This document outlines the End User License terms which governs your access and use of the Mobile Shield Application, provided by Saudi Aramco. By installing or using the Application on your device, you are indicating that you understand and agree to abide by the terms outlined below. If you do not accept all of these Terms, you must uninstall the Software.

1. Purpose

Mobile Shield is provided to assist employees in safeguarding their mobile devices against cybersecurity threats such as malware, phishing, and unauthorized access. It operates in real-time to detect and mitigate risks, ensuring the protection of sensitive corporate data while also safeguarding information stored on the device. By using this application, employees can securely access corporate resources and confidently perform their work, with the added assurance that their personal devices are protected.

2. Eligibility

The Application is available to Saudi Aramco employees that are enrolled in the MDM. It can be used on both company-owned and personal devices.

3. Use of the Application

  • You are responsible for using the Application in accordance with company policies and procedures.
  • The Application must not be modified, reverse-engineered, or used in any way that compromises its security or intended functionality.
  • Your use of the Application is subject to applicable company policies, including those related to cybersecurity and acceptable use.

4. Data Handling

The Application is designed to protect your device from cybersecurity threats, safeguarding both corporate resources and your personal data from unauthorized access or malicious activity We care about your data privacy and wants to be transparent about the following:

  1. What data is collected.
  2. How the data is used.
  3. Your rights to control the data.
  4. What data is collected

The Application may collect and process data necessary to provide its security features. This includes data used to identify threats and ensure the safety of corporate and personal information. By using the Application, you consent to the processing of such data in accordance with company privacy and security policies.  We respect your personal data; the application does not collect any personally identifiable information from you. But it may collect “Device Data” and “Forensic Data” as identified below:

4.1 The application DOES NOT COLLECT:

Any personally identifiable information from you such as:

  • Personal details:
    • Contacts, Emails, Messages and Conversations, Calendar, Documents
  • Contents
  • Images, videos, media files
  • Files, document
  • Browsing history
  • Passwords
  • Applications installed
  • Location
  • Capture screen or recordings

4.2 The application may COLLECT:

4.2.1 Device Data:

  • The manufacturer and model of your Device;
  • Certain technical settings of your Device, including:
    • The display size of your Device
    • Firmware version
  • Wireless carrier for your Device;
  • The type and version of operating system on your Device;
  • Certain configuration data of your Authorized Device, such as
    • Whether your Authorized Device is configured to allow root access or
    • Whether hardware restrictions of the Device have been removed;
  • In some cases, metadata of all applications installed on your Device including, but not limited to,
    • The name of the app
    • The version of the app
  • Metadata about networks your Device connects to including, but not limited to
    • The SSID of the network
    • The MAC address of the network
  • In certain circumstances, we may scan or collect a copy of an application or diagnostic file generated by your device;
  • In certain circumstances, we may also collect information regarding filenames of documents deemed to be potential security risks;
  • URLs or domains of detected as malicious links
  • Data from tracking tools used to analyze product performance on your Device; and
  • System monitoring data such as
    • memory utilization
    • process metrics
    • network statistics (but no data like web pages or emails),
    • and other non-user-identifiable type monitoring values.

4.2.2 Forensic Data:

Forensic Data is defined here as information about the attacker when and if such an attack occurs. When an attack occurs, Forensic Data collected may include but is not limited to the following:

  • The Device Data mentioned above at the time of the attack;
  • The MAC address of the suspected attacker;
  • The application name, bundle ID, and version of the suspected malicious apps.
  1. How the data is used

Aramco is providing the solution as a service for users to protect their data and mobile devices. Aramco teams will only be alerted when devices have been compromised by threats that modify kernel or memory level of devices. These are threats that have complete control of the devices making them compromised. Aramco will only use these data for forensic investigation in times of compromise.

5. Updates and Maintenance

The Application requires periodic updates to enhance functionality, address security risks, and introduce new features. You are required to install updates as they become available to maintain the effectiveness of the Application.

6. Support

For assistance with the Application, contact the Saudi Aramco IT Help Desk to provide the necessary support to ensure the Application operates effectively.

7. Termination of Access

The company reserves the right to revoke access to the Application at any time, including cases of non-compliance with these terms, misuse, or changes in your employment status.

Security Responsibilities

  • You must ensure your device meets company security standards, such as using strong passwords and enabling access controls.
  • Report any suspected security breaches or unauthorized activity involving the Application to the Saudi Aramco Security Operations Center immediately.

9. Limitation of Liability

The Application is provided “as is” without warranties of any kind. The company is not responsible for issues arising from misuse, unauthorized access, or circumstances beyond its control.

10. Acknowledgment

By using the Application, you acknowledge that you have read, understood, and agree to these terms. You also accept responsibility for adhering to company policies related to the use of this Application.