CMC Mobile Security (“We”, “Application”) is committed to protecting the

privacy and personal data of our users. This policy explains the types of

data we collect, how it is used, stored, shared, and the rights of users.

1. Data We Collect

On both Android and iOS:

● Device information: model, operating system, device identifiers.

● Application usage information: event logs, crashes, performance data.

● Personal information (only when necessary): login account (if you

● Call identification information: incoming phone numbers, call time, call

status (we do not store or send user call logs/contacts to our server).

On Android only:

● Application file data: information about application files, abnormal files for

detecting potential malware.

● Information about installed applications on the device: app name,

package name, hash code, sign code, attributes, version, etc.

2. How We Collect Data

● Automatically: when users use the application scanning features.

● Provided by users: when users register, report scam or spam phone

numbers, submit incident reports, or contact support.

3. Purpose and Use of Collected Data

● Used solely for analyzing, diagnosing, and removing malware; not for

personal identification.

● Analyzing incoming phone numbers to detect and block spam or fraudulent

calls. The app only uses incoming call information to identify and block

spam/fraud numbers locally on the device. We do not collect call content,

do not access contacts, and do not send call data to our server.

● Diagnosing and fixing application errors.

● In cases where unique device identifiers are needed, the application

encrypts original data in a non-identifiable format before collection to

eliminate the possibility of identification.

● Collected information is securely encrypted and transmitted to the CMC

Mobile Security logging server.

4. Data Storage and Security

We apply multiple security measures, including:

● Encrypting data in transit.

● Storing data in secure environments with access control.

● Monitoring systems to detect and prevent unauthorized access.

● Data used for analysis is retained only for as long as necessary, then

deleted or anonymized.

We do not retain personal data longer than necessary for the stated purposes.

Users may contact us via support email to request complete deletion of their

personal data.

5. Data Sharing with Third Parties

We do not sell users’ personal data. However, in some cases, data may be

shared with:

● Infrastructure service providers (e.g., cloud hosting) for storage and

processing.

● Cybersecurity partners for threat analysis and updating virus databases.

● Legal authorities when required by applicable law.

6. User Rights

Users have the right to:

● Request correction or deletion of their personal data.

● Request suspension of data processing in cases permitted by law.

7. Children’s Privacy

This application is not intended for children under 13 years old. We do not

knowingly collect personal data from children. If discovered, such data will be

deleted immediately.

8. Changes to This Policy

We may update this Policy from time to time. Updates will be published on our

official website. Continued use of the application after changes means you

accept the updated Policy.

9. Contact Us

If you have any questions regarding this Privacy Policy, please contact us:

● Northern Office: 15th Floor, CMC Building, No.11 Duy Tan Street,

Cau Giay District, Hanoi.

● Southern Office: CMC Creative Space Building, Tan Thuan Export

Processing Zone, District 7, Ho Chi Minh City.

● Hotline: 1900 2025

● Support Email: support@cmccybersecurity.com