What data does VIP Access app collect and use?
The VIP Access application is a mobile application that incorporates a VIP Credential as described in the VIP Network Policy. Your use of the VIP Access application is dependent on you providing certain device information. The information that you provide is what is reasonably necessary for use. For example, the device information that is gathered is used to prevent cloning of the credential.
What data Symantec collects from you?
Through your use of the VIP Access application, Symantec may collect data that can include:
The collected data is used to create a local profile on the device which is secured in order to prevent tampering or cloning of the VIP Credential. The only Device-specific information that is provided to the Symantec VIP cloud service is for administrative purposes, and is limited to device OS version, device model, manufacturer, VIP Access capabilities as they apply to the OS version. Any other information that is collected is stored locally on the device and encrypted. The data gathered locally is the minimum required information for the functionality of the application. If you remove the application this data is deleted.
The latest version VIP Access has malware detection capabilities which anonymize the applications on the device and feed into a database. Symantec can then validate and determine malicious applications, and then flag the device as having malware. This does not alert the administrator which app is malicious but only raises an alert.
Google Cloud Messaging data collection
Google Cloud Messaging (GCM) is used for the Push feature on the VIP Access app. Google Cloud Messaging is a third-party service provider that includes technologies such as Google Analytics.
You can review the GCM at: https://developers.google.com/cloud-messaging/gcm
Apple Push Notification System data collection.
Apple Push Notification System (APNS) is used for the Push feature on the VIP Access app. APNS is a third-party service hosted by Apple. Apple may collect information which does not personally identify you unless required. Apple has a good faith belief that such data would only be collected if absolutely necessary.
You can review the APNS service at: https://developer.apple.com/notifications/
The Apple developer PDF defining the data collection is attached to this KB.
Symantec does not collect any information other than the application ID that is used for push authentication.
The VIP Access application uses Google Analytics’ Measurement Protocol with IP anonymization parameters to transmit critical error information (including IP address) and information on your feature usage services (the “VIP Access application Telemetry”) to Google Analytics, which is not owned or operated by Symantec.
For more information about Google Analytics, see:
The VIP Access client may send Symantec servers certain non-personally identifiable device-specific information used to secure provisioning of the VIP credential and help debug the VIP Access application in case of failures. Using Google Analytics, Symantec receives telemetry on installation errors and device models. This data is used to fix installation or usability issues.
Symantec only uses this information for internal purposes as needed. The information is not used for advertising, promotions or to send confidential information.