General Data Protection Regulation (GDPR)


The European Union’s (EU) General Data Protection Regulation (GDPR) is designed to empower individuals by giving them more control over their personal data—defined as any information relating to an identified or identifiable natural person—and to establish a single set of data protection rules across the EU.

But it doesn’t just apply to EU organizations. It applies to all organizations, anywhere in the world, that target, collect, or use the personal data of any EU resident. To comply with the GDPR, McAfee and other companies must “implement appropriate technical and organizational” measures to protect personal data. In addition to these security requirements, companies must, among other things:

  • Know what data they hold and have appropriate rights to use the data.
  • Be able to answer questions from consumers, including employees and former employees, about what type of data they hold, and, in some cases, delete data they no longer need.
  • Consider privacy and security at the start of a project or in first building a product, and do a review of projects before launching.
  • Tell their main regulator within 72 hours (of becoming aware) if they have a breach.
  • Require their vendors to also secure their data, and record this commitment in a contract.

McAfee’s commitment to GDPR readiness

We are committed to compliance with the GDPR and all applicable laws. We have enhanced processes to prepare to address the rights of people in the EU. We have generated written guidance to help our customers understand how our products collect and use personal data, and we are prepared to answer questions from our consumer customers as well as our employees.

What is personal data under GDPR?

  • Any information relating to an identified or identifiable natural person, such as a name, an identification number, location data, or online identifiers, including IP addresses and cookies.
  • Physical, genetic, mental, economic, cultural, or social identifiers if they can be traced back to a specific individual.
  • Data for individuals in all personas—be that work, public, or private.

Learn more about your personal data
If you have an inquiry regarding your personal information held by McAfee, including your personal information collected through your use of our products, use the Individual Data Request form.

Personal data collection and compliance

McAfee product statements provide information for customers, potential customers, and partners about what data is involved in the processing, where we store data and how it is secured, and how data is retained and deleted.

To learn more about consumer products data collection and compliance, read the Privacy Notice.

Disclaimer: The information provided on this General Data Protection Regulation (GDPR) page is our informed interpretation of the GDPR and is for information purposes only. It does not constitute legal advice, contractual commitment, or advice on how to meet the requirements of any applicable law. This page is subject to change without notice and is provided “as is” without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. If you require legal advice on the requirements of the GDPR, or any other law, or advice on the extent to which McAfee technologies can assist you to achieve compliance with the GDPR or any other law, you are advised to consult a suitably qualified legal professional. If you require advice on the nature of the technical and organizational measures that are required to deliver operational privacy and security in your organization, you should consult a suitably qualified privacy professional. No liability is accepted to any party for any harms or losses suffered in reliance on the contents of this page.