Common use of Privacy and Information Access Clause in Contracts

Privacy and Information Access. Comodo shall follow the privacy policy posted on its website at ▇▇▇▇▇://▇▇▇.▇▇▇▇▇▇.▇▇▇/repository/privacy-policy.php when collecting and using information from you. Comodo may amend the privacy policy at any time by posting the amended privacy policy on its website. By accepting this Agreement, you are providing express permission for the following information to be obtained by this program: Data and information that is collected from users for statistics and analysis during Comodo product installation, uninstallation and product update(s) in order for Comodo to know specific Comodo product usage on various operating systems, and to assist in further product planning and support include: Anonymous Computer ID; Comodo defined integer values for Product ID, Channel ID, Affiliate ID and selected Interface Language, Comodo product version; operating system name, platform, language, build and version; input e-mail (if optionally provided during installation); Comodo product related license information; settings for consent to data collection; if the web filtering feature is enabled and a browsed URL is a heuristic match with a malicious website database, the URL may be sent to Comodo for further analysis. The following information is also sent to Comodo to determine active users: Anonymous Computer ID; Comodo defined integer values for Product ID, Channel ID and Affiliate ID; and Comodo product version. The following information is only sent to Comodo based on consent: Install options; Comodo application usage (i.e. Comodo product launch and which features and interfaces used); Information on executed files which includes the file path, file size, the file’s sha-1 hash, Comodo verdict and source of verdict, user’s decision on application, parent application sha-1 hash, url associated with the file, IP of domain from where the file is downloaded, browser name and version from where a file is downloaded, if the file is seen as an installer by product, a file’s digital signing status, digital signer name if the file is signed; Information on installed browser, such as name, search engine and home page settings; Default browser; Crash dumps of Comodo application and Kernel crash dumps. In order to investigate crashes in the context of the system, computer information as extracted using Microsoft tool “msinfo32.exe /nfo” is sent, which contains complete system information including but not limited to, the categories of “Hardware Resources”, “Components”, and “Software Environment” with information about installed applications. Comodo Product(s) may produce log files of information about certificate revocation checks which are transmitted to Comodo for analysis. No correlation of personally identifiable information is made or included in the log files. Additional particular details of information collection include: The file/application list is scanned; reporting of information of scan events to Comodo’s ITSM server/ portal for integration, where the scan events will be shown on ITSM portal per device; System information via PAAR Service (Information about the computer or device such as computer ID, operating system language, operating system type); User events, (such as install, uninstall, and updates), logging, heartbeat, operating system changes, installation failure via Comodo Messaging Center Service. Upon enablement of functionality, collection includes global machine code, operating system version, and any changes to OS. Administrator access control for device; Data reporting to Comodo of response errors and response time for the following services: FLS, Valkyrie, ITSM File Rating, and ▇▇▇▇▇▇▇▇.▇▇▇▇▇▇.▇▇▇, as well as determining if these services are available. Options to automatically submit crash reports for CCS processes crash and Windows crashes and event logs are also available. CCS also sends the following information to Comodo’s FLS: Scan of files; file downloads from URLs and from which URL the file is downloaded; domain IP, browser name; parent hash if the file/process has a parent process; user id; product id; product version; installer; file size; file type; file path; digital signature status; file hidden status; verdict source; caller type; value of signer name of the code signing digital signature; enterprise field; enterprise value; registration and de-registration information; logging the parent process of file-less script launched in Containment. CCS monitors file upload/download status and the duration of such. Monitoring and reporting of file operations including any upload to Comodo Valkyrie, upload to Comodo account manager service (if configured), downloading updates from ▇▇▇▇▇▇▇▇.▇▇▇▇▇▇.▇▇▇ or other configured updating service. Reporting of unrecognized files that have stayed unrecognized for a given time period. Downloads of the local verdict service database updates is also allowed. A recognizer function of the program blocks suspicious applications from dropping files into a user’s auto run folder and has the ability to choose applicable actions. CCS may also send logs to third party logging systems, these could include event logs, system logs, and external files. CCS also creates, as needed, files or other items (such as logs, registry, keys etc.) required by the operating system for compatibility purposes.