Commitment to the GDPR and Data Protection
Malwarebytes believes that everyone has the right to a malware free existence. We also believe, just as strongly, that everyone has the right to privacy and control over their personal data.
The EU’s General Data Protection Regulation (“GDPR”) became effective on May 25, 2018. At the heart of GDPR is the belief that privacy is a fundamental right. Malwarebytes is committed to complying with GDPR, as well as applicable laws and regulations related to data privacy, including the California Consumer Privacy Act (CCPA). As a security company, we take seriously our responsibilities to protect and maintain the trust of those who have entrusted us with their personal data.
Malwarebytes has implemented policies, documentation, practices, and processes required by the GDPR, including, but not limited to:
- Training our workforce on the GDPR;
- Implementing procedures to process requests from data subjects;
- Performing data protection impact assessments;
- Investing in and improving our security practices;
- Ensuring that third parties with whom we share personal data to help provide our services demonstrate an ongoing commitment to GDPR and CCPA compliance, including by performing security diligence and having appropriate contractual terms in place.
WHAT PERSONAL DATA DOES MALWAREBYTES RECEIVE?
HOW DO I GET A DATA PROTECTION AGREEMENT IN PLACE?
Malwarebytes Software License Agreement already integrates our Data Protection Agreement (“DPA”) to comply with the GDPR. Malwarebytes DPA includes the EU Commission’s pre-approved Standard Contractual Clauses. In the event you would like a signed DPA, you can do so by clicking the “Data Protection Addendum” link on our Legal landing page to generate a DocuSign.
WHO ARE YOUR SUB-PROCESSORS, WHAT DO YOU USE THEM FOR, AND WHERE ARE THEY LOCATED?
View our Sub-Processor List.
WANT TO LEARN MORE ABOUT THE GDPR?
Read our GDPR Overview and Requirements for EU Privacy page.