Effective: 9 April 2025
Samsung Electronics Co., Ltd. (Data Controller) (“Samsung”) knows how important Privacy is to its customers and their employees and partners and we strive to be clear about how we collect, use, disclose, transfer and store your information. This Privacy Policy provides an overview of our information practices with respect to personal information collected through Samsung Knox (the “Business Services”).
This Privacy Policy may be updated periodically to reflect changes in our personal information practices with respect to the Business Services or changes in the applicable law. We will indicate at the top of this Privacy Policy when it was most recently updated. If we update the Privacy Policy, we will let you know in advance about changes we consider to be material by placing a notice on the Business Services or by emailing you, where appropriate.
Samsung acts as a controller for certain elements of providing Samsung Knox to you, including for service improvement and analysis, as explained below under the header ‘How do we use your information?’. Your employer is the controller of your personal information for the provision of Samsung Knox including for registration, billing, customer service and maintenance in respect of the service.
What information do we collect?
We will collect various types of personal information in connection with Business Services.
We will collect personal information that you provide, including details about your device and applications, such as device identifiers (e.g. IMEI, serial number), device software version, operating system version, device models, application package name, application package version and application logs, and any communications you send or deliver to us;
We will collect data about your use of the Business Services, including the time and duration of your use and information about your device settings;
Through the Business Services, we collect personal information about your usage of the apps and services you use on the different devices you use to access Knox. We use third-party analytics services in Business Services, such as those from Google Analytics. The service providers that administer these analytics services help us to analyse your use of Business Services and improve Business Services. The information we obtain may be disclosed to or collected directly by these providers and other relevant third parties who use the information, for example, to evaluate use of Business Services, help administer Business Services and diagnose technical issues. To learn more about Google Analytics, please visit http://www.google.com/analytics/learn/privacy.html and https://www.google.com/policies/privacy/partners/ .
How do we use your information?
We use the information we collect for the following purposes:
to understand the way companies use Business Services so that we can improve them and develop new products and services;
to protect the rights, property or safety of Samsung, or any of our respective affiliates, business partners, employees or customers, for example, in legal proceedings, internal investigations and investigations by competent authorities;
otherwise with your separate consent where required by applicable law or as described to at the time your information is collected.
Samsung processes personal information for the purposes described above. Samsung’s legal basis to process personal information includes processing:
(i) To promote our business interests (for example, to understand the way companies use Business Services so that we can improve them) (legitimate interest (GDPR Article 6(1)(f)));
(ii) To comply with the law, regulatory obligations and legal processes (GDPR Article 6(1)(c)); and
(iii) With your consent (GDPR Article 6(1)(a)).
To whom do we disclose your information?
We will disclose your information internally within our business and the following entities, but only for the above purposes.
Affiliates: Other Samsung Electronics Group companies which we control or own.
Your employer: we share necessary information with your employer for the purpose of providing Business Services. You should consult your employer’s privacy notice for details on how they process your information.
Service Providers: carefully selected companies that provide services for or on behalf of us. These providers are also committed to protecting your information.
Other parties when required by law or as necessary to protect our business: for example, it may be necessary by law, legal process or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism or other issues that are related to public security.
Other parties in connection with corporate transactions: we may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the event of a bankruptcy.
Other parties with your consent or at your direction: in addition to the disclosures described in this Privacy Policy, we may share information about you with third parties when you separately consent to or request such sharing.
How do we keep your information secure?
We take data protection seriously. We have put in place physical and technical safeguards to keep the information we collect secure. However, please note that although we take reasonable steps to protect your information, no website, Internet transmission, computer system or wireless connection is completely secure.
Where do we send your data?
Your use or participation in Business Services may involve the transfer, storage and processing of your information outside of your country of residence, consistent with this policy. Such countries include, without limitation, the Republic of Korea, the United States of America, Canada, Poland, Brazil, India, the Philippines, Vietnam, the Netherlands, Japan, the United Kingdom, Jordan, Indonesia, Ireland and Germany. Please note that the data protection laws and other laws of countries to which your information may be transferred might not be as comprehensive as those in your country. We will take appropriate measures, in compliance with applicable law, to ensure that your personal information remains protected. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA, Switzerland or the UK. For more information on the safeguards we take to ensure the lawful transfer of your data to countries outside of the EEA, Switzerland or the UK, or to obtain a copy of the contractual agreements in place, please contact us by the methods outlined in the Contact Us section of this Privacy Policy.
What are your rights?
Your personal information belongs to you. You can ask us to provide details about what we’ve collected, and you can ask us to delete it or correct any inaccuracies. You can also ask us to restrict or limit the processing, sharing or transfer of your personal information, as well as to provide to you your personal information that we’ve collected so you can use it for your own purposes. To exercise your rights, please contact us by the methods outlined in the Contact Us section of this Privacy Policy.
However, requesting the deletion of your personal information may also result in a loss of access to Business Services.
If you request the deletion of personal information, you acknowledge that you may not be able to access or use Business Services and that residual personal information may continue to reside in Samsung’s records and archives for some time in compliance with applicable law, but Samsung will not use that information for commercial purposes. You understand that, despite your request for deletion, Samsung reserves the right to keep your personal information, or a relevant part of it, in line with our data retention policy and applicable laws, if Samsung has suspended, limited or terminated your access to the website for violating the Samsung Knox Terms of Use or any other applicable Samsung policy or applicable law, when necessary to protect the rights, property or safety of Samsung, or any of our respective affiliates, business partners, employees or customers.
How long do we keep your information?
We will not keep your personal information for longer than is necessary for the purpose for which it was collected. This means that information will be destroyed or erased from our systems when it is no longer required.
We take appropriate steps to ensure that we process and retain information about you based on the following logic:
1. At least the duration for which the information is used to provide you with a service;
2. As required under law, regulatory obligation, a contract or with regard to our statutory obligations;
3. Only for as long as is necessary for the purpose for which it was collected, is processed, or for longer if required under any contract, by applicable law or for statistical purposes, subject to appropriate safeguards.
What third-party services do we use?
Our Business Services may link to third-party websites and services that are outside our control. We are not responsible for the security or Privacy of any information collected by websites or other services. You should exercise caution and review the Privacy statements applicable to the third-party websites and services you use.
Contact Us
You can contact us to update your preferences, exercise your rights, submit a request or ask us questions.
You can contact us at:
dataprivacy@samsungknox.com
Data Controller
Samsung Electronics Co., Ltd.
129, Samsung-ro, Yeongtong-gu,
Suwon-si, Gyeonggi-do 16677, Republic of Korea
Samsung Electronics has offices across Europe, so we can ensure that your request or query will be handled by the data protection team based in your region.
The easiest way to contact us is through our Privacy Support Page at https://www.samsung.com/request-desk.
You can also contact us at:
European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS, UK
You can lodge a complaint with the relevant supervisory authority if you consider that our processing of your personal information infringes applicable law. Contact details for all EEA supervisory authorities can be found at https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080 . If you are in the UK, you can find the contact details for the UK supervisory authority at https://ico.org.uk/global/contact-us/. The contact Details of the Swiss supervisory authority can be found at https://www.edoeb.admin.ch/edoeb/de/home/deredoeb/kontakt.html .