Disclosure For Android Apps
Sending users’ installed application information to https://api.protectstar.com

Effective Date: March 15, 2023

1. Introduction

Please read this disclosure carefully before you agree to it. This disclosure outlines the personal data collected and transferred from users of our Android apps, their usage, and sharing practices.

We at Protectstar Inc. (“Protectstar”, “we”, “us”, “our”) values privacy, security, and online safety and is committed to protecting users' (“you” and “your”) information and activities.

We may update this disclosure to reflect changes in our business. Material changes will be communicated via email, in-product notification, or as required by law. Therefore, review the most current version of this disclosure regularly.

2. In-App Disclosure and Consent Request Process

Our app ensures you are well-informed during its normal usage by providing an in-app disclosure without the need to explore menus or settings. Alongside the disclosure, we request your consent by following these guidelines:

  • a. We display the disclosure prominently and right before asking for your consent.
  • b. We require a clear, affirmative action from you, such as tapping "accept" or checking a box, to indicate your consent.
  • c. We do not consider leaving the disclosure (by tapping elsewhere, pressing the back or home button) as a sign of your consent.
  • d. We avoid using auto-dismissing or expiring messages to obtain your consent.

3. Information Collection and Use

For a better experience, while using our service, we may require you to provide us with your installed application information.

Our app transmits users' installed application information off the device to our servers at https://api.protectstar.com to provide and improve the services offered by the app.

The information we request is uploading users' installed application information to https://api.protectstar.com will be retained and used as described in this privacy policy.

The app does use third-party services that may collect information used to identify you.

Link to the privacy policy of third party service providers used by the app:

4. What kind of personal data do you provide to us, and what data do we collect?

To ensure the full performance of the cloud servers and to enable quick and precise analyzes, we process the following Service and Device Data:

Selective users’ installed app package information of the apps you have installed on your device in the data type of SHA-256 checksum and corresponding installed app package names.

The data will be sent to our servers at https://api.protectstar.com

The type of data we collect include the following:

  • The apps corresponding package name
  • The calculated SHA-256 checksum of the apps apk file
  • The calculated SHA-256 and the MD5 checksum of scanned files

Your data is sent anonymously and automatically to the following URL:
https://api.protectstar.com/api/get-deep-detective-packages-shas-info

5. How will your data be transferred from your device to our cloud server?

The data transmission is performed in encrypted (AES-256 bit) form using the HTTPS protocol and cannot be tracked back to individuals.

6. Why do we process your data?

The data of users' installed package or file information in the type of SHA-256 or MD5 you send to our cloud server is needed to provide the services to you, to offer you an accurate detection of malware and fraud protection. It also ensures you get the best possible security of the installed app.

7. What is the purpose of sending users' installed application information to https://api.protectstar.com?

Our purpose in collecting your information is to equip you with useful products and services that provide a more agile, dynamic response to new and unknown threats.

The purpose of sending users' installed application information to https://api.protectstar.com is to analyze the installed application information by our Protectstar® Artificial Intelligence Cloud (AI Cloud). Protectstar® AI Cloud runs on servers and not on individual devices, like the user's smartphone. This ensures the full performance of the AI Cloud servers and enables quick and precise analyzes. At the same time, it keeps the user devices resource-efficient with optimal performance.

The data processing ensures:

  • Identifying new threats, their behavior, their security status, and their sources.
  • Determination of the reputation of examined objects.
  • Reducing the likelihood of false alarms.
  • Increasing the performance of software components.
  • Performance increase for the rights holder's products.
  • Access to the confidential installed app information and use is directly related to the provision and improvement of Protectstar Android apps' functions.

8. How do we use the information we collect?

We use your data (as listed in section 4.) on our servers to

  • (a) provide and operate our Services;
  • (b) address and respond to service, security, and customer support needs;
  • (c) detect or prevent your device against cybersecurity threats such as malware
  • (d) detect possible false positives

Transmitted user information will only be used for the aforementioned limited purposes, which the user has agreed to.

When you install or use one of our Services, it will run in your device or environment background to help predict threats, and better protect you, your devices, and your information. For example, Protectstar may use the information to:

  • Analyze data sent to/from your device(s) to isolate and identify threats, vulnerabilities, viruses, suspicious activity, spam, and attacks, and communicate with you about potential threats;
  • Participate in threat intelligence networks, conduct research, and adapt products and services to help respond to new threats;
  • Check for Service updates and create performance reports on our Services to ensure they are performing correctly; and
  • Look for misuses of your data when you use our identity monitoring products.

To Run Our Business

We also use the information we collect for other business purposes, including to:

  • Analyze your behavior to measure, customize, and improve our Site and Services, including developing new products and services;
  • Advertise Protectstar products and services that we think may be of interest to you;
  • Provide customer support, troubleshoot issues, manage subscriptions, and respond to requests, questions, and comments;
  • Conduct market and consumer research and trend analyses;
  • Enable posting on our blogs, forums, and other public communications;
  • Prevent, detect, identify, investigate, and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity;

9. How long we store your Personal Data?

The data we collect from you may be stored, with risk-appropriate technical and organizational security measures applied to it, on in-house servers in Germany.

Protectstar will keep your Personal Data for the minimum period necessary for the purposes set out in this Policy, namely (i) for as long as you are a registered subscriber or user of our products or (ii) for as long as your Personal Data is necessary for connection with the lawful purposes set out in this Policy, for which we have a valid legal basis or (iii) for as long as is reasonably necessary for business purposes related to the provision of the Services, such as internal reporting and reconciliation purposes, warranties or to provide you with feedback or information you might request. Where required by law, we will delete your biometric data within three years of your last interaction with the Services.

In addition, if any relevant legal claims are brought, we may continue to process your Personal Data for such additional periods as are necessary for connection with that claim.

Once the abovementioned periods, each to the extent applicable, have concluded, we will either permanently delete, destroy, or de-identify the relevant Personal Data so that it can no longer reasonably be tied to you.

The selective extracted and transmitted data, as listed above, are stored for the duration, as is technically necessary. As a rule, this is only a few seconds before the data is securely deleted from our servers by a high-security deletion standard. In addition, for randomized sample testing, some transmitted installed package information is stored anonymized in the form of statistics.

In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.

10. Who Do We Share Personal Data With?

We do NOT share or sell your collected data with third parties.

11. How Do We Protect Your Data?

We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability.

12. What Choices Do You Have About Your Personal Data?

If one of our Android app products is installed on your device, you may stop Protectstar’s collection of Personal Data from your device by uninstalling that product.

Individual Rights in Personal Data

In accordance with applicable law, you may have the right to:

  1. Request confirmation of whether we are processing your Personal Data.
  2. Obtain access to or a copy of your Personal Data.
  3. Receive a portable copy of your Personal Data, or ask us to send that information to another organization (the "right of data portability").
  4. Seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Data.
  5. Restrict our processing of your Personal Data.
  6. Object to our processing of your Personal Data.
  7. Request erasure of Personal Data held about you by us, subject to certain exceptions prescribed by law.

If you would like to exercise any of these rights, don't hesitate to get in touch with us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee before performing your request.

Children’s Privacy

Some of Protectstar’s Services provide security features that parents may use to monitor their child’s activity online, physical location, or use of a registered device. These Services require parental consent, and we do not knowingly use the Personal Data we collect from children’s devices for any purpose except to deliver the Services. These products allow parents to delete their child’s profile at any time. If you believe we have collected information from your child in error or have questions or concerns about our practices relating to children, please contact us as described below. If you are under 18, you must have your parent’s permission to access the Services. Protectstar urges parents to instruct their children never to give out their real names, addresses, or phone numbers, without parental permission. If you learn that your child has provided us with Personal Data without your consent, you may alert us by contacting us as described below. Suppose we know that we have collected any Personal Data from children under 13 (and in certain jurisdictions under 16). In that case, we will promptly take steps to delete such information and terminate the child’s account.

Data Transfers

Protectstar is headquartered in the United States (see Contact Us for addresses), and we have operations, entities, and service providers in the United States and throughout the world. As such, our service providers and we may transfer your Personal Data to, or store or access it in jurisdictions that may not provide equivalent data protection levels as your home jurisdiction. We will take steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it.

Residents of the European Economic Area

We do NOT transfer Personal Data to countries outside of the EEA or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses in accordance with EU law and applicable EU regulations.

Data Controller

Where you purchase one of Protectstar’s consumer products, Protectstar Inc. acts as the Controller of your Personal Data.

Legal Basis for Processing

When we process your Personal Data, we will only do so in the following situations:

  • We need to use your Personal Data to perform our contract responsibilities with you (e.g., processing payments for and providing the Services you purchase or request).
  • We have a legitimate interest in processing your Personal Data. For example, we have a legitimate interest in processing your Personal Data to provide, secure, and improve our Services, in communicating with you about changes to our Services, and in informing you about new services or products.
  • We have your consent to do so. We need to process your Personal Data to comply with our legal obligations.

Individual Rights Requests and Withdraw Consent

You may submit a request to exercise your rights in Personal Data using the mechanisms explained under “What Choices Do You Have About Your Personal Data?” above. If you initially consented to our processing of your Personal Data, you may withdraw your consent using those mechanisms or by contacting us using the contact information below.

Data Subject's Rights

Protectstar® respects your control over your information. Upon request, we will confirm whether we hold or process data collected from you. You have the right to amend or update inaccurate or incomplete personal data, request deletion of your personal data, or request that we no longer use it.

As a data subject, you are entitled to the following rights:

  • right to request access to your personal data from Protectstar,
  • right to rectify your personal data if inaccurate (including completing incomplete personal data),
  • right to request the erasure of your personal data,
  • right to request the restriction of processing your personal data,
  • right to object to processing, and
  • right to data portability.

Under certain circumstances, we may not fulfill your requests, such as when it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves unnecessary cost or effort. However, we will respond to your request within thirty (30) days and provide an explanation in any event.

The rights holder treats the data received from the end-user as part of this statement under the privacy policy for rights holders. This policy can be viewed at https://www.protectstar.com/en/legal-notice.

California Privacy Rights

If you are a California resident, you may have additional privacy rights.

13. Changes to This Privacy Policy

We reserve the right to revise or modify this Disclosure to reflect changes in our data practices. If we make any material changes, we will notify you by email (sent to the address specified in your account) or through a notice on our website before the change becomes effective. We encourage you to periodically review this page for the latest information on our privacy practices.

This Policy is reviewed and updated at least annually, and we will use reasonable means to inform you and, where necessary, obtain your consent for material changes.

14. Contact Us

If you have questions or requests about personal data or privacy, please contact us at t https://www.protectstar.com/en/contact. You can make a request online or email us at privacy@protectstar.com