Why Do We Provide the “Do Not Sell” Link?
If you are a California resident, the California Consumer Privacy Act (“CCPA”) provides you with the right to opt out of the “sale” of your personal information.
Under the CCPA, “personal information” includes information that is not necessarily directly tied to an individual’s identity but may be associated with your device. This includes identifiers such as IP addresses, web cookies, web beacons, and mobile AdIDs. In many cases, this type of information is not associated with you, but they are unique identifiers that could be. Similarly, the term “sell” is defined to include not just selling in exchange for money, but also sharing or transferring personal information (including information that does not directly identify an individual as described above) in exchange for anything of value, which is not limited to the exchange of money. Certain things are not considered “sales,” including when (1) personal information is shared with a service provider that is contractually prohibited from using the personal information for any purpose beyond the service specifically requested (“service provider exception”), or (2) when the consumer has directed a company to disclose the personal information (“consumer directed exception”).
Does Avast “Sell” Your Personal Information?
However, the CCPA’s broad definitions of “personal information” and “sale” may deem the common flow of information in the digital analytics and advertising ecosystem to be a sale. Like most companies that operate commercial websites and apps, Avast utilizes online analytics to measure the ways users engage with our websites and apps. These analytics, in turn, inform how we perform online advertising, detect and fix bugs, and measure usage of the website and apps. In order to provide these analytics and facilitate online advertising, we use third parties that collect device identifiers and place tags, cookies, beacons, and similar tracking mechanisms on our websites/apps and on third-party websites/apps. For instance, we may request that a third-party facilitate the placement of our ads on a particular website after a consumer has previously visited avast.com. The third parties we use for these purposes generally do this by placing a cookie on a user’s browser so it can identify that the same browser visited other websites. Similarly, where our webpages or apps provide space for advertisements, these third parties may use identifiers such as cookies for websites, or the device’s mobile AdID for apps, to facilitate real-time bidding by advertisers. Please note, regardless of your selection, you will still see some advertising when we determine such advertising does not involve the selling of your personal information.
Where we can reasonably ensure via contract that the third parties described above can and will use a device identifier solely to provide the specific service we have requested, and will not use or share the data for other purposes, we will not deem that sharing a “sale.” In most cases, we’ve determined that our data analytics providers that measure the ways users engage with our websites and apps meet this standard and, accordingly, we will not block the sharing of an identifier with those entities even when you choose to opt-out through the “Do Not Sell” link.
In some cases, though, we do not ultimately control how such identifiers are used by some third parties (particularly in some cases in the online advertising ecosystem), and so we can’t determine that all sharing with third parties in these cases fall within the service provider exception under the law. As a result, we are currently treating our sharing with some of these third-parties as a “sale” under the CCPA.
How Do You Instruct Us Not to Sell Your Info?
To request that we may not to “sell” your personal information, please send the requests to firstname.lastname@example.org. We will attempt to block further sharing of the covered identifiers with the third parties we engage on those digital properties or any other entity that does not fall within the service provider exception or the consumer directed exception. Your selection is saved to this browser, on this device.
You can control the cookies setting directly in your browser. To open the setting click here.
How Do We Maintain your “Do Not Sell” Choice?
For Avast websites, if you set a “Do Not Sell” preference that is specific to the site that you are visiting, please be aware that the setting will only work if your browser is set to accept cookies. Likewise, if you clear your browser cookies, the cookie-based “Do Not Sell” setting will be erased, and you will need to reset the setting for that web domain. For Avast apps, the local setting should remain until you specifically change it or clear app data on your device— but you should check the setting regularly to ensure it reflects your current choice.