Kaspersky Standard | Plus | Premium

• Kaspersky 24
• Kaspersky 23
• Kaspersky 22

You agree to automatically provide the information indicated below via the software installed by you, copyrighted to AO Kaspersky Lab (hereinafter Kaspersky, the Rightholder), to Kaspersky for the following purposes:

• to enhance the protection of information and improve the quality of the Software and services,
• to identify new information security threats and their sources, enhance the operational protection of Users of the Software, and improve the quality of the product.

Kaspersky Standard

• unique device ID on Web-Portal; user ID issued after successful user authentication on Web-Portal; full version of the Software; type of installed Software.
• Information on interaction with Web portal: one-time password for device registration on Web-Portal; token type; unique device ID on Web-Portal; data to receive an authentication token for the session; one-time password for automatically connecting the Software downloaded from the Web-Portal account; reason for disconnecting from Web-Portal; user ID issued after successful user authentication on Web-Portal; Web-Portal account ID; user login for the Web-Portal account; flag indicating whether the Software is connected to Web-Portal.
• Information about the license and other agreements: ID of a regional activation center; customer name; flag indicating whether the subscription is in a grace period; Software activation date and time; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; status of the license used by the Software; Web-Portal account ID; type of the license used to activate the Software; checksum of the Software activation code; information about Software activation errors; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation code; Software activation date; number of days since Software activation; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; number of days since Software license key expiration; Software license expiration date and time; number of days till Software license expiration; Software license ID; checksum of the Software key file; Software license header; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription type; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; identifier of the certificate used to sign the Software license ticket header; Software license ticket creation date and time; Software license ticket checksum; Software license ticket version; type of Software license used; Software activation code version; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner; ID of the price list item through which the Software license was purchased; data on the license ticket sequence's link to the user account; current license ticket ID; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; version of the legal agreement accepted by the user while using the Software.
• Information about the user: Web-Portal account ID.
• Information about the User environment: DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network authentication type; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; connection types supported by the Wi-Fi access point; Wi-Fi network encryption type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Wi-Fi network SSID; version of the Software's component; full version of the Software.
• Information about the use of Kaspersky Security Network (KSN): flag indicating whether the user has accepted the terms of participation in KSN; flag indicating whether participation in KSN is enabled.
• Information about the use of the application user interface, information about User opinion about the software: flag indicating whether the user agrees to provide his/her email address to receive personalized marketing offers.
• Information about an object being processed: ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; contents of the digital certificate being processed; public key of the certificate; digital certificate thumbprint of the scanned object and hashing algorithm; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; number of software runs since the last time the file checksum was sent; checksum (MD5) of the object being processed; name of the object being processed; checksum (SHA256) of the object being processed; size of the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; checksum of the user name; certificate type; web address being processed.
• Information about accessing a web service: IP address; contents of the digital certificate being processed; ID of the topic in the Software help; link name; URL of the service used to access the internet; accessed address of the web service (URL, IP); accessed IPv4 address of the web service; port number; web address of the source of the web service request (referer); web address being processed.
• Information about the Rightholder's installed Software: localization of third-party software; country code; reason for disconnecting from Web-Portal; configuration identifier; country code according to ISO 3166-1 alpha-2; Software ID derived from the license; full version of the Software; Software update ID; Software ID; installation date and time for the Software; information about trial version of Software; Software localization; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of the installed Software; Software group; Software component ID; result of the Software action; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; date and time when the user accepted the agreement terms while using the Software; version of the legal agreement accepted by the user while using the Software; Software ID; flag indicating whether the installation was aborted by the user; ID of the Software rebranding; duration of Software installation in seconds; installation type (new installation, update); version of the protocol of interaction between the Software and marketing messages; ID of the Software update start; ID of the user of the Rightholder's website, Software IDs in Firebase.
• Information about the device: OS locale; OS bit size; device model; additional information about OS features; device ID; OS build number; extended information about the OS edition; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether a Windows partition is available; version of the operating system; IP address; version of the operating system installed on the user's computer; computer name on the network (domain name); operating system bit version; OS edition; unique device ID; device type (laptop, desktop, tablet); OS type (server, workstation, domain controller); port number.
• Other information: version of list of revoked Software service's decisions; ID of the data schema used by the subscription provider; contents of the digital certificate being processed; directory code; format of the data in the request to Rightholder's infrastructure; error code; Software installation/uninstallation status; types of third-party software installed during installation of the Software; types of third-party software offered to be installed during installation of the Software; types of third-party software selected to be installed during installation of the Software; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics; the technical specifications of the applied detection technologies.

In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Google, Facebook, Apple, Yandex, or VK account, the Rightholder needs to receive from Your device and process the following data:

• Software ID; URI to which the identity provider's response is sent; parameters requested from the identity provider; token type; value generated for request verification; name of the identity provider; authorization code received from the Rightholder's infrastructure; format of parameters requested from the identity provider; hash of the value generated for request verification; hash algorithm for the value generated for request verification.

  Note: The list of third-party services that are available for signing in to My Kaspersky depends on your region. For more details on restrictions in Russia, please see this article (available only in English and Russian).

Kaspersky Plus or Kaspersky Premium

• unique device ID on Web-Portal; user ID issued after successful user authentication on Web-Portal; user login for the Web-Portal account; password of the user account on Web-Portal; ID of the CAPTCHA requested during Web-Portal authentication; type of the CAPTCHA requested during Web-Portal authentication; user response for the CAPTCHA requested during Web-Portal authentication; full version of the Software; context of the authentication on the Web-Portal via the Software; one-time code for Web-Portal authentication; type of the installed Software.
• Information on interaction with Web portal: one-time password for device registration on Web-Portal; token type; unique device ID on Web-Portal; data to receive an authentication token for the session; one-time password for automatically connecting the Software downloaded from the Web-Portal account; reason for disconnecting from Web-Portal; user ID issued after successful user authentication on Web-Portal; Web-Portal account ID; user login for the Web-Portal account; flag indicating whether the Software is connected to Web-Portal.
• Information about the license and other agreements: ID of a regional activation center; customer name; flag indicating whether the subscription is in a grace period; Software activation date and time; license expiration date; license identifier; license validity period; type of license used; order number when purchasing the license; country where the partner is located; full name of the partner from whom the license was purchased; order number used by the partner; order price ID when purchasing the license; subscription expiration date; current subscription state; cause of the current subscription state/change; status of the license used by the Software; Web-Portal account ID; type of the license used to activate the Software; checksum of the Software activation code; information about Software activation errors; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Software activation code; Software activation date; number of days since Software activation; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; number of days since Software license key expiration; Software license expiration date and time; number of days till Software license expiration; Software license ID; checksum of the Software key file; Software license header; Software license data for user group identification based on additional settings of the subscription license; ID of the information model used to provide the Software license; serial number of the Software license key; current status of the Software license key; Software subscription type; Software subscription expiration date and time; current status of the Software subscription; reason of current/changing status of Software subscription; Software license term; identifier of the certificate used to sign the Software license ticket header; Software license ticket creation date and time; Software license ticket checksum; Software license ticket version; type of Software license used; Software activation code version; order number through which the Software license was purchased; ID of the country of the partner that sold the Software license; identifier of the partner organization via which the Software license order was placed; full name of the partner organization through which the Software license order was placed; order number of the purchase of the Software license from the partner; ID of the price list item through which the Software license was purchased; data on the license ticket sequence's link to the user account; current license ticket ID; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; version of the legal agreement accepted by the user while using the Software.
• Information about the user: Web-Portal account ID.
• Information about the User environment: localization of third-party software; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network authentication type; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; connection types supported by the Wi-Fi access point; Wi-Fi network encryption type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Wi-Fi network SSID; version of the Software's component; full version of the Software; Software localization.
• Information about the use of Kaspersky Security Network (KSN): flag indicating whether the user has accepted the terms of participation in KSN; flag indicating whether participation in KSN is enabled.
• Information about the use of the application user interface, information about User opinion about the software: flag indicating whether the user agrees to provide his/her email address to receive personalized marketing offers.
• Information about an object being processed: ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; contents of the digital certificate being processed; public key of the certificate; digital certificate thumbprint of the scanned object and hashing algorithm; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; number of software runs since the last time the file checksum was sent; checksum (MD5) of the object being processed; name of the object being processed; checksum (SHA256) of the object being processed; size of the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; checksum of the user name; certificate type; web address being processed.
• Information about accessing a web service: IP address; contents of the digital certificate being processed; ID of the topic in the Software help; link name; URL of the service used to access the internet; accessed address of the web service (URL, IP); accessed IPv4 address of the web service; port number; web address of the source of the web service request (referer); web address being processed.
• Information about the Rightholder's installed Software: localization of third-party software; country code; reason for disconnecting from Web-Portal; configuration identifier; country code according to ISO 3166-1 alpha-2; Software ID derived from the license; full version of the Software; Software update ID; Software ID; installation date and time for the Software; information about trial version of Software; Software localization; Software installation ID (PCID); Software rebranding ID; ID of the licensed Software; code of the partner organization associated with the Software rebranding; type of the installed Software; Software group; Software component ID; result of the Software action; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; type of legal agreement accepted by the user while using the Software; date and time when the user accepted the agreement terms while using the Software; version of the legal agreement accepted by the user while using the Software; Software ID; flag indicating whether the installation was aborted by the user; ID of the Software rebranding; duration of Software installation in seconds; installation type (new installation, update); version of the protocol of interaction between the Software and marketing messages; ID of the Software update start; ID of the user of the Rightholder's website, Software IDs in Firebase.
• Information about the device: OS locale; OS bit size; device model; additional information about OS features; device ID; OS build number; extended information about the OS edition; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether a Windows partition is available; version of the operating system; IP address; version of the operating system installed on the user's computer; computer name on the network (domain name); operating system bit version; OS edition; unique device ID; first 5 bytes of device MAC address; device type (laptop, desktop, tablet); OS type (server, workstation, domain controller); port number.
• Other information: version of list of revoked Software service's decisions; ID of the data schema used by the subscription provider; contents of the digital certificate being processed; directory code; format of the data in the request to Rightholder's infrastructure; error code; Software installation/uninstallation status; types of third-party software installed during installation of the Software; types of third-party software offered to be installed during installation of the Software; types of third-party software selected to be installed during installation of the Software; version of the protocol of interaction between the Software and marketing messages; delay of sending the statistics; the technical specifications of the applied detection technologies.

In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Google, Facebook, Apple, Yandex, or VK account, the Rightholder needs to receive from Your device and process the following data:

• Software ID; URI to which the identity provider's response is sent; parameters requested from the identity provider; token type; value generated for request verification; name of the identity provider; authorization code received from the Rightholder's infrastructure; format of parameters requested from the identity provider; hash of the value generated for request verification; hash generating algorithm for the value generated for request verification.

  Note: The list of third-party services that are available for signing in to My Kaspersky depends on your region. For more details on restrictions in Russia, please see this article (available only in English and Russian).

The information received will be protected by the Rightholder in accordance with established legal requirements and is required to ensure the operation of the software licensed by you.

Kaspersky may use the statistical data obtained, generated based on the information received, to monitor trends in the field of computer security threats and to publish the corresponding reports.

In order to increase the Software's speed of reaction to information and network security threats, to prevent incidents and investigate those that do occur as well as to improve the quality of Kaspersky products, the User agrees to provide the following information:

Kaspersky Standard

• Information on interaction with Web portal: token type; authentication token in the Rightholder's services; token TTL; error code.
• Information about the license and other agreements: type of Software license used.
• Information about the User environment: ID of the triggered record in the Software's anti-virus databases; browser type; browser version; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); flag indicating whether the DNS domain exists; Wi-Fi network authentication type; list of available Wi-Fi networks and their settings; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; user classification of the Wi-Fi network; Wi-Fi network encryption type; local time of the start and end of the Wi-Fi network connection; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Software vendor name; parent application name; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe).
• Information about the operation of the Safe Money component: actions performed with the web address in the Software settings; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; indicator of remembered choice of action location for the web service; indicator of presence of web address in the Safe Money database.
• Information about the use of Kaspersky Security Network (KSN): protocol used to exchange data with KSN; ID of the KSN service accessed by the Software; date and time when statistics stopped being received; number of KSN connections taken from the cache; number of requests for which a response was found in the local request database; number of unsuccessful KSN connections; number of unsuccessful KSN transactions; temporal distribution of cancelled requests to KSN; temporal distribution of unsuccessful KSN connections; temporal distribution of unsuccessful KSN transactions; temporal distribution of successful KSN connections; temporal distribution of successful KSN transactions; temporal distribution of successful requests to KSN; temporal distribution of requests to KSN that timed out; number of new KSN connections; number of unsuccessful requests to KSN caused by routing errors; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; number of successful KSN connections; number of successful KSN transactions; total number of requests to KSN; date and time when statistics started being received.
• Information about the use of the application user interface, information about User opinion about the software: indicator of interactive mode; user's choice regarding controlling device connections to the home Wi-Fi network; ID of the control in the user interface; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking; ID of the displayed window; time of sending statistics about using application GUI; action performed with the detected weak security setting; type of the user that performs the action with the weak security setting.
• Information about an object being processed: fragment content of the object being processed; date and time when the certificate expires; ID of the triggered record in the Software's anti-virus databases; local port that was attacked; ID of the account under which the controlled process was started; ID of the key from the keystore used for encryption; fragment order in the object being processed; data of the internal log, generated by the anti-virus Software module for an object being processed; result of certificate verification; certificate issuer name; public key of the certificate; calculation algorithm of public key of the certificate; certificate serial number; date and time of signing the object; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; date and time of the last modification of the object being processed; date and time of creating an object being processed; detect characteristics; objects or its parts being processed; attributes of executable file being processed; date and time of creating an executable file being processed; description of an object being processed as defined in the object properties; entropy of the file being processed; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; trust indicator of the processed object according to KSN; date and time of linking the executable file; checksum (MD5) of the object being processed; name of the object being processed; names of the packers that packed the object being processed; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; checksum (SHA256) of the object being processed; information on who signed the file being processed; size of the object being processed; a flag indicating an application which runs automatically at startup; name of the detected malware or legitimate software that can be used to damage the user's device or data; object type code; the Software's decision on the object being processed; version of the object being processed; source of the decision made for the object being processed; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; directory code; command line; information about file signature check results; vulnerability ID; vulnerability danger class; notification type, that triggered the statistic sending; logon session key; encryption algorithm for the logon session key; IP address of the attacker; debug detection indicator; attribute of an object being processed, that allowed to recall the false positive decision on the object; ID of the task in which detection was performed; confidence of detecting access to the phishing web service; phishing attack target; weight of the detected access to the phishing web service; protocol ID; storage time for object being processed; algorithm for calculating the digital certificate thumbprint; web address being processed; information about the client that uses a network protocol (user agent).
• Information about accessing a web service: type of the decision on a web address being processed; accessed address of the web service (URL, IP); type of client used to access the web service; reason for blocking access to the web service; category of reason for blocking access to the web service; DNS address of the web service being accessed; host source; accessed IPv4 address of the web service; accessed IPv6 address of the web service; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; web address of the source of the web service request (referer); web address being processed.
• Information about the Rightholder's installed Software: date and time when the certificate was issued; the Software database record ID; type of the triggered Software anti-virus databases record; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; release date and time of the Software's databases; timestamp of the Software databases; full version of the Software before update; information on who signed the file being processed; command line; version of the Software's component; full version of the Software; Software update ID; installation date and time for the Software; Software localization; Software installation ID (PCID); Software health status after update; type of the installed Software; statistics message type; version of the statistics being sent; type of scan task that detected the weak setting; result of the task of scanning weak security settings; ID of the weak security setting; code of the error category; version of the updater component.
• Information about the device: detected device type; device ID; OS error code; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether the device is plugged in; version of the operating system installed on the user's computer; operating system bit version; OS edition.
• Other information: text of the error message; ID of the account under which the controlled process was started; http request method; command line; unique request ID to the Rightholder services; response status of the Rightholder's service; error code; object time in the buffer; line number of the source file in the exception handler; total duration of request processing; protocol processing error type; number of failed update installations for the updater component; number of update installation error for the updater component; error code of the update task; update task type; flag indication, describing the source of the web-traffic being processed (server or client); DNS address of the web service being accessed; accessed IPv4 address of the web service.

  Kaspersky Plus or Kaspersky Premium

• Information on interaction with Web portal: token type; authentication token in the Rightholder's services; token TTL; error code.
• Information about the license and other agreements: type of Software license used.
• Information about the User environment: ID of the triggered record in the Software's anti-virus databases; browser type; browser version; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); flag indicating whether the DNS domain exists; Wi-Fi network authentication type; list of available Wi-Fi networks and their settings; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; user classification of the Wi-Fi network; Wi-Fi network encryption type; local time of the start and end of the Wi-Fi network connection; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network name; Software vendor name; parent application name; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe).
• Information about the operation of the Safe Money component: actions performed with the web address in the Software settings; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; indicator of remembered choice of action location for the web service; indicator of presence of web address in the Safe Money database.
• Information about the use of Kaspersky Security Network (KSN): protocol used to exchange data with KSN; ID of the KSN service accessed by the Software; date and time when statistics stopped being received; number of KSN connections taken from the cache; number of requests for which a response was found in the local request database; number of unsuccessful KSN connections; number of unsuccessful KSN transactions; temporal distribution of cancelled requests to KSN; temporal distribution of unsuccessful KSN connections; temporal distribution of unsuccessful KSN transactions; temporal distribution of successful KSN connections; temporal distribution of successful KSN transactions; temporal distribution of successful requests to KSN; temporal distribution of requests to KSN that timed out; number of new KSN connections; number of unsuccessful requests to KSN caused by routing errors; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; number of successful KSN connections; number of successful KSN transactions; total number of requests to KSN; date and time when statistics started being received.
• Information about the use of the application user interface, information about User opinion about the software: indicator of interactive mode; user's choice regarding controlling device connections to the home Wi-Fi network; ID of the control in the user interface; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking; ID of the displayed window; time of sending statistics about using application GUI; action performed with the detected weak security setting; type of the user that performs the action with the weak security setting.
• Information about an object being processed: fragment content of the object being processed; date and time when the certificate expires; ID of the triggered record in the Software's anti-virus databases; local port that was attacked; ID of the account under which the controlled process was started; ID of the key from the keystore used for encryption; fragment order in the object being processed; data of the internal log, generated by the anti-virus Software module for an object being processed; result of certificate verification; certificate issuer name; public key of the certificate; calculation algorithm of public key of the certificate; certificate serial number; date and time of signing the object; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; date and time of the last modification of the object being processed; date and time of creating an object being processed; detect characteristics; objects or its parts being processed; attributes of executable file being processed; date and time of creating an executable file being processed; description of an object being processed as defined in the object properties; entropy of the file being processed; format of the object being processed; checksum type for the object being processed; the result of status check in KSN of an object being processed; trust indicator of the processed object according to KSN; date and time of linking the executable file; checksum (MD5) of the object being processed; name of the object being processed; names of the packers that packed the object being processed; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; checksum (SHA256) of the object being processed; information on who signed the file being processed; size of the object being processed; a flag indicating an application which runs automatically at startup; name of the detected malware or legitimate software that can be used to damage the user's device or data; object type code; the Software's decision on the object being processed; version of the object being processed; source of the decision made for the object being processed; checksum of the object being processed; checksum (MD5) of the object being processed; path to the object being processed; directory code; command line; information about file signature check results; vulnerability ID; vulnerability danger class; notification type, that triggered the statistic sending; logon session key; encryption algorithm for the logon session key; IP address of the attacker; debug detection indicator; attribute of an object being processed, that allowed to recall the false positive decision on the object; ID of the task in which detection was performed; confidence of detecting access to the phishing web service; phishing attack target; weight of the detected access to the phishing web service; protocol ID; storage time for object being processed; algorithm for calculating the digital certificate thumbprint; web address being processed; information about the client that uses a network protocol (user agent).
• Information about accessing a web service: data of the intercepted DHCP package from the device; type of the decision on a web address being processed; accessed address of the web service (URL, IP); type of client used to access the web service; reason for blocking access to the web service; category of reason for blocking access to the web service; DNS address of the web service being accessed; host source; accessed IPv4 address of the web service; accessed IPv6 address of the web service; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; web address of the source of the web service request (referer); web address being processed.
• Information about the Rightholder's installed Software: date and time when the certificate was issued; the Software database record ID; type of the triggered Software anti-virus databases record; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; release date and time of the Software's databases; timestamp of the Software databases; full version of the Software before update; information on who signed the file being processed; command line; version of the Software's component; full version of the Software; Software update ID; installation date and time for the Software; Software localization; Software installation ID (PCID); Software health status after update; type of the installed Software; statistics message type; version of the statistics being sent; type of scan task that detected the weak setting; result of the task of scanning weak security settings; ID of the weak security setting; code of the error category; version of the updater component.
• Information about the device: detected device type; number of symbols in the device name; device type; vendor of the device or network card; device ID; OS error code; operating system family; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS ID; OS Service Pack version; flag indicating whether the device is plugged in; version of the operating system installed on the user's computer; operating system bit version; OS edition; first 5 bytes of device MAC address; OS family detection method; device type define method; device name define method; method used to define vendor of the device or network card detection; flag indicating if detected host name is the same as user's host name.
• Other information: text of the error message; ID of the account under which the controlled process was started; http request method; command line; unique request ID to the Rightholder services; response status of the Rightholder's service; error code; object time in the buffer; line number of the source file in the exception handler; total duration of request processing; protocol processing error type; number of failed update installations for the updater component; number of update installation error for the updater component; error code of the update task; update task type; flag indication, describing the source of the web-traffic being processed (server or client); DNS address of the web service being accessed; accessed IPv4 address of the web service.

The Kaspersky Security Network service may process and submit whole files, for example, objects detected through malicious links which might be used by criminals to harm your computer and/or their parts, to Kaspersky for additional examination.

Additionally, to prevent incidents and investigate those that do occur, trusted executable and non-executable files, application activity reports, portions of the computer's RAM, and the operating system's boot sector may be sent, as well as the following information about files and processes:

• The names and paths of the files that were accessed by the process.
• Names of registry keys and their values that were accessed by the process.
• URL- and IP addresses that were accessed by the process.
• URL- and IP addresses from which the running file was downloaded.

Kaspersky protects the information received in accordance with applicable governing law and Kaspersky rules. Data is transmitted over a secure channel.

Files (or their parts) that may be exploited by intruders to harm the computer or data may be also sent to Kaspersky to be examined additionally.

You agree to submit the following information for the purpose of application identification during database and module updates:

• Software ID (AppID)
• Active license ID
• Unique Software installation ID (InstallationID)
• Unique Update task launch ID (SessionID)
• Version of Software (BuildInfo)
• Information about updating the Updater component: unsuccessful update tasks, the number of failed starts after the upgrade, the version of the component, the error code, the ID of the type of update task, the status code of the software after the update, the date and time the statistics is sent

The application also processes and stores the following personal data displayed in the application interface:

• Email address used to connect to My Kaspersky
• Website addresses that were added to the exclusions (displayed in the Safe Browsing, Private Browsing, Safe Money settings, and in the Reports window)
• License data
• Hashes of passwords
• Hashes of email addresses

This data is stored locally in a non-modified form and can be viewed under any user account on the computer.

1. In the menu bar, click the application icon and choose Settings.

   The application settings window opens.

2. On the KSN tab, in the Improved protection section, click Show KSN Statement.
3. If you don't want to participate in Kaspersky Security Network, deselect the Participate in Kaspersky Security Network checkbox.