Samsung Electronics UK Limited (“Samsung” or “We”) and its affiliated companies respect your concerns about privacy. This Privacy Notice applies to the personal information we collect through the Samsung Mobile Security Rewards Program services (the “Service”). It does not apply to information collected by other apps, websites or services provided by Samsung or its affiliated entities.
Samsung Mobile Security Rewards Program is a monetary rewarding service for eligible security vulnerability reports submitted by security researchers and consumers through Samsung Mobile Security website. Its features include submitting a security vulnerability report, viewing previously submitted security vulnerability reports, communicating with Samsung engineers regarding the details, status, and rewards regarding the security vulnerability reports.
To use Samsung Mobile Security Rewards Program, you must first have a Samsung Account. Our Privacy Policy at https://account.samsung.com/membership/pp(“Samsung Privacy Policy”) will apply to your use of your Samsung Account and Samsung Mobile Security Rewards Program. This Privacy Notice provides further information about how your personal data is used in connection with Samsung Mobile Security Rewards Program, and should be read in conjunction with the Samsung Privacy Policy.
In this Privacy Notice, we describe the types of information collected through Samsung Mobile Security Rewards Program, how we may use the information, how long we may keep the information, with whom we may share it and the choices available to you regarding our use of the information and exercising your rights. We also describe the measures we take to safeguard the information and tell you how to contact us about our privacy practices. Samsung is the data controller for the processing of personal data.
Click on one of the links below to jump to the listed section:
Through Samsung Mobile Security Rewards Program, we obtain information about you in various ways. The types of personal information we obtain include:
Samsung Account Information. We collect information associated with your Samsung Account used to access Samsung Mobile Security Rewards Program, such as your name, email address and Samsung Account ID.
Samsung Mobile Security Rewards Program Interactions. We collect information you submit to Samsung Mobile Security Rewards Program through your interactions with the Services, including your name, email address, country of residence. We also may obtain other information related to your use of Samsung Mobile Security Rewards Program, including the information (such as IP address you use, history of visit within the website) we receive from the server to provide you with the Services.
Samsung’s servers may receive information when you interact with Samsung Mobile Security Rewards Program, such as information about your use of Samsung Mobile Security Rewards Program, and your interactions with Samsung Mobile Security Rewards Program website.
How We Use the Information We Obtain
We use the information we obtain through the Services to:
provide you with the Services, such as to respond to your submissions, questions and responses made through Samsung Mobile Security Rewards Program;
identify and authenticate you so you may use the Services;
respond to your requests and inquiries;
operate, evaluate and improve our business (including enhancing and improving our products and the services; managing our communications; analyzing your submissions, our products, customer base and the services; conducting market research; performing data analytics; and performing other internal functions);
allow you to interact with and use certain third-party services;
protect against, identify and prevent fraud and other criminal activity, claims and other liabilities; and
comply with and enforce applicable legal requirements, relevant industry standards and our policies, including this Privacy Notice, the Samsung Account Privacy Policy.
Samsung processes personal data for the purposes described above. Samsung’s legal basis to process personal data includes processing that is: necessary for the performance of the contract between you and Samsung (for example, to provide you with the Services and to identify and authenticate you so you may use certain Services); necessary to comply with legal requirements (for example, to comply with applicable accounting rules and to make mandatory disclosures to law enforcement);
necessary for Samsung’s legitimate interests (for example, to manage our relationship with you and to improve the Services); and based on obtaining your separate consent (for example, to communicate with you about our products and services and provide you with marketing information), which may subsequently be withdrawn at any time by contacting us as specified in the How to Contact Us section of this Privacy Notice without affecting the lawfulness of processing based on consent before its withdrawal.
You are required, as a necessity to enter into a contract, to provide us with personal data for processing as described above. If you do not provide us with personal data, we will not be able to provide you all of the features available through Samsung Mobile Security Rewards Program.
Information Sharing
We do not disclose personal information about you through the Services, except as described in this Privacy Notice. Limited members of the Samsung Mobile Security Rewards Program service team in Samsung may access and other wise process personal data in connection with their job responsibilities or contractual obligations. We may share your personal information with our subsidiaries and affiliates and with service providers who perform services for us. We do not authorize our service providers to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements.
Some of these personnel, affiliates and third party service providers are located outside of the EEA, including in countries that may not provide the same level of data protection as the home country of our customers, including, for example and without limitation to the Republic of Korea, the United States of America and Japan. Samsung takes appropriate steps to ensure that such recipients are bound to duties of confidentiality and Samsung implements measures such as standard data protection contractual clauses to ensure that any transferred personal data remains protected and secure. A copy of these clauses can be obtained by contacting us as specified in the How to Contact Us section of this Privacy Notice.
Samsung, our subsidiaries and affiliates, and our third-party service providers also may disclose information about you (1) if we are required to do so by law or legal process (such as a court order or subpoena); (2) in response to requests by government agencies, such as law enforcement authorities; (3) to establish, exercise or defend our legal rights; (4) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss; (5) in connection with an investigation of suspected or actual illegal activity; (6) in the event we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, sale, transfer, reorganization, dissolution or liquidation); or (7) otherwise with your separate consent.
Retention of Personal Data
We take appropriate steps to ensure that information about you based on the following logic:
1. at least the duration for which the information is used to provide you with the Service;
2. as required under law, a contract, or with regard to our statutory obligations; or
3. only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or for statistical purposes, subject to appropriate safeguards.
Your Rights
You have the right to request details about the information we collect about you and to request us to correct inaccuracies in that information, to object to or request the restriction of processing, to request access to, the erasure or portability of your information. Under the laws of some jurisdictions, we may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. If you would like to make a request to access your information, please contact us at mobile.security@samsung.com.
If you request deletion of personal information, you acknowledge that you may not be able to access or use the Business Services and that residual personal information may continue to reside in Samsung’s records and archives for some time, in compliance with applicable law, but Samsung will not use that information for commercial purposes. You understand that, despite your request for deletion, Samsung reserves the right to keep your personal information, or a relevant part of it, in line with our data retention policy and applicable laws, if Samsung has suspended, limited, or terminated your access to the website for violating the Samsung Terms of Use, when necessary to protect the rights, property, or safety of Samsung, or any of our respective affiliates, business partners, employees or customers.
How We Protect Personal Information
We maintain appropriate administrative, technical and physical safeguards designed to protect personal information we obtain through the Services against accidental, unlawful or unauthorized destruction, interference, loss, alteration, access, disclosure or use. Samsung also maintains reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete and current.
Updates to Our Privacy Notice
This Privacy Notice may be updated periodically to reflect changes in our personal information practices with respect to the Services, or changes in the applicable law. We will post a notice on our website and/or your device to notify you in advance of material changes to our Privacy Notice and indicate at the top of the notice when it was most recently updated.
How to Contact Us
If you have any specific questions, please contact us (EU Data Controller) at:
European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 1000 Hillswood Drive, Chertsey, Surrey KT16 0PS
You can also contact us at mobile.security@samsung.com
You may lodge a complaint with a supervisory authority if you consider that our processing of your personal data infringes applicable law.