Data provision

The terms and conditions of the End User License Agreement describe the data processed automatically to provide the proper application operation. The right holder processes the provided data in accordance with the Privacy Policy describing, in particular, data protection measures, processing locations, and data subjects' rights. In certain countries, some of the provided data can be categorized as personal data according to the legislation.

The application does not send users' personal data to Kaspersky. Users' personal data is processed on the computers on which the application components are installed.

The application processes and saves the following data related to users' personal data:

• Names of user accounts that were created in the application (application users).
• IP addresses or names of computers with application components installed.
• IP addresses, MAC addresses, and other device information received by the application.
• Data on address spaces and subnets.
• Data on industrial process settings in Process Control rules.
• IP address or name of the computer hosting Kaspersky Security Center.
• IP addresses or names of computers that connect to the application through connectors.
• Email addresses of recipients indicated in email connectors and in report templates.
• Data in generated application reports.
• Data in industrial network traffic transmitted between devices and containing users' personal data (this data is processed by the application together with other data when analyzing industrial network traffic).
• Data on detected risks that could affect industrial system resources.
• Data on possibly infected objects or potential threats received from EPP applications and containing IP addresses, web addresses, and email addresses.
• Data on user accounts received from EPP applications.
• Application data received from EPP applications.

The listed data is processed for the purpose of analyzing process violations and for detecting network traffic anomalies and other threats that may be signs of attacks.

The application saves the received data in logs.

If the application administrator has configured forwarding of application data to recipient systems, the received data is processed and stored in the recipient system in accordance with its functionality and purpose.

If the application centralized installation script was used to create files for the purpose of providing information to Kaspersky Technical Support, the following data is saved in these files:

• Contents of folders used for storing application data:
  • Files of process logs for application components, the DBMS, and the Intrusion Detection system.
  • Files of working data of the Server and sensors.
  • Installation settings file created by the application centralized installation script.
  • Application message log and audit log.
• Security policy applied on the Server.
• Information about the current status of services that support the operation of application components:
  • kics4net
  • kics4net-postgresql
  • kics4net-webserver
  • kics4net-websensor
  • kics4net-epp-proxy
  • kics4net-connectors-launcher
  • klnagent
• Information about the version and distribution package of the operating system on computers that have application components installed (the uname -a command is used for receiving information).
• Information about the network interfaces on computers that have application components installed (the ifconfig command is used for receiving information).
• Entries saved by the auditd service in the file /var/log/audit/audit.log.
• Settings, status, and operating mode of the firewall in the operating system.
• If the corresponding settings are defined, the following files and data are also saved when running the application centralized installation script:
  • Traffic dump files.
  • Data on the Intrusion Detection system configuration.
  • Data on the certificates used in Kaspersky Industrial CyberSecurity for Networks (except certificates that were published by trusted certificate authorities).

The application does not monitor access to the installation settings file created by the application centralized installation script. However, the application does track startups of application components and other connections to the Server that involve verification of user credentials.

When receiving updates from Kaspersky servers, the application transmits data necessary for automatic selection of relevant updates. Transmitted data does not contain any personal data of users. The application transmits the following data:

• Version of Kaspersky Industrial CyberSecurity for Networks.
• Localization language code of components of Kaspersky Industrial CyberSecurity for Networks.
• IDs of updated elements.
• Kaspersky Industrial CyberSecurity for Networks installation ID.
• ID of the type, version and bit rate of the operating system.

Any received information is protected by Kaspersky in accordance with the requirements established by law and in accordance with current regulations of Kaspersky. Data is transmitted over encrypted communication channels.