Privacy Policy – Bitdefender Customer Community
Version 1.0, adopted on 16.04.2018
________________________________________

The document is meant to inform you on what kind of personal data we collect, how and where we may use these data, how we protect it, who has access to it, with whom do we share it and how you may correct the data collected by us.

1. General information
S.C. BITDEFENDER S.R.L. (hereafter mentioned as Bitdefender), with its official headquarters in 15A Orhideelor St., Orhideea Towers, district 6, Bucharest, 060071, registered in the Bucharest Trade Register with number J40/20427/2005, fiscal code RO18189442, e-mail privacy@bitdefender.com processes personal data in agreement with the Romanian data protection legislation (Law 677/2001) and the EU General Data Protection Regulation (Regulation EU 2016/679).
Bitdefender offers IT security products and services and creates and manages the Bitdefender Customer Community for the main purpose of analyzing and testing the Bitdefender’s products and services for marketing by different segments of target-groups audience.
In this context, Bitdefender processes personal data for the following main purposes:

• 
  
• The data obtained through online forms from potential participants to the Community are being used to identify if those users are being relevant for the respective Bitdefender Community;
• 
  
• The data obtained from the Community is being used to analyze and test the Bitdefender’s products and services by different segments of target-groups audience, but also for correct administration of the Community platform or to identify the winners of the prizes, so it could be send to them.
• 
  
• Other related statistical analysis
• 
  

2. Personal data collected
All personal data collected by Bitdefender will be recorded, stored, used and managed on protected servers, as well as on other devices that allow these operations with appropriate security measures. Also, all Bitdefender's websites are being hosted on protected servers. The current Privacy Policy does not include the data collected by the installed Bitdefender’s products, which are covered by our Privacy Policy for our products available at https://www.bitdefender.com/site/view/legal-privacy.html
Bitdefender may collect personal information from its users in the Bitdefender Community in two different ways:
1. directly provided by a user;
2. indirectly by traffic data or cookie collected by the servers that host our Community;
2.1. Personal data directly provided by a user

• 
  
• a) When you complete a form to estimate if you are eligible to participate in the Community, we will ask for your name, surname and email address. We may also ask for your age, sex, occupation, income and other data that are just being aggregated for groups estimations and to identify if you are eligible to participate in the Community.
• 
  
• b) The data completed in the Bitdefender Community portal, including the data on your profile and the data and posts that you might reveal while you participate in the Community. The Telephone number/physical address are used strictly for sending out the physical rewards.
• 
  

2.2. Traffic data – when a user visits a website, it automatically reveals certain information, such as the IP address, date and time of the visit or the referral website that sent you to Bitdefender Community website. Bitdefender, like any other website manager, may record this kind of information for a limited period of time for community platform administration.

2.3. Cookies - In order to offer a customized experience to our users, Bitdefender uses cookies of the community platform for the unique purposes of correct management and technical usage of the platform.

3. Legal basis and other details for personal data processing
Bitdefender processes personal data for its Bitdefender Communities based on the following legal basis:

• 
  
• consent, for the data collected from prospective users of the platform through its forms, as described in point 2 (1) a. This data will be kept only for two months, unless the users have joined the Community, when the data may be still used for the duration mentioned below.
• 
  
• performance of a contract to which the data subject is party, for all the other personal data collected, as all users that are present in our Community must agree with the Bitdefender’s Contest Terms and Conditions. This data will be kept for the entire duration of the contract plus three years, in order to comply with legal obligations or issues following participation in the Bitdefender Community or Bitdefender’s Contests. The failure to provide this data may results in the impossibility to take part on the Bitdefender Community.
• 
  

Bitdefender is using other IT companies to process the collected personal data. These companies are considered data processors and have strict contractual obligations to keep the confidentiality of the processed data and to offer at least the same level of security as Bitdefender. Data processors have the obligation not to allow third parties to process personal data on behalf of Bitdefender and to access, use and/or keep the data secure and confidential. At the same time, Bitdefender may store personal data in European Union countries, as well as in any other jurisdiction which offers adequate level of personal data protection according to European Union standards, such as Canada or US companies that are part of the US-EU Privacy Shield programme.
For the Bitdefender Community these other IT companies used are:

• 
  
• Ramius Corporation from Canada, that provides the Recollective platform for the Bitdefender Community
• 
  
• Amazon AWS Inc. from Ireland, that hosts the Community platform
• 
  

Access to Bitdefender Community is protected by a username and password. We recommend not to reveal this password. Bitdefender will never ask for your account's password via any kind of messages or phone calls. We advise not to disclose your password to anyone asking you to do so. If possible, we also recommend to log out of your online services account after each session. We also advice to close the browser window after navigating or using Bitdefender Community.
Unfortunately, transferring data over the Internet cannot be 100% secure. Consequently, despite our efforts to protect personal data, Bitdefender cannot assure or guarantee the security of the information transmitted by the user until the information is on our servers. Any information you transmit is done on your own risk.
Any unauthorized access to protected sections of Bitdefender Community websites, including any unsuccessful attempt to access protected sections could be a crime. These kind of activities could be reported to competent authorities.

4. Who has access to personal data
In principle, Bitdefender will not reveal any personal data about its users to third parties without explicit consent from the users.
Exceptionally, Bitdefender may reveal personal data to competent authorities under applicable law or when this is necessary to protect Bitdefender rights and interests. In any other cases provided by law, Bitdefender may use personal data to prevent and identify fraud, as well as in any other related legitimate purpose.

5. How to correct personal data related errors
When you create an account on Bitdefender Community websites or for one of our services, a confirmation email with your account details will be sent. The confirmation email will be sent to the email you supplied and it may describe the ways in which you can modify or delete the account you created. We advise you to keep this confirmation email since it contains useful information regarding access to our services. Any requested modification will be solved in maximum 15 days from when the written request of the user has been received.

6. Your personal data rights
According to European Union data protection legislation (GDPR), data subjects shall have the right to access to data, right to rectification, right to erasure, right not to be subject to individual decisions and the right to address a court. Data subjects also have the right to restriction of personal data processing and to request the deletion of the collected personal data, as well as the right to data portability.

For exercising these rights, you may send a written request, dated and signed and send it to the above mentioned Bitdefender headquarters or via email to privacy@bitdefender.com
The data subjects also have the right to lodge a complaint with a supervisory authority.

7. Publication date
The privacy policy has been adopted today 16 April 2018 and will be modified each time is necessary without prior or future notice of the changes. The new version will enter into force when published on the website and it will be marked accordingly. The present document is available at LIKNK.