About data provided (EU, UK, USA, Brazil)
Kaspersky protects any information received in accordance with law and applicable Kaspersky rules. Data is transmitted over a secure channel.
Non-personal data is provided to Kaspersky for the following purposes:
- Management of Computer protection and acquired licenses via the My Kaspersky website.
- List of detected security problems, list of recommendations and their versions, available actions, full version of the application, protocol version, aggregated protection status, protection components status, scan tasks status, update tasks status, list of problems detected on User's device, protection level, status of databases and update process.
- Information about weak security settings: notification type, severity, Knowledge Base link, processing state, quantity, possibility to be fixed, detection rule identifier.
- Providing You with the core functionality of the acquired Software.
- Localization, rebranding code, application type, application version, application hotfix, OS version, reason for certificate invalidation, link name and target, region, OS type, list of content IDs read by user, SHA1 hash of User login, first 5 bytes of the device MAC address detected in the monitored home Wi-Fi network, hash of scanned object (MD5, SHA256), web resource domain, web server IP address, SHA1 hash of the certificate, certificate type, certificate content, detect name, database record revision, database record identifier, database record type.
- KSN config identifier, result of the file's validation by KSN, product identifier in KSN.
Personal data is provided to Kaspersky for the following purposes:
Kaspersky Standard
Software activation and verification of the legality of Software use.
The Rightholder has to verify that the license You will use is legal during activation and use of the Software. To do so the Rightholder has to process and receive the following information about the Software, the license You have acquired, and the Computer where You will install the Software, specifically:
- Type, version and localization of the installed Software, versions of installed updates, identifier of the Computer and identifier of the Software installation on the Computer, activation code and unique identifier of activation of the current license; type, version and word size of the operating system; name of the virtual environment if the Software is installed in a virtual environment, identifiers of the Software components that are active at the time the information is provided, content type, IP address of the server, content length, protocol version, user ID, My Kaspersky infrastructure signature, application ID, global product identifier, current local date and time on the User's computer, current activation code, operating system name and version, application service ID, platform of the User's device, unique device ID on My Kaspersky, information about agreements proposed to the user, type of the agreement, version of the agreement text, flag that indicates if the User agrees with the agreement text, type of compression for the license ticket data, type of signature on the ticket, content of the license ticket header, Regional Activation Center identifier, activation code hash calculated using the SHA1 algorithm, ticket body hash calculated using the SHA1 algorithm, license ticket creation date and time, internal license information identifier, current license ticket identifier, license ticket sequence ID, date from which the license ticket is valid, date to which the license ticket is valid, current license ticket state, license version, license ticket version, application IDs of products compatible with the current application, application localization ID, application customization ID, system and application parameters, options for ticket packaging, My Kaspersky service token, My Kaspersky user ID, My Kaspersky account type, signature, supported types of applications, previous activation code, activation date and time.
Providing You with the core functionality of the acquired Software.
The core functionality of the Software as described in the User Manual is to protect the User from known threats to information security. To provide this core functionality, while You are using the Software the Rightholder has to receive from Your device and process information about the installed Software, the acquired license, the scanned objects, detected threats and infections on the Computer, information about the Computer and devices connected thereto, the Computer's activity on the Internet:
- Information on interaction with Web portal: flag indicating whether the Software is connected to Web-Portal; Web-Portal account ID.
- Information about the license and other agreements: ID of a regional activation center; customer name; flag indicating whether the subscription is in a grace period; Software activation date and time; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; status of the license used by the Software; type of the license used to activate the Software; checksum of the Software activation code; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation date; number of days since Software activation; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; number of days since Software license key expiration; Software license expiration date and time; number of days till Software license expiration; Software license ID; checksum of the Software key file; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; identifier of the certificate used to sign the Software license ticket header; the Software license ticket create date and time; the Software license ticket checksum; the Software license ticket version; type of Software license used; the Software activation code version; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner; data on the license ticket sequence's link to the user account; current license ticket ID.
- Information about the User environment: DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network authentication type; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; connection types supported by the Wi-Fi access point; Wi-Fi network encryption type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Wi-Fi network SSID.
- Information about the use of Kaspersky Security Network (KSN): flag indicating whether the user has accepted the terms of participation in KSN; flag indicating whether participation in KSN is enabled.
- Information about an object being processed: ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; contents of the digital certificate being processed; public key of the certificate; digital certificate thumbprint of the scanned object and hashing algorithm; format of the object being processed; checksum type for the object being processed; number of software runs since the last time the file checksum was sent; checksum (MD5) of the object being processed; checksum (SHA256) of the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum of the object being processed; checksum of the user name; certificate type; web address being processed.
- Information about accessing a web service: IP address; contents of the digital certificate being processed; ID of the topic in the Software help; link name; URL of the service used to access the internet; accessed address of the web service (URL, IP); accessed IPv4 address of the web service; port number; web address of the source of the web service request (referer); web address being processed.
- Information about the Rightholder's installed Software: the configuration identifier; Software ID derived from the license; full version of the Software; Software update ID; Software ID; installation date and time for the Software; Software localization; full name of the partner organization through which the Software license order was placed; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of the installed Software; Software group; the Software component ID; the result of the Software action; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; date and time when the user accepted the Agreement terms while using the Software; version of the legal agreement accepted by the user while using the Software; Software ID; Software installation/uninstallation status; installation error code; flag indicating whether the installation was aborted by the user; ID of the Software rebranding; duration of Software installation in seconds; installation type (new installation, update); ID of the Software update start.
- Information about the device: OS bit size; device model; additional information about OS features; device ID; OS build number; extended information about the OS edition; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; version of the operating system; IP address; version of the operating system installed on the user's computer; operating system bit version; OS edition; unique device ID; device type (laptop, desktop, tablet); OS type (server, workstation, domain controller); port number.
- Other information: version of list of revoked Software service's decisions; flag indicating whether a Windows partition is available; ID of the data schema used by the subscription provider; contents of the digital certificate being processed; format of the data in the request to Rightholder's infrastructure; installation error code; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics.
Kaspersky Plus or Kaspersky Premium
Software activation and verification of the legality of Software use.
The Rightholder has to verify that the license You will use is legal during activation and use of the Software. To do so the Rightholder has to process and receive the following information about the Software, the license You have acquired, and the Computer where You will install the Software, specifically:
- Type, version and localization of the installed Software, versions of installed updates, identifier of the Computer and identifier of the Software installation on the Computer, activation code and unique identifier of activation of the current license; type, version and word size of the operating system; name of the virtual environment if the Software is installed in a virtual environment, identifiers of the Software components that are active at the time the information is provided, content type, IP address of the server, content length, protocol version, user ID, My Kaspersky infrastructure signature, application ID, global product identifier, current local date and time on the User's computer, current activation code, operating system name and version, application service ID, platform of the User's device, unique device ID on My Kaspersky, information about agreements proposed to the user, type of the agreement, version of the agreement text, flag that indicates if the User agrees with the agreement text, type of compression for the license ticket data, type of signature on the ticket, content of the license ticket header, Regional Activation Center identifier, activation code hash calculated using the SHA1 algorithm, ticket body hash calculated using the SHA1 algorithm, license ticket creation date and time, internal license information identifier, current license ticket identifier, license ticket sequence ID, date from which the license ticket is valid, date to which the license ticket is valid, current license ticket state, license version, license ticket version, application IDs of products compatible with the current application, application localization ID, application customization ID, system and application parameters, options for ticket packaging, My Kaspersky service token, My Kaspersky user ID, My Kaspersky account type, signature, supported types of applications, previous activation code, activation date and time.
Providing You with the core functionality of the acquired Software.
The core functionality of the Software as described in the User Manual is to protect the User from known threats to information security. To provide this core functionality, while You are using the Software the Rightholder has to receive from Your device and process information about the installed Software, the acquired license, the scanned objects, detected threats and infections on the Computer, information about the Computer and devices connected thereto, the Computer's activity on the Internet:
- Information on interaction with Web portal: unique device ID on Web-Portal; flag indicating whether the Software is connected to Web-Portal; Web-Portal account ID.
- Information about the license and other agreements: ID of a regional activation center; customer name; flag indicating whether the subscription is in a grace period; Software activation date and time; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; status of the license used by the Software; type of the license used to activate the Software; checksum of the Software activation code; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation date; number of days since Software activation; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; number of days since Software license key expiration; Software license expiration date and time; number of days till Software license expiration; Software license ID; checksum of the Software key file; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; identifier of the certificate used to sign the Software license ticket header; the Software license ticket create date and time; the Software license ticket checksum; the Software license ticket version; type of Software license used; the Software activation code version; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner; data on the license ticket sequence's link to the user account; current license ticket ID.
- Information about the User environment: DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network authentication type; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; connection types supported by the Wi-Fi access point; Wi-Fi network encryption type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Wi-Fi network SSID.
- Information about the use of Kaspersky Security Network (KSN): flag indicating whether the user has accepted the terms of participation in KSN; flag indicating whether participation in KSN is enabled.
- Information about an object being processed: ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; contents of the digital certificate being processed; public key of the certificate; digital certificate thumbprint of the scanned object and hashing algorithm; format of the object being processed; checksum type for the object being processed; number of software runs since the last time the file checksum was sent; checksum (MD5) of the object being processed; checksum (SHA256) of the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum of the object being processed; checksum of the user name; certificate type; web address being processed.
- Information about accessing a web service: IP address; contents of the digital certificate being processed; ID of the topic in the Software help; link name; URL of the service used to access the internet; accessed address of the web service (URL, IP); accessed IPv4 address of the web service; port number; web address of the source of the web service request (referer); web address being processed.
- Information about the Rightholder's installed Software: full version of third-party software; the configuration identifier; Software ID derived from the license; full version of the Software; Software update ID; Software ID; installation date and time for the Software; Software localization; full name of the partner organization through which the Software license order was placed; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of the installed Software; Software group; the Software component ID; the result of the Software action; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; date and time when the user accepted the Agreement terms while using the Software; version of the legal agreement accepted by the user while using the Software; Software ID; Software installation/uninstallation status; installation error code; flag indicating whether the installation was aborted by the user; ID of the Software rebranding; duration of Software installation in seconds; installation type (new installation, update); ID of the Software update start.
- Information about the device: OS bit size; device model; additional information about OS features; device ID; OS build number; extended information about the OS edition; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; version of the operating system; IP address; version of the operating system installed on the user's computer; operating system bit version; OS edition; unique device ID; first 5 bytes of device MAC address; device type (laptop, desktop, tablet); OS type (server, workstation, domain controller); port number.
- Other information: version of list of revoked Software service's decisions; flag indicating whether a Windows partition is available; ID of the data schema used by the subscription provider; contents of the digital certificate being processed; format of the data in the request to Rightholder's infrastructure; error code; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics.
The personal data provided under the End User License Agreement (License Agreement) is listed in the corresponding legal document. You can view the License Agreement by reading the license.txt document in the application installation folder.
Kaspersky Security Network Statement
Use of the KSN may increase the Software's speed of reaction to information and network security threats. It is achieved by:
- Determining the reputation of scanned objects
- Identifying information security threats that are new and challenging to detect, and their sources
- Reducing the likelihood of false positives
- Increasing the efficiency of Software components
- Investigating of infection of a user's computer
- Improving the performance of the Rightholder's Software
- Receiving reference information about the number of objects with known reputation
- Improving the quality of Rightholder's Software
Certain data which is processed under this Statement could be considered personal data according to laws of some countries. With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement:
Kaspersky Standard
- Information on interaction with Web portal: token type; authentication token in the Rightholder's services; token TTL; error code.
- Information about the User environment: ID of the triggered record in the Software's anti-virus databases; browser type; browser version; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); flag indicating whether the DNS domain exists; Wi-Fi network authentication type; list of available Wi-Fi networks and their settings; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; user classification of the Wi-Fi network; Wi-Fi network encryption type; local time of the start and end of the Wi-Fi network connection; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Software vendor name; parent application name; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe).
- Information about the operation of the Safe Money component: actions performed with the web address in the Software settings; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; indicator of remembered choice of action location for the web service; indicator of presence of web address in the Safe Money database.
- Information about the use of Kaspersky Security Network (KSN): protocol used to exchange data with KSN; ID of the KSN service accessed by the Software; date and time when statistics stopped being received; number of KSN connections taken from the cache; number of requests for which a response was found in the local request database; number of unsuccessful KSN connections; number of unsuccessful KSN transactions; temporal distribution of cancelled requests to KSN; temporal distribution of unsuccessful KSN connections; temporal distribution of unsuccessful KSN transactions; temporal distribution of successful KSN connections; temporal distribution of successful KSN transactions; temporal distribution of successful requests to KSN; temporal distribution of requests to KSN that timed out; number of new KSN connections; number of unsuccessful requests to KSN caused by routing errors; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; number of successful KSN connections; number of successful KSN transactions; total number of requests to KSN; date and time when statistics started being received.
- Information about the use of the application user interface, information about User opinion about the software: user's choice regarding controlling device connections to the home Wi-Fi network; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking.
- Information about an object being processed: fragment content of the object being processed; date and time when the certificate expires; ID of the triggered record in the Software's anti-virus databases; local port that was attacked; ID of the account under which the controlled process was started; ID of the key from the keystore used for encryption; fragment order in the object being processed; data of the internal log, generated by the anti-virus Software module for an object being processed; result of certificate verification; certificate issuer name; public key of the certificate; calculation algorithm of public key of the certificate; certificate serial number; date and time of signing the object; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; date and time of the last modification of the object being processed; date and time of creating an object being processed; detect characteristics; objects or its parts being processed; attributes of executable file being processed; date and time of creating an executable file being processed; description of an object being processed as defined in the object properties; entropy of the file being processed; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; trust indicator of the processed object according to KSN; date and time of linking the executable file; checksum (MD5) of the object being processed; name of the object being processed; names of the packers that packed the object being processed; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; checksum (SHA256) of the object being processed; information on who signed the file being processed; size of the object being processed; a flag indicating an application which runs automatically at startup; name of the detected malware or legitimate software that can be used to damage the user's device or data; object type code; the Software's decision on the object being processed; version of the object being processed; source of the decision made for the object being processed; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; directory code; command line; information about file signature check results; vulnerability ID; vulnerability danger class; notification type, that triggered the statistic sending; logon session key; encryption algorithm for the logon session key; IP address of the attacker; debug detection indicator; attribute of an object being processed, that allowed to recall the false positive decision on the object; ID of the task in which detection was performed; confidence of detecting access to the phishing web service; phishing attack target; weight of the detected access to the phishing web service; protocol ID; storage time for object being processed; algorithm for calculating the digital certificate thumbprint; web address being processed; information about the client that uses a network protocol (user agent).
- Information about accessing a web service: type of the decision on a web address being processed; accessed address of the web service (URL, IP); type of client used to access the web service; reason for blocking access to the web service; category of reason for blocking access to the web service; DNS address of the web service being accessed; host source; accessed IPv4 address of the web service; accessed IPv6 address of the web service; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; web address of the source of the web service request (referer); web address being processed.
- Information about the Rightholder's installed Software: date and time when the certificate was issued; the Software database record ID; type of the triggered Software anti-virus databases record; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; release date and time of the Software's databases; timestamp of the Software databases; full version of the Software before update; information on who signed the file being processed; command line; version of the Software's component; full version of the Software; Software update ID; Software installation ID (PCID); Software health status after update; type of installed Software; statistics message type; version of the statistics being sent; code of the error category; version of the updater component.
- Information about the device: detected device type; device ID; OS error code; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether the device is plugged in; version of the operating system installed on the user's computer; operating system bit version; OS edition.
- Other information: text of the error message; ID of the account under which the controlled process was started; http request method; directory code; command line; unique request ID to the Rightholder services; response status of the Rightholder's service; error code; object time in the buffer; line number of the source file in the exception handler; total duration of request processing; protocol processing error type; the technical specifications of the applied detection technologies; number of failed update installations for the updater component; number of update installation error for the updater component; error code of the update task; update task type; flag indication, describing the source of the web-traffic being processed (server or client); DNS address of the web service being accessed; accessed IPv4 address of the web service.
Kaspersky Plus or Kaspersky Premium
- Information on interaction with Web portal: token type; authentication token in the Rightholder's services; token TTL; error code.
- Information about the User environment: ID of the triggered record in the Software's anti-virus databases; browser type; browser version; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); flag indicating whether the DNS domain exists; Wi-Fi network authentication type; list of available Wi-Fi networks and their settings; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; user classification of the Wi-Fi network; Wi-Fi network encryption type; local time of the start and end of the Wi-Fi network connection; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Software vendor name; parent application name; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe).
- Information about the operation of the Safe Money component: actions performed with the web address in the Software settings; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; indicator of remembered choice of action location for the web service; indicator of presence of web address in the Safe Money database.
- Information about the use of Kaspersky Security Network (KSN): protocol used to exchange data with KSN; ID of the KSN service accessed by the Software; date and time when statistics stopped being received; number of KSN connections taken from the cache; number of requests for which a response was found in the local request database; number of unsuccessful KSN connections; number of unsuccessful KSN transactions; temporal distribution of cancelled requests to KSN; temporal distribution of unsuccessful KSN connections; temporal distribution of unsuccessful KSN transactions; temporal distribution of successful KSN connections; temporal distribution of successful KSN transactions; temporal distribution of successful requests to KSN; temporal distribution of requests to KSN that timed out; number of new KSN connections; number of unsuccessful requests to KSN caused by routing errors; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; number of successful KSN connections; number of successful KSN transactions; total number of requests to KSN; date and time when statistics started being received.
- Information about the use of the application user interface, information about User opinion about the software: user's choice regarding controlling device connections to the home Wi-Fi network; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking.
- Information about an object being processed: fragment content of the object being processed; date and time when the certificate expires; ID of the triggered record in the Software's anti-virus databases; local port that was attacked; ID of the account under which the controlled process was started; ID of the key from the keystore used for encryption; fragment order in the object being processed; data of the internal log, generated by the anti-virus Software module for an object being processed; result of certificate verification; certificate issuer name; public key of the certificate; calculation algorithm of public key of the certificate; certificate serial number; date and time of signing the object; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; date and time of the last modification of the object being processed; date and time of creating an object being processed; detect characteristics; objects or its parts being processed; attributes of executable file being processed; date and time of creating an executable file being processed; description of an object being processed as defined in the object properties; entropy of the file being processed; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; trust indicator of the processed object according to KSN; date and time of linking the executable file; checksum (MD5) of the object being processed; name of the object being processed; names of the packers that packed the object being processed; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; checksum (SHA256) of the object being processed; information on who signed the file being processed; size of the object being processed; a flag indicating an application which runs automatically at startup; name of the detected malware or legitimate software that can be used to damage the user's device or data; object type code; the Software's decision on the object being processed; version of the object being processed; source of the decision made for the object being processed; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; directory code; command line; information about file signature check results; vulnerability ID; vulnerability danger class; notification type, that triggered the statistic sending; logon session key; encryption algorithm for the logon session key; IP address of the attacker; debug detection indicator; attribute of an object being processed, that allowed to recall the false positive decision on the object; ID of the task in which detection was performed; confidence of detecting access to the phishing web service; phishing attack target; weight of the detected access to the phishing web service; protocol ID; storage time for object being processed; algorithm for calculating the digital certificate thumbprint; web address being processed; information about the client that uses a network protocol (user agent).
- Information about accessing a web service: data of the intercepted DHCP package from the device; type of the decision on a web address being processed; accessed address of the web service (URL, IP); type of client used to access the web service; reason for blocking access to the web service; category of reason for blocking access to the web service; DNS address of the web service being accessed; host source; accessed IPv4 address of the web service; accessed IPv6 address of the web service; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; web address of the source of the web service request (referer); web address being processed.
- Information about the Rightholder's installed Software: date and time when the certificate was issued; the Software database record ID; type of the triggered Software anti-virus databases record; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; release date and time of the Software's databases; timestamp of the Software databases; full version of the Software before update; information on who signed the file being processed; command line; version of the Software's component; full version of the Software; Software update ID; Software installation ID (PCID); Software health status after update; type of the installed Software; statistics message type; version of the statistics being sent; code of the error category; version of the updater component.
- Information about the device: detected device type; number of symbols in the device name; device type; vendor of the device or network card; device ID; OS error code; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether the device is plugged in; version of the operating system installed on the user's computer; operating system bit version; OS edition; first 5 bytes of device MAC address; OS family detection method; device type define method; device name define method; method used to define vendor of the device or network card detection; flag indicating if detected host name is the same as user's host name.
- Other information: text of the error message; ID of the account under which the controlled process was started; http request method; directory code; command line; unique request ID to the Rightholder services; response status of the Rightholder's service; error code; object time in the buffer; line number of the source file in the exception handler; total duration of request processing; protocol processing error type; the technical specifications of the applied detection technologies; number of failed update installations for the updater component; number of update installation error for the updater component; error code of the update task; update task type; flag indication, describing the source of the web-traffic being processed (server or client); DNS address of the web service being accessed; accessed IPv4 address of the web service.
The Kaspersky Security Network service may process and submit whole files, for example, objects detected through malicious links which might be used by criminals to harm your computer and/or their parts, to Kaspersky for additional examination.
Also, in order to achieve the declared purpose of increasing the effectiveness of protection provided by the Software, the Rightholder may receive objects that could be exploited by intruders to harm the Computer and create information security threats. Such objects are:
- Executable or non-executable files or parts thereof
- Computer's RAM areas
- Sectors involved in the OS boot process
- Network traffic data packages
- Web pages and emails containing suspicious or malicious objects
- Description of classes and class instances for the WMI storage
- Application activity reports
Such application activity reports contain the following information about the files and processes:
- Name, size, and version of the file being sent, it's description and checksums (MD5, SHA2-256, SHA1), format ID, its manufacturer's name, the name of the application the file belongs to, the fully qualified path to the file on the Computer and the path template code, date and time of file creation and update
- Certificate validity start and end dates and times if the file being sent has a digital signature, date and time when the certificate was signed, name of the certificate issuer, information about the certificate holder, impression and public key of the certificate and algorithms used to calculate them, certificate serial number
- Name of the account that had run the process
- Checksums (MD5, SHA2-256, SHA1) for the name of the Computer that is running the process
- Process' windows headers
- ID for the anti-virus databases, name of the identified threat according to the Rightholder's classification
- Information about the license used for the application, license ID, it's type and expiry date
- Computer's local time at the moment the information was provided
- The names and paths of the files that were accessed by the process
- URL- and IP addresses that were accessed by the process
- URL- and IP addresses from which the running file was downloaded
Files (or their parts) that may be exploited by intruders to harm the computer or data may be also sent to Kaspersky to be examined additionally.
Statement regarding data processing for marketing purposes (Marketing Statement)
The Rightholder processes data for marketing purposes in accordance with this Marketing Statement in order:
- To improve the quality, appearance, and performance of the Rightholder's Software, products, services, and infrastructure by analyzing users' experience, interactions, and level of satisfaction with the Software.
- To offer You security solutions that best match Your needs.
- To provide You with the relevant content and advertisement.
- To create categories of groups of users based on certain parameters in order to provide relevant information to these groups about maintaining security level, marketing offers, and promotional materials.
Certain data which is processed under this Marketing Statement could be considered personal data according to laws of some countries. With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Marketing Statement:
Kaspersky Standard
- Information on interaction with Web portal: flag indicating whether the Software is connected to Web-Portal; ID of the user of the Rightholder's website; Web-Portal account ID.
- Information about the license and other agreements: customer name; flag indicating whether the subscription is in a grace period; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation date; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; Software license expiration date and time; Software license ID; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; type of Software license used; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner.
- Information about the use of Kaspersky Security Network (KSN): flag indicating whether participation in KSN is enabled.
- Information about the use of the application user interface, information about User opinion about the software: indicator of interactive mode; ID of the control in the user interface; ID of the displayed window; time of sending statistics about using application GUI; action performed with the detected weak security setting; type of the user that performs the action with the weak security setting.
- Information about the Rightholder's installed Software: Software installation ID (PCID); Software ID derived from the license; full version of the Software; Software update ID; installation date and time for the Software; Software localization; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of the installed Software; Software ID; ID of the Software rebranding; type of scan task that detected the weak setting; result of the task of scanning weak security settings; ID of the weak security setting.
- Information about the device: OS bit size; device ID; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; version of the operating system; version of the operating system installed on the user's computer; operating system bit version; OS edition; Software rebranding ID.
- Other information: ID of the data schema used by the subscription provider; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics.
Kaspersky Plus or Kaspersky Premium
- Information on interaction with Web portal: flag indicating whether the Software is connected to Web-Portal; ID of the user of the Rightholder's website; Web-Portal account ID.
- Information about the license and other agreements: customer name; flag indicating whether the subscription is in a grace period; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation date; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; Software license expiration date and time; Software license ID; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; type of Software license used; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner.
- Information about the use of Kaspersky Security Network (KSN): flag indicating whether participation in KSN is enabled.
- Information about the use of the application user interface, information about User opinion about the software: ID of the user action; indicator of interactive mode; ID of the control in the user interface; ID of the displayed window; time of sending statistics about using application GUI; action performed with the detected weak security setting; type of the user that performs the action with the weak security setting.
- Information about the Rightholder's installed Software: Software installation ID (PCID); Software ID derived from the license; full version of the Software; Software update ID; installation date and time for the Software; Software localization; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of installed Software; Software ID; ID of the Software rebranding; type of scan task that detected the weak setting; result of the task of scanning weak security settings; ID of the weak security setting.
- Information about the device: OS bit size; device ID; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; version of the operating system; version of the operating system installed on the user's computer; operating system bit version; OS edition; Software rebranding ID.
- Other information: ID of the data schema used by the subscription provider; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics.
Statement regarding data processing for Web Control (Statement)
With the help of the Web Control component, You can limit time spent on the internet, restrict access to websites of certain categories, and restrict social network correspondences and messaging. The Rightholder processes data to ensure the operation of the Web Control component in accordance with this Statement.
Certain data which is processed under this Statement could be considered personal data according to laws of some countries. With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement:
- URL used for information request
- Protocol type
- Parent URL (from which the URL was received)
- Port number
If you don't want Kaspersky to receive this data, you can revoke your acceptance of the Statement by turning off Web Control.
Statement regarding data processing for purpose of using Web-Portal (Web-Portal Statement)
The Web-Portal helps You remotely manage Your acquired licenses and the protection of your Computer. During Your use of this functionality, the Rightholder receives and processes information accordance with this Statement in order:
- to enable Your use of the Software under the current subscription,
- to enable Your use of (Your connection to) the Web-Portal.
Certain data which is processed under this Statement could be considered personal data according to laws of some countries. The data to be processed depend on purpose, indicated in the Software interface.
To enable Your use of the Software under the current subscription
With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement:
- Information on interaction with Web portal: one-time password for device registration on Web-Portal; token type; unique device ID on Web-Portal; data to receive an authentication token for the session; reason for disconnecting from Web-Portal; user ID issued after successful user authentication on Web-Portal; Web-Portal account ID.
- Information about the license and other agreements: information about Software activation errors; Software activation code; Software license expiration date and time; Software license ID; Software license header; current status of the Software license key; type of Software license used.
- Information about the User environment: localization of third-party software; full version of third-party software.
- Information about the Rightholder's installed Software: version of the Software's component; localization of third-party software; reason for disconnecting from Web-Portal; Software ID derived from the license; full version of the Software; Software localization; type of installed Software.
- Information about the device: OS version, OS build number, OS update number, OS edition, extended information about the OS edition; computer name on the network (domain name); unique device ID; OS type (server, workstation, domain controller).
To enable Your use of (Your connection to) the Web-Portal
With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement:
- Information on interaction with Web portal: unique device ID on Web-Portal; user ID issued after successful user authentication on Web-Portal; one-time password for device registration on Web-Portal; token type; unique device ID on Web-Portal; data to receive an authentication token for the session; one-time password for automatically connecting the Software downloaded from the Web-Portal account; reason for disconnecting from Web-Portal; user ID issued after successful user authentication on Web-Portal; Web-Portal account ID; user login for the Web-Portal account; reason for disconnecting from Web-Portal; Web-Portal account ID; User email address; User password; Authorization parameters; Authorization context; CAPTCHA identifier; CAPTCHA type; User's reply to CAPTCHA; One-time password for two-step verification; One-time password to automatically connect the application downloaded from Web-Portal; Version of the protocol used; XMPP message identifier; Data to receive an authentication token for the session.
- Information about the license and other agreements: information about Software activation errors; Software activation code; Software license expiration date and time; Software license header; current status of the Software license key; type of Software license used.
- Information about the User environment: localization of third-party software.
- Information about the use of the application user interface, information about User opinion about the software: flag indicating whether the user agrees to provide his/her email address to receive personalized marketing offers.
- Information about the Rightholder's installed Software: full version of the Software; type of installed Software; version of the Software's component; full version of the Software; country code; country code according to ISO 3166-1 alpha-2; Software ID derived from the license; Software localization; type of installed Software; Region; Partner's rebranding code; unique ID of the application installation on the computer; application type; version of the application status; aggregated application status; application operating mode; license status; application protection level; protection components status; scan status; database status; database update status; versions of the used anti-virus databases and the time of their last update; list of detected security problems; list of recommendations and available actions.
- Information about the device: OS version, OS build number, OS update number, OS edition, extended information about the OS edition; computer name on the network (domain name); unique device ID; OS type (server, workstation, domain controller); current time and its difference from UTC; device type image; hash sum of the device MAC address and user identifier on Web-Portal; technology used to determine the device parameters; version of device enumeration engine; device name; name and value of device parameters; vendor of the device; operating system regional settings (information about the time zone, default keyboard layout, locale); device token type; unique ID of user-device binding on Web-Portal.
In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Facebook or Apple account, the Rightholder needs to receive from Your device and process the following non-personal data:
- Access token received from the identity provider; type of data sent to the identity provider; Rightholder ID in the identity provider's system; name of the identity provider; URI to which the identity provider's response is sent; parameters requested from the identity provider; ID of the Rightholder's resource; token type; value generated for request verification.
Note: The availability of the option to sign in with Facebook depends on your region.
In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Google account, the Rightholder needs to receive from Your device and process the following non-personal data:
- Authorization code received from the identity provider; type of data sent to the identity provider; Rightholder ID in the identity provider's system; name of the identity provider; URI to which the identity provider's response is sent; parameters requested from the identity provider; ID of the Rightholder's resource; token type; value generated for request verification.
If you don't want Kaspersky to receive this data, you can revoke your acceptance of the Web-Portal Statement by signing out of My Kaspersky.
If you don't want Kaspersky to process this data, you need to delete your My Kaspersky account. For more information about deleting a My Kaspersky account, see the My Kaspersky help.
You agree to submit the following information for the purpose of application identification during database and module updates:
- Software ID (AppID)
- Active license ID
- Unique Software installation ID (InstallationID)
- Unique Update task launch ID (SessionID)
- Version of Software (BuildInfo)
- Information about updating the Updater component: unsuccessful update tasks, the number of failed starts after the upgrade, the version of the component, the error code, the ID of the type of update task, the status code of the software after the update, the date and time the statistics is sent
The application also processes and stores the following personal data displayed in the application interface:
- Email address used to connect to My Kaspersky
- Website addresses that were added to the exclusions (displayed in the Web Anti-Virus, Website tracking, Safe Money settings, and in the Reports window)
- License data
- Hashes of passwords
- Hashes of email addresses
This data is stored locally in a non-modified form and can be viewed under any user account on the computer.
Read the Kaspersky Security Network Statement and revoke your acceptance
- In the menu bar, click the application icon and choose Settings.
The application settings window opens.
- On the KSN tab, in the Improved protection section, click Show KSN Statement.
- If you don't want to participate in Kaspersky Security Network, deselect the Participate in Kaspersky Security Network checkbox.
Read the Marketing Statement and disable sending data
- In the menu bar, click the application icon and choose Settings.
The application settings window opens.
- On the KSN tab, in the Improved experience section, click Show Marketing Statement.
- If you want to disable sending data, deselect the Help Kaspersky improve its products by sending information about the application and its operating environment checkbox.
- On the sidebar of the main application window, click Web Control.
The Web Control window opens.
- In the left pane of the window, select a computer user account for which you want to turn off Web Control.
- In the upper-right corner of the window, turn off Web Control.
- Open the main application window and click
<My Kaspersky account>. - In the dialog that opens, click Sign Out.