What information do we collect about you?
Information submitted to Netcraft, when you choose to report malicious mail to us. This includes the email sender, subject, content and recipient(s) of the suspected mail and the contact email address you provide in the report.
Microsoft may share information with us when you install the add-in, including your name and email address.
We do not collect any personal information except that described above. In particular, we do not collect personal information or email content other than the data explicitly reported by the end user.
How will we use the information about you?
Your data is used to allow us to provide our services. Specifically, to:
- Detect new malicious websites and malicious attachments.
- Track and improve the services we provide to our customers.
On occasion, we may share malicious mails that you report to us with our customers, if the malicious content in the mail pertains to that customer.
Otherwise, your personal data will never be shared with any third parties except successors in title to our business and, if required, government bodies and law enforcement agencies. We may aggregate data from our users to produce reports that may be shared; this data is anonymised and cannot be associated with specific users.
How long is your information kept for?
We keep your information for no longer than is necessary for the purposes it was collected for, unless otherwise required by the law. This can vary depending on the nature of the data.
How will your contact information be used?
We will only use your email address to provide you with additional information about websites you report to Netcraft. If you do not want to receive these updates, we provide an un-subscribe link in every email sent to you concerning your reports, which can be used to stop any further email updates regarding any and all of your reports.
What is our legal basis for processing data?
Data protection laws require us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Specific consent. For example when you give consent to us using your email address for a certain purpose.
Legal obligation. When we are required to comply to with a legal or regulatory obligation.
Legitimate interests. Where it is necessary to achieve our or others’ legitimate interests. The following gives some examples of what we consider our legitimate interests: to monitor how the add-in is used in order to improve the product; to determine the effectiveness of the product.
We will not process data in a way which would have a negative impact on you, or in a way that would breach your rights under data protection laws.
Access to your information and correction
You have the right to request a copy of the information that we hold about you. You may also make us correct inaccurate data, or ask us to delete or suppress your data. To do so, please email us at firstname.lastname@example.org , or send a letter to 2 Belmont, Bath, BA1 5DZ, United Kingdom.
This page was last updated at 2019-10-15.