Effective March 2018 (any references to the General Data Protection Regulation of the European Union of 27 April 2016 (“GDPR”) shall only apply as from 25 May 2018)
Trend Micro is the controller in the meaning of the General Data Protection Regulation of the European Union of 27 April 2016 (“GDPR”). Trend Micro is the representative for the European Union, the EEA and the United Kingdom (“representative”) who represents Trend Micro with regard to its obligations under the GDPR.
Trend Micro (EMEA) Limited
IDA Business & Technology Park
Model Farm Road
Telephone: +44 203 54 93 304
For Trend Micro Deutschland GmbH:
HEC Harald Eul Consulting GmbH
Auf der Höhe 34
Telephone: +49 2232 200 879
With Trend Micro products and services, you can increase the protection for your digital data from hackers, spammers, spyware, malware and other online threats. Because of the fast and constant evolving nature of online threats and malware, it is necessary to configure our products and services to constantly provide data and information from your devices to enable us to stay ahead of malicious activities and protect your devices and data. This data and information can also include personal data.
Product license data
When you install and activate our products, you provide personal data such as your:
We use and process this personal data to ensure that your license to our solutions is valid and to contact you regarding renewals and contractual and technical issues. This processing is necessary for the performance of the contract between you and Trend Micro regarding the use of our products and services pursuant to Article 6(1)(b) GDPR.
We may also use and process this personal data to provide you with new product information and to keep you informed about our products, services and promotions. The processing of personal data for such direct marketing purposes is based on Article 6(1)(f) GDPR since it is carried out for the legitimate interest of Trend Micro of informing its customers of new products which is also in the interest of the customer.
You have the right to object at any time to processing of your personal data for direct marketing purposes. Please address your objection to Trend Micro at the contact information stated below or to our representative stated above.
You provide the following types of information and personal data when you use and interact with our products and services, including customer support. The specific information and personal data that you provide will depend on the particular product or services used. Providing these types of information and personal data enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment, as described in more detail below as well as enabling us to provide support that you request.
Our products use the personal data that you provide to perform security and threat detection related services and functions such as:
The services and products of Trend Micro will support you to ensure your network and information security, i.e. the ability of a network or an information system to resist, at a given level of confidence, accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services offered by, or accessible via, those networks and systems. This could, for example, include preventing unauthorized access to electronic communications networks and malicious code distribution and stopping ‘denial of service’ attacks and damage to computer and electronic communication systems. The processing of personal data stated above provided by you to Trend Micro through the services and products of Trend Micro is necessary for the purposes of those legitimate interests pursued by both you and Trend Micro and thus lawful pursuant to Article 6(1)(f) GDPR.
We may use information that you provide to us for other business purposes, including
All the personal data stated above are necessary to enter into the contract with Trend Micro and to use Trend Micro’s products and services so that you are obliged to provide such personal data, otherwise, we can neither perform our contract with you nor provide our products and services to you. How do we protect your personal data?
We use appropriate administrative, organizational, technical, and physical safeguards, including access controls, premise security measures, secure data destruction and incident response plans to protect the personal data that you provide to us. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. Where do we process your personal data?
We may process your personal data at data centers in the United States as well as other locations around the world operated by Trend Micro, affiliates of Trend Micro or data processors engaged by Trend Micro who carry out data processing on behalf of Trend Micro. When you connect to our services, you may be sending your information outside your country to a jurisdiction that may not provide equivalent levels of data protection as your home jurisdiction. However, in such case the data transfer will be subject to appropriate safeguards under Art. 46 GDPR, namely standard data protection clauses. Copies of the standard data protection clauses can be obtained by e-mail at email@example.com.
We will keep personal data that you provide to us for as long as you are a registered subscriber or user of our products or for as long as we have another business purpose to do so and, thereafter, for no longer than is required or permitted by law. How do we share your personal data?
We do not share personal data that you provide to us, except with service providers that help us perform and improve services for you which we engage as subcontractors; with your consent; as necessary to perform our contractual obligations to you; if necessary to protect your, our and others' rights and interests; in connection with a sale or reorganization of our business, if and to the extent permissible by the GDPR and applicable law and as required to cooperate with any legal process and any law enforcement or other government inquiry. This means that we may provide information that we collect from you if that information is relevant to a court subpoena or to a law enforcement authority or other government investigation, provided this is permissible under the GDPR and applicable data protection law.
Where we process your personal data based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. Please address your withdrawal to Trend Micro at the contact information stated below or to our representative stated above.
Under the GDPR, you have inter alia the right to request from Trend Micro
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) – processing is necessary for the performance of a task carried out in the public interest – or (f) – processing is necessary for the purposes of the legitimate interests pursued by Trend Micro or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data – of Article 6(1) GDPR.
For exercising any of your rights, please contact Trend Micro at the contact information stated above or our representative stated above.
If you have a complaint or concerns about how we are processing your personal information or if you consider that the processing of your personal data by Trend Micro infringes the GDPR then we will endeavor to address such concerns. However, if you would like to direct your complaint/concerns to a Data Protection Authority, you have such right under Article 77 GDPR.