Netviss LLC (“we,” “us,” or “our”), based in Dubai, United Arab Emirates, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Netviss product, which provides Network Access Control (NAC), Mobile Device Management (MDM), and Network Configuration Management (NCM) solutions for network security and management (collectively, the “Services”). This includes our website at [www.netviss.com] (the “Website”), mobile applications (the “Apps”), and any related services.
By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Services.
We operate in compliance with applicable data protection laws, including the UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data (PDPL), the General Data Protection Regulation (GDPR) where applicable, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and other relevant regulations. This Policy is designed to meet the requirements of app stores such as Google Play and the Apple App Store, including disclosures about data collection practices.
1. Information We Collect
We collect information that you provide directly to us, information collected automatically, and information from third parties. The types of information may include personal data, which is any information that identifies or can be used to identify an individual.
a. Information You Provide Directly
- Account and Profile Information: When you create an account, register for our Services, or contact us, we may collect your name, email address, phone number, company name, job title, and other contact details.
- Payment Information: If you make purchases, we collect billing details such as credit card information, billing address, and transaction history (processed through third-party payment processors).
- User Content: Any information you upload, submit, or share through the Services, such as network configurations, device management settings, or support requests.
- Communications: Information from emails, chats, or other interactions with us.
b. Information Collected Automatically
- Device and Usage Data: When you use our Apps or Services, we collect device identifiers (e.g., IMEI, MAC address, IP address), operating system, browser type, app version, usage statistics (e.g., pages viewed, time spent), and diagnostic data.
- Network and Security Data: As part of our NAC, MDM, and NCM functionalities, we may collect network logs, access attempts, device status, compliance data, and security events to manage and secure your networks and devices.
- Location Data: If enabled for MDM features (e.g., device tracking), we may collect approximate or precise location data from your device.
- Cookies and Tracking Technologies: On our Website and Apps, we use cookies, web beacons, and similar technologies to track user activity, preferences, and performance. You can manage cookie preferences through your browser settings.
c. Information from Third Parties
- We may receive information from partners, such as analytics providers (e.g., Google Analytics), advertising networks, or integration services, including aggregated usage data or device information.
- If you connect our Services to third-party platforms (e.g., cloud services), we may collect data from those sources with your permission.
We do not collect sensitive personal data (e.g., racial or ethnic origin, political opinions, religious beliefs, health data) unless it is necessary for the Services and you provide explicit consent.
For Apps: Our Apps may request permissions for access to device storage, camera, contacts, or location. These are used solely for core functionalities like device management and security enforcement. We do not collect data beyond what is necessary.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Providing and Improving Services: To deliver NAC, MDM, and NCM features, manage devices, enforce security policies, monitor network health, and troubleshoot issues.
- Security and Compliance: To detect, prevent, and respond to security threats, fraud, or unauthorized access.
- Personalization: To tailor the Services to your preferences and provide relevant recommendations.
- Communications: To send service updates, security alerts, marketing materials (with your consent), or respond to inquiries.
- Analytics and Research: To analyze usage patterns, improve product performance, and develop new features.
- Legal and Compliance: To comply with legal obligations, enforce our terms, or protect our rights.
- Payments and Transactions: To process payments and manage subscriptions.
We process personal data based on legal grounds such as your consent, performance of a contract, legitimate interests (e.g., security), or legal requirements.
3. How We Share Your Information
We do not sell your personal data. We may share information in the following circumstances:
- Service Providers: With third-party vendors who assist us in operations, such as cloud hosting (e.g., AWS), analytics (e.g., Google), payment processing, or customer support. These providers are contractually obligated to protect your data.
- Business Partners: With affiliates or partners for joint services, with your consent.
- Legal Requirements: If required by law, court order, or government authority, including in response to subpoenas or to protect public safety.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, where your data may be transferred to the new entity.
- With Your Consent: For any other purpose with your explicit permission.
For international transfers: As a Dubai-based company, we may transfer data outside the UAE. We ensure adequate safeguards, such as standard contractual clauses or adequacy decisions, in compliance with PDPL and GDPR.
4. Data Security
We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, firewalls, and regular security audits. However, no system is completely secure, and we cannot guarantee absolute security. In the event of a data breach, we will notify affected users and authorities as required by law (e.g., within 72 hours under PDPL or GDPR).
5. Data Retention
We retain your information only as long as necessary for the purposes outlined in this Policy, or as required by law. For example:
- Account data is retained while your account is active and for a reasonable period afterward for legal or audit purposes.
- Usage logs may be kept for up to 2 years for security analysis.
- You can request deletion of your data (see Section 7).
6. Children’s Privacy
Our Services are not intended for children under 16 years old (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal data from children. If we become aware of such collection, we will delete it promptly. Parents or guardians who believe we have collected children’s data should contact us.
7. Your Rights and Choices
Under applicable laws (e.g., PDPL, GDPR, CCPA/CPRA), you have rights regarding your personal data:
- Access: Request a copy of your data.
- Rectification: Correct inaccurate data.
- Deletion: Request erasure (right to be forgotten).
- Restriction: Limit processing.
- Objection: Object to processing based on legitimate interests.
- Portability: Receive your data in a transferable format.
- Withdraw Consent: Where processing is based on consent.
- Opt-Out of Marketing: Unsubscribe from emails via the link provided.
- Do Not Sell/Share: We do not sell data, but you can opt-out of sharing for targeted advertising (if applicable).
- California Residents: Additional rights under CCPA/CPRA, including non-discrimination.
To exercise these rights, contact us at [pr*****@*****ss.com]. We will respond within the required timeframe (e.g., 1 month under PDPL/GDPR). We may verify your identity for security.
You can also manage preferences in your account settings, such as disabling location tracking or cookies.
8. Third-Party Links and Services
Our Services may contain links to third-party sites or integrate with third-party tools. We are not responsible for their privacy practices. Review their policies separately.
9. Changes to This Privacy Policy
We may update this Policy to reflect changes in our practices or legal requirements. We will notify you of material changes via email or in-app notice and update the effective date. Continued use after changes constitutes acceptance.
10. EdgeVision Mobile Application
EdgeVision is a remote device management client app that connects to self-hosted management servers. This section provides specific disclosures for the EdgeVision app.
10.1 Data Collection by EdgeVision
EdgeVision collects and transmits the following data types when users connect to a management server:
Device Information:
– Device model, manufacturer, and operating system version
– Battery status and network connectivity information
– Unique Node ID (device identifier for server communication)
– IP address and network information
Screen Content (When Screen Sharing is Active):
– Real-time screen captures during active screen sharing sessions
– Transmitted only when administrator initiates desktop viewing
– Requires Android MediaProjection permission (granted each session)
Files (User-Granted Access Only):
– Files within folders users explicitly grant access to via Android’s Storage Access Framework
– Users control which folders are accessible and can revoke access anytime
Connection Data:
– Connection timestamps and duration
– Server connection events and status
– App usage statistics
10.2 How EdgeVision Handles Data
Direct Server Connection:
EdgeVision connects directly to the USER’S ORGANIZATION’S management server. All data collected by EdgeVision is transmitted to the organization’s self-hosted server, NOT to Netviss LLC servers.
Netviss LLC does NOT:
– Receive or store screen recordings, accessed files, or device data
– Have access to organization management servers
– Control or manage data transmitted through EdgeVision
– Act as an intermediary for data transmission
Data Storage:
All operational data (screen recordings, file access logs, device information) is stored on the ORGANIZATION’S server infrastructure, managed by their IT department.
Encryption:
All data transmission between EdgeVision and management servers is encrypted using TLS/SSL protocols.
10.3 User Control and Transparency
Persistent Notification:
A permanent notification displays whenever EdgeVision is connected to a server showing:
– Connection status
– Connected duration
– Server name
– Cannot be hidden
User-Initiated Connection:
Users must manually create a server profile and connect. EdgeVision does not auto-connect or operate without user knowledge.
Instant Disconnect:
Users can disconnect from Settings > Disconnect at any time to immediately stop all data collection and transmission.
Permission Control:
– File access requires explicit folder selection via Android’s Storage Access Framework
– Screen sharing requires accepting Android’s MediaProjection permission each time
– Users can revoke permissions via Android Settings
No Background Monitoring:
EdgeVision is designed for enterprise device management with user awareness, not covert monitoring.
10.4 Data Deletion
EdgeVision App Data – Users can delete by:
– Disconnecting from the server (stops data collection)
– Deleting server profiles in the app
– Uninstalling the app (removes all local data)
– Requesting deletion via su*****@*****ss.com
Organization Server Data:
Data transmitted to organization servers must be deleted by the organization’s IT administrator. Users should contact their IT department for data retention and deletion policies.
10.5 Enterprise Use
EdgeVision is intended for managed enterprise devices. Employees using EdgeVision on company devices should contact their IT department for organization-specific monitoring policies and data handling practices.
10.6 Third-Party Integration
EdgeVision integrates with self-hosted management servers. Netviss LLC is not responsible for how organization servers process, store, or manage data.