Data Respect Statement

We are Total Security Limited doing business as TotalAV™ ("Total Security Limited"). Our company details are set out at the end of this document.

Our use of your personal information is regulated under:

  • the General Data Protection Regulation (Regulation (EU) 2016/679)) for as long as the United Kingdom is a member of the European Union or is subject to any transition arrangements after leaving the European Union;
  • the Data Protection Act 2018; and
  • any other privacy related laws or regulations the UK may implement as a result of it leaving the European Union.

We are responsible as “Controller” for the purposes of those laws.

As a company we are committed to protecting and respecting the privacy of your personal information. We want you to be confident that your information will be properly protected whilst in our possession.

The Privacy Policy below explains how we, and carefully selected third parties we work with, will collect and use the personal information of our customers and suppliers and users of our websites. If this describes you, please read the Privacy Policy carefully and make sure you’re comfortable with the content.

We will only ever use your personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

Generally we do not rely on consent as a legal basis for processing your personal information other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to these activities at any time by contacting us at dataprotection@totalav.com

If you have any questions about our use of your personal information, or you wish to exercise one of your rights under the GDPR, please contact us at dataprotection@totalav.com

Privacy Policy

Personal Information. This Privacy Policy applies to the personal data of users that is collected or used by Total Security Limited as set forth more fully below (the "Personal Information"). You should also read our Terms and Conditions, Billing Terms and DMCA Policy which are incorporated herein by reference. When you use our Services, you are agreeing to our rules and policies regarding your data and acknowledge you have read and understood this Privacy Policy.

Changes to this Privacy Policy. We may modify this Privacy Policy from time to time to reflect changes in or requirements of the law or modifications or updates to the Services made in accordance with our Terms and Conditions. We will notify you if such change materially affects your rights under this Privacy Policy. Changes will not apply retrospectively and, unless the change is required immediately for legal reasons, notice of the modified terms will be provided a reasonable period prior to the changes taking effect. If you do not accept and agree to this Privacy Policy, then you must not access or use the Services.

What Personal Information Do We Collect

Information you give us. When you sign up for an Total Security Limited account, we keep the basic account information you give us, like your name, email address, telephone number, password and payment information.

Information we collect. We also collect and store your Personal Information as you use the Services and each time you interact with Total Security Limited, for example, when you:

  • update information in your control panel,
  • communicate with us by telephone or email,
  • order or download new Services,
  • register a licence or change your device and
  • complete forms on our website.

We also store information about the Services you purchase, such as the activation code, date of purchase, and information relating to any support issue.

Automatic Information. We may collect information about the device you access the Services from, such as the IP address or other unique device identifiers. If you access your account from a mobile device, that mobile device may also provide us with details of your location. Most mobile devices allow you to disable this functionality.

Cookies. Total Security Limited uses "cookies" and other technologies to collect data that enable us to better understand and improve the usability, performance and effectiveness of our website. Cookies are files sent to your browser and stored on your computer. We use cookies to gather general information about your visits to our website, the files you have designated for backup, the configuration of your computer and your computer’s interaction with the Services, and stores this information in log files. We use this information to understand traffic and downloads on our website, enabling us to improve the website, provide the best online experience possible, and improve our customer service.

Strictly necessary cookies - These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website and remembering which files you have marked for backup. Without these cookies, Services you have asked for, like security or e-billing, cannot be provided.

Performance cookies - These cookies collect information about how you use the website. These cookies don’t collect information that identifies you and are only used to improve how the website works.

Functionality cookies - These cookies allow the website to remember choices you make, such as the configuration of your computer, to provide enhanced, more personal features.

Advertising cookies - These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are placed on the website by advertisers and advertising networks, with our permission. They remember that you have visited the site and this information is shared with other organisations such as advertisers. We use analytics data and the DoubleClick cookies for advertising purposes. You may opt out of the DoubleClick cookie by visiting the Google advertising opt-out page or you may opt out of Google Analytics by visiting the Google Analytics opt-out page. The Google Website has additional information available about their Policy for Advertising based on Interests and Location.

Other Technologies - We may also use other Internet technologies, such as web beacons or pixel tags and other similar technologies, to deliver or communicate with cookies and analyze your use of the Services. We also may include web beacons in e-mail messages so that we know when you have opened an email message received from Total Security Limited.

You may disable cookies by changing the settings on your browser. Check the help menu in your browser for further information. Remember that if you disable cookies it is likely to affect how our website works and you may not be able to access or use certain areas of our website or functionality. Unless you have adjusted your browser setting so that it will refuse cookies, our system will place cookies when you log on to our website.

We use the following cookies on our website:

Name and type of cookiePurposeHow long until the cookie expires?Legal Basis we rely on
FRT:DCR (Functionality cookies)Fortifi Cookie to identify the device1 Yearlegitimate business interest
FRT:FPID (Functionality cookies)Fortifi Cookie to store the fingerprint ID of the device1 Yearlegitimate business interest
FRT:FPRINT (Functionality cookies)Fortifi Cookie to store the deceive fingerprint encrypted1 Yearlegitimate business interest
FRT:VIS (Functionality cookies)Fortifi Cookie to store the visitor ID used by fortifi1 Monthlegitimate business interest
FRT:ADVTD (Functionality cookies)Store Affiliate information1 Yearlegitimate business interest
skip-onboarding (Functionality cookies)Used to surpass customer onboarding stepSessionlegitimate business interest
PHPSESSID (Strictly necessary cookies)Information regarding users session1 Yearlegitimate business interest
LC (Strictly necessary cookies)Identifies a logged in user1 Yearlegitimate business interest

Personal Information regarding children. The Services are not intended for use by individuals who cannot enter a legally binding a contract. Accordingly, Total Security Limited does not intentionally gather any Personal Information about individuals who are under the age of eighteen (18). If you are under eighteen (18) years of age or otherwise lack the capacity to enter into a binding contract do not use our Services. If Total Security Limited becomes aware that it has collected Personal Information from someone under the age of majority, such information will be deleted immediately.

How We Use Your Personal Information

We use your Personal Information to provide you with the Services,

  • administer your account,
  • send you information about the Services (including updates and modifications),
  • process payments,
  • generate and review reports and data about our user base and Service usage patterns,
  • analyze the accuracy, effectiveness, usability, or popularity of the Services,
  • improve the content and features of the Services and
  • allow us to personalize the content and advertising that you see on the Services.

In order to do so, we may use your Personal Information to contact you through desktop alerts and live chat, email and (where you have consented) SMS/Text messaging.

When subscribed and explicitly consented by yourself, you agree that TotalAV™ will, from time to time, communicate with you via SMS text messaging. The purpose of these communications is for either Billing and Account Information Updates. We facilitate the removal from all SMS communication through an opt-out process. Reply, STOP to opt-out from all further SMS communications.

If you wish to change the way we use your data, see your options below. Please be aware that if you choose not to provide us with certain Personal Information, we may not be able to make Services available to you.

Automated Decision-Making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in the following circumstances:

  1. where we have notified you of the decision and given you 21 days to request us to reconsider the decision;
  2. for performing our contract with you and appropriate measures are in place to safeguard your rights;
  3. in limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

We do not envisage that any decisions will be taken about you using automated means, but we will notify you in writing if this position changes.

Your Personal Information

We will not share your personal data to any 3rd parties for marketing purposes. However in order to fulfill your customer needs we may have to share your data as set out below:

  • Our customer and technical support operators, such as: processing our mail, communicating with customers and prospective customers on our behalf (including via social media), running promotions, providing IT systems and administrative services and the development and improvement of internal systems and processes;
  • Competent authorities (statutory bodies, regulatory authorities, authorized bodies who have a role laid out by law);
  • Other organizations where we are legally obligated to disclose your personal information (such as requests made in the prevention and detection of crime) or where disclosure is necessary to protect the property, rights and safety of us and our staff or to comply with any law, regulation, or governmental or judicial warrant, rule, order or subpoena;
  • If we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy;

If you have given consent to this, you can withdraw it at any time. Please use the unsubscribe link on the email communication you receive or by visiting our GDPR Form.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

How We Communicate with You

We may, from time to time, send you emails, SMS, desktop alerts or other communications, including: (1) notifications of detected problems with your Service; (2) notifications concerning the expiration of your account; (3) activity status reports; (4) service and software upgrade notices; (5) notices concerning new or related Services from Total Security Limited (or other service providers as discussed in this Privacy Policy); (6) notices concerning enhancements to the Services; (7) price change notices for the Services; (8) notifications regarding suspected unlawful or inappropriate use; and (9) requests for feedback on the Services.

If you wish to change the types of communications you receive from us or opt out of receiving any future communications, you can do so. See Your Options below.

How We Protect Your Data

General. Total Security Limited has security measures in place to protect against the loss, misuse, and alteration of your data. Personal Information provided to us is stored in secure facilities with access restricted to authorized personnel only. Although we make good faith efforts to store the Personal Information we collect in a secure operating environment that is not accessible to unauthorized users, we cannot guarantee complete security.

Secure Payments. To provide secure credit card processing when ordering from us, orders placed on our website are processed through a payment gateway (www.fortifi.io) which operates under its own privacy policy. If you choose to purchase or license the Services online using a credit card, the credit card information is sent to us using SSL (Secure Socket Layer) encryption, an industry-standard method for protecting data as it travels over the Internet, or a similar encryption technology that may become accepted as an industry standard, or better encryption method, in the future. To learn more about our credit card processing vendors and their respective privacy and other policies which apply when you make a payment through their services, please review the terms of their own privacy policies.

Your Options

Email Communications. If you wish to change the types of communications you receive from us or opt out of receiving any future communications, you may do so by modifying your profile on your control panel, or by visiting our GDPR Form, or by clicking on the appropriate link in any TotalAV™ email communication that you receive.

SMS Communications. If you wish to opt out of receiving future SMS communications, you may do so by visiting our GDPR Form, or by following the opt out instructions in any TotalAV™ SMS communication that you receive.

Correcting Your Personal Information. You can access the Personal Information that we collect via your control panel. You can correct factual errors in your Personal Information on your control panel or by visiting our GDPR Form. Please provide sufficient details regarding the error. To protect your privacy and security, we take commercially reasonable steps to verify your identity before granting access or making any corrections to your Personal Information.

Your Data Protection Rights

Location of Personal Information and Transfers.

Many of our external third parties are based outside the European Economic Area (EEA) and the United Kingdom so their processing of your personal data will involve a transfer of data outside the EEA and the United Kingdom.

Whenever we transfer your personal data out of the EEA (where relevant) or the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an ‘adequate’ level of protection for personal data by the relevant authority or body.
  • Where we use certain service providers, we may use specific contracts approved by the by the relevant authority or body (Model Clauses)
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield (or similar arrangement) which requires them to provide similar protection to personal data shared between the UK and the US; or
  • Any other safeguard approved by the UK Government or Information Commissioner’s Office.

Please contact us by visiting our Help Center if you want further information on the specific mechanism used by us when transferring your personal data to any country outside the United Kingdom.

Rights of Access, Correction, Erasure, and Restriction

Your rights in connection with personal information. Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us by visiting our GDPR HubNo fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Third Party Links and Services

We may provide links to other third party websites as a convenience to you (collectively, the “Third Party Websites”). Please exercise care when visiting any Third Party Websites. The Third Party Websites have separate and independent privacy policies, notices and terms of use which govern your use of such websites and their use of any information they collect, we recommend you read these policies carefully. Total Security Limited expressly disclaims all liability for Personal Information you provide to any Third Party Websites.

Dispute Resolution

Any questions or concerns regarding the use or disclosure of Personal Information should be directed to us at the address given below. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Information in accordance with the principles contained in this Privacy Policy.

If we are unable to resolve your complaint, you can escalate the issue in accordance with the dispute resolution procedure set out in the Terms and Conditions.

You have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues or if you are based in the European Union, your local supervisory authority.