Go straight to the text

Samsung Mobile Security Rewards Program Privacy Notice

  1. Effective Date: November 23, 2020 (Archived versions)
  2. At Samsung Electronics Co., Ltd. (“Samsung”), we know how important privacy is to our customers. Samsung is the data controller for the Samsung Mobile Security Rewards Program (“Rewards Program”). We created this Privacy Notice to make sure you understand how we collect and use your personal information.
  3. Our Privacy Policy at https://account.samsung.com/membership/terms/privacypolicy also applies to your use of the Rewards Program. Our Privacy Policy contains more information about how we use your data. It also includes information about your rights and how to contact us. Please read our Privacy Policy in addition to this Privacy Notice. However, this Privacy Notice shall always prevail over the Privacy Policy in relation to how we use your information for the Rewards Program.
  1. Through the Rewards Program, Samsung obtains and maintains information about you in various ways.
  2. Information You Provide Directly
  3. The Rewards Program collects information from you directly. For example:
    • Samsung Account Information: We collect information associated with the Samsung account used to access the Samsung Mobile Security Rewards Program, such as your name, email address, Samsung account ID, and identifiers such as globally unique identifier (GUID).
    • Rewards Program Interactions: We collect information you submit through the Rewards Program such as when you submit a security report, including your name, email address, country of residence, affected firmware version and device, vulnerability details including any files you attach to the security report, and any communications you send to us. We also collect information related to your submitted security report, such as whether your report was qualified to receive a reward.
    • Rewards Information: In order to process your rewards, we additionally collect nationality, residence address including postal code, phone number and information concerning any amounts paid to you (including the Paypal address where any amounts payable is sent).
  4. Information About Your Use of the Rewards Program
  5. In addition to the information you provide, we will collect information about your use of the Rewards Program through software on your devices and by other means. We will collect:
    • Device Information: We collect your IP address.
    • Log Information: Diagnostic, technical, error, and usage information such as the time and duration of your use of the Rewards Program and history of page visits within the Rewards Program website, search query terms when you enter search terms within the Rewards Program, and any information stored in cookies that we have set on your devices.
  6. We also may collect other information about you, your devices and apps, and your use of the Rewards Program in ways that we describe to you at the time of collection or otherwise with your consent.
  1. We use the information collected for the following purposes:
    • To provide you with the Rewards Program, such as to respond to your submissions, requests, questions and responses made through the Rewards Program, as well as, if applicable, provide you with rewards;
    • To identify and authenticate you so you may use the Rewards Program;
    • To operate, evaluate and improve our business (including enhancing and improving our products and the Rewards Program; managing our communications; analyzing your submissions, our products, customer base, and the Rewards Program; conducting market research; performing data analytics; and performing other internal functions);
    • To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities; and
    • To comply with and enforce applicable legal requirements, relevant industry standards and our policies, including this Privacy Notice and the Samsung Privacy Policy.
  2. If you are eligible for a reward, we use third-party payment processors to provide you with rewards. These third-party processors will only use your information to provide you with rewards, and are subject to contractual obligations to ensure that your information is processed safely and as you would expect.
  3. Samsung processes personal information for the purposes described above. Samsung’s legal basis to process personal information is outlined below:
personal data
Keeping our promising to you (performance of contract)
GDPR Article 6(1)(b)
  • Identifying and authenticating you
  • Providing you with the Rewards Program, such as reviewing reports made by you and processing and paying rewards, if applicable
To promote our business interests (legitimate interest)
GDPR Article 6(1)(f)
  • Operating, evaluating, and improving the Rewards Program and our business
  • Responding to your requests, instructions and inquiries
  • Maintaining adequate security measures
  • Protecting against liability, including comply with industry standards and enforcing our policies
To comply with the law, regulatory obligations and legal processes
GDPR Article 6(1)(c)
  • Complying with applicable statutes and regulatory and administrative or court orders
  1. We will disclose your information internally within our business and to the following entities, but only for the purposes described above.
    • Business partners: partners who we work together with to provide you with the Rewards Program, such as third-party payment processors. These business partners control and manage your personal information;
    • Service providers: carefully selected companies that provide services for or on behalf of us, such as for the management, development, operation and monitoring of the Rewards Program. These providers are also committed to protecting your information;
    • Other parties when required by law or as necessary to protect the Rewards Program: for example, it may be necessary by law, legal process, or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security;
    • Other parties in connection with corporate transactions: we may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the event of bankruptcy; and
    • Other parties with your consent or at your direction: in addition to the disclosures described in this Privacy Notice, we may share information about you with third parties when you separately consent to or request such sharing.
  1. How long your data will be retained depends on the legal basis relied upon to process your data. For example, data we process to perform our contract with you requires us to keep the data throughout the time you use the Rewards Program. As long as you are an active user of Rewards Program, we will retain and process this data. Data such as your account information and device information and identifiers fall into this category.
  2. Data we process to promote our business interests, such as your usage of the Rewards Program, is only kept for as long as needed for the purposes for which it was collected. For example, this data may be collected to perform analytics so we can develop improvements to the Rewards Program, or we may process data to keep a record of inquiries you made through or about the Rewards Program to improve your customer service experience.
  3. Please note, although we aim to retain your data for the time period described above, your data may be processed longer pursuant to applicable law. For example, if a specific statute mandates we require a certain piece of data, we will comply and retain that data until the required retention period expires.
  4. As long as your data is retained by us your data will always be subject to appropriate safeguards.
  5. Your use of the Rewards Program will involve the transfer, storage, and processing of your personal information to other countries; such countries include, without limitation, countries in the European Economic Area, Republic of Korea and United States of America. All international data transfers are subject to legal requirements to ensure that your personal information is processed safely and as you would expect.
  1. This Privacy Notice may be updated to let you know about changes in how we collect and process your information in the Rewards Program or changes in related laws. The date when the document was last updated is shown at the top of this Privacy Notice.