Do Not Sell | Avast

As the world’s most trusted antivirus software company, we are 100% committed to our customers, which is why we want to take the time to explain exactly what the “Do Not Sell My Info” link on Avast webpages and apps means. 


Why Do We Provide the “Do Not Sell” Link?

If you are a California resident, the California Consumer Privacy Act (“CCPA”) provides you with the right to opt out of the “sale” of your personal information.

Under the CCPA, “personal information” includes information that is not necessarily directly tied to an individual’s identity but may be associated with your device. This includes identifiers such as IP addresses, web cookies, web beacons, and mobile AdIDs. In many cases, this type of information is not associated with you, but there are unique identifiers that could be. Similarly, the term “sell” is defined to include not just selling in exchange for money, but also sharing or transferring personal information (including information that does not directly identify an individual as described above) in exchange for anything of value, which is not limited to the exchange of money. Certain things are not considered “sales,” including when (1) personal information is shared with a service provider that is contractually prohibited from using the personal information for any purpose beyond the service specifically requested (“service provider exception”), or (2) when the consumer has directed a company to disclose the personal information (“consumer directed exception”).

Does Avast “Sell” Your Personal Information?

Avast does not sell information that directly identifies you, like your name, address, or email. In fact, we do not generally even share that type of information with third parties.  There is an exception for sharing with our service providers who can use the information solely to provide a service on our behalf (for example, we use partners to provide technical support), or in the limited additional circumstances outlined in our Privacy Policy (such as for processing payments, fraud prevention purposes or where we are legally required to share the information). 

However, the CCPA’s broad definitions of “personal information” and “sale” may deem the common flow of information in the digital analytics and advertising ecosystem to be a sale. Like most companies that operate commercial websites and apps, Avast utilizes online analytics to measure the ways users engage with our websites and apps. These analytics, in turn, inform how we perform online advertising, detect and fix bugs, and measure usage of the website and apps. In order to provide these analytics and facilitate online advertising, we use third parties that collect device identifiers and place tags, cookies, beacons, and similar tracking mechanisms on our websites/apps and on third-party websites/apps. For instance, we may request that a third-party facilitate the placement of our ads on a particular website after a consumer has previously visited avast.com. The third parties we use for these purposes generally do this by placing a cookie on a user’s browser so it can identify that the same browser visited other websites. Similarly, where our webpages or apps provide space for advertisements, these third parties may use identifiers such as cookies for websites, or the device’s mobile AdID for apps, to facilitate real-time bidding by advertisers.  Please note, regardless of your selection, you will still see some advertising when we determine such advertising does not involve the selling of your personal information.

Where we can reasonably ensure via contract that the third parties described above can and will use a device identifier solely to provide the specific service we have requested, and will not use or share the data for other purposes, we will not deem that sharing a “sale.” In most cases, we’ve determined that our data analytics providers that measure the ways users engage with our websites and apps meet this standard and, accordingly, we will not block the sharing of an identifier with those entities even when you choose to opt-out through the “Do Not Sell” link.

In some cases, though, we do not ultimately control how such identifiers are used by some third parties (particularly in some cases in the online advertising ecosystem), and so we can’t determine that all sharing with third parties in these cases fall within the service provider exception under the law. As a result, we are currently treating our sharing with some of these third-parties as a “sale” under the CCPA.

Your selection does not affect other sharing of your information, as outlined in our Privacy Policy

How Do You Instruct Us Not to Sell Your Info?

You can control the cookies setting directly in your browser. You will find the the cookies setting in the footer of our websites.

To specifically request that we may not “sell” your personal information, please send the requests to dpo@avast.com. Based on the circumstances of your request, we will attempt to block further sharing of the covered identifiers with the third parties that does not fall within the service provider exception or the consumer directed exception.

How Do We Maintain your “Do Not Sell” Choice?

For Avast websites, if you set a “Do Not Sell” preference (via the cookie setting) that is specific to the site that you are visiting, please be aware that the setting will only work if your browser is set to accept cookies. Likewise, if you clear your browser cookies, the cookie-based “Do Not Sell” setting will be erased, and you will need to reset the setting for that web domain. For Avast apps, the local setting should remain until you specifically change it or clear app data on your device— but you should check the setting regularly to ensure it reflects your current choice.

Please review our Privacy Policy for a more detailed description of how we collect, use, and share the personal information of California residents in operating our business; your privacy rights as a California resident; and how to exercise your rights as a California resident. For the purposes of this notice, “personal information” has the meaning given in the CCPA, but does not include information exempted from the scope of the CCPA.