Norton Password Manager - Privacy Transparency Statement

When it comes to your personal data, NortonLifeLock and its subsidiaries, as well as our employees, contractors, and service providers, are committed to providing you with transparency. We process personal data in accordance with applicable legislation, while taking into account and balancing the relevant interests of our customers, ourselves and other stakeholders, please see https://www.nortonlifelock.com /privacy.

Norton Password Manager has four variants:
1) a component of the Norton Security product and plugin for Internet Explorer browser;
2) browser extensions for all major browsers except Internet Explorer;
3) mobile apps for Android and iOS;
4) a web application requiring no additional installation of software or browser extensions.

All variants are a password manager which manages usernames, passwords, and other information useful for performing online activities. We process personal data in accordance with applicable legislation, while taking into account and balancing the relevant interests of our customers, ourselves and other stakeholders, please see https://www.nortonlifelock.com /privacy.

Data Access and Collection
1. Data You Provide
Subscriber information, provided by User if chosen, including: Username(s); Password(s); Phone Number; Physical Address(es) (including city, state and postal code); Additional Payment Information (credit/debit card information, specifically account numbers, card type, and expiration dates; bank account number and name of bank); Gender (including Title); Additional Email(s); Date of Birth; Freeform note/text
2. Data We Collect/Access
Subscriber information including: IP Address (anonymized)
Provisioning information including: Web browser name; Version and Preferred Language; Operating system (including version or platform); Website domains for stored Logins; Freeform text (as provided by User)
Diagnostics information including: Metadata (including number of accounts stored with products and number of websites visited, number of product features used)
3. Data We Collect/Access from Third Parties
Security information including: Potentially compromised passwords (specific Usernames/passwords are never known to NortonLifeLock services nor to third parties)

Data Use and Processing
1. Data You Provide
Subscriber information is provided by the Subscriber by choice and is collected for the purposes of delivering the product by providing additional protection on as many data elements as the User choses.
2. Data We Collect/Access
Subscriber information is processed for the purposes of determining appropriate language settings for communicating with the User and for reporting about product usage based on general location.
Provisioning information is processed for the purpose of delivering the product in accordance to the User's device(s) and by providing login services and analyzing Service usage.
Diagnostics information is processed for the purpose of understanding product usage to further develop and improve the product performance as well as telemetry.
3. Data We Collect/Access from Third Parties
Security information is processed for the purposes of delivering the product by identifying and informing the User of potentially compromised passwords stored within device.

Data Subject Rights and Disclosure
1. Data You Provide
Subscriber information is encrypted at the device level and is not accessible to NortonLifeLock. Subscriber has the ability to request that subscriber information be forgotten/deleted with account cancellation.
2. Data We Collect/Access
Subscriber information is not made available to the User. IP addresses/Geolocation are anonymized.
Provisioning information and Diagnostics information is pseudonymized using internal identifications and not made available to the User. Provisioning information is kept in an encrypted pseudonymized form and cannot be deleted/forgotten request.
3. Data We Collect/Access from Third Parties
Security information is partially hashed and is made available to the User when a potentially compromised password is identified.

Third Party Processors
1. Data You Provide
N/A - Subscriber information is encrypted at the device level and is not accessible to NortonLifeLock and is not provided to other third parties.
2. Data We Collect/Access
Subscriber information, provisioning information, and diagnostics information may be provided to the following types of third parties in order to provide agreed upon services, as well as to comply with regulatory requirements: Government-related Auditors, Services Providers.
3. Data We Collect/Access from Third Parties
Security information may be provided to the following types of third parties in order to provide agreed upon services, as well as to comply with regulatory requirements: Government-related Auditors, Services Providers.