DATA CONTROLLER INFORMATION
AO Kaspersky Lab, located at address: 39A/3 Leningradskoe Shosse, Moscow 125212, Russian Federation (“Kaspersky”, “Kaspersky Lab”, “KL” or “we”).
If you have any questions about Kaspersky Lab's privacy practices or if you would like us to update information or preferences you provided to us, please contact us directly.
WHAT IS YOUR PERSONAL DATA
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
WHY WE PROCESS YOUR PERSONAL DATA
We use your personal data for the following purposes:
- Provide you with support service.
- Improve our service quality and/or to better understand requests by comparison with previous chats.
THE CATEGORIES OF PERSONAL DATA
We process the following categories of your data:
- Email address
- Static IP address
- Time and date of customer service contact through a call, chat, email, ticket
- Content data of call, chat, email, ticket
- You phone number (only in case of support by phone)
- Recordings of customer calls
- Uploaded files
- Names of devices that are attached to My Kaspersky
- Activation code, license number of Kaspersky products
- Bank account number, if it is necessary to refund a purchase via bank transfer
- Billing address
- First 6 and last 4 digits of your credit card
- Order-related information from Kaspersky e-stores
- Country and geolocation
- Social media usernames on Twitter/Facebook/Google Play Store/Apple App Store/Huawei store (in case of requests through these social platforms)
We obtain your personal data from you directly.
WHAT IS OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our lawful basis for processing your personal data:
- Processing is necessary for the performance of a contract between Kaspersky and the data subject.
SHARING YOUR PERSONAL DATA
We may disclose your personal data:
- Within the Group of Companies Kaspersky Lab with strict access policy rights.
- To External Providers of Support Services.
Your personal data will be treated as strictly confidential and will only be shared with Service Providers that provide us with IT and system administration services.
In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose.
HOW LONG DO WE KEEP YOUR PERSONAL DATA
We keep your personal data for no longer than reasonably necessary to achieve the purposes they are processed for.
WE DO NOT SELL YOUR PERSONAL DATA
YOUR RIGHTS AND YOUR PERSONAL DATA
We inform you that you have certain rights regarding the personal data we maintain about you:
- Right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data, and your rights.
- Right of access. You have the right to request information about how we use your personal data. In addition, you can request to receive a copy of the Personal Data we process about you and to check that we are lawfully processing it.
- Right to rectification. You can request correction of the personal data that we process about you.
- Right to erasure (Right to be forgotten). This enables you to ask us to delete or remove your personal data where there is no good reason, such as statutory retention periods, for us continuing to process it.
- Right of restriction of processing. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Right to data portability. Insofar as the processing of your personal data is based on your consent or on a contract, you may request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and to have the personal data transmitted to another controller.
- Right to withdraw data protection consent. If you have given us your consent to the processing of your personal data, you may withdraw the consent at any time with effect for the future. This does not affect the lawfulness of the processing of your personal data before the withdrawal of the consent.
- Right to complain. You have the right to contact the data protection authority of your country in order to lodge a complaint against our data protection and privacy practices.
HOW TO EXERCISE YOUR RIGHTS
If you wish to exercise these rights, you may at any time contact us directly.
Principally, you will not have to pay a fee to access your personal data (or to exercise any of the other rights).
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you would like to make a complaint regarding this Privacy Statement or our practices in relation to your personal data, please contact us.
If you consider that the processing of personal data relating to you infringes applicable data protection law, you have the right to lodge a complaint with the competent supervisory authority at any time. Which supervisory authority has competence for your complaint can depend on the country where you reside.