyberDefense AG regarding personal data relating to you that we have stored (Article 15 of the GDPR). You are also entitled to request information regarding the recipients or categories of recipients with whom this data is shared as well as the purpose and duration of storage.

 

Rectification, erasure, restriction of processing

You also have the right to request the rectification (as stipulated in Article 16 of the GDPR), erasure (as stipulated in Article 17 of the GDPR), or restriction (as stipulated in Article 18 of the GDPR) of processing of your personal data.

 

Data portability

Furthermore, as stipulated in Article 20 of the GDPR, you can request the transfer of your personal data at any time.

 

Opt-out for tracking

You may object to the use of tracking tools in our app at any time. Please use the menu item “Help us!” to do so.

After clicking the menu item, you can revoke your consent to the use of tracking tools. Your decision is recorded in the app’s memory and your data will no longer be tracked. This decision is only valid as long as the app is installed on your device. Deleting the app also erases the memory. If you subsequently reinstall the app, you will have to object to data recording again.

 

Right to object to processing

In the event of processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    there are compelling legitimate grounds for its processing which override your interests, rights, and freedoms, or

•    its processing is necessary for the establishment, exercise, or defense of legal claims.

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to info@remove-this.gdata.de

 

Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority.

To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have any additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller within the meaning of data protection regulations. You can submit contact requests by e-mail to info@remove-this.gdata.de.

You can submit contact requests by e-mail to Mobilesecurity_support@remove-this.gdata.de.

Our data protection officer is Ali Tschakari, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. He can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection by e-mail to dsgvo@remove-this.gdata.de.

Privacy Policy for G DATA USSD Filter

The G DATA USSD filter registers itself for potentially dangerous control codes called up on the device and warns the user if it finds a suspicious control code. The associated processing of personal data takes place for the fulfilment of our contract with you about the use of G DATA USSD Filter.
The G DATA USSD filter does not process any personal data outside your device. The control codes are only checked on the device.

 

Right to object to processing

In the event of the processing of personal data for the performance of a task carried out in the public interest (Article 6(1)(1)(e) of the GDPR) or for the purposes of legitimate interests (Article 6(1)(1)(f) of the GDPR), you can object to the processing of your personal data at any time with future effect. In the event of an objection, we must refrain from all further processing of your data for the aforementioned purposes, unless

  • •    There are compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or

•    The processing is necessary for the establishment, exercise, or defense of legal claims

As stipulated in Article 21(1) of the GDPR, data subjects have the right to object to data processing on grounds relating to their personal situation.

 

How can I exercise my rights?

To exercise these rights, please write to G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany or send an e-mail to gdpr@remove-this.gdata.de

 

The right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection supervisory authority. To do so, you can contact the data protection supervisory authority responsible for your place of residence or our company headquarters. The mailing address of the supervisory authority responsible for G DATA CyberDefense AG is:

Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Kavalleriestrasse 2–4, 40213 Düsseldorf, Germany

 

Contact

If you have additional questions (such as ones pertaining to personal data relating to you that we have stored), please do not hesitate to contact us.

G DATA CyberDefense AG, G DATA Campus, Königsallee 178, 44799 Bochum, Germany. G DATA CyberDefense AG is the controller under the meaning of data protection regulations. You can submit contact requests to gdpr@remove-this.gdata.de.

Our data protection officer is Ali Tschakari, LL.M., Bitkom Servicegesellschaft mbH, Albrechtstrasse 10, 10117 Berlin. He can be reached directly at datenschutz@remove-this.bitkom-consult.de. You can submit additional questions regarding data protection to gdpr@remove-this.gdata.de.

Version 07/20