Privacy with eset?

[SRT 1]

There are 3 different connections that sound Innocent, but I trust no one.

My tin-foil hat is charred.

That live-grid sound like a way to collect ip address.

No wonder you can buy this so cheap on e-bay.

 

Sounds fishy:

"If you look at the change log for 12.2.23 you may noticed a new addition "Added: New Telemetry settings collected from our users" For some reason It's only written when you look for it at download page and click on 'Configure download', and I don't see anything about telemetry in recent change log which was posted here in forum few days ago."

 

Sure the sound of protecting Privacy sounds great,

but what about the the company (ESET)  that states this?   You know Telemetry.

[peteyt 393]

24 minutes ago, SRT said:

There are 3 different connections that sound Innocent, but I trust no one.

My tin-foil hat is charred.

That live-grid sound like a way to collect ip address.

No wonder you can buy this so cheap on e-bay.

 

Sounds fishy:

"If you look at the change log for 12.2.23 you may noticed a new addition "Added: New Telemetry settings collected from our users" For some reason It's only written when you look for it at download page and click on 'Configure download', and I don't see anything about telemetry in recent change log which was posted here in forum few days ago."

 

Sure the sound of protecting Privacy sounds great,

but what about the the company (ESET)  that states this?   You know Telemetry.

I am not sure about the new telementry settings - I have seen people stating it could be to do with the EU and GDPR, giving people clear explanation about data being collected and more choices but this was added in previous versions so not sure @Marcos may be able to answer this.

As to live grid - I don't know all the details but believe it helps with new malare. The problem is that when malware is new and has no signature, traditional methods will not work - with live grid if it detects something dangerous and it is enabled I believe it sends this to eset so that they can look at the possible virus and if it is a virus, then create a signature and release it to customers.

Again it's probably more complicated than that but it has a purpose - because if people don't share new unknown viruses then they cannot create signatures. It is optional though.

http://support.eset.com/kb531/?viewlocale=en_US This link explains it and a link to the technology it uses

[Marcos 5,074]

It concerns the customer improvement program that one can opt in for during installation or later in the setup:

 

For more information, click the link that will open https://help.eset.com/eis/12/en-US/ceip.html:

Customer Experience Improvement Program

By joining the Customer Experience Improvement Program you provide ESET with anonymous information relating to the use of our products. More information on data processing is available in our Privacy Policy.

Your consent

Participation in the Program is voluntary and based on your consent. After joining in, the participation is passive, which means you don't need to take any further action. You may revoke your consent by changing the product settings at any time. Doing so will bar us from further processing of your anonymous data.

You may revoke your consent by changing the product settings at any time:

•Change the Customer Experience Improvement Program settings in ESET Windows home products

What types of information do we collect?

Data about interaction with the product

This information tells us more about how our products are used. Thanks to this we know, for example, which functionalities are used often, what settings users modify or how much time they spend using the product.

Data about devices

We collect this information to understand where and what devices our products are used on. Typical examples are device model, country, version and name of the operating system.

Error diagnostics data

Information about error and crash situations is also collected. For example, what error has occurred and which actions led to it.

Why do we collect this information?

This anonymous information lets us improve our products for you, our user. It helps us to make them the most relevant, easy-to-use and faultless as possible.

Who controls this information?

ESET, spol. s r.o. is the sole controller of data collected in the Program. This information is not shared with third parties.

 

For privacy policy, read https://help.eset.com/eis/12/en-US/privacy_policy.html:

ESET, spol. s r. o., having its registered office at Einsteinova 24, 851 01 Bratislava, Slovak Republic, registered in the Commercial Register administered by Bratislava I District Court, Section Sro, Entry No 3586/B, Business Registration Number: 31 333 535 as a Data Controller ("ESET" or "We") would like to be transparent when it comes to processing of personal data and privacy of our customers. To achieve this goal, We are publishing this Privacy Policy with the sole purpose of informing our customer ("End User" or "You") about following topics:

•Processing of Personal Data,

•Data Confidentiality,

•Data Subject's Rights.

Processing of Personal Data

Services provided by ESET implemented in our product are provided under the terms of End User License Agreement ("EULA") but some of them might require specific attention. We would like to provide You with more details on data collection connected with provision of our services. We render various services described in the EULA and product documentation such as update/upgrade service, Livegrid®, protection against misuse of data, support, etc. To make it all work, We need to collect following information:

•Update and other statistics covering information concerning installation process and your computer including platform on which our product is installed and information about the operations and functionality of our products such as operation system, hardware information, installation IDs, license IDs, IP address, MAC address, configuration settings of product.

•One-way hashes related to infiltrations as part of ESET LiveGrid® Reputation System which improves the efficiency of our anti-malware solutions by comparing scanned files to a database of whitelisted and blacklisted items in the cloud.

•Suspicious samples and metadata from the wild as part of ESET LiveGrid® Feedback System which enables ESET to react immediately to needs of our end users and keep us responsive to the latest threats providing. We are dependent on You sending us

oinfiltrations such as potential samples of viruses and other malicious programs and suspicious; problematic, potentially unwanted or potentially unsafe objects such as executable files, email messages reported by You as spam or flagged by our product;

oinformation about devices in local network such as type, vendor, model and/or name of device;

oinformation concerning the use of internet such as IP address and geographic information, IP packets, URLs and ethernet frames;

ocrash dump files and information contained.

We do not desire to collect your data outside of this scope but sometimes it is impossible to prevent it. Accidentally collected data may be included in malware itself (collected without your knowledge or approval) or as part of filenames or URLs and We do not intend it to form part of our systems or process it for the purpose declared in this Privacy Policy.

•Licensing information such as license ID and personal data such as name, surname, address, email address is required for billing purposes, license genuineness verification and provision of our services.

•Contact information and data contained in your support requests may be required for service of support. Based on the channel You choose to contact us, We may collect your email address, phone number, license information, product details and description of your support case. You may be asked to provide us with other information to facilitate service of support.

•Location data, screenshots, data about the configuration of your computer and data recorded by your computer's camera may be collected for Protection against misuse of Data function with retention period 3 months. The account on https://my.eset.com needs to be created, through which the function activates data collection in the event of computer theft. Collected data are stored on our servers or on the servers of our service providers.

•Password manager data such as passwords and addresses are stored in an encrypted form only on your computer or other designated device. If You activate the synchronization service, the encrypted data are stored on our servers or on the servers of our service providers to ensure such service. Neither ESET nor the service provider have access to the encrypted data. Only You have the key to decrypt the data.

Data Confidentiality

ESET is a company operating worldwide via affiliated entities or partners as part of our distribution, service and support network. Information processed by ESET may be transferred to and from affiliated entities or partners for performance of the EULA such as provision of services or support or billing. Based on your location and service You choose to use, We might be required to transfer your data to a country with absence of adequacy decision by the European Commission. Even in this case, every transfer of information is subject to regulation of data protection legislation and takes place only if required. Privacy Shield mechanism, Standard Contractual Clauses, Binding Corporate Rules or another appropriate safeguard must be established without any exception.

We are doing our best to prevent data from being stored longer than necessary while providing services under the EULA. Our retention period might be longer than the validity of your license just to give you time for easy and comfortable renewal. Minimized and pseudonymized statistics and other data from ESET LiveGrid® may be further processed for statistical purposes.

ESET implements appropriate technical and organizational measures to ensure a level of security which is appropriate to potential risks. We are doing our best to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. However, in case of data breach resulting in a risk to your rights and freedoms, We are ready to notify supervisory authority as well as data subjects. As a data subject, You have a right to lodge a complaint with a supervisory authority.

Data Subject's Rights

ESET is subject to regulation of Slovak laws and We are bound by data protection legislation as part of European Union. You are entitled to following rights as a data subject:

•right to request access to your personal data from ESET,

•right to rectification of your personal data if inaccurate (You also have the right to have the incomplete personal data completed),

•right to request erasure of your personal data,

•right to request restriction of processing your personal data

•right to object to processing as well as

•right to data portability.

If You would like to exercise your right as a data subject or You have a question or concern, send us a message at:

ESET, spol. s r.o.
Data Protection Officer
Einsteinova 24
85101 Bratislava
Slovak Republic
dpo@eset.sk