Phoenix FailSafe™ Privacy Policy
Phoenix Technologies, Ltd. ("Phoenix," "we," "us") is pleased to offer the FailSafe theft‑deterrence service. This FailSafe Privacy Policy (the "Policy") describes our practices in connection with Personally Identifiable Information (as defined below) and other data that we may collect through FailSafe. This Policy does not address our practices regarding information that we collect through any web site, or by any other means, other than through the use of a mobile device (as defined below) with FailSafe installed; nor does this Policy govern the collection, use or disclosure of information by any of our affiliates (collectively, "Affiliated Entities") or by third parties.
By using FailSafe, you agree to the terms and conditions of this Policy. If you do not agree to the terms and conditions of this Policy, please do not use FailSafe. We reserve the right to change this Policy without prior notice. You can determine when this Policy was last revised by referring to the "Last Updated" legend at the top of this page. Any changes to our Policy will become effective upon our posting of the revised policy at this location. Use of FailSafe following such changes constitutes your acceptance of the revised Policy then in effect.
1. What is FailSafe?
FailSafe is a theft‑deterrence service that provides the ability to protect, track, and manage lost or stolen mobile computing devices (collectively, “mobile devices”) and the data on those devices. Depending on the version purchased, FailSafe allows mobile device owners to remotely retrieve, encrypt and erase the vital content stored on their mobile devices and even remotely disable the device if necessary via the Internet.
FailSafe is available for individual mobile device owners as well as enterprises. For the purpose of this Policy, “mobile device owner” refers to the person who or entity that entered into the license agreement with Phoenix to use FailSafe on the mobile device. The mobile device owner may not be the same individual as the end user of the mobile device (the “mobile device user”).
2. What Types of Information Does Phoenix Collect From Users of FailSafe?
Phoenix gathers three basic types of information through FailSafe from mobile device users: Personally Identifiable Information (or "PII"), Non‑Personally Identifiable Information (or "Non‑PII") and IP Addresses. Personally Identifiable Information is information that identifies an individual. Non-Personally Identifiable Information is aggregated information, demographic information and any other information that does not identify a specific individual. An IP Address is the Internet Protocol address of a mobile device.
a. Personally Identifiable Information. When a mobile device owner registers the mobile device with Phoenix to use FailSafe, Phoenix collects PII about the mobile device owner, such as name, physical address, email address and telephone number. If a mobile device user saves PII to the mobile device and it is lost or stolen, Phoenix may use FailSafe to collect the PII and other data that was stored on the mobile device. If a mobile device is reported stolen, FailSafe may also: (1) remotely download and use forensic tools to log keystrokes; or (2) collect a photo from a webcam or built-in camera of a mobile device. This information is encrypted and transmitted back to our communications center via the Internet.
b. Non‑Personally Identifiable Information. When a mobile device user uses a mobile device employing FailSafe, Phoenix and its third party service providers may collect Non-PII (for example, location data). The types of Non-PII that may be collected vary depending on the version of FailSafe employed and the settings established by the mobile device owner.
i. Location Data. Phoenix collects mobile device location data using GPS activity, IP traces and Wi‑Fi information:
1. GPS Activity. FailSafe will automatically detect the presence of a connected GPS device and periodically transmit GPS coordinates to the FailSafe server.
2. IP Traces. FailSafe captures the public and local IP addresses and identifies the Internet Service Provider (“ISP”) providing service to the mobile device.
3. Wi‑Fi. In addition to identifying the public and private IP addresses, FailSafe identifies Wi‑Fi information such as the name of the wireless network, SSID, whether or not the network is secured (i.e., WEP enabled), and signal strength.
ii. Information On the Mobile Device. Phoenix collects certain information about mobile devices registered to use FailSafe, such as CPU serial number and Media Access Control (MAC) address. Phoenix also collects Non‑PII when such information is stored on a mobile device. Information is considered to be Non‑PII if, unless combined with PII, it does not personally identify an individual. Additionally, we may aggregate PII in a manner such that the end-product does not personally identify an individual who uses a FailSafe‑enabled mobile device; for example, by using PII to calculate the percentage of our users who use their mobile devices in a specific geographic region. Such aggregate information is considered Non‑PII for purposes of this Policy.
c. IP Addresses. The IP Address of the mobile device is a number that is automatically assigned to the mobile device by an ISP. This number is identified and logged automatically whenever the FailSafe tracking service is enabled. We use IP Addresses for purposes such as tracking mobile devices and administering FailSafe.
3. How Does Phoenix Use Information Collected From Mobile Devices?
a. Personally Identifiable Information. The mobile device owner may use FailSafe to cause the data on the mobile device to be encrypted and transmitted to a communications center via the Internet, where it is made available to the mobile device owner via a website for subsequent decryption, viewing, and downloading. Any data on the mobile device that is collected through FailSafe, including PII, is encrypted prior to this transmission to our communications center. Phoenix uses the PII collected from mobile devices to fulfill the purposes of the FailSafe program – namely, restoring the data to the mobile device owner – and to process requests and transactions with the mobile device owner.
b. Non‑Personally Identifiable Information. Because Non-PII does not personally identify an individual, we may use such information for any purpose. In addition, we reserve the right to share such Non‑PII with Affiliated Entities and other third parties for any purpose. Where Non‑PII and PII are combined, the combined information will be treated as PII as long as it is so combined.
c. IP Addresses. Phoenix uses IP Addresses to track the location of the mobile devices. Please note that we treat IP Addresses, server log files and related information as Non-PII, except where we are required to do otherwise under applicable law.
4. How Is Information Disclosed?
a. Third‑Party Service Providers. We work with third parties who provide services including but not limited to server maintenance, processing credit card transactions and other payments, and other services of an administrative nature. We reserve the right to share information collected through FailSafe, including PII, with such third parties for the purpose of enabling these third parties to provide such services. When we share information with a third-party service provider we will ensure that appropriate safeguards are in place so that the PII will be protected with reasonable organizational, technical and administrative measures.
b. Mobile Device Owners. Data retrieved from the mobile device, including any PII about mobile device users, will be transmitted to our communications center in encrypted form. Mobile device owners may use FailSafe’s web-based communications center to decrypt and download this retrieved data, as well as to track the location of the mobile device.
c. Assignment. We reserve the right to transfer any and all information that we collect from mobile device users and mobile device owners or through FailSafe to an Affiliated Entity or a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Phoenix's business, assets or stock (including without limitation in connection with any bankruptcy or similar proceedings).
d. Law Enforcement; Emergencies; Compliance. We may disclose all information collected, including PII about mobile device users and mobile device owners, to others as we believe to be appropriate: (a) under applicable law, including the laws of any country where Phoenix operates; (b) to comply with legal process or to defend claims; (c) to respond to requests from public authorities in any country where Phoenix operates; (d) to enforce our terms and conditions; (e) to protect our operations or those of any Affiliated Entities; (f) to protect the rights, privacy, safety or property of Phoenix, the Affiliated Entities, or others; and (g) to permit us to pursue available remedies or limit the damages that we may sustain.
e. Photos. Certain versions of FailSafe allow candid photos to be taken and collected by FailSafe if the mobile device is reported lost or stolen by the mobile device owner. Such photos may be released only in accordance with Section 4.d or to law enforcement. Please note that other photographs stored on the mobile device could be included in data that is encrypted and sent to the mobile device owner.
5. Other Important Notices Regarding Our Privacy Practices.
a. Security. We seek to have security measures and tools, such as firewalls, in place to help protect against the loss, misuse and alteration of the information under our control. Unfortunately, no data transmission over the Internet location tracking method or data storage system can be guaranteed to be 100% secure. As a result, although we strive to protect PII, we cannot ensure or warrant the security of any information transmitted to us through or in connection with FailSafe or that is stored by us. If a person has reason to believe that his or her interaction with us is no longer secure (for example, if the security of any account has been compromised), please notify us of the problem immediately by contacting us in accordance with Section 5.f ("Contacting Us,") below.
b. Reviewing PII. If a mobile device owner would like to review PII or other information that FailSafe retrieved from a mobile device or check the location of a mobile device, the mobile device owner may do so by logging in to the FailSafe web‑based communications center. A mobile device user who is not the mobile device owner should contact the mobile device owner for more information on how to access and review information retrieved by FailSafe. Only the mobile device owner has access rights to data from Phoenix.
c. Blocking Location Tracking. Mobile device users may temporarily block location tracking by turning off the FailSafe-enabled mobile device. Location tracking will begin again once the mobile device is turned on again.
d. Retention Period. We will retain PII we collect for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required by law.
e. Jurisdictional Issues. Phoenix does not represent or warrant that FailSafe, or any part thereof, is appropriate or available for use in any particular jurisdiction. Those who use mobile devices with FailSafe enabled do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. We may limit FailSafe's availability, in whole or in part, to any person, geographic area or jurisdiction we choose, at any time and in our sole discretion. By using a mobile device with FailSafe enabled or submitting any PII to us, the mobile device owner consents to the transfer of PII to other countries, such as the United States, which may provide a different level of data security than in other countries.
Contacting Us. Any questions regarding this Policy should be directed to us by email at PrivacyPolicy@phoenix.com. Please note that email communications will not necessarily be secure; accordingly please do not include credit card information or other sensitive information in email correspondence with us.