About data provision

Kaspersky Security for Microsoft Office 365 protects Exchange Online mailboxes, OneDrive users and SharePoint Online sites managed through Office 365. To use the full functionality of Kaspersky Security for Microsoft Office 365, you must create a user account on the website of the Right Owner (Kaspersky). You can use an existing Kaspersky Business Hub account or create a new one by providing your email address, company name, and a password.

Kaspersky processes and uses this information only to ensure the functionality of Kaspersky Security for Microsoft Office 365, unless you agree to use the information for other purposes (for example, to receive a news feed about Kaspersky products and services to your email address).

By creating a user account and connecting the application to Office 365, you confirm that you are the sole owner of any data you provide and that you are entitled to provide such data.

Any information provided is protected and processed in accordance with the Kaspersky Privacy Policy.

Kaspersky Security for Microsoft Office 365 may receive, store, and process the types of data that is described below for the purpose of protecting Exchange Online mailboxes, OneDrive users and SharePoint Online sites.

The data may migrate between Kaspersky Security for Microsoft Office 365 servers within the same data center during technical maintenance or to ensure correct load balancing. Metadata of quarantined items is stored in the same data center. You select the data center when you create a workspace on Kaspersky Business Hub for your company.

Kaspersky protects any information received in this way as prescribed by law and the applicable rules of Kaspersky. Data are transmitted over encrypted communication channels.

The data that is used for protecting Exchange Online mailboxes:

The data that is used for protecting OneDrive users:

The data that is used for protecting SharePoint Online sites:

Kaspersky will retain the above-listed data in restricted mode for the specified duration following the license expiration or termination so that you can extract the data related to your Office 365 organization from its databases.

The above-listed data has the following retention period:

Exceptions to this rule are the following types of data:

After the retention period is over, all the data described above are removed from application databases.

Kaspersky Security for Microsoft Office 365 uses Kaspersky Security Network to improve detection of new threats and their sources. The following data will be processed by Kaspersky on a regular basis to protect Exchange Online mailboxes, OneDrive users and SharePoint Online sites from known threats to information security:

The following data will be processed by Kaspersky on a regular basis to ensure uninterrupted operation of the application:

In addition to logging the application activity, Kaspersky tracks changes in the application configuration. These details are recorded in the audit log. The audit log files contain the details on the following actions and procedures:

The audit log retention period is 180 days.

Upon your request, Kaspersky can extract any data related to your Office 365 organization from Kaspersky databases and submit them for your revision. If necessary, this data can also be deleted from the Kaspersky infrastructure. The service period for such requests is 1 calendar month. However, please note that an automatic retention period of 14 days is set for the following types of data:

Please note that the backed up messages and files are stored not on Kaspersky servers but in the hidden folders of the corresponding mailboxes in your Exchange Online infrastructure and the corresponding folders in your OneDrive storage. If you do not want to store the quarantined items any longer, remove them manually.

Kaspersky reserves the right to use received data to generate reports on information security risks.

Page top