Kaspersky Security processes the following personal data of users to perform its basic functions:
The application checks Active Directory accounts to implement the role-based user access control for the application features and services.
The application scans E-mail messages, including attached objects, to provide anti-virus protection, filter attachments as well as to provide anti-spam and anti-fishing protection according to the pre-defined settings.
Original messages that initiated an alert of one of the protection components are saved in the Security Server file system. This enables to restore deleted objects via Backup.
E-mail metadata (fields From, To, Subject) that initiated an alert of one of the protection components are saved in the application database. This enables to restore deleted objects via Backup.
E-mail metadata can be sent to Kaspersky Security Center as part of information on application events if your organization uses this software solution.
E-mail metadata is also saved in the application log, which is required to provide technical support.
E-mail addresses excluded by the administrator from scanning are saved in Active Directory together with other protection settings.
The application saves the names of mailboxes selected for background scan to ensure correctness of scanning.
Any configuration change information is saved in the application logs and in the Windows event log. Depending on introduced changes, such information can include e-mail addresses excluded from scanning and the names of mailboxes selected for background scan.
Similar information may be contained in the application configuration export file (*.kseconfig).
Texts of processed email messages can be saved on the Security Server if the administrator has enabled detailed event logging for the application. This information can be used to provide technical support.
Information on the contact person of the organization that signed the End User License Agreement is used to validate the license. Depending on the application configuration, such information is stored either in Active Directory or locally on the Security Server.
The table below presents the specifics of storing the listed data.
Specifics of storing personal data of users in Kaspersky Security
Component that uses personal data |
Data storage location |
Data storage period |
Data security |
|---|---|---|---|
Configuration files |
<Application setup folder>\Configuration |
Indefinite. |
When working with the Kaspersky Security Management Console, data is secured through role-based restrictions of user access to functions and services of the application. The Kaspersky Security administrator must personally ensure the security of this data. |
Backup |
<Application setup folder>\data\store\persistent |
Indefinite, unless otherwise restricted by the Kaspersky Security administrator. |
|
Statistics and metadata of Backup objects |
SQL database specified during application installation. |
Indefinite, unless otherwise restricted by the SQL server administrator. |
|
Reports |
%Temp% |
Until the application is restarted. |
|
Audit and event log |
<Application setup folder>\logs |
365 days, unless a different value is set by the Kaspersky Security administrator. |
|
Temporary files |
%Temp% <Application setup folder>\data\temp |
Until the application is restarted or until termination of the operation that is using temporary files. |
You can restrict handling of personal data of users by the application as follows: