Go straight to the text

Samsung Mobile Security Rewards Program Privacy Notice

  1. Effective Date: April 30, 2024 (Archived versions)
  2. At Samsung Electronics Co., Ltd. (“Samsung”), we know how important privacy is to our customers. Samsung is the data controller for the Samsung Mobile Security Rewards Program (“Rewards Program”). We created this Privacy Notice to make sure you understand how we collect and use your personal information.
  3. Our Privacy Policy at https://account.samsung.com/membership/terms/privacypolicy also applies to your use of the Rewards Program. Our Privacy Policy contains more information about how we use your data. It also includes information about your rights and how to contact us. Please read our Privacy Policy in addition to this Privacy Notice. However, this Privacy Notice shall always prevail over the Privacy Policy in relation to how we use your information for the Rewards Program.
  1. Through the Rewards Program, Samsung obtains and maintains information about you in various ways.
  2. Information You Provide Directly
    • Samsung Account Information: We may collect information associated with the Samsung account used to access the Samsung Mobile Security Rewards Program, such as your Samsung account identifiers such as globally unique identifier (GUID) and country or region of residence.
    • Rewards Program Interactions: We may collect information you submit through the Rewards Program such as when you submit a security report, name for acknowledgement, contact email, country or region of residence, affected firmware version and device, vulnerability details including any files you attach to the security report, and any communications you send to us.
    • Rewards Information: In order to process your rewards, we may additionally collect name, registration number, nationality, country or region of residence (for tax purposes), residence address including postal code, phone number and information concerning any amounts paid to you (including the Paypal address where any amounts payable is sent).
  3. Information About Your Use of the Rewards Program
  4. In addition to the information you provide, we will collect information about your use of our the Rewards Program through software on your devices and by other means. We will collect:
    • Device Information: We collect your IP address.
    • Log Information: Diagnostic, technical and error information.
  5. We also may collect other information about you, your devices and apps, and your use of the Rewards Program in ways that we describe to you at the time of collection or otherwise with your consent.
  1. We use the information collected for the following purposes:
    • To provide you with the Rewards Program, such as to responding to your submissions, requests, questions and responses made through the Rewards Program, as well as, if applicable, provide you with rewards;
    • To identify and authenticate you so you may use the Rewards Program;
    • To operate, evaluate and improve our business (including enhancing and improving our products and the Rewards Program; managing our communications; analyzing your submissions, our products, customer base, and the Rewards Program; conducting market research; performing data analytics; and performing other internal functions);
    • To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities;
    • To comply with and enforce applicable legal requirements, relevant industry standards and our policies, including this Privacy Notice and the Privacy Policy.
  2. If you are eligible for a reward, we use third-party payment processors to provide you with rewards. These third-party processors will only use your information to provide you with rewards, and are subject to contractual obligations to ensure that your information is processed safely and as you would expect.
  3. Samsung processes personal information for the purposes described above. Samsung’s legal basis to process personal information is outlined below:
personal data
Keeping our promising to you (performance of contract)
GDPR Article 6(1)(b)
  • Identifying and authenticating you
  • Providing you with the Rewards Program, such as reviewing reports made by you and processing and paying rewards, if applicable
To promote our business interests (legitimate interest)
GDPR Article 6(1)(f)
  • Operating, evaluating, and improving the Rewards Program and our business
  • Responding to your requests, instructions and inquiries
  • Maintaining adequate security measures
  • Protecting against liability, including comply with industry standards and enforcing our policies
To comply with the law, regulatory obligations and legal processes
GDPR Article 6(1)(c)
  • Complying with applicable statutes and regulatory and administrative or court orders
  1. We will disclose your information internally within our business and to the following entities, but only for the purposes described above.
    • Affiliates: other Samsung Electronics Group companies which we control or own;
    • Business partners: partners who we work together with to provide you with the Rewards Program, such as third-party payment processors. These business partners control and manage your personal information;
    • Service providers: carefully selected companies that provide services for or on behalf of us, such as the management, development, operation and monitoring of the Rewards Program. These providers are also committed to protecting your information;
    • Other parties when required by law or as necessary to protect the Rewards Program: for example, it may be necessary by law, legal process, or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security;
    • Other parties in connection with corporate transactions: we may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the event of bankruptcy; and
    • Other parties with your consent or at your direction: in addition to the disclosures described in this Privacy Notice, we may share information about you with third parties when you separately consent to or request such sharing.
  1. How long your data will be retained depends on the legal basis relied upon to process your data. For example, data we process to perform our contract with you requires us to keep the data throughout the time you use the Rewards Program. As long as you are an active user of the Rewards Program, we will retain and process this data. Data such as your account information and device information and identifiers fall into this category.
  2. Data we process to promote our business interests, such as your usage of the Rewards Program, is only kept for as long as needed for the purposes for which it was collected. For example, this data may be collected to perform analytics so we can develop improvements to the Rewards Program, or we may process data to keep a record of inquiries you made through or about the Rewards Program to improve your customer service experience.
  3. Please note, although we aim to retain your data for the time period described above, your data may be processed longer pursuant to applicable law. For example, if a specific statute mandates we require a certain piece of data, we will comply and retain that data until the required retention period expires.
  4. As long as your data is retained by us your data will always be subject to appropriate safeguards.
  5. Your use of the Rewards Program will involve the transfer, storage, and processing of your personal information to other countries; such countries include, without limitation, countries in the Republic of Korea and United States of America. All international data transfers are subject to legal requirements to ensure that your personal information is processed safely and as you would expect. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA. To request more information or to obtain a copy of the contractual agreements in place, please see the CONTACT US section of this Privacy Notice.
  1. We take data protection very seriously. We have put in place physical and technical safeguards to keep the information we collect secure. However, please note that although we take reasonable steps to protect your information, no website, internet transmission, computer system or wireless connection is completely secure.
  1. Your personal information belongs to you. You can ask us to provide details about what we’ve collected and you can ask us to delete it or correct any inaccuracies. You can also ask us to restrict or limit the processing, sharing or transfer of your personal information, as well as to provide you with the personal information that we’ve collected so you can use it for your own purposes. However, requesting the deletion of your personal information may also result in a loss of access to the Rewards Program. We won’t delete data that we’re required by law to retain.
  2. To make a request concerning your rights or to make an inquiry, contact us using the methods outlined in the CONTACT US section.
  1. You can contact us to update your preferences, exercise your rights, submit a request or ask us questions.
  2. You can also contact us at:
  3. Data Controller
    Samsung Electronics Co., Ltd.
    129, Samsung-ro, Yeongtong-gu,
    Suwon-si, Gyeonggi-do 16677, Republic of Korea
  4. Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region.
  5. The easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.
  6. You can also contact us at:
    European Data Protection Officer
    Samsung Electronics (UK) Limited
    Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS, UK
  7. You can lodge a complaint with the relevant supervisory authority if you consider that our processing of your personal information infringes applicable law. Contact details for all EU supervisory authorities can be found at https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
  1. This Privacy Notice may be updated to let you know about changes in how we collect and process your information in the Rewards Program or changes in related laws. The date when the document was last updated is shown at the top of this Privacy Notice.