• Kaspersky 25
• Kaspersky 24
• Kaspersky 23
• Kaspersky 22

You agree to automatically provide the information indicated below via the software installed by you, copyrighted to AO Kaspersky Lab (hereinafter Kaspersky, the Rightholder), to Kaspersky for the following purposes:

• to enhance the protection of information and improve the quality of the Software and services,
• to identify new information security threats and their sources, enhance the operational protection of Users of the Software, and improve the quality of the product.

Kaspersky Standard

• Information on interaction with Web portal: flag indicating whether the Software is connected to Web-Portal; Web-Portal account ID; computer name on the network (domain name); unique device ID; type of the installed Software; one-time password for device registration on Web-Portal; unique device ID on Web-Portal; user ID issued after successful user authentication on Web-Portal; data to receive an authentication token for the session; token type; one-time password for automatically connecting the Software downloaded from the Web-Portal account; user login for the Web-Portal account; ID of the CAPTCHA requested during Web-Portal authentication; type of the CAPTCHA requested during Web-Portal authentication; user response for the CAPTCHA requested during Web-Portal authentication; password of the user account on Web-Portal; one-time code for Web-Portal authentication; context of the authentication on the Web-Portal via the Software.
• Information about the license and other agreements: current status of the Software subscription; ID of the information model used to provide the Software license; Software license ID; order number through which the Software license was purchased; Software license data for user group identification based on additional settings of the subscription license; Software subscription type; type of legal agreement accepted by the user while using the Software; version of the legal agreement accepted by the user while using the Software; serial number of the Software license key; type of the license used to activate the Software; Software license expiration date and time; information about trial version of Software; status of the license used by the Software; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; ID of the country of the partner that sold the Software license; full name of the partner organization through which the Software license order was placed; reason of current/changing status of Software subscription; type of Software license used; Software subscription expiration date and time; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; order number of the purchase of the Software license from the partner; Software license term; ID of the price list item through which the Software license was purchased; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; current status of the Software license key; Software activation code; information about Software activation errors; Software license header; flag indicating whether the user agrees to provide his/her email address to receive personalized marketing offers; checksum of the Software key file; checksum of the Software activation code; Software license ticket checksum; Software activation date and time; license expiration date; data on the license ticket sequence's link to the user account; current license ticket ID; Software license ticket version; Software license ticket creation date and time; Software activation code version; ID of the certificate used to sign the Software license ticket header; license identifier; Software activation date; current subscription state; subscription expiration date; order price ID when purchasing the license; ID of the data schema used by the subscription provider; order number used by the partner; flag indicating whether the subscription is in a grace period; cause of the current subscription state/change; customer name; type of license used; country where the partner is located; license validity period; order number when purchasing the license; full name of the partner from whom the license was purchased; Software activation error category; Software activation error code; number of days since Software activation; number of days since Software license key expiration; number of days till Software license expiration; date and time when the user accepted the agreement terms while using the Software.
• Information about the user: data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Web-Portal account ID.
• Information about the User environment: browser type; browser version; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS type (server, workstation, domain controller); OS ID; OS edition; version of the operating system installed on the user's computer; OS Service Pack version; operating system bit version; Wi-Fi network ID based on the MAC address of the access point; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; connection types supported by the Wi-Fi access point; checksum (MD5 with salt) of the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network encryption type; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network authentication type; URL of the service used to access the internet; Wi-Fi network name; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network SSID.
• Information about the use of Kaspersky Security Network (KSN): Software ID; result of the Software action; error code; Software component ID; version of list of revoked Software service's decisions; flag indicating whether the user has accepted the terms of participation in KSN; format of the data in the request to Rightholder's infrastructure; flag indicating whether participation in KSN is enabled; delay of sending the statistics.
• Information about the use of the application user interface, information about User opinion about the software: web address being processed.
• Information about an object being processed: port number; contents of the digital certificate being processed; IP address; accessed IPv4 address of the web service; certificate type; web address being processed; digital certificate thumbprint of the scanned object and hashing algorithm; public key of the certificate; checksum of the user name; checksum of the object being processed; checksum type for the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum (MD5) of the object being processed; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered Software anti-virus databases record; accessed address of the web service (URL, IP); web address of the source of the web service request (referer); checksum (SHA256) of the object being processed; result of status check in KSN of an object being processed; size of the object being processed; path to the object being processed; name of the object being processed; checksum (MD5) of the object being processed; directory code; Advertising ID.
• Information about accessing a web service: link name; ID of the topic in the Software help; ID of the user of the Rightholder's website.
• Information about the Rightholder’s installed Software: version of the protocol of interaction between the Software and marketing messages; code of the partner organization associated with the Software rebranding; full version of the Software; Software rebranding ID; Software localization; Software activation date; Software ID; type of the installed Software; Software update ID; Software installation ID (PCID); Software component name; user story type; reason for disconnecting from Web-Portal; Software ID derived from the license; version of the Software's component; country code; country code according to ISO 3166-1 alpha-2; OS locale; ID of a regional activation center; configuration identifier; Software ID; Software rebranding code; list of IDs of requested content; Software group; web address being processed; ID of the Software update start; installation type (new installation, update); full name of the partner organization through which the Software license order was placed; types of third-party software selected to be installed during installation of the Software; Software installation/uninstallation status; duration of Software installation in seconds; types of third-party software offered to be installed during installation of the Software; flag indicating whether the installation was aborted by the user; installation error code; types of third-party software installed during installation of the Software; installation date and time for the Software; flag indicating whether the Software is connected to Web-Portal; ID of the licensed Software; serial number of the Software license key; identifier of the partner organization via which the Software license order was placed; technical specifications of the applied detection technologies.
• Information about the device: unique device ID; operating system bit version; OS ID; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; device ID; OS type (server, workstation, domain controller); computer name on the network (domain name); computer category; version of the operating system; OS bit size; operating system family; device model; OS Service Pack version; OS build number; extended information about the OS edition; OS edition; additional information about OS features; flag indicating whether a Windows partition is available; version of the operating system installed on the user's computer; device type (laptop, desktop, tablet); web address being processed.

In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Google, Facebook, Apple, Yandex, or VK account, the Rightholder needs to receive from Your device and process the following data:

• Software ID; URI to which the identity provider's response is sent; parameters requested from the identity provider; token type; value generated for request verification; name of the identity provider; authorization code received from the Rightholder's infrastructure; format of parameters requested from the identity provider; hash of the value generated for request verification; hash algorithm for the value generated for request verification.

  Note: The list of third-party services that are available for signing in to My Kaspersky depends on your region. For more details on restrictions in Russia, please see this article (available only in English and Russian).

Kaspersky Plus or Kaspersky Premium

• Information on interaction with Web portal: flag indicating whether the Software is connected to Web-Portal; Web-Portal account ID; computer name on the network (domain name); unique device ID; type of the installed Software; one-time password for device registration on Web-Portal; unique device ID on Web-Portal; user ID issued after successful user authentication on Web-Portal; data to receive an authentication token for the session; token type; one-time password for automatically connecting the Software downloaded from the Web-Portal account; user login for the Web-Portal account; ID of the CAPTCHA requested during Web-Portal authentication; type of the CAPTCHA requested during Web-Portal authentication; user response for the CAPTCHA requested during Web-Portal authentication; password of the user account on Web-Portal; one-time code for Web-Portal authentication; context of the authentication on the Web-Portal via the Software.
• Information about the license and other agreements: current status of the Software subscription; ID of the information model used to provide the Software license; Software license ID; order number through which the Software license was purchased; Software license data for user group identification based on additional settings of the subscription license; Software subscription type; type of legal agreement accepted by the user while using the Software; version of the legal agreement accepted by the user while using the Software; serial number of the Software license key; type of the license used to activate the Software; Software license expiration date and time; information about trial version of Software; status of the license used by the Software; flag indicating whether the user has accepted the terms of the legal agreement while using the Software; ID of the country of the partner that sold the Software license; full name of the partner organization through which the Software license order was placed; reason of current/changing status of Software subscription; type of Software license used; Software subscription expiration date and time; data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; order number of the purchase of the Software license from the partner; Software license term; ID of the price list item through which the Software license was purchased; license data for user group identification based on additional settings of the subscription license; Software license data for user group identification based on additional settings of the subscription license; current status of the Software license key; Software activation code; information about Software activation errors; Software license header; flag indicating whether the user agrees to provide his/her email address to receive personalized marketing offers; checksum of the Software key file; checksum of the Software activation code; Software license ticket checksum; Software activation date and time; license expiration date; data on the license ticket sequence's link to the user account; current license ticket ID; Software license ticket version; Software license ticket creation date and time; Software activation code version; ID of the certificate used to sign the Software license ticket header; license identifier; Software activation date; current subscription state; subscription expiration date; order price ID when purchasing the license; ID of the data schema used by the subscription provider; order number used by the partner; flag indicating whether the subscription is in a grace period; cause of the current subscription state/change; customer name; type of license used; country where the partner is located; license validity period; order number when purchasing the license; full name of the partner from whom the license was purchased; Software activation error category; Software activation error code; number of days since Software activation; number of days since Software license key expiration; number of days till Software license expiration; date and time when the user accepted the agreement terms while using the Software.
• Information about the user: data about the license for identifying a group of users of the company that purchased the license by the comment in the license properties; Web-Portal account ID.
• Information about the User environment: browser type; browser version; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS type (server, workstation, domain controller); OS ID; OS edition; version of the operating system installed on the user's computer; OS Service Pack version; operating system bit version; Wi-Fi network ID based on the MAC address of the access point; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; connection types supported by the Wi-Fi access point; checksum (MD5 with salt) of the MAC address of the access point; Wi-Fi signal strength; Wi-Fi network encryption type; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network authentication type; URL of the service used to access the internet; Wi-Fi network name; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network SSID.
• Information about the use of Kaspersky Security Network (KSN): Software ID; result of the Software action; error code; Software component ID; version of list of revoked Software service's decisions; flag indicating whether the user has accepted the terms of participation in KSN; format of the data in the request to Rightholder's infrastructure; flag indicating whether participation in KSN is enabled; delay of sending the statistics.
• Information about the use of the application user interface, information about User opinion about the software: web address being processed.
• Information about an object being processed: port number; contents of the digital certificate being processed; IP address; accessed IPv4 address of the web service; certificate type; web address being processed; digital certificate thumbprint of the scanned object and hashing algorithm; public key of the certificate; checksum of the user name; checksum of the object being processed; checksum type for the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; checksum (MD5) of the object being processed; first 5 bytes of device MAC address; ID of the triggered record in the Software's anti-virus databases; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered Software anti-virus databases record; accessed address of the web service (URL, IP); web address of the source of the web service request (referer); checksum (SHA256) of the object being processed; result of status check in KSN of an object being processed; size of the object being processed; path to the object being processed; name of the object being processed; checksum (MD5) of the object being processed; directory code; Advertising ID.
• Information about accessing a web service: link name; ID of the topic in the Software help; ID of the user of the Rightholder's website.
• Information about the Rightholder’s installed Software: version of the protocol of interaction between the Software and marketing messages; code of the partner organization associated with the Software rebranding; full version of the Software; Software rebranding ID; Software localization; Software activation date; Software ID; type of the installed Software; Software update ID; Software installation ID (PCID); Software component name; user story type; reason for disconnecting from Web-Portal; Software ID derived from the license; version of the Software's component; country code; country code according to ISO 3166-1 alpha-2; OS locale; ID of a regional activation center; configuration identifier; Software ID; Software rebranding code; list of IDs of requested content; Software group; web address being processed; ID of the Software update start; installation type (new installation, update); full name of the partner organization through which the Software license order was placed; types of third-party software selected to be installed during installation of the Software; Software installation/uninstallation status; duration of Software installation in seconds; types of third-party software offered to be installed during installation of the Software; flag indicating whether the installation was aborted by the user; installation error code; types of third-party software installed during installation of the Software; installation date and time for the Software; flag indicating whether the Software is connected to Web-Portal; ID of the licensed Software; serial number of the Software license key; identifier of the partner organization via which the Software license order was placed; technical specifications of the applied detection technologies.
• Information about the device: unique device ID; operating system bit version; OS ID; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; device ID; OS type (server, workstation, domain controller); computer name on the network (domain name); computer category; version of the operating system; OS bit size; operating system family; device model; OS Service Pack version; OS build number; extended information about the OS edition; OS edition; additional information about OS features; flag indicating whether a Windows partition is available; version of the operating system installed on the user's computer; device type (laptop, desktop, tablet); web address being processed.

In addition to the information mentioned above, in case of signing in to the Web-Portal using Your Google, Facebook, Apple, Yandex, or VK account, the Rightholder needs to receive from Your device and process the following data:

• Software ID; URI to which the identity provider's response is sent; parameters requested from the identity provider; token type; value generated for request verification; name of the identity provider; authorization code received from the Rightholder's infrastructure; format of parameters requested from the identity provider; hash of the value generated for request verification; hash generating algorithm for the value generated for request verification.

  Note: The list of third-party services that are available for signing in to My Kaspersky depends on your region. For more details on restrictions in Russia, please see this article (available only in English and Russian).

The information received will be protected by the Rightholder in accordance with established legal requirements and is required to ensure the operation of the software licensed by you.

Kaspersky may use the statistical data obtained, generated based on the information received, to monitor trends in the field of computer security threats and to publish the corresponding reports.

In order to increase the Software's speed of reaction to information and network security threats, to prevent incidents and investigate those that do occur as well as to improve the quality of Kaspersky products, the User agrees to provide the following information:

Kaspersky Standard

• Information on interaction with Web portal: code of the error category; token type; token used for authentication in the Rightholder's services; unique request ID to the Rightholder services; error code; total duration of request processing; token TTL; type of the installed Software; path to the object being processed; line number of the source file in the exception handler; response status of the Rightholder's service.
• Information about the user: type of the user that performs the action with the weak security setting.
• Information about the User environment: OS ID; OS edition; version of the operating system installed on the user's computer; OS Service Pack version; operating system bit version; browser version; browser type; flag indicating whether the device is plugged in; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; list of available Wi-Fi networks and their settings; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network name; local time of the start and end of the Wi-Fi network connection; detected device type; status of VPN client settings; user's choice regarding controlling device connections to the home Wi-Fi network; network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); network category specified in Kaspersky VPN Secure Connection (home, work, public); Wi-Fi signal strength; checksum (MD5 with salt) of the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network encryption type; flag indicating whether the DNS domain exists; user classification of the Wi-Fi network; ID of the key from the keystore used for encryption.
• Information about the operation of the Safe Money component: indicator of presence of web address in the Safe Money database; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; actions performed with the web address in the Software settings; web address being processed; web address of the source of the web service request (referer); indicator of remembered choice of action location for the web service.
• Information about the use of Kaspersky Security Network (KSN): source of the decision made for the object being processed; protocol used to exchange data with KSN; Software database record ID; version of the statistics being sent; detect characteristics; notification type, that triggered the statistic sending; temporal distribution of unsuccessful KSN transactions; number of unsuccessful KSN connections; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; temporal distribution of successful KSN connections; number of unsuccessful KSN transactions; number of successful KSN transactions; temporal distribution of unsuccessful KSN connections; temporal distribution of requests to KSN that timed out; temporal distribution of successful requests to KSN; number of new KSN connections; temporal distribution of successful KSN transactions; number of KSN connections taken from the cache; ID of the KSN service accessed by the Software; number of unsuccessful requests to KSN caused by routing errors; total number of requests to KSN; temporal distribution of canceled requests to KSN; number of requests for which a response was found in the local request database; date and time when statistics stopped being received; number of successful KSN connections; date and time when statistics started being received; statistics message type; object time in the buffer; error code.
• Information about an object being processed: object being processed; checksum of the object being processed; fragment content of the object being processed; checksum type for the object being processed; source of the decision made for the object being processed; size of the object being processed; checksum of the object being processed; Software verdict on the object being processed; fragment order in the object being processed; objects or its parts being processed; file of the web page being processed; fragment content of the object being processed; file of the email message being processed; ID of the key from the keystore used for encryption; logon session key; encryption algorithm for the logon session key; ID of the account under which the controlled process was started; timestamp of the Software databases; certificate issuer name; date and time of creating an object being processed; algorithm for calculating the digital certificate thumbprint; public key of the certificate; parent application name; description of an object being processed as defined in the object properties; certificate serial number; path to the object being processed; name of the object being processed; date and time when the certificate was issued; calculation algorithm of public key of the certificate; date and time of the last modification of the object being processed; version of the object being processed; date and time of signing the object; checksum (MD5) of the object being processed; digital certificate thumbprint of the scanned object and hashing algorithm; date and time when the certificate expires; checksum (SHA256) of the object being processed; information about file signature check results; format of the object being processed; certificate owner name and settings; Software vendor name; data of the internal log, generated by the anti-virus Software module for an object being processed; storage time for object being processed; type of the triggered Software anti-virus databases record; web address being processed; timestamp of the triggered record in the Software's anti-virus databases; ID of the triggered record in the Software's anti-virus databases; web address of the source of the web service request (referer); confidence of detecting access to the phishing web service; weight of the detected access to the phishing web service; debug detection indicator; phishing attack target; information on who signed the file being processed; date and time of linking the executable file; accessed IPv4 address of the web service; entropy of the file being processed; attributes of executable file being processed; result of status check in KSN of an object being processed; names of the packers that packed the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; flag indicating an application which runs automatically at startup; command line; flag indicating whether the object being processed is a PE file; detect characteristics; date and time of creating an executable file being processed; directory code; result of certificate verification; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking; object type code; ID of the task in which detection was performed; checksum (MD5) of the object being processed; release date and time of the Software's databases; protocol ID; source of the web-traffic being processed: local host or remote host; detect location within the web traffic being processed; direction of a network connection; IP address of the attacker; local port that was attacked; vulnerability danger class; vulnerability ID; trust indicator of the processed object according to KSN; line number of the source file in the exception handler; protocol processing error type; flag indication, describing the source of the web-traffic being processed (server or client); type of the triggered Software anti-virus databases record; accessed address of the web service (URL, IP); checksum (MD5) of the mask that blocked the web service; accessed IPv6 address of the web service; number of the detected software in the System Watcher context; date and time of detecting software by System Watcher; reason of detecting software by System Watcher; number of software runs since the last time the file checksum was sent; result of the module integrity check; type of the decision on a web address being processed.
• Information about accessing a web service: accessed IPv6 address of the web service; accessed IPv4 address of the web service; type of client used to access the web service; web address of the source of the web service request (referer); DNS address of the web service being accessed; information about the client that uses a network protocol (user agent); host source; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; text of the error message; web address being processed; error type; http request method; error code; logon session key; encryption algorithm for the logon session key; reason for blocking access to the web service; category of reason for blocking access to the web service; accessed IPv4 address of the web service; accessed IPv6 address of the web service; web address being processed.
• Information about the Rightholder's installed Software: full version of the Software; type of the installed Software; Software update ID; Software installation ID (PCID); release date and time of the Software's databases; version of the Software's component; timestamp of the Software databases; attribute of an object being processed, that allowed to recall the false positive decision on the object; update task type; Software health status after update; error code of the update task; version of the updater component; number of update installation error for the updater component; number of failed update installations for the updater component; full version of the Software before update; text of the error message; type of the triggered Software anti-virus databases record; timestamp of the triggered record in the Software's anti-virus databases; result of the task of scanning weak security settings; type of scan task that detected the weak setting; Software database record version; ID of the triggered record in the Software's anti-virus databases; version of the Software's component.
• Information about the device: device ID; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS Service Pack version; OS error code; action performed with the detected weak security setting; ID of the weak security setting.

  Kaspersky Plus or Kaspersky Premium

• Information on interaction with Web portal: code of the error category; token type; token used for authentication in the Rightholder's services; unique request ID to the Rightholder services; error code; total duration of request processing; token TTL; type of the installed Software; path to the object being processed; line number of the source file in the exception handler; response status of the Rightholder's service.
• Information about the user: type of the user that performs the action with the weak security setting.
• Information about the User environment: OS ID; OS edition; version of the operating system installed on the user's computer; OS Service Pack version; operating system bit version; browser version; browser type; flag indicating whether the device is plugged in; DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6; checksum of network prefix length; checksum of local address IPv6); DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; list of available Wi-Fi networks and their settings; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network name; local time of the start and end of the Wi-Fi network connection; detected device type; status of VPN client settings; user's choice regarding controlling device connections to the home Wi-Fi network; network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); network category specified in Kaspersky VPN Secure Connection (home, work, public); Wi-Fi signal strength; checksum (MD5 with salt) of the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network encryption type; flag indicating whether the DNS domain exists; user classification of the Wi-Fi network; ID of the key from the keystore used for encryption.
• Information about the operation of the Safe Money component: indicator of presence of web address in the Safe Money database; indicator of action location when starting protected browser in Safe Money; start mode of the Safe Money component for the web service; actions performed with the web address in the Software settings; web address being processed; web address of the source of the web service request (referer); indicator of remembered choice of action location for the web service.
• Information about the use of Kaspersky Security Network (KSN): source of the decision made for the object being processed; protocol used to exchange data with KSN; Software database record ID; version of the statistics being sent; detect characteristics; notification type, that triggered the statistic sending; temporal distribution of unsuccessful KSN transactions; number of unsuccessful KSN connections; number of unsuccessful requests caused by KSN being disabled in the Software settings; number of unsuccessful requests to KSN caused by network problems; temporal distribution of successful KSN connections; number of unsuccessful KSN transactions; number of successful KSN transactions; temporal distribution of unsuccessful KSN connections; temporal distribution of requests to KSN that timed out; temporal distribution of successful requests to KSN; number of new KSN connections; temporal distribution of successful KSN transactions; number of KSN connections taken from the cache; ID of the KSN service accessed by the Software; number of unsuccessful requests to KSN caused by routing errors; total number of requests to KSN; temporal distribution of canceled requests to KSN; number of requests for which a response was found in the local request database; date and time when statistics stopped being received; number of successful KSN connections; date and time when statistics started being received; statistics message type; object time in the buffer; error code.
• Information about an object being processed: fragment content of the object being processed; checksum type for the object being processed; source of the decision made for the object being processed; size of the object being processed; checksum of the object being processed; Software verdict on the object being processed; fragment order in the object being processed; objects or its parts being processed; file of the web page being processed; fragment content of the object being processed; file of the email message being processed; ID of the key from the keystore used for encryption; logon session key; encryption algorithm for the logon session key; ID of the account under which the controlled process was started; timestamp of the Software databases; certificate issuer name; date and time of creating an object being processed; algorithm for calculating the digital certificate thumbprint; public key of the certificate; parent application name; description of an object being processed as defined in the object properties; certificate serial number; path to the object being processed; name of the object being processed; date and time when the certificate was issued; calculation algorithm of public key of the certificate; date and time of the last modification of the object being processed; version of the object being processed; date and time of signing the object; checksum (MD5) of the object being processed; digital certificate thumbprint of the scanned object and hashing algorithm; date and time when the certificate expires; checksum (SHA256) of the object being processed; information about file signature check results; format of the object being processed; certificate owner name and settings; Software vendor name; data of the internal log, generated by the anti-virus Software module for an object being processed; storage time for object being processed; type of the triggered Software anti-virus databases record; web address being processed; timestamp of the triggered record in the Software's anti-virus databases; ID of the triggered record in the Software's anti-virus databases; web address of the source of the web service request (referer); confidence of detecting access to the phishing web service; weight of the detected access to the phishing web service; debug detection indicator; phishing attack target; information on who signed the file being processed; date and time of linking the executable file; accessed IPv4 address of the web service; entropy of the file being processed; attributes of executable file being processed; result of status check in KSN of an object being processed; names of the packers that packed the object being processed; name of the detected malware or legitimate software that can be used to damage the user's device or data; flag indicating an application which runs automatically at startup; command line; flag indicating whether the object being processed is a PE file; detect characteristics; date and time of creating an executable file being processed; directory code; result of certificate verification; category of the service that provides user behavior tracking, specified in the Software settings; name of the service that provides user behavior tracking; object type code; ID of the task in which detection was performed; checksum (MD5) of the object being processed; data of the intercepted DHCP package from the device; release date and time of the Software's databases; protocol ID; source of the web-traffic being processed: local host or remote host; detect location within the web traffic being processed; direction of a network connection; IP address of the attacker; local port that was attacked; vulnerability danger class; vulnerability ID; trust indicator of the processed object according to KSN; line number of the source file in the exception handler; protocol processing error type; flag indication, describing the source of the web-traffic being processed (server or client); type of the triggered Software anti-virus databases record; accessed address of the web service (URL, IP); checksum (MD5) of the mask that blocked the web service; accessed IPv6 address of the web service; number of the detected software in the System Watcher context; date and time of detecting software by System Watcher; reason of detecting software by System Watcher; number of software runs since the last time the file checksum was sent; checksum type for the object being processed; checksum (SHA256) of the object being processed; size of the object being processed; Software verdict on the object being processed; source of the decision made for the object being processed; checksum of the object being processed; result of the module integrity check; type of the decision on a web address being processed; web address being processed.
• Information about accessing a web service: accessed IPv6 address of the web service; accessed IPv4 address of the web service; type of client used to access the web service; web address of the source of the web service request (referer); DNS address of the web service being accessed; information about the client that uses a network protocol (user agent); host source; indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; text of the error message; web address being processed; error type; http request method; error code; logon session key; encryption algorithm for the logon session key; reason for blocking access to the web service; category of reason for blocking access to the web service; accessed IPv4 address of the web service; accessed IPv6 address of the web service.
• Information about the Rightholder's installed Software: full version of the Software; type of the installed Software; Software update ID; Software installation ID (PCID); release date and time of the Software's databases; version of the Software's component; timestamp of the Software databases; attribute of an object being processed, that allowed to recall the false positive decision on the object; update task type; Software health status after update; error code of the update task; version of the updater component; number of update installation error for the updater component; number of failed update installations for the updater component; full version of the Software before update; text of the error message; type of the triggered Software anti-virus databases record; timestamp of the triggered record in the Software's anti-virus databases; result of the task of scanning weak security settings; type of scan task that detected the weak setting; Software database record version; ID of the triggered record in the Software's anti-virus databases; version of the Software's component.
• Information about the device: device ID; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS Service Pack version; device type define method; device name define method; device type; method used to define vendor of the device or network card detection; number of symbols in the device name; vendor of the device or network card; flag indicating if detected host name is the same as user's host name; operating system family; OS family detection method; first 5 bytes of device MAC address; OS error code; action performed with the detected weak security setting; ID of the weak security setting.

The Kaspersky Security Network service may process and submit whole files, for example, objects detected through malicious links which might be used by criminals to harm your computer and/or their parts, to Kaspersky for additional examination.

Additionally, to prevent incidents and investigate those that do occur, trusted executable and non-executable files, application activity reports, portions of the computer's RAM, and the operating system's boot sector may be sent, as well as the following information about files and processes:

• The names and paths of the files that were accessed by the process.
• URL- and IP addresses that were accessed by the process.
• URL- and IP addresses from which the running file was downloaded.

Kaspersky protects the information received in accordance with applicable governing law and Kaspersky rules. Data is transmitted over a secure channel.

Files (or their parts) that may be exploited by intruders to harm the computer or data may be also sent to Kaspersky to be examined additionally.

You agree to submit the following information for the purpose of application identification during database and module updates:

• Software ID (AppID)
• Active license ID
• Unique Software installation ID (InstallationID)
• Unique Update task launch ID (SessionID)
• Version of Software (BuildInfo)
• Information about updating the Updater component: unsuccessful update tasks, the number of failed starts after the upgrade, the version of the component, the error code, the ID of the type of update task, the status code of the software after the update, the date and time the statistics is sent

The application also processes and stores the following personal data displayed in the application interface:

• Email address used to connect to My Kaspersky
• Website addresses that were added to the exclusions (displayed in the Safe Browsing, Private Browsing, Safe Money settings, and in the Reports window)
• License data
• Hashes of passwords
• Hashes of email addresses

This data is stored locally in a non-modified form and can be viewed under any user account on the computer.

1. In the menu bar, click the application icon and choose Settings.

   The application settings window opens.

2. On the KSN tab, in the Improved protection section, click Show KSN Statement.
3. If you don't want to participate in Kaspersky Security Network, deselect the Participate in Kaspersky Security Network checkbox.