• Home
• Legal

Sophos privacy policy

This document was last updated on 21 March 2007.

General

This is the privacy policy of Sophos Plc ("Sophos").

We at Sophos are committed to safeguarding the privacy of visitors to our website ("the Site"). Please read the following policy to understand how we use your personal data.

Whenever you give us personal data, you are consenting to its collection and use in accordance with our privacy policy. We will not share your personal information for marketing or any other purposes without your consent unless required by law.

Sophos email communications

Sophos adheres to the following policy in relation to deployment of Sophos email communications:

1. All emails sent to you by the Sophos Group will clearly identify Sophos or the applicable division of Sophos as the sender.
2. The subject line of any email sent by Sophos will always accurately describe the subject matter of the email.
3. All emails sent to you by Sophos will include an option to unsubscribe from future email messages.
4. You may unsubscribe from ALL Sophos mailing lists, with the exception of any emails regarding product updates, upgrades or renewals.
5. All promotional emails sent to you by Sophos will include information that the email is an advertisement within either the body or the footer.
6. All emails sent to you by the Sophos Group will include our physical postal address.
7. Any third party partners will be required to comply with legislative requirements on unsolicited emails and the use of data.

Sophos sends emails to customers, partners and prospects from a number of different domains in both plain text and HTML email formats. Emails are sent using sender email addresses at:

• @sophos.com
• @sophos.de
• @sophos.fr
• @sophos.co.jp
• @sophos.it
• @sophos.010.com
• @sophos.au

Sophos does use third-party companies to send emails on its behalf. Links inside emails sent by, or on behalf of, Sophos can point to URLs at the following domains:

• sophos.com
• sophos.de
• sophos.fr
• sophos.co.jp
• sophos.it
• sophos.010.com
• mail-sophos.com
• clicktactics.com

If you receive an email which claims to come from Sophos which does not use these domains, or if you are suspicious that an email may not be an approved Sophos email communication, then please send a copy of the email to customerservice@sophos.com so we can investigate.

Sophos has published best practise guidelines to help internet users learn how to avoid phishing emails at http://www.sophos.com/security/best-practice/phishing.html

What personal data does Sophos collect?

In general, you can visit Sophos on the Internet without telling us who you are or giving any personal information about yourself. However, when you enquire about, order, evaluate or start using our products or services; register for virus information alerts or for one of our training programs or when you enter a competition, you may be required to provide personal data such as your name, company position, address, telephone number, mobile number, fax number, email address, credit card details and age. If you forward information to us electronically or as a hard copy, we will collect that information and use it for the purposes for which you have provided it. We will never collect sensitive information about you without your explicit consent.

Every time you connect to the Site, we store a log of your visit that shows the unique number your machine uses when it is connected to the Internet - its IP address. This tells us what your machine has looked at, whether the page request was successful or not and which browser your machine used to view the pages. The use of this data is primarily for statistical purposes. This helps us to understand which areas of the Site are of particular interest and also which pages are not being requested. It also tells how many people are visiting the Site in total. We may attempt to contact you through these details if necessary, including, without limitation, when you are using the wrong paths to access the Site or are breaching restrictions on the use of the Site. We may also use this information to block IP addresses where there is a breach of the Terms and Conditions for use of the Site.

Cookies

A cookie is a piece of text that gets entered into the memory of your browser by a website, allowing the website to store information on a user's machine and later retrieve it. Some Sophos pages use cookies so that we can better serve you when you return to the Site. Cookies also enable us to track and target the interests of our users to enhance the onsite experience. Cookies are in no way linked to any personally identifiable information. If a user rejects the cookie, they may still use the Site, although some areas may be functionally limited.

Most internet browsers allow the use of cookies to be enabled or disabled. For specific instructions to enable or disable cookies on your computer, please refer to the documentation for your browser software.

How does Sophos use my personal data?

We use your personal data to provide goods and services to you, to provide you with virus information alerts and to let you know about other goods and services in which you may be interested, including alerting you to product upgrades, updates and renewal information. Personal information may also be collected for the purposes of improving our website content, providing goods and services, marketing, as part of our customer satisfaction surveys or for market research or other ancillary purposes.

If you are making a job application or inquiry, you may provide us with a copy of your CV or other relevant information. We may use this information throughout Sophos for the purpose of considering your application or inquiry. Except when you explicitly request otherwise, we may keep this information on file for future reference.

We may also use your personal data to carry out research. Your personal data may be aggregated with data received from other survey submissions. This research is conducted for our internal business and training purposes and will improve our understanding of our user's demographics, interests and behaviour. This research is compiled and analysed on an aggregate basis and therefore does not individually identify any user.

Partners of Sophos may visit a specially allocated website. We may use information provided on that site to administer and develop our business relationship including the sharing of certain information (where permitted to do so) with associate companies other business partners, customers or prospects.

As a global company, we have international sites and users all over the world. When you give us personal data, that data may be sent electronically to servers anywhere in the world and may be used, stored and processed anywhere in the world, including countries outside the European Economic Area. Whenever and wherever we collect, process or use personal data, we take steps to ensure that it is treated securely and in accordance with our privacy policy.

With whom might we share your personal data?

We may pass your personal data to our associated companies or to our authorised resellers, partners and resellers, some of whom may be located outside the European Economic Area, to provide you with the goods and services that you requested.

All emails sent to you by Sophos will follow the email guidelines described above. In keeping with these guidelines, if you have requested not to receive email communication from Sophos, we may also share your contact information with third parties to ensure you also do not receive email communication from them on behalf of Sophos.

We may also provide your personal data to companies outside our group, associated companies, our partners or authorised resellers; that may or may not be located outside the European Economic Area in order to provide you with information about other products or services.

Except as set out above, we will not disclose your personal information except where we are obliged to do so or allowed to do so by law, or where we need to do so in order to run our business (for instance where we outsource services or other people process data for us). If you do not wish us to pass your information to any other companies, please let us know by sending an email to us at customerservice@sophos.com.

Links

The Site contains links to other sites. Please be aware that we are not responsible for the privacy practices of other sites. We encourage our users to be aware when they leave our site, and to read the privacy policy of other sites that collect personal data. This privacy policy applies to personal data collected by Sophos and our associated companies. Sophos is not responsible for the content on any other site outside the Site and the sites of our associated companies ("Associated Sites").

Security

We endeavour to hold all personal information securely in accordance with our internal security procedures and English law.

Unfortunately, no data transmission over the Internet or any other network can be guaranteed as 100% secure. As a result, while we strive to protect your personal information, we cannot ensure and do not warrant the security of any information you transmit to us, and this information is transmitted at your own risk.

Contact

This is the website of Sophos Plc a company registered in England and Wales under company number 2096520 whose registered office is at The Pentagon, Abingdon Science Park, Abingdon, Oxon, OX14 3YP, United Kingdom and whose VAT registration number is 348 3873 20.

If you want to request any information about your personal data or believe that we are holding incorrect personal data on you, please contact: customerservice@sophos.com. It is possible to obtain a copy of the information that we hold on you. A nominal charge of £10 is made to cover administrative costs involved.

Notification of changes

This privacy policy was last updated on 21 March 2007. We reserve the right to amend or vary this policy at any time and the revised policy will apply from the date posted on the Site. You accept that by doing this, Sophos has provided you with sufficient notice of the amendment or variation.