Webroot Privacy Policy

I too did see that in the thread you are talking about, I'm glad to see they aren't selling any info according to these policies, however, I too am curious about the "sharing with advertisers, marketers, etc part" and more importantly, the sharing of personal info with 3rd parties who haven't agreed to "provide the same level of protection to your info as we do"
 
Is there any clarification on this?

The statements I quoted appear in this document "What's New":
http://webroot-cms-cdn.s3.amazonaws.com/5914/8225/6473/Website_Privacy_Statement_-_Whats_New.pdf
 
Of most concern:  see pages 3 and 4 "Webroot  WSA Privacy Statement"
quoted below:
Our new WSA Statement explains that we share your personal information with third parties, including analytics providers; service providers; and others who serve purposes consistent with our Statement. These third parties may associate such personal information with you or your device when you visit websites owned or operated by those third parties.
? Our WSA Statement omits language allowing you to opt out of disclosure of your personal information to third parties as part of a joint sales promotion or for other sales purposes.
? In some cases, we may choose to share your personal information with third parties who have not explicitly agreed to provide the same level of protection to your information as we do. Such sharing will be consistent with our WSA Statement and all applicable laws.
 
FROM OLD PRIVACY STATEMENT:
Old Privacy Statement:
We may also share your personal information with other selected third parties, including:
? business partners, suppliers, and subcontractors, who have contractually agreed to keep your information secure and confidential and to use it only for the purpose for which it was supplied, for the performance of any contract we enter into with them or you;
? third-party customer support providers;
? advertisers, marketers, and advertising and marketing networks that use the information to select and serve relevant ads to you and others on our site, on other sites, and in apps, as permitted under applicable law and in accordance with your communication preferences; and
? analytics and search engine providers that assist us in the improvement and optimization of our site.

Thanks guys for bringing this to our attention.
Clearly Webroot have relaxed the rules on privacy and there does seem to be a difference between the data that we provide via WSA and the data from the website. However because of the legalese it is hard to fully understand.
 
There is not much any of us can do about the information that Webroot glean from our use of the product. I am a bit disappointed to read the use that Webroot make of the info that they take from the website which includes this community.
 
It would be helpful if we could have an explanation from the top (as  @ puts it) as to why the change, what it means in simple english and what we can do, if anything, to limit the leaking of our personal info.

Thanks for the clarification JP!! Much appreciated!!

@ wrote:
Thank you for being up front with us @ it is appreciated.
 
I just wish other companies were as open and approachable.
 
Just one question though ;)
Why do people not take the same amount of care when installing software from the web by reading the small print and make the installation of many of the PUP's a lot more unlikely?

Thanks for the clarification JP - much appreciated and reassuring.

@ wrote:
My pleasure! Thank you all for being so proactive.
It's encouraging to know that our users aren't afraid to have their voices heard. That's what we're about here on the Community and we'll continue to do our best to be as transparent as possible.

 
http://makeameme.org/media/created/congratulations-here-have.jpg
 
http://forums.steroid.com/attachments/pro-news/19733d1055514609-congrats-jp-fux-jpfux_new.jpg

Every now and then they have to come off....
*serious face* :catwink:

That kind of statement has to be made. Even in the the most secure safe in the world, Fort Knox included, nothing in this world is 100% secure.
 
Even Webroot SecureAnywhere isn't 100% secure. Is that a problem to you? It isn't to me. However hard we try, we still live in an imperfect world. The reason I use Webroot is because I believe it succeeds better than the others.

I opened this thread in January 2017.
 
In my original post, I expressed grave concern with certain statements in the Webroot Privacy Policy concerning

• sharing our "personal information with third parties who have not explicitly agreed to provide the same level of protection to your information as we do"
• and "with ... selected ... advertisers, marketers, and advertising and marketing networks that use the information to select and serve relevant ads to you and others on our site, on other sites, and in apps".

And even this incredible statement that I cited in a subsequent post:

• "Our WSA Statement omits language allowing you to opt out of disclosure of your personal information to third parties as part of a joint sales promotion or for other sales purposes" 

 
Some of these clauses were originally highlighted by @ in this post, and it was his post that brought the matter to my attention.
 
I was also extremely surprised how members of the Community Forum were so easily reassured by the soothing words of a Webroot employee and Community Forum Administrator ( @ ), although he had made no undertaking that this wording would be changed nor did he have any authority to do so, not being a member of the Legal Department nor a member of the Executive Team, and indeed when he said what he said, not a word had been changed in the Privacy Policy (Let me hasten to add that I did not, and do not, impugn his sincerity or his personal integrity in any way, indeed in many ways I have a lot of respect for him—I am just saying that nothing had materially changed by the mere utterance of his words on this Forum thread).
 
I decided not to say anything until I had had time to look at this matter again and to prepare an appropriate response (this had even made me put my commitment to continuing to subscribe to Webroot AV on hold, as privacy is very important even of fundamental importance to me—as indeed I believe it should be to every person.
 
Well, I can only say that, after having today twice re-read Webroot's Privacy Policy from beginning to end, although it still has the same date on it, December 30th 2016, all three of those passages I cited are no longer there, and it in fact now reads (to my mind at least) as an eminently reasonable policy, and one that I am very much at ease with.
 
That is what I was looking for as a response, and that is what has happened. It is a pity that no-one in Webroot has brought this to our attention (in this thread, for example) as I find this change of heart commendable and it has raised my esteem of Webroot for the care it takes towards the privacy of its customers and clients and for its willingness to listen to our concerns in the Community. I assume this means that @ raised this matter with higher authorities within Webroot, and persuaded them that changes to the wording and therefore to the policy were necessary. Thanks, @!
 
It only remains astonishing how legal minds could have concocted the original wording, and also how it got past Webroot controls.
 
Anyway thank you, Webroot!

My post on Saturday was an immediate, almost knee-jerk response, having seen the new Webroot Privacy Policy.
 
Then yesterday, I realised that there could be an alternative and compelling reason for Webroot to make these changes: the implementation by the EU into law, in just three months' time, of their new General Data Protection Regulation (GDPR).
 
This represents, for companies all over the world, a draconian and invasive set of regulations and indeed is designed to be just that so that EU citizens can be protected, not only from sloppy protocols for protecting customers' personal and private data from hackers, but also protecting their data from just the kind of abuses as those that were made possible by the three clauses I refer to above.
 
Was the deletion of these clauses a genuine change of heart by Webroot? Or were those deletions made because Webroot had been caught red-handed, and was in danger of being accused, by virtue of those three clauses, of being out of line in their Privacy Policy with proper procedures for protection of EU citizens' (not to speak of citizens of other countries) private data? Maybe @ can enlighten us regarding the answer to this question.
 
And one more question: considering that these changes were pretty significant, why did the date remain the same at the top of the document?

 

@ wrote:
@ 
From our Legal team: Our Privacy Policies haven’t changed since Jan 30, 2017, and the changes were made because Webroot wanted to provide better visibility into how we used, stored, and transferred personal data. But, the privacy policies haven’t changed since Jan 2017.
 
It is possible that you were referencing the then-existing policy when you read the “What’s New” document regarding changes to our Privacy Policies. This What’s New document was provided along with the notice of our changing policies 30 days in advance of the new policies becoming effective. 

First, two things, Thank you, Anna, for replying so quickly. And also, I have to apologise for not properly having done my homework before writing my post. I thought I had, but upon closer examination it seems you are right in saying that I am referring to the wrong documents. Looking more closely at my posts back in January of last year, and more particularly this post, it is true that the statements:
"In some cases, we may choose to share your personal information with third parties who have not explicitly agreed to provide the same level of protection to your information as we do"
and
"Our WSA Statement omits language allowing you to opt out of disclosure of your personal information to third parties as part of a joint sales promotion or for other sales purposes"
do indeed belong to the document Website Privacy Statement - What's New which unfortunately is no longer available on the internet and has, presumably, been now deleted (?).
 
I am as sure as I can be that those statements were referring to the new Privacy Statements. Obviously, it is not ideal that I was not able to address these issues earlier when memory is fresher regarding what I had read, also that I did not make and keep hard copies of all of these documents. However, what is certain is that I did read them carefully and they caused me no small concern. And I would be astonished if, having read them with care, I failed to notice that they referred to the old policies!
 
So I believe that it is important that the following be queried:

• Is it true, regarding our WSA subscriptions, that Webroot customers (we) cannot "opt out of disclosure of your personal information to third parties as part of a joint sales promotion or for other sales purposes" ? If so, this is to my mind unacceptable.
• Is it true that, when we use your website, for example this Community Forum, "In some cases, we may choose to share your personal information with third parties who have not explicitly agreed to provide the same level of protection to your information as we do". Again, to my mind, unacceptable—indeed, totally so.

 
Finally, I said in my January 2017 post I link to above (here it is again), that the statement: "We may also share your personal information with ... selected ... advertisers, marketers, and advertising and marketing networks that use the information to select and serve relevant ads to you and others on our site, on other sites, and in apps, as permitted under applicable law and in accordance with your communication preferences" belonged to the old Privacy Policy which I was unable to find. In fact, I do now have access to that Policy which is to be found here. And I was wrong. The above statement is not to be found there, but rather in the new Website Privacy Statement, to be found at the bottom of page 3 and the top of page 4 of said document. Regarding this statement, it would be good to know what "personal information" is shared by Webroot with "advertisers" and "marketers".
 
If it is possible, it would be best if the answer to these three questions were to come from someone within the Legal Department. I feel these are important questions, and that they need to be properly answered.
 
Thank you again.