Ensure the uninterrupted operation of the Software and determine whether Updates are necessary

In order to ensure the uninterrupted operation of the Software and determine whether Updates are necessary, while You are using the Software the Rightholder has to receive from Your device and process the following information:

• unique device ID;
• unique identifier of the application installation;
• product version;
• installation date and time for the Software;
• Software ID;
• Software localization;
• flag indicating whether the Software is connected to Web-Portal;
• Software license ID;
• flag indicating whether the traffic limit has been reached;
• traffic limit;
• OS ID;
• version of the operating system installed on the user's computer;
• OS Service Pack version;
• OS edition;
• operating system bit version.

The user agrees to automatically provide the information listed below in order to discover new and difficult-to-detect information security threats and their sources, as well as intrusion threats; to promptly take measures to increase the security of the information being stored and processed using the Computer; and to receive information and advertising materials about information security:

     Information about agreements accepted in the application:

• agreement ID;
• agreement version ID;
• flag indicating whether the agreement was accepted;
• time when the flag indicating whether the agreement was accepted was modified.

     Information for operation of My Kaspersky:

• user's email address;
• user's password;
• authorization context;
• captcha identifier;
• captcha type;
• user's reply to captcha;
• locale;
• one-time password for two-factor authentication;
• unique user identifier on My Kaspersky;
• unique device identifier on My Kaspersky;
• unique temporary device identifier on My Kaspersky;
• region;
• flag indicating whether the user agrees to provide his / her e-mail address to receive personalized marketing offers;
• flag indicating whether Privacy Statement was accepted;
• one-time password to connect the application automatically;
• activation code;
• application ID on My Kaspersky;
• application ID;
• application version;
• application locale;
• general information about the user's device: unique device identifier on My Kaspersky, device's network name, device type, operating system type, operating system version;
• general information about licenses used in the application: license type, current license status, service information about license, activation error, license expiration date and time, feature array;
• device token type;
• service ID;
• unique ID of user-device binding on My Kaspersky.

       In case of signing in to the Web-Portal using Your account in third-party authentication provider service, the Rightholder needs to receive from Your device and process the following information:

• ID of the Rightholder's resource;
• token type;
• parameters requested from the identity provider;
• name of the identity provider;
• identity token received from the identity provider;
• user ID issued after successful user authentication on Web-Portal;
• Software ID;
• full version of the Software.

       The following data may also be processed:

• Rightholder ID in the identity provider's system;
• URI to which the identity provider's response is sent;
• authorization code received from the identity provider;
• type of data sent to the identity provider;
• value generated for request verification;
• operating system;
• provider SDK version;
• flag indicating whether provider application is installed on the device.

     Information about Wi-Fi networks:

• Wi-Fi network SSID;
• SHA256 hash of the MAC address (BSSID) of the Wi-Fi access point;
• MD5 hash of the MAC address (BSSID) of the Wi-Fi access point;
• flag indicating whether the device is plugged in;
• flag indicating whether a DNS name is available;
• device type;
• product version;
• product identifier;
• hash of the UID and BSSID;
• hash of the UID and SSID;
• hash of the UID, BSSID, and SSID;
• list of available Wi-Fi access points;
• resulting security category of the network in the product;
• resulting publicity category of the network in the product;
• DHCP settings;
• signal level;
• hash sum of the local IPv4 address;
• hash sum of the local IPv6 address;
• captive portal URL;
• local time when the connection was started;
• status of VPN client settings;
• connection types supported by the access point.

     Information about device firmware:

• operating system;
• device model;
• build ID for displaying to the user;
• firmware fingerprint;
• firmware identifier;
• product/hardware manufacturer;
• full product name;
• build type, for example, "user" or "eng";
• current development codename or the string "REL" for production builds;
• incremental number of the build;
• flag indicating whether the device is rooted;
• hash of user's device identifier;
• user identifier on My Kaspersky.

     Information about the application installation event:

• application identifier in Kaspersky Lab services;
• product locale;
• partner identifier for which the build was released;
• operating system type;
• operating system major version;
• operating system minor version;
• build number;
• device type, system value of device model;
• date and time of application first launch;
• device identifier;
• installation identifier;
• installation type (new installation, update).

     Information about VPN installation available on the device:

• VPN installation identifier;
• VPN license state.

     Information about the update request:

• type of the Software;
• version of the Software;
• configuration ID;
• result of the update request;
• error code.

     Information provided in redirect links:

• link purpose;
• product locale;
• product group;
• product version;
• operating system;
• device identifier;
• identifier of the service accessed by the product;
• user ID;
• My Kaspersky infrastructure accessed by the product;
• temporary token;
• flag indicating the type of target link;
• license ID;
• partner name.

     Information to determine Wi-Fi access point reputation:

• Wi-Fi network SSID;
• SHA256 hash sum of the MAC address (BSSID) of the Wi-Fi access point;
• MD5 hash sum of the MAC address (BSSID) of the Wi-Fi access point;
• authentication type;
• encryption type;
• hash (SHA256) of the device ID and BSSID;
• hash (SHA256) of the device ID and SSID;
• hash (SHA256) of the device ID, SSID, and BSSID;
• signal quality;
• connection types supported by the access point;
• list of available Wi-Fi access points;
• DHCP and DHCP IPv6 settings;
• captive portal URL;
• array of WPS parameters for WPS-enabled Wi-Fi access points.

     Information about certificate verification request for an external resource:

• website URL;
• website IP address;
• website certificate hash;
• certificate type;
• certificate contents.

     Information about SHA1 hash of user's e-mail address to check for possible data leaks

The user agrees to automatically provide the information listed below in order to improve Software quality:

     VPN session parameters:

• VPN session duration (in seconds);
• VPN server virtual location;
• product's operation mode;
• reason for starting VPN session;
• incoming traffic volume;
• outgoing traffic volume;
• reason for session interruption.

     Information about the quality of KSN services:

• KSN service identifier;
• statistics for successful packets;
• statistics for unsuccessful packets;
• statistics for packet time;
• statistics for packet number;
• number of connections from cache;
• number of successful connections;
• number of unsuccessful connections;
• number of successful transactions;
• number of unsuccessful transactions;
• time distribution of successful connections;
• time distribution of unsuccessful connections;
• time distribution of successful transactions;
• time distribution of unsuccessful transactions;
• service request identifier;
• number of service requests;
• number of service requests from cache;
• number of requests canceled because of network problems;
• number of requests canceled because of inactive service;
• number of requests canceled because of an invalid path;
• time distribution of successful requests;
• time distribution of canceled requests;
• time distribution of requests that timed out;
• time histogram.

   Information about the quality of the VPN infrastructure:

• action requested from the Software;
• stage of establishing connection;
• the result of the Software action;
• information about VPN nodes;
• stage of connection to the VPN node;
• user region code;
• Software localization;
• Software rebranding ID;
• type of Software license used;
• status of VPN client settings;
• ID of the starting scenario of VPN connection;
• protocol ID;
• error code;
• time taken to establish connection.

Information about errors that occurred during operation of the Software components:

• Software component ID;
• version of the Software's component;
• error type;
• text of the error message;
• source file path;
• number of the string in the script where the error has occurred;
• memory stack of the Software process failure;
• name of the module in which the failure probably occurred;
• Software module ID;
• address for the Software module loading;
• size of the object being processed;
• process system ID (PID);
• description of an object being processed as defined in the object properties;
• attribute data;
• nested error occurred during the application operation.

Other information:

• http request method;
• web address being processed;
• remote port and IP address of the web service being accessed;
• information about implementation of the web service access handler;
• version of the installed Software;
• type of the installed Software;
• protocol processing error type;
• error code;
• code of the error category;
• text of the error message;
• line number of the source file in the exception handler;
• method used for authentication in the Software;
• protocol ID;
• total duration of request processing;
• server access duration;
• path to the object being processed;
• token TTL;
• token type;
• DNS address of the web service being accessed;
• unique request ID to the Rightholder services;
• authentication token in the Rightholder's services;
• response status of the Rightholder's service.

To improve Software quality and assess the effectiveness of adaptive scenarios, the user agrees to automatically provide the information listed below:

     Result of VPN adaptive scenario:

• adaptive scenario identifier;
• action to perform when adaptive scenario is activated;
• user's action;
• VPN server virtual location;
• product's operation mode;
• trigger for the adaptive scenario;
• SHA256 hash of the VPN installation identifier and the trigger.

To provide application functionality according to purchased license or subscription, you agree to submit the following data:

     Information about purchase receipt:

• SKU;
• date and time of the purchase;
• product package name;
• receipt name;
• purchase token;
• digital signature of the purchase;
• device ID for push notifications;
• status of the purchase.

In order:

• to improve the quality, appearance, and performance of the Rightholder's Software, products, services, and infrastructure by analyzing users' interactions, experience, and satisfaction;
• to create reports on use of the Software's functionality;
• to offer You security solutions that best match Your needs;
• to provide You with the relevant content and advertisements;
• to categorize users into groups based on certain criteria to provide these groups with relevant information about maintaining security levels, marketing offers, and promotional materials;
• to carry out business intelligence purposes.

For all of the purposes listed above, the User agrees to automatically provide the information listed below:

     Information about installation:

• product version;
• device ID;
• installation ID;
• product type;
• Software ID;
• installation date and time for the Software;
• Software localization;
• flag indicating whether the Software is connected to Web-Portal;
• flag indicating whether the traffic limit has been reached;
• traffic limit;
• indicator showing if VPN is enabled in Kaspersky Secure Connection;
• name of the store where the application was obtained;
• timestamp of the first launch of the Software;
• package name and version;
• application ID in Firebase services;
• unique Firebase installation ID;
• application ID in the AppsFlyer service;
• unique AppsFlyer installation ID.

       Information about licensing:

• Software license ID.

Information about the use of the Software: 

• event type and value (additional parameters to some events: Device ID, Installation ID, Software license ID, Web-Portal User identifier, Device identifier on Web-Portal, Application identifier on Web-Portal).

       Information about the User:

• Web-Portal account ID;
• country of residence;
• campaign and name of channel that attracted the User.

      Information about the operating system:

• operating system type;
• operating system major version;
• operating system minor version;
• build number;
• processor type;
• information about the language (locale) of the operating system.

       Information about the User's computer where the Software is installed:

• computer brand, category, model;
• IDFA or IDFV (in case if it is impossible to extract IDFA).

To support two-step verification on My Kaspersky, you need to provide a security code sent to your device in an SMS message.

To ensure the security of your My Kaspersky account, you need to provide the CAPTCHA characters.

The Rightholder may use the received data to generate reports on information security risks.

Kaspersky Lab protects any received information as prescribed by law and the applicable rules of Kaspersky Lab. Information is transmitted over encrypted communication channels.

Information received by the VPN Provider directly from the Software and the Rightholder.

The VPN Provider has to verify the legality of access to its services during Your use of the Software. To do so the VPN Provider has to process and receive the following information about the license You have acquired, and the Computer where You have installed the Software:

• authorization tokens to connect Software to provider infrastructure services;
• temporary authorization data to start the VPN session;
• unique pc Software installation identifier;
• unique account identifiers to record the VPN traffic in the provider's system;
• user device type;
• types of network protocols used for the VPN;
• information about the geographic location of the VPN server.

The VPN Provider processes information in accordance with its privacy policy. You can find and read its complete content at https://www.pango.co/privacy/.

Information received by the provider of the Third-Party services when You use the Third-Party services.

The Rightholder is not responsible for the processing of data when You use the Third-Party services. By using the Software to access and/or use third-party services, you are responsible for acquainting yourself with the data processing rules and procedures described in the privacy policy of the provider of the Third-Party services.

During use of the Software, the following data will be sent to AppsFlyer automatically and on a regular basis in order to achieve the declared purpose:

• user's computer information: device model and its localized name, device platform, platform extension, country code, language, currency code, CPU data (number of CPUs, their speed, type and architecture), RAM size, OS version, vendor ID, whether the device is jailbroken, Wi-Fi state, system name, iAd meta data;
• name, version and unique ID of the installed Software;
• date, time and name of the event about which the data is sent, event parameter, event counter, time between events, install attribution, install attribution message;
• user ID: Advertiser ID, a flag indicating whether Advertiser ID is enabled, APN token;
• information about advertiser ID: Advertiser ID, a flag indicating whether Advertiser ID is enabled;
• information about the AppsFlyer used in the Software: AppsFlyer key, AppsFlyer installation ID, AppsFlyer server API version, previous AppsFlyer ID in case of application reinstall.

Data is forwarded to AppsFlyer over a secure channel. Information about how data is processed in AppsFlyer is published at: https://www.appsflyer.com/privacy-policy/.

During use of the Software, the following data will be sent to BigQuery automatically and on a regular basis in order to achieve the declared purpose:

     Information about Software installed on the Computer:

• Software version;
• name of the store where the application was obtained;
• timestamp of the first launch of the Software;
• package name and version;
• pseudonymous app-instance identifier;
• application ID in Firebase services;
• application platform and ID.

     Information about the use of the Software:

• event type and value (additional parameters to some events: Device ID, Installation ID, Software license ID, Web-Portal User identifier, Device identifier on Web-Portal, Application identifier on Web-Portal).

     Information about the User's computer where the Software is installed:

• computer brand, category, model;
• information about the language (locale) of the operating system.

     Information about the User:

• country of residence;
• campaign and name of channel that attracted the User.

     IDFA or IDFV (in case if it is impossible to extract IDFA)

Data is forwarded to BigQuery over a secure channel. Information about how data is processed in BigQuery is published at: https://cloud.google.com/terms/data-processing-terms/.

To improve Software quality and analyze the target audience, you agree to automatically provide the following depersonalized and aggregated information to the Firebase service:

• information about Software installed on the Computer: instance ID, version, name of the store where the application was obtained, timestamp of the first launch of the Software, app foreground or background state, app package name, a pseudonymous app-instance identifier, application ID in the Firebase service, sender identifier (for sending messages) and device ID for push notifications, protocol version;
• network, and the following corresponding information: response codes, payload size in bytes, response times, duration times for automated traces;
• information about the use of the Software: event type and value (additional parameters to some events: Device ID, Installation ID, Software license ID, Web-Portal User identifier, Device identifier on Web-Portal, Application identifier on Web-Portal);
• information about the Users' Computer where the Software is installed: Computer brand, category, model and orientation, RAM and disk size, version and language (locale) of the operating system; information about whether the application was first opened in the last 7 days or more than 7 days ago;
• carrier, radio/network information, IP address, geography, locale/language, signal strength, jailbroken or rooted status of device, battery level and battery-charging state;
• IDFA, IDFV;
• information about the User: User's age category and gender, country of residence, and list of interests.

Data is forwarded to Firebase over a secure channel. Information about how data is processed in Firebase is published at: https://www.firebase.com/terms/privacy-policy.html/.

Data is sent to AppsFlyer and Firebase services over an encrypted channel.

Access to the information and protection of the information are governed by the corresponding terms of use of the AppsFlyer and Firebase services.

To ensure the uninterrupted operation of the Software, you agree to submit the following data to Firebase Performance Monitoring service automatically:

• instance ID;
• IP address;
• general device information: model, OS, and orientation;
• RAM and disk size;
• CPU usage;
• carrier (based on Mobile Country and Network Code);
• radio/network information (for example Wi-Fi, LTE, 3G);
• country (based on IP address);
• locale/language;
• signal strength;
• jailbroken or rooted status of device;
• battery level and battery-charging state;
• app version;
• app foreground or background state;
• app package name;
• pseudonymous app-instance identifier;
• network URLs (not including URL parameters or payload content) and the following corresponding information: response codes (for example 403, 200), payload size in bytes, response times;
• duration times for automated traces.

Data is forwarded to Firebase Performance Monitoring over a secure channel. Access to the information and protection of the information are governed by the corresponding terms of use of the Firebase Performance Monitoring service.