In December 2019, we acted quickly to meet browser store standards and are now compliant with browser extension requirements for our online security extensions. At the same time, we completely discontinued the practice of using any data from the browser extensions for any other purpose than the core security engine, including sharing with our subsidiary Jumpshot.
We ensure that Jumpshot does not acquire personal identification information, including name, email address or contact details. Users have always had the ability to opt-out of sharing data with Jumpshot. As of July 2019, we had already begun implementing an explicit opt-in choice for all new downloads of our AV, and we are now also prompting our existing free users to make an opt-in or opt-out choice, a process which will be completed in February 2020.
Okay, gotta respond to this.
1) That 'ability to opt out' ever since the GDPR wasn't enough. It's 'consensual opt-in', not 'standard opt-in unless you change it'. You've been in breach of the GDPR for more then a YEAR.
2) That 'ability to opt out' was quite hidden and never well communicated
3) With the new engine update, you resetted it to standard opt-in for everyone, even if someone already had opted out. Plus, are you going to give the paying users the clear option too? Otherwise I see enough still unknowingly being opted-in to your data selling misuse.
4) I saw the examples of the data you sold. That's damnable identifiable.
5) Are you going to give people free GDPR-insight into the data you gathered with the plug-in as well as core protection service data gathering abusals?
Our Privacy Policy details the protections we put in place for all our users. Users can also choose to adjust their privacy levels using the broad range of settings available in our products, including control over any data sharing at any time. We voluntarily comply with the GDPR and California Consumer Privacy Act (CCPA) privacy requirements across our entire global user base.
We have a long track record of protecting users%u2019 devices and data against malware, and we understand and take seriously the responsibility to balance user privacy with the necessary use of data for our core security products.
'Voluntarily comply with GDPR'? Mister, you're based in the European Union, you also serve European users. GDPR compliancy is NOT voluntarily, it is MANDATORY. Yet you're in breach of the GDPR. Also, 'for your core security products'? What has selling data to Google etc to do with 'core security products'?
Edit: Also, I just took a look and your 'choice message' is possibly not even GDPR-compliant either because you're not really completely open about what you do with the gathered data. And your colouring of green for 'Yes' and red for 'No' possibly isn't allowed either.