Vodafone Secure Net Privacy Policy

Secure Net – Privacy Statement

This privacy supplement gives some additional information specific to Secure Net and the accompanying App. Secure Net is a security product that provides additional protection when browsing on our mobile network. For general information about how we process your data as part of providing mobile connectivity, view our main privacy policy

Last updated: 21 May 2018

Who we are

We are Vodafone Limited, a member of the Vodafone Group.

In this privacy policy:

  • “we/us” means Vodafone Limited;
  • “third party” means someone who is not you or us; and
  • “Vodafone Group” means Vodafone Group Plc and any company or other organisation in which Vodafone Group Plc owns more than 15% of the share capital.

Our registered office is Vodafone House, The Connection Newbury, Berkshire RG14 2FN. We are registered in England under company number 1471587. Vodafone Limited is registered with the Information Commissioner’s Office (ICO), registration number Z1933885.

Our main switchboard is +44(0)1635 33251 or you can email us at data.protection@vodafone.com

How to contact us

Your opinion matters to us – if you have any questions about our privacy policy, you can email us at: data.protection@vodafone.com or you can write to our privacy team at:

Vodafone Privacy Team
Faraday House
The Connection
RG14 2FN

Personal information we collect about you

Information we collect about you

The types of information we process about you and any devices you register with the service when you use Secure Net and the accompanying App are:

  • The content of your communications; Secure Net is a service that uses a process called Deep Packet Inspection on information we are transmitting in order to detect any security threats and filter these. We do not use this information for other purposes;
  • Your phone number, tariff information and price plan;
  • Your credential information such as passwords, hints and similar security information used for authentication and access to accounts and services;
  • Information about your mobile device each time you use the App. For example, we may collect information on the type of mobile device that you are using and its unique device identifier (for example, the IMEI number, the device’s mobile phone number, or the MAC address of the device’s wireless network interface); and
  • If you activate the Find & Ring feature, your device’s location data (depending on your connection, the GPS location data, Wi-Fi location data and the network location data of your device) and your email address for account recovery purposes.

We’ll also get information about how you use our products and services, such as:

  • Details of your use of our services – for example, we can see whether or not a site has been blocked and keep a limited record of this information for service and customer care (see How long we keep your personal information for), or how often you interact with our portal; and
  • We also collect anonymous analytics information on how our customers use the Secure Net App in order to improve your experience and troubleshoot (for example, we can see whether certain functionalities are not working as intended and fix them).

When we collect your personal information

We collect your personal information when:

  • You browse the internet on a mobile connection when you have an active Secure Net subscription;
  • You interact with the App or online Portal (where you can see what has been blocked); 

Vodafone will process your personal data based on:

  1. Vodafone’s legitimate business interests, for example, fraud prevention, maintaining the security of our network and services, and improvement of our services. Whenever we rely on this lawful basis to process your data, we assess our business interests to make sure they do not override your rights. Additionally, in some cases you have the right to object to this processing. For more information, visit the Your Rights section of this policy.
  2. Compliance with a mandatory legal obligation, including for example accounting and tax requirements, which are subject to strict internal policies (such as retention periods), procedures, and your right to restrict usage of your data, which control the scope of legal assistance to be provided; or
  3. Consent you provide where Vodafone does not rely on another legal basis. Consent is always presented to you separately and you can withdraw your consent at any time. For example, we need your consent to process the content of your communications in order to detect and block any security threats, or to process your location data for the purposes of the Find & Ring feature.

Secure Net is an optional service, which you can deactivate at any time. To do so, you can navigate to the Secure Net portal at this link or via the link sent to you in your welcome text message or alternatively, you can contact our Customer Services team by calling 191 free from your Vodafone mobile.

How we use your personal information

To provide you with your service

In order for us to protect you from security threats, we view the content of your communications in order to do so. We do not use this information for marketing or personalised profiling and it is retained for a limited period of time.

Profiling & automated decision making

Our threat monitoring is based on profiling and automated decisions; for example, websites we block at based on the intelligence we have gathered. You can, however, go into your portal or App and view why something has been blocked (for example, if it was malicious or contained malware).

How we share your personal information

Where applicable, we share information about you with:

  • Companies in the Vodafone Group;
  • Partners, suppliers or agents involved in delivering the products and services you’ve ordered or used;
  • Companies who are engaged to perform services for, or on behalf of, Vodafone Limited, or Vodafone Group;
  • Credit reference, fraud-prevention or business-scoring agencies, or other credit scoring agencies;
  • Debt collection agencies or other debt-recovery organisations;
  • Law enforcement agencies, government bodies, regulatory organisations, courts or other public authorities if we have to, or are authorised to by law; or
  • A third party or body where such disclosure is required to satisfy any applicable law, or other legal or regulatory requirement.

International data transfers

We do not transfer data outside of the EEA without adequate safeguards; data is stored in our data centres in Germany and Ireland.

How long we keep your personal information for

Browsing history

We keep a limited record of your browsing history for service and customer care purposes only. Vodafone does not repurpose your browsing for the purposes of marketing or personalised profiling.

  • For example, if you believe that we should not have blocked a site, we can check that for you; or
  • In order for you to be able to view a history of the protection provided (such as sites or malware blocked) with the App or the Secure Net portal.

Keeping your personal information secure

We have specialised security teams who constantly review and improve our measures to protect your personal information from unauthorised access, accidental loss, disclosure or destruction.

Communications over the internet (such as emails) aren’t secure unless they’ve been encrypted. Your communications may go through a number of countries before being delivered, as this is the nature of the internet.

We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

We’ll never ask for your secure personal or account information by an unsolicited means of communication. You’re responsible for keeping your personal and account information secure and not sharing it with others.

Our website may provide links to third-party websites. We cannot be responsible for the security and content of such third-party websites. So make sure you read that company’s privacy and cookies policies before using or putting your personal information on their site.

The same applies to any third-party websites or content you connect to using our products and services.

You may choose to disclose your information in certain ways such as social plug-ins (including those offered by Google, Facebook, Twitter and Pinterest) or using third-party services that allow you to post reviews or other information publicly, and a third party could use that information.

Social plug-ins and social applications are operated by the social network themselves and are subject to their own terms of use and privacy and cookies policies. You should make sure you’re familiar with these.

Your rights

Below we set out details on how you can exercise your rights. If you have a question or cannot find the answer, please contact our Customer Services team by calling 191 free from your Vodafone mobile.

Right to correct personal data

You have the right to have information held about you corrected if it is not accurate. If what we hold on you needs updating, or you think it may be inaccurate, you can log in to My Vodafone to update it or contact our Customer Services team.

Right to access personal data

You have the right to make a request for a copy of the personal data that Vodafone holds about you. To make this request as an individual or an authorised third party, visit our form [PDF:1.37MB], which gives details on how to do this. Alternatively, you can contact our Customer Services team.

Right to data portability

You have the right to be able to take with you the personal data you provided to us in certain circumstances.
We provide you with a view of the data we are processing via the Secure Net portal.

Vodafone ensures that you can take your data with you by allowing you to download your monthly bills, at the click of a button. In order to do this, log in to My Vodafone and go to your billing area.

Right to object to use of personal data

You have the right, in certain circumstances, to object to Vodafone processing your personal information. Please use our privacy query form and a member of our dedicated team will respond to you. Alternatively, you can contact our Customer Services team.

How to lodge a complaint

If you want to contact us about any of your rights or complain about how we use your information, please use our privacy query form and a member of our dedicated team will respond to you. Alternatively, you can contact our Customer Services team - we’ll do our best to help but if you’re still unhappy, you can contact the Information Commissioner’s Office (ICO). Their website www.ico.org.uk has details on how to contact the ICO

Right to restrict use of your data

If you feel data we hold on you is inaccurate, or you believe we shouldn’t be processing your data, please contact our Customer Services team to discuss your rights. In certain circumstances you will have the right to ask us to restrict processing.

Right to erasure

Vodafone strives to only process and retain your data for as long as we need to. In certain circumstances you have the right to request that we erase personal data of yours that we hold. If you feel that we are retaining your data longer than we need, it is worth first checking that your contract with Vodafone has been terminated, which you can do with Customer Services. If your contract with Vodafone has been terminated, we may still have lawful grounds to process your personal data. For more information on retention periods, see our privacy policy

Our cookie policy

Cookies are tiny text files that are stored on your computer, tablet or mobile phone when you visit a website. The cookies mean that the website will remember you and how you've used the site every time you come back.

Cookies themselves don't hold personal information such as your name or bank details. And in many cases, we won’t be able to link the information we collect by using a cookie back to you. They can, however, help us to find information once you're logged in or help us link your browsing information to you and your personal information, for example, when you choose to register for a service, white paper or newsletter.

First party cookies

First party cookies originate from the same domain as the website you’re currently visiting.

Cookie Meaning of the cookie Domain Duration
SESSION Used to track a session ID to allow user to stay logged in. .vodafone.com Session
L User’s preferred language is stored in this cookie. .vodafone.com Session
backButtonURL Used to manage back button functionality storing proper link to last visited site in Secure Net portal. .vodafone.com Session
VF-UUID Used to track interactions between user and Secure Net portal. .vodafone.com Session
recall Used to remember last user logged in to Secure Net portal. .vodafone.com 30 Days
IDP This cookie is used to store a session ID to keep user logged in to Secure Net portal. .vodafone.com Session
JSESSIONID Used to identify customer's session after user got authenticated and identified. .vodafone.co.uk Until users starts new session
vdf_openid_uk While Vodafone is authenticating a user of its service, this cookie is set. It is used to identify the user during authentication process. .vodafone.co.uk Until users starts new session
vdf_ulff_ula_uk An ID is stored that supports Vodafone to identify users in case of troubleshooting should become necessary. .vodafone.co.uk Until users starts new session

Controlling your cookies

You can control how you use cookies in your browser. If you wish to restrict or block the cookies which are set by any website - including a Vodafone website, you should do this through the web browser settings for each web browser you use, on each device you use to access the internet.

Information on controlling and deleting cookies, including on a wide variety of browsers, is also available at allaboutcookies.org