The personal information collected by AVG includes names, addresses, telephone numbers and email. The company also disclosed the type of non-personal identifying information gathered, such as data on malware threats, browsing history, device usage, device type and location.
AVG said it will attempt to scrub certain information collected that could lead to a third party discovering a customer's identity and also anonymise some information.
“For instance, although we would consider your precise location to be personal data if stored separately, if we combined the locations of our users into a data set that could only tell us how many users were located in a particular country, we would not consider this aggregated information to be personally identifiable,” the policy said.
Users will be able to opt out of having their data collected and disseminated, but AVG did not yet release the methodology on how to do so.