CylancePROTECT Mobile

anonymous data collection

You can choose to allow

CylancePROTECT Mobile

to collect anonymous data and statistics from users’ devices. This data allows

BlackBerry

to improve the

CylancePROTECT Mobile

product by:

Contributing to the discovery of new, previously undetected threats
Providing increased confidence in detecting threats and improving the quality of future static checks
Contributing to the training of machine learning models

BlackBerry

does not collect any information that can be used to identify an individual user, device, or organization. There is no way for

BlackBerry

to process the data to identify or determine its source.

Every app that

CylancePROTECT Mobile

collects data from uses a unique, randomly generated Anonymous App Identifier that is used to collate data collected over time. The Anonymous App Identifier is unique from any identifier that the user, organization, or

BlackBerry

is aware of, and is encrypted and stored in the secure container that protects all

CylancePROTECT Mobile

library data on a device. The Anonymous App Identifier is deleted when the app is uninstalled or is no longer managed by

BlackBerry

. Because each app uses a unique Anonymous App Identifier, data from apps on the same device cannot be associated.

The data is reported every 6 hours, or the next time a reporting app starts if more than 6 hours have passed. The data is uploaded to

BlackBerry

over a

Wi-Fi

connection only, to a maximum of 250 MB each month. The following data is collected:

Anonymous identity
Battery status information
CylancePROTECT Mobile
application information
Process and thread information
Libraries information
Apps information
System files and properties information
Network events information
Certificates information

BlackBerry

controls the frequency of the collection, the types of anonymous data collected, and the limits on monthly collection through a configuration that is sent to the

CylancePROTECT Mobile

library in the

BlackBerry UEM Client

and

BlackBerry Dynamics

apps.

BlackBerry

reserves the right to change the configuration on an ongoing basis to best target advanced threat detection and bring the most value to the solution.

The data is used internally by

BlackBerry

’s R&D organization, with access limited to employees with a genuine need to access the data and who are granted access through an approval process. The data is not available in any form to anyone outside of

BlackBerry

, and it is stored in

Amazon Web Services

S3 storage for analysis and processing. The data is collected and stored in compliance with the General Data Protection Regulation.

Any sensor that may be added in the future will undergo security and privacy reviews to ensure that there is no way that any data that is collected can be used to identify a user, device, or organization.

You can choose to enable or disable anonymous data collection using an option in the

CylancePROTECT

profiles that you use to configure

CylancePROTECT Mobile

features. See Enable or disable anonymous data collection. You can choose the specific users and groups to assign

CylancePROTECT

profiles to, so you can control which users will participate in anonymous data collection. Note that the end user cannot choose to opt in or opt out of anonymous data collection.