Working with personal data of users
May 15, 2024
ID 172387
Kaspersky Security processes the following personal data of users to perform its basic functions:
- Active Directory accounts.
The application checks Active Directory accounts to implement the role-based user access control for the application features and services.
- Contents of files downloaded from / uploaded to SharePoint servers, and contents of blogs and wiki pages on SharePoint.
The application checks the listed objects to provide anti-virus protection, anti-phishing protection, content filtering, and data leak prevention in accordance with the defined settings.
The original objects that have triggered one of the protection components are saved in the application database. This enables to restore deleted objects via Backup.
Texts contained in processed objects may be saved on the Security Server if the administrator has enabled detailed logging of events to application logs. This information can be used to provide technical support.
- Metadata of Backup objects.
The metadata of objects that have triggered one of the protection components is saved in the application database. This enables to restore deleted objects via Backup.
Metadata of objects may be transmitted to Kaspersky Security Center as part of information on application events if your organization uses this software solution.
Metadata of objects is also saved in the application log, which is required for provision of technical support.
Metadata of Backup objects may contain the following personal data of users:
- Account name and user name of the user who performed the operation that resulted in the file being placed in Backup.
- Account name and email address of the file creator.
- Account name and email address of the user who made the latest modifications to the file.
- File name
- File path.
The listed data is also saved in the file named backup.csv when the list of Backup objects is exported.
- Email addresses of the recipients of notifications and reports.
The email addresses of the recipients of notifications and reports about application operation are saved in the application database along with other values of protection settings.
- Details of incidents associated with the violation of data leak prevention (DLP) policies.
Details of incidents are stored in the application database and logs.
Depending on the defined settings, incidents may contain personal data of any type. By default, the "Statistics by users" report indicates the names of user accounts that have violated DLP policies.
- Personal data contained in application settings.
Application settings are saved in the application database, in application logs, and in the Windows Event Log. Depending on the modifications that were made, this information may contain the following personal data of users:
- Account names of users who modified application settings.
- Account names, email addresses, and user names of users who performed actions with files or web objects of SharePoint.
- Account names of users for whom DLP policies have been set, and of users who have been excluded from a policy scope.
- Any other personal data specified by the security officer in the settings of DLP categories and policies.
- Organization representative information.
Information on the contact person of the organization that signed the End User License Agreement is used to validate the license. Depending on the application configuration, such information is stored either in Active Directory or locally on the Security Server.
The table below presents the specifics of storing the listed data.
Specifics of storing personal data of users in Kaspersky Security
Component that uses personal data | Data storage location | Data storage period | Data security |
|---|---|---|---|
Configuration files | <Application setup folder>\Configuration | Indefinite. |
When working with the Kaspersky Security Management Console, data is secured through role-based restrictions of user access to functions and services of the application. The Kaspersky Security administrator and security officer must personally ensure the security of this data. |
SQL database specified during application installation. | Indefinite, unless otherwise restricted by the SQL server administrator. | ||
Backup | SQL database specified during application installation. | Indefinite, unless otherwise restricted by the Kaspersky Security administrator or SQL server administrator. | |
Application reports and statistics | SQL database specified during application installation. | Indefinite, unless otherwise restricted by the SQL server administrator. | |
Reports in viewing mode | %Temp% | Until the application is restarted. | |
Audit and event log | <Application setup folder>\logs | 365 days, unless a different value is set by the Kaspersky Security administrator. | |
DLP Module (settings of categories and policies, incidents) | SQL database specified during application installation. | Indefinite, unless otherwise restricted by the SQL server administrator. | |
Temporary files | %Temp% <Application setup folder>\data\temp | Until the application is restarted or until termination of the operation that is using temporary files. |
You can restrict handling of personal data of users by the application as follows:
- Change the storage term for application logs.
- Configure automatic purging of Backup or manually purge it when necessary.
- Remove objects from Backup.
- Monitor the list of recipients of notifications and reports about application operation.
- Monitor the operation of the DLP Module.
- If you need to change the contact person of your organization, please contact the license provider.
