About data provision

The application operates with the use of data whose transmission and processing requires the consent of the Kaspersky Secure Mail Gateway administrator.

You can view the list of data and the terms on which it is used as well as give consent to data processing in the following agreements between your organization and Kaspersky Lab:

In the End User License Agreement.
According to the terms of the License Agreement that you have accepted, you consent to the automatic transmission to Kaspersky Lab of the information enumerated in the License Agreement under "Conditions regarding Data Processing". This information is needed to improve the level of mail server security.
In the Privacy Policy.
In the Kaspersky Security Network Statement and the Supplementary Kaspersky Security Network Statement.
In the course of participation in the Kaspersky Security Network and submission of KSN statistics to Kaspersky Lab, information can be transmitted that was obtained as a result of the application's operation. The list of data that is transmitted is provided in the Kaspersky Security Network Statement and the Supplementary Kaspersky Security Network Statement.

Kaspersky Lab protects any information received in this way as prescribed by law and applicable rules of Kaspersky Lab.

Kaspersky Lab uses any received information in anonymized form and as general statistics only. General statistics are automatically generated using original collected information and do not contain any personal data or other confidential information. The original information received is destroyed as new information is accumulated (once a year). General statistics are stored indefinitely.

RAM of Kaspersky Secure Mail Gateway may contain any processed data of application users. The administrator of Kaspersky Secure Mail Gateway must personally ensure the security of such data.

The following table contains the complete list of user data that can be stored by Kaspersky Secure Mail Gateway.

User data that can be stored in Kaspersky Secure Mail Gateway

Section / subsection that uses the data	Data storage directory	Data type	Storage duration	Data protection measures
Reports and monitoring	/var/opt/kaspersky	Statistics on email messages: Addresses of the sender and recipients. Names of infected attachments. Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments.	Indefinite.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.
Trace log	/var/log /var/log/kaspersky	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments. Accounts and IP addresses of application web interface users Accounts of users on the LDAP server and in Active Directory.	Indefinite. When 500 MB limit is reached, log rotation is initiated, and deletion of old records begins.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.
Event log and audit log	/var/opt/kaspersky	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments. Accounts and IP addresses of application web interface users Accounts of users on the LDAP server and in Active Directory.	Indefinite. When 1 million record limit is reached, log rotation is initiated, and deletion of old records begins.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface. User under the HelpDesk account.
Backup	/var/opt/kaspersky	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments.	Indefinite. When size limit is reached, rotation is initiated, and deletion of old records begins. The size limit is 7 GB by default.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.
Anti-Spam Quarantine	/var/opt/kaspersky	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments.	Indefinite. When size limit is reached, rotation is initiated, and deletion of old records begins. The size limit is 1 GB by default.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.
KATA Quarantine.	/var/opt/kaspersky	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments.	Indefinite. Indefinite. When size limit is reached, rotation is initiated, and deletion of old records begins. The size limit is 1 GB by default.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface. Administrator of Kaspersky Anti Targeted Attack Platform.
Temporary files	/tmp/klmstmp /tmp/klms_filter	Information from email messages: Sender's IP address. Email addresses of the sender and recipients. Message subject. Message body. Message control headers. Attachments.	Until application restart.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.
Configuration files	/etc /var/opt/kaspersky /etc/opt/kaspersky	Application configuration files: Black and white lists of email addresses. Application and HelpDesk administrator accounts. Accounts of users on the LDAP server and in Active Directory.	Indefinite.	Access to data is only allowed for the following accounts: Administrator for working with the application in Technical Support Mode. Administrator of the application web interface.

Section / subsection that uses the data

Data storage directory

Data type

Storage duration

Data protection measures

Reports and monitoring

/var/opt/kaspersky

Statistics on email messages:

Addresses of the sender and recipients.
Names of infected attachments.
Information from email messages:
Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Indefinite.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

Trace log

/var/log

/var/log/kaspersky

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Accounts and IP addresses of application web interface users

Accounts of users on the LDAP server and in Active Directory.

Indefinite.

When 500 MB limit is reached, log rotation is initiated, and deletion of old records begins.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

Event log and audit log

/var/opt/kaspersky

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Accounts and IP addresses of application web interface users

Accounts of users on the LDAP server and in Active Directory.

Indefinite.

When 1 million record limit is reached, log rotation is initiated, and deletion of old records begins.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.
User under the HelpDesk account.

Backup

/var/opt/kaspersky

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Indefinite.

When size limit is reached, rotation is initiated, and deletion of old records begins.

The size limit is 7 GB by default.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

Anti-Spam Quarantine

/var/opt/kaspersky

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Indefinite.

When size limit is reached, rotation is initiated, and deletion of old records begins.

The size limit is 1 GB by default.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

KATA Quarantine.

/var/opt/kaspersky

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Indefinite.

Indefinite. When size limit is reached, rotation is initiated, and deletion of old records begins.

The size limit is 1 GB by default.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.
Administrator of Kaspersky Anti Targeted Attack Platform.

Temporary files

/tmp/klmstmp

/tmp/klms_filter

Information from email messages:

Sender's IP address.
Email addresses of the sender and recipients.
Message subject.
Message body.
Message control headers.
Attachments.

Until application restart.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

Configuration files

/etc

/var/opt/kaspersky

/etc/opt/kaspersky

Application configuration files:

Black and white lists of email addresses.
Application and HelpDesk administrator accounts.

Accounts of users on the LDAP server and in Active Directory.

Indefinite.

Access to data is only allowed for the following accounts:

Administrator for working with the application in Technical Support Mode.
Administrator of the application web interface.

Such data can be accessed in Technical Support Mode under the administrator account.

The administrator of Kaspersky Secure Mail Gateway must personally ensure the security of such data when transferring this data to Kaspersky Lab Technical Support for analysis of the application failure reasons.

Managing the application in Technical Support Mode under the administrator account lets you manage dump and trace files settings. A dump is generated during program crashes and may be needed to analyze the causes of the crash. The dump may include any data, including fragments of content of email messages and analyzed files.

By default, dump generation in Kaspersky Secure Mail Gateway is disabled.