Last Updated: March 21, 2019
This Policy provides information about data we collect, use, and share, and our commitment to using the Personal Data we collect in a respectful fashion.
- Scope of this Policy
- What Kinds of Information Do We Collect?
- How Do We Use the Information We Collect?
- Who Do We Share Personal Data With?
- What Choices Do You Have About Your Personal Data?
- How Do We Protect Your Data?
- Other Websites and Features
- Residents of the European Economic Area
- Contact Us
Scope of this Policy
Skyhigh Networks, LLC, and its Skyhigh Security Cloud products were acquired by McAfee, LLC, in January 2018. The Skyhigh Cloud products are now called McAfee MVISION Cloud, and join the McAfee suite of information security products.
The privacy commitments described here cover only the MVISION Cloud. This Policy does not cover our privacy practices related to all other McAfee enterprise security products, which are covered by the McAfee Privacy Notice available at https://www.mcafee.com/consumer/en-us/policy/global/legal.html, or the McAfee Consumer Products, which are covered by the McAfee Privacy Notice available at https://McAfee.com/privacy.
What Kinds of Information Do We Collect?
In order to provide our services, we collect information. Some information you provide directly to us, some we collect automatically through our Services, and some is collected from third parties. In this Policy, “Personal Data” refers to information that could be used, alone or in combination with other data, to identify you as an individual.
We collect information that you provide us. For example, we collect information when you purchase a product or service, create an account, fill out a form, participate in a contest or promotion, request customer service, or otherwise communicate with us.
The types of Personal Data you may provide includes:
- Contact information (such as name, email address, mailing address, and phone number);
- Payment information (including payment card numbers and associated identifiers, billing address, and bank account information); and
- Account log-in credentials (which for some Services may include social network credentials).
- Information regarding which cloud services, software-as-a-service (SaaS) websites, and any other websites, are used, by whom they are used, when used and the frequency of use.
Information About Your Colleagues. You may also give us information about your colleagues who should be granted access to the system, including their name and email address. When you provide us with this information, we will use it to provide them with access and product updates.
If you believe that one of your colleagues has provided us with your information, and you would like us to request that it be removed from our database, please contact us through our Individual Data Request Form.
Information Collected by MVISION Cloud. In order to provide you our Services, we may scan, collect, and store data from your files, including emails, attachments, email addresses, metadata, and URLs and traffic data.
MVISION Cloud collects and stores descriptive metadata or event records. This may include the IP address, user name, computer name, or company email of the user conducting the activity, the type of activity conducted (e.g. file created, file sent, file edited), the time and date the event occurred, whether a file is tagged as permitted to be sent externally as determined by your policy, and whether a file is flagged as suspicious.
Other Information. As is true of most websites, we gather certain information automatically. This information may include Internet Protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our Site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the Site.
How Do We Use the Information We Collect?
We may use your information we collected for the following purposes:
- To communicate with you and to send your information by email, postal mail, telephone, or other means about our products, services, promotions and the like;
- To administer and fulfill information requests and our promotions and offers, and, if you order products or services, to process and fulfill your order and to send you emails to confirm your order status and shipment;
- To help us learn more about your preferences;
- To help us address problems with and improve our website design, products and services;
- To enhance your experience with the MVISION Cloud products. We may combine the information that we collect from you with other information about you that we collect or receive from other sources. This information may be used to improve our Site, to personalize your online experience, to tailor our communications with you, to determine the effectiveness of our advertising, and for other internal business purposes;
- To analyze trends and statistics. We may aggregate data for our business purposes portions of the Customer Data, or specific metrics derived from customer’s usage of the MVISION Cloud products and Services, or both. We may collect and aggregate statistics on our product usage and any related cloud service usage across customers that will help us perform industry benchmarking of service usage, product usage trending, and for projecting business and operational scaling; and
- To protect the security and integrity of our websites and business.
We will retain your information and Personal Data we process on behalf of our Customers for as long as your account is active or as needed to provide you or our Customers services. We will retain and use this Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Who Do We Share Personal Data With?
Generally, we disclose the information we collect to provide the Services, to communicate with you, to advertise or promote our Services, to facilitate changes to or transfers of our business, as required by law, or with your consent. For instance, we may share the information we collect as follows:
- With our third-party providers and companies that provide services that help us with our business activities, such as shipping your order or offering customer service. These companies are authorized to use your information only as necessary to provide these services to us, pursuant to written instructions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use PI they receive from us for any other purpose.
- If and when we are compelled to disclose information of any user, with other companies: as required by law, such as compliance with subpoenas, warrants, or other legal process; when we believe in good faith that disclosure is necessary to protect our rights, your safety or the safety of others; to pursue available remedies or limit the damages that we may sustain; to investigate fraud; or to respond to requests from public and government authorities, including public or government authorities outside your country of residence.
- With a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- With any other third party with your prior consent.
- With persons of your choosing and at your discretion, should the product you are subscribed to allow that functionality.
What Choices Do You Have About Your Personal Data?
How do I Access or Change My Information?
- Customer Testimonials/Comments/Reviews: We post customer testimonials/comments/reviews on our Site which may contain Personal Data. We obtain the customer’s consent via email prior to posting the testimonial to post their name along with their testimonial. To request removal of your Personal Data from testimonials or comments please visit the Privacy Contact Form.
We will respond to your request within a reasonable timeframe.
To stop receiving marketing communications, click on the “unsubscribe” link in the email message that you receive from us, or click here to unsubscribe from the MVISION Cloud products marketing mailing list. Please note that when you make an online purchase from us, we will continue to confirm your order status and shipment by email. We may also need to contact you via telephone, email or postal mail with questions or information regarding your order.
If you choose to no longer receive marketing information, MVISION Cloud may still communicate with you regarding transactional or administrative topics, such as security updates, product functionality, and service requests.
How Do We Protect Your Data?
We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability. No company can fully eliminate security risks connected to handling information on the Internet. You should know that unauthorized persons might attempt to intercept your network communications. We encourage you to exercise caution in accessing Wi-Fi hotspots and other communications networks.
When you enter your Personal Data on our websites, we use Transport Layer Security (TLS) technology to protect your information as it is transmitted to us. To make sure you are accessing our secure server before you submit any information, look at your browser’s security level indicator to the right of the address bar or lower right corner of the window. If you see a solid key or a closed lock (depending upon your browser), then TLS is active. To double-check for security, look at the URL or Location line of your browser. If you have accessed a secure server, the first characters of the address in that line should change from “http” to “https.”
Other Websites and Features
Residents of the European Economic Area
Role and Basis for Processing
When we process your Personal Data, we will only do so in the following situations:
- We need to use your Personal Data to perform our responsibilities under our contract (e.g. processing payments for and providing the Services).
- We have a legitimate interest in processing your Personal Data. For example, we have a legitimate interest in processing your Personal Data to provide, secure, and improve our Services, in communicating with you about changes to our Services, and in informing you about new services or products.
MVISION Cloud is headquartered in the United States, and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your Personal Data to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it. If you are in the European Economic Area or Switzerland, we provide adequate protection for the transfer of Personal Data to countries outside of the EEA or Switzerland through:
- A series of intercompany agreements based on the Standard Contractual Clauses authorized under EU law. We have implemented similar safeguards with our third-party service providers and partners and further details can be provided upon request; and
- The EU-US and Swiss-US Privacy Shield Frameworks.
Privacy Shield Framework
The MVISION Cloud products participate in and have certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. The MVISION Cloud products are committed to subjecting all Personal Data received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website at https://www.privacyshield.gov/welcome and see the Privacy Shield List at https://www.privacyshield.gov/list.
The MVISION Cloud products are responsible for the processing of Personal Data they receive, under each Privacy Shield Framework, and any subsequent transfers to a third party acting as an agent on their behalf. We comply with the Privacy Shield Principles for all onward transfers of Personal Data from the EU and Switzerland, including the onward transfer liability provisions, for the MVISION Cloud products.
With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Residents of the EU and Switzerland may also request our data processing agreements in addition to relying on the Privacy Shield certification of the MVISION Cloud products.
EEA Access, Deletion (Erasure), Correction, and Retention
MVISION Cloud is a data processor and only processes Personal Data in line with instructions received from its Customers.
- McAfee will act on instructions received from Corporate/Enterprise Customers to access or delete any Personal Data held in McAfee’s MVISION Cloud product(s) or Services. Any requests relating to access should be made by using the Individual Data Request Form at https://www.mcafee.com/enterprise/en-us/about/legal/gdpr-data-request.html. We will assist our Customers with requests from their employees in accordance with the applicable data protection laws.
- To make Personal Data changes or corrections in McAfee’s MVISION Cloud product(s), please contact your MVISION Cloud administrator or visit the McAfee Contact Us page. Click on the “Support” tab and then select your “Country.”
If you require general information about the Personal Data processed by the MVISION Cloud product(s) you have purchased, please contact your McAfee/MVISION Cloud products account manager.
We will retain Personal Data we process on behalf of our Customers for as long as needed to provide services to our Customers. We will retain this personal data as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
If you are an EU/EEA Data Subject and have a concern about our practices concerning the processing of Personal Data that we are not able to resolve, you also have the right to lodge a complaint with the data privacy authority where you reside, or by contacting the Irish supervisory authority for data protection issues at https://www.dataprotection.ie/docs/Home/4.htm, or +353 57 868 4800.
In the United States at:
McAfee Privacy Office
5000 Headquarters Drive
Plano TX 75024
In the European Economic Area by registered post:
McAfee Privacy Office
2000 City Gate
In Japan by registered mail at:
Personal Information Protection Manager
McAfee Co. Ltd.
Shibuya Mark City West,
What are My California Privacy Rights?
California Civil Code Section 1798.83 permits customers who are California residents to request certain information regarding its disclosure of Personal Data to third parties for their direct marketing purposes. To make such a request, please write us:
MVISION Cloud McAfee Privacy Office
5000 Headquarters Drive
Plano TX 75024
For additional information, please see: https://oag.ca.gov/privacy/privacy-laws