Samsung vs Proton

Samsung's data appetite is unusually broad for a hardware maker: voice recordings stored on servers with potential third-party retention, keyboard input logging via Predictive Text synced across devices, and persistent hardware identifiers that survive ad-ID resets. The company explicitly acknowledges that sharing with business partners may constitute a data sale under US law (CCPA). Full GDPR-grade rights are reserved for EEA/UK/Swiss residents; everyone else gets basic access and deletion with no response-time commitments. Retention timelines are vague and there are no named security certifications or breach notification windows.

Proton collects as little as technically possible, can't read your encrypted content even if asked, is governed by strict Swiss law, and gives you real control — the rare case where the privacy policy matches the privacy pitch.