OPSWAT Privacy Policy
Last Updated: March 6, 2023
Summary
OPSWAT Inc. and its subsidiaries (“OPSWAT”, “we”, “us”, and “our”) take data protection very seriously, and we are fully committed to protecting your information. This privacy policy explains:
- the personal data we collect from you;
- how we use your personal data (including how we disclose or transfer your personal data); and
- your rights with respect to your personal data.
IMPORTANT:
“Personal data” means any data relating to an identified or identifiable natural person, including but not limited to your name, contact information (e.g., your email address, postal address, or telephone number), and your IP address.
Although you do not have to provide any of your personal data to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods, or services you want from us.
Our privacy policy may be updated from time to time, and we will notify you of any material changes by posting the new policy and revising the “Last Update” date at the top of the policy.
How We Process Your Personal Data
If you use our website at OPSWAT.com and/or any OPSWAT-associated sites existing as subdomains:
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
Your general use of our websites | - Page visit history
- IP address
- Browser type and operating system
- Date when you visit our website
| - Better understand user behavior and browser agent performance
- Improve website performance and content quality
|
Submitting a request to us through our websites (e.g., through our “Contact Us” or “Subscribe” forms and live chat) | - Name
- Contact information (e.g., email address, phone number)
- Your country/state
- Company name and designation
- Any other information you share with us, including your interest in our products and the number of devices in your production environment
| - To respond to your request for contact
- To provide you with information that best meets your needs as expressed in your inquiry
- To deliver targeted and relevant advertising and marketing to you
- To ensure we comply with consent requirements pursuant to your country’s privacy requirements
|
If you interact with the Chatbot on one of our websites | - Information you voluntarily provide to the Chatbot, including your name, title, and contact information (e.g., email address, phone number)
- Usage information (if associated with a unique device identifier tied to you)
| - To grant you access and allow your use of the Chatbot
- To respond to your request for contact
- To provide you with information that best meets your needs as expressed in your inquiry
- Improve Chatbot performance and content quality
|
If you make a purchase through any of our online stores or any third-party e-commerce store:
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
Making a purchase through our online stores | - Name
- Entity name
- Contact information
- Recipient name and shipping information
| - To ship your purchased products
- To comply with export laws
- To process any item returns
- To provide you with support, per your request
|
IMPORTANT:
If you make a purchase through our online stores with a credit card, your credit card information is processed directly by OPSWAT’s payment processing vendor. OPSWAT does not store or directly process your credit card information.
If you create an account through one of our websites (including OPSWAT Portal) or for any of our products:
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
Creating an account on OPSWAT Portal or through one of our associated websites | - Name
- Contact information (e.g., email address, phone number)
- Company name
- Password
| - Validate that you are human and not a robot when you create an account
- Authenticate your secure access to your account when you log-in
- Create an OPSWAT Portal account for you
- Associate your requests for support with your account
- Troubleshoot an issue that you are reporting
|
If you use our products and services:
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
If you are invited to your organization’s account | - Name
- Email address
- Password
- IdP Group information
- API key
| - To provide login and authentication
|
Using our products and services | - Name
- Contact information (e.g., email address, phone number)
- IP address
- Hostname
- Usage information (e.g., information regarding your configuration and use of our products and services; information regarding how our products and services are performing based on your use)
- Other information that you may provide to us in connection with your use of our products and services
| - To conduct account administration and other service activities
- To maintain the security of our infrastructure and services
- To improve our products and services
- To make recommendations to customers based on your usage
- To provide customer support regarding our products and services
|
Reporting an issue with one of our products | - If you use our support tool to generate and send us a support package, depending on the support tool you use, data collected from the OPSWAT product you are using may include personal data. Please refer to the Product-Specific Disclosures section below for more details.
| - To troubleshoot an issue you are reporting.
|
Providing professional services or support to you | - Name
- Contact information (e.g., email address, phone number)
- Your business address (for on-site installations)
- Information regarding your company and role
- Personal data captured in content and/or metadata to troubleshoot the issue
| - To communicate with you throughout the course of our professional services engagement or to provide support to you
- To provide professional services or support to you
|
If you use OPSWAT’s e-learning platform (OPSWAT Academy):
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
Enrolling in courses | - Name,
- Contact information (e.g., email address, phone number)
- Country
- Information regarding your company and role
| - To create your OPSWAT Academy account, authenticate your access, and associate requests for support with your account (if you are using OPSWAT Academy previous to v. 3.0)
- For OPSWAT Academy 3.0: for marketing analytics purposes and to send product updates or related information
|
IMPORTANT:
If you make a purchase through our e-learning platforms with a credit card, your credit card information is processed directly by OPSWAT’s payment processing vendor. OPSWAT does not store or directly process your credit card information.
Other ways in which OPSWAT processes personal data:
Activity | Personal Information We Collect | How We Use Your Personal Information |
|---|
Marketing to you | - Name
- Contact information (e.g., email address, phone number)
- Information regarding your company and role
| - To deliver targeted and relevant advertising and marketing to you
|
For suppliers, purchasing products and services from you | - Name
- Contact information (e.g., email address, phone number, physical address)
- Information regarding your company and role
| - To purchase products and services for OPSWAT
|
For independent contractors, receiving services from you or providing services to our customers | - Name
- Contact information (e.g., email address, phone number, physical address)
- Information regarding your company and role
| - To receive services for OPSWAT or provide services to our customers
|
For resellers and business partners, establishing and maintaining our business relationships | - Reseller name
- Contact information (e.g., email address, phone number, physical address)
- Information regarding your company and role
| - To manage our reseller and business partner relationships
|
Visiting one of our locations | - Name
- Contact information (e.g., email address, phone number, physical address)
- Details regarding your visit
- Country of residence
- CCTV video
| - To ensure the safety, security, and health of the individuals at our locations
|
Marketing
OPSWAT (or our resellers or other selected third parties acting on our behalf) may contact you from time to time in order to provide you with information about products and services that may be of interest to you. You have the right to ask OPSWAT not to process your personal data for certain or all marketing purposes, but if you do so, OPSWAT may need to share your contact information with third parties for the limited purpose of ensuring that you do not receive marketing communications from them on OPSWAT’s behalf.
Sensitive Personal Data
We do not intend to collect sensitive personal data from you (unless we are legally required to do so). Examples of special category information include race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sexual life or sexual orientation, and criminal records.
We ask that you do not provide us with sensitive personal data when using our products and services.
Automated Decision Making
We do not use your personal data for automated decision making or profiling.
Cookies and Similar Technologies
If you use an internet browser to interact with our products and services, you should be aware that like many businesses with websites and cloud services, we may also use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. You can control our use of cookies with respect to your device by changing options in the Internet browser you use. We will display notices to you about cookies and prompt you to accept a cookie from us. If you do not accept cookies, however, you may not be able to use all portions or features of our products and services using your internet browser. For more information about our use of cookies, please visit OPSWAT Cookies Policy.
Legal Basis for Collecting and Using Your Personal Data
Our legal basis for processing your personal data will depend on the personal data we collect and the context in which we collect such data. However, we will normally collect personal data from you only where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal data from you or may otherwise need the personal data to protect your vital interests or those of another person.
If we collect and use your personal data in reliance on our legitimate interests (or those of any third party) other than as described in this privacy policy, we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details provided under the “Contact Us” heading.
Disclosures
OPSWAT may disclose personal data to third parties under the following circumstances:
- Our Affiliates: We may disclose your personal data to our affiliates to provide services and support and for the purposes otherwise described in this privacy policy.
- Service Providers: We may disclose your personal data to third-party service providers to provide us with services such as website hosting and professional services, including information technology services, payroll services, auditing services, consultancy services, regulatory services, and legal services in other countries.
- Business Partners: We may provide your information to our channel partners, such as distributors and resellers, and to other business partners, to fulfill product and information requests, to effectively deliver unified support, and to provide customers and prospective customers with information OPSWAT and its products and services.
- Compliance with applicable law: We may also disclose your personal data to law enforcement, regulatory and other government agencies, and to professional bodies and other third parties as required by and/or in accordance with applicable laws or regulations (including responding to public authorities to meet national security or law enforcement requirements).
- Exercising our legal rights: When necessary, we may disclose your information as necessary to exercise, establish or defend our legal rights.
- Business transfers: We may disclose or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your information shall only be used in accordance with this privacy policy.
- Vital interests: We will disclose personal data if required in urgent circumstances to protect the personal safety of individuals or the general public.
- With your consent: We may disclose your personal data for any other purpose with your consent.
IMPORTANT:
We do not sell your personal data to third parties.
International Transfers
OPSWAT’s global organizational structure requires the global transfer of personal data to OPSWAT’s affiliates. Consequently, the personal data you provide to us will be transferred across state or country borders, including to countries outside the country in which you reside (including to countries outside the European Economic Area (“EEA”), the United Kingdom, and Switzerland). OPSWAT also transfers your personal data internationally to service providers, business partners, and other third parties (as described in the “Disclosures” section). Some of these recipients may process your personal data outside of countries considered “adequate” by certain supervisory authorities, including the European Commission. If such an international transfer occurs, we will protect your personal data by taking contractual or other steps in accordance with applicable law. For transfers from the EEA, the United Kingdom, or Switzerland to non-adequate countries, we have implemented the European Commission’s Standard Contractual Clauses.
Security
We use technical and organizational measures to protect your personal data from accidental or unlawful loss, destruction of, or damage to personal data. However, while we strive to protect personal data, we cannot guarantee the security of the personal data provided to us. Although we use appropriate security measures, once we have received your personal data, the transmission of data over the Internet (including via email) is never completely secure. We urge you to protect your personal data when using the Internet by, for example, changing passwords often, using a combination of letters, numbers, and special characters (for example, % and $ and +), and making sure to use a secure browser.
Data Retention
We store your personal data for different time periods depending on the type of personal data we have, our stated business purpose for such data, our legal obligations and rights, and our agreements with you. We will retain your information for as long as we have a legitimate business purpose to do so, for no longer than is required or permitted by law. Please note that you may also request us to delete your personal data, as described in the “Your Rights” section.
Your Rights
Under applicable privacy laws, you may have the following rights regarding your personal data (which you can invoke by going to https://go.opswat.com/myuserright):
- Right to access your information: You have the right to request access to the personal data that we hold about you, including access to duplicates of the personal data retained.
- Right to correct your information: If your personal data is inaccurate or incomplete, you can ask us to correct your information.
- Right to suspend processing: You have the right to request that we stop processing your personal data in certain circumstances, including when you believe that the information we hold about you is inaccurate or unlawful.
- Right to port your data to another party: You have the right to receive the personal data concerning you, in a structured, commonly used and machine-readable format, and have your information transferred to another party.
- Right to delete: You have the right to request we delete your personal data. If we delete your personal data, you may lose access to OPSWAT services requiring you to maintain registration with us of a user account ("User Account"). Additionally, please note that we may have an overriding legitimate basis for retaining your personal data (e.g., if your User Account is linked to a commercial transaction with OPSWAT where you are making payments to us or we are making payments to you).
- Right to object: When we process your personal data based on legitimate interests, you have the right to object to this processing. If you object, we will no longer process your personal data unless there are compelling and prevailing legitimate grounds under applicable law (e.g., your data is necessary for us to establish, exercise, or defend our legal rights).
- Right to complain to a supervisory authority: You have the right to lodge a complaint with your applicable supervisory authority.
Children’s Privacy
We understand the importance of protecting children's privacy and we never knowingly collect personal data about individuals under the age of 18.
IMPORTANT:
If you are under 18 years of age, we ask that you do not use our products and services.
Links to Third-Party Sites
As you use our products and services, you may link to third-party sites not controlled by us and which do not operate under our privacy practices. When you link to third-party sites, our privacy practices no longer apply. We encourage you to review each third-party site's privacy policy before disclosing any personal data.
Product-Specific Disclosures
These product-specific disclosures include additional detail regarding how we process your personal data.
MetaAccess
If your device is monitored by an administrator, MetaAccess may provide your administrator access to the following:
Data We Collect | How We Use Your Data |
|---|
| - To provide the administrator auditing capability which user is logging in
|
If your administrator chooses the option within MetaAccess to collect information regarding other devices you connect to the network with an OPSWAT client installed, MetaAccess will collect information regarding such devices, including: - Local IP address
- MAC address
- Hostname
- Mobile device name
- Device type and serial number
- OS type
- Network adapter information such as DNS and media state
- Active Directory information such as AD domain and OU/Group name
| - To identify and locate your device(s) associated with your account
- To allow your administrator to monitor other devices you connect to the network with an OPSWAT client installed
- To discover devices in the network, including those which are not running the OPSWAT Client
|
- System and application information (e.g., OS information, missing patches, lock screen timeout)
- Anti-malware log
- Mobile device status and information (e.g., connected IP addresses, OS information, encryption state)
| - To determine if each device associated with your administrator's account is compliant with the security policy that your administrator set
|
- Other information collected using scripts and which end-users input
| - To provide your administrator with customized information to be used for the purpose your administrator has determined
|
- OPSWAT Client crash dump and logs
| - To provide your administrator with a method to fetch logs from your devices running the OPSWAT Client.
- To provide your administrator or OPSWAT support representatives with a method to troubleshoot issues reported by your devices running the OPSWAT Client.
|
| - To allow your administrator the ability to monitor user sessions
|
IMPORTANT:
Please note that your administrator may choose to enable “Network Discovery,” a feature within MetaAccess that allows your administrator to monitor the networks you connect with your device running the OPSWAT Client. If you connect your device running the OPSWAT Client to networks other than your company’s network, your administrator may see limited information about such other networks and the devices connected to such other networks, including local IP addresses, MAC addresses, hostnames, device types, and OS types. If you have any questions or concerns about Network Discovery, please contact your administrator.
If you are using the personal version of MetaAccess, please note that we may process the following information
Data We Collect | How We Use Your Data |
|---|
- Email address
- Hostname
- IP address
- MAC address
- Serial number of your device
| - To determine the general security status of your device
- To determine what applications are installed on your device
|
IMPORTANT:
Please note that the retention period for your data is configurable by your administrator under commercial subscription for MetaAccess. By default, your data is retained for thirty (30) days.
The following personal data is collected but de-identified and stored separately to protect your privacy.
Data We Collect | How We Use Your Data |
|---|
Information regarding running processes, including: - File signature of process
- File signature of loaded modules
- File properties such as version and descriptions
- Digital signature information
- Running processes and their network connections
- Network connectivity: IP addresses and domain names
- Information about the application to which the process belongs
| - To determine whether the behavior of processes running on your device is safe or malicious (in other words to assess whether or not your device has been compromised by malware).
|
High-level OS/device information, including: - Operating system name
- Service pack version
- Computer type (e.g., laptop)
- OS language
| - OS information is for classifying the relative distribution or concentration of operating systems and versions across all data which is submitted to us. Network information is for classifying the relative distribution or concentration of various network adapters as well as the distribution or concentration of Wi-Fi vs. Ethernet connections across all data which is submitted to us.
|
Information regarding application lists, including: - Product name and product version
- Vendor name
| - To identify endpoint security products besides anti-malware (such as personal firewalls and disk encryption) installed on your device and determine whether your device is running the latest version made available by its vendor.
|
Information regarding anti-malware products on your devices, including: - Anti-malware definition information
| - To specifically identify anti-malware product(s) installed on your device and see whether or not these product(s) have their real-time protection feature enabled, whether their definition database is up-to-date, and the last time the product(s) scanned the device for malware infection.
|
Information regarding your installed system drivers, including: - Driver information such as name and status
| - To determine whether the OPSWAT driver made available to software vendors for embedding in their application is able to function correctly based on other drivers already installed on your device.
|
Your OPSWAT Endpoint Security SDK Account Token | - If you are a software vendor embedding OPSWAT Endpoint Security SDK and enabling the data submission process, this token identifies your company as an authorized user of the data submission process.
|
MetaDefender Platform
Your Activity | Data We Collect | How We Use Your Data |
|---|
If you activate the MetaDefender license key | - Email address
- IP address
- A unique identifier of the device on which the license key was activated by the activation process
| - To record in our license server that you activated a specific license key provided to you by us on a unique device
- To investigate license activation issues you report to us
|
If you configure MetaDefender to automatically install updates | - IP address
- A unique identifier of the device on which the automatic updating was configured
| - To investigate automatic updating issues you report to us
|
If you use MetaDefender Drive and consent to uploads to MetaDefender Cloud | - Contents of the file and file metadata (to the extent that either contains personal data)
| - To analyze an uploaded file with multiple anti-malware engines and display results of each engine's analysis (i.e., is the file infected with a computer virus or not)
- To sanitize the uploaded file, if the file type is supported for this function, in order to provide the sanitized file to you only
|
If you use MetaDefender ICAP Server | The support package created by the support tool includes the following: - Raw HTTP traffic snippets for badly formatted ICAP requests
- Information relating to the browsing history of the IP of the proxy device using ICAP to send requests to MetaDefender and URLs visited by devices using the proxy device which is sending requests to MetaDefender
| - To investigate issues you report to us concerning an instance of MetaDefender Web Security with ICAP on which you have run the support tool and sent us the resulting support package
|
If you use MetaDefender Vault and your instance is integrated to your Microsoft Active Directory | - Your user information from Active Directory, which will likely include your name, company, any nicknames, username, and email address
| - To investigate issues you wish to report to us concerning an instance of MetaDefender Vault on which You have run the support tool and sent us the resulting file
|
If you use MetaDefender for Secure Storage | The support package created by the support tool includes the following: - Application logs and configuration information that may include IP addresses, file names, user emails, and usernames
- History of the mdss package commands executed
- OS and hardware information of your device
- Network information
| - To investigate issues you wish to report to us concerning an instance of MetaDefender for Secure Storage on which you have generated support package and send us the resulting file
|
If you use the Central Management support tool to create and send us a support package | The support tool generates a support package called “mdcentralmgmt-support-<TIMESTAMP>.tar.gz” for Linux and “mdcentralmgmt-support-<TIMESTAMP>.zip” for Windows which includes: - The configuration files of Central Management found on the device on which you installed Central Management
- Log files of Central Management found on the device
- OS and hardware information of your device
- Network information
- Central Management directory information
- Central Management configuration database without user data
| - To investigate issues you wish to report to us concerning an instance of MetaDefender Central Management on which you have run the support tool and sent us the resulting support package
|
MetaDefender Cloud
Your Activity | Data We Collect | How We Use Your Data |
|---|
When you upload a file from your browser | - Browser name
- IP address (obfuscated to protect your information)
- Browser unique identifier
- Hostname
| - To uniquely identify the device you are using to access MetaDefender Cloud
- To identify the location of your device when using MetaDefender Cloud
|
IMPORTANT:
For Commercial and Enterprise customers, MetaDefender offers two features to protect personal data:
(1) Private Scanning: Ensures deletion of your files within twenty-four (24) hours after scanning; and
(2) Private Processing: Ensures that the results of your scan are only available to the person who scanned the file with the API key.
When you scan a file using MetaDefender Cloud, MetaDefender Cloud will process personal data as follows:
| Personal | Commercial/Enterprise Without Private Scanning | Commercial/Enterprise, Private Scanning Selected |
|---|
Data We Collect | - The file submitted for scanning itself, which may contain personal data
- File metadata (e.g., the file type)
| - The file submitted for scanning itself, which may contain personal data
- File metadata (e.g., the file type)
| - The file submitted for scanning itself, which may contain personal data
- File metadata (e.g., the file type)
|
How We Use Your Data | - To analyze an uploaded file with multiple anti-malware engines and display results of each engine's analysis (i.e., is the file infected with a computer virus or not)
- To sanitize the uploaded file, if the file type is supported for this function, in order to provide the sanitized file to you only
| - To analyze an uploaded file with multiple anti-malware engines and display results of each engine's analysis (i.e., is the file infected with a computer virus or not)
- To sanitize the uploaded file, if the file type is supported for this function, in order to provide the sanitized file to you only
| - After you submit the file for scanning in the client, MetaDefender Cloud temporarily stores the file in an encrypted AWS S3 bucket for file scanning
- After completion of the scanning process, the file is permanently removed from our storage
|
Data Retention | - Up to 10 years unless otherwise restricted by law or by your choice to delete as part of your rights
| - Up to 10 years unless otherwise restricted by law or by your choice to delete as part of your rights
| |
If you make a purchase through Stripe (our online store provider), please note that OPSWAT will not have access to your payment information, since payment transactions are entirely processed through Stripe. Stripe is certified as a PCI Level 1 Service Provider. Please refer to Stripe’s Privacy Policy for further detail regarding how Stripe processes your payment information.
Mobile App
Your Activity | Data We Collect | How We Use Your Data |
|---|
If you install the OPSWAT Mobile App | - IP addresses to which your device is connected
- Android application package files of applications installed on your device
- Log files
- Installation UUID: unique alphanumeric string for identifying a device to the OPSWAT Mobile App
- Troubleshooting logs
| - To analyze connected IP addresses and applications on your mobile device for malicious activity
- To provide OPSWAT support representatives with a method to troubleshoot issues reported by your devices running the OPSWAT Mobile App
- Help to troubleshoot a crash with specific instances of the OPSWAT Mobile App
- Analytics information based on segmented device data
|
If you enroll your device to a MetaAccess account | Refer to MetaAccess Product-Specific Disclosures |
Central Management
Your Activity | Data We Collect | How We Use Your Data |
|---|
If you install Central Management v. 7.x | - Activation key
- IP address
- Email address
- Log files of Central Management and OPSWAT Client (to the extent they contain personal data)
| - To record in our customer license management system that you activated a specific license key provided to you by us on a unique device
- To troubleshoot any license activation issues and other issues you are reporting
- To provide trial license key via email
|
If you install Central Management v. 5.x | Refer to MetaDefender Platform Product-Specific Disclosures |
If your device is monitored by an administrator | - Contents of the file and file metadata (to the extent either contains personal data)
| - To analyze an uploaded file with multiple anti-malware engines to detect any threats
|
My OPSWAT
Your Activity | Data We Collect | How We Use Your Data |
|---|
When you register for a My OPSWAT account | - Name
- Email address
- Password
- Your associated organization
| - Create a user account for you
- Assign you to an account with a user role
- Create audit trails for actions you perform on an account
|
If you are invited to your organization’s account | - Name
- Email address
- Password
- IdP Group information
- API key
| - Create a user account for you
- Assign you to an account with a user role
|
When you activate a license key | - Account ID: a unique identifier OPSWAT generates to identify a unique account/server.
- License key: a unique key OPSWAT generates when a customer purchases licenses for OPSWAT products
| - To activate the product
- To investigate license activation issues you report to us
|
When you browse the product page | | - To visualize the products you have licensed from OPSWAT
|
If you download a deployment report for a license key | | - To generate a deployment report for a license key of a product
|
If you use My OPSWAT to manage your OPSWAT products | - When you enroll a product instance or create a group, OPSWAT will collect any personal data contained in the name and/or description of such product instance or group (e.g., a person's name).
| - To allow you to identify and manage your product instances and groups
|
If you submit a support case through My OPSWAT | Troubleshooting logs, which may include: - The location where the product is installed
- IP addresses
- Hostname
- OS Information
| - To troubleshoot an issue that you are reporting
|
If you pay an invoice through PayPal | - Your account name, to the extent this contains your personal data
- Invoice number
| - To send your invoice to PayPal for processing. Please note that any banking or credit card information submitted to PayPal is processed directly by PayPal. Please refer to PayPal’s privacy policy for further details regarding PayPal’s processing.
|
Additionally, to the extent you use My OPSWAT to manage your OPSWAT product(s), such product instances may report data to My OPSWAT. Please refer to the applicable Privacy Policy for your OPSWAT product(s) for more details regarding the personal data processed by such product(s).
OPSWAT FileScan
When you use the Software-as-a-Service version of FileScan and you upload a file to FileScan, personal data may be processed as follows:
| Community Version | Commercial Version |
|---|
Data We Collect | - The uploaded file itself, which may contain personal data
- Any personal data contained in the analysis report from FileScan
| - Any personal data contained in the analysis report from FileScan
|
How We Use Your Data | - For file analysis as part of the FileScan services
- For producing the threat intelligence report to the user
- For error monitoring and error reporting
| - For producing the threat intelligence report to the user
- For error monitoring and error reporting
|
When FileScan is installed on-premises, OPSWAT does not have access to the files you upload to FileScan for processing.
WARNING:
Your network connection used for FileScan should be separate from any other network connection. Using the product in any other way (e.g., a shared connection with your internal network) is a serious threat to the data protection of any files analyzed by FileScan. You assume sole responsibility for failing to establish a separate network connection for FileScan.
Netwall
By default, OPSWAT does not have access to your personal information when you use Netwall, since Netwall is deployed on-premises. OPSWAT will only process your personal information in the following instances:
Your Activity | Data We Collect | How We Use Your Data |
|---|
When you create a local user account | - Login information
- Email address
| - To create your user account
|
When you choose the option to connect to FTP or Windows File shares | | - For authentication and access control to the system
- For access to file shares
|
When you ask OPSWAT support representatives to investigate an issue with Netwall and provide OPSWAT with log files | - Any personal data contained in product logs
| - Troubleshoot an issue with Netwall that you are reporting
|
MetaAccess OT
Your Activity | Data We Collect | How We Use Your Data |
|---|
If MetaAccess OT is hosted by OPSWAT and you create an account with us | - Name
- Login information
- Email address
- Phone number (optional)
| - For authentication and access control to the system
- We also use phone numbers and/or email for multi-factor authentication
|
When you ask OPSWAT support representatives to investigate an issue with MetaAccess OT and provide OPSWAT with log files | - Any personal data contained in product logs
| - Troubleshoot your reported issue with MetaAccess OT
|
OTFuse
If the OTFuse management console is not used, then OPSWAT does not collect any personal data from you.
If the management console is used the following data is collected:
Your Activity | Data We Collect | How We Use Your Data |
|---|
You create an account with us | - Name
- Login information
- Email address
| - For authentication and access control to the system
|
When you ask OPSWAT support representatives to investigate an issue with OTFuse and provide OPSWAT with log files | - Any personal data contained in product logs
| - Troubleshoot your reported issue with OTFuse
|
Neuralyzer
Neuralyzer does not process any of your personal data. Neuralizer’s data collection is limited to data concerning the devices you use and the network connections between your devices.
MetaDefender Email Gateway Security
If you deploy MetaDefender Email Gateway Security on-premises, OPSWAT does not process your emails. However, if you report an issue to us, OPSWAT may process your personal data as follows:
Your Activity | Data We Collect | How We Use Your Data |
|---|
If you ask us to troubleshoot an issue | - When you ask us to troubleshoot an issue, you may provide us with troubleshooting logs, which may contain the email addresses of the sender and recipient and the subject line of the email, to the extent it contains personal data.
| - To investigate issues you report to us
|
If you use MetaDefender Cloud Email Security, we process your personal data as follows:
Your Activity | Data We Collect | How We Use Your Data |
|---|
Creating an account | - Name
- Login information (username and password)
- Email address
- Role
| - To create an account for you. Please note that the administrator for your company’s instance will also have access to your account information for the purposes of managing the company’s instance of MetaDefender Cloud Email Security.
|
When you use MetaDefender Cloud Email Security to scan your email | - The email addresses of the sender and recipient
- The subject line of the email, to the extent it contains personal data
- Personal data contained in emails scanned with MetaDefender Cloud Email Security
| - For MetaDefender Cloud Email Security to scan your emails for malware and other vulnerabilities.
|
If you ask us to troubleshoot an issue | - When you ask us to troubleshoot an issue, you may provide us with troubleshooting logs, which may contain the email addresses of the sender and recipient and the subject line of the email, to the extent it contains personal data.
| - To investigate issues you report to us
|
IMPORTANT:
Please note that MetaDefender Cloud Email Security may retain any emails you scan. If you are an administrator, you may configure your version of MetaDefender Cloud Email Security to automatically delete any retained emails and email history on a regular basis (ranging from every hour to every twelve months).