﻿KASPERSKY SECURITY NETWORK (KSN) STATEMENT

Kaspersky Security Network Statement (hereinafter "Statement") relates to Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud for Windows (hereinafter "Software").

All terms used in this Statement have the same meaning defined in the End User License Agreement (EULA) under the clause "Definitions".

Please carefully read the terms of this Statement, as well as all documents referred to in this Statement, before accepting it. If the Software is used within a legal entity or on the Computer used by several individuals, You must ensure that they have understood and accepted the conditions of this Statement before data processing begins.

Data Protection and Processing
The Rightholder handles the data it receives from the End User under this Statement in accordance with the Rightholder's Privacy Policy published at: https://www.kaspersky.com/Products-and-Services-Privacy-Policy.

Purpose of Data Processing
To make it possible to increase the Software's speed of reaction to information and network security threats. It is achieved by:
• Determining the reputation of scanned objects;
• Identifying information security threats that are new and challenging to detect, and their sources;
• Reducing the likelihood of false positives;
• Increasing the efficiency of Software components;
• Investigating of infection of a users computer;
• Improving the performance of the Rightholder's products.

Processed Data 
Certain data which is processed under this Statement could be considered personal data according to laws of some countries. With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement:
- Information about the Rightholder's installed Software: full version of the Software; Software update ID; type of installed Software; Software installation ID (PCID); Software ID; installation date and time for the Software; date and time of System Watcher start; Software localization; information about system memory usage by the Software; Software health status after update; indicator of interactive mode; reason for stopping protection; idle time of protection; Software component name; current status of the Software extension; name of the script, execution of which was interrupted by an error; number of the string in the script where the error has occurred; number of the character in the script string where the error has occurred; list of functions of the call stack where the error has occurred; notification type, that triggered the statistic sending; duration of software operation until the failure; name of method of detection of the software failure;

- Other information: protocol used to exchange data with KSN; version of KSN request about file reputation; version of the statistics being sent; date and time of receipt of the application request (GMT); debug detection indicator; protocol ID; object time in the buffer; statistics message type; date and time when statistics started being received; date and time when statistics stopped being received; number of successful connections to infrastructure service; number of unsuccessful connections to infrastructure service; number of successful transactions to infrastructure service; number of unsuccessful transactions to infrastructure service; temporal distribution of successful requests to infrastructure service; type of dump created by the Software; image name of the process the dump of which was detected by the Software; name of the module in which the failure probably occurred; date and time of dump creation; error type; name of subsystem in which the error occurred; error code; name of task in which the error occurred; type of statistics about unknown files; ID of the infrastructure service accessed by the Software; total number of requests to infrastructure service; number of requests to infrastructure services for which a response was found in the local request database; number of unsuccessful requests to infrastructure service caused by network problems; number of unsuccessful requests to infrastructure service caused by the Software settings; number of unsuccessful requests to infrastructure service caused by routing errors; temporal distribution of cancelled requests to infrastructure service; temporal distribution of requests to infrastructure service that timed out; ID of the KSN service accessed by the Software; temporal distribution of successful connections to infrastructure service; temporal distribution of unsuccessful connections to infrastructure service; temporal distribution of successful transactions to infrastructure service; temporal distribution of unsuccessful transactions to infrastructure service; number of connections to infrastructure service taken from the cache; number of new connections to infrastructure service; line number of the source file in the exception handler; protocol processing error type; text of the error message;

- Information about the User environment: Device Guard (windows) enablement status; external IP address; device ID; date and time of the OS launch; local port that was attacked; date and time of the BSOD or unexpected power off; full version of the OS kernel; ID of the account under which the controlled process was started; OS error code; additional information about OS features; additional information about CPU features; information about problems with third-party software; code intergrity options; current operating mode of software drivers; OS version supported by software drivers; OS version supported by software drivers; hypervisor support mode; a web-browser usage mode; CPU load level; disk load level; product delays time;

- Information about an object being processed: checksum (MD5) of the object being processed; checksum (SHA256) of the object being processed; checksum (MD5) of the object being processed; size of the object being processed; name of the object being processed; path to the object being processed; directory code; properties and check sums of the parts of the execution file; number of software runs since the last time the file checksum was sent; format of the object being processed; weight of the detected access to the phishing web service; phishing attack target; confidence of detecting access to the phishing web service; ID of the mail being scanned; name of the detected malware or legitimate software that can be used to damage the user's device or data; IP address of the attacker; detected network attack name; trust indicator of the processed object according to KSN; information about file signature check results; application image size; value of the subsystem attribute from the PE file header; value of the characteristics attribute from the PE file header; number of sections in the PE file; bit mask of the Data Directories section in the PE file; overlay size in the PE file; type of executable file scan task that sends statistics; emulation depth; emulator version; version of a certain compiler; entropy calculated over the first 4096 bytes of the section; entropy calculated over the last 4096 bytes of the section; zero value frequency calculated over the first 4096 bytes of the section; zero value frequency calculated over the last 4096 bytes of the section; numeric value frequency calculated over the first 4096 bytes of the section; numeric value frequency calculated over the last 4096 bytes of the section; 4-byte vector calculated over the first 4096 bytes of the section; 4-byte vector calculated over the last 4096 bytes of the section; virtual size of the PE file section; real size of the PE file section; DNS server response; IP address of the DNS server; time of DNS server response in the buffer; detect characteristics; the Software's decision on the object being processed; object type code; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; date and time of signing the object; certificate serial number; certificate issuer name; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; public key of the certificate; result of certificate verification; vulnerability ID; vulnerability danger class; ID of the task in which detection was performed; checksum type for the object being processed; checksum (SHA3) of an object being processed; type of the module being loaded; attributes that were assigned to an object being processed during scanning; date and time of linking the executable file; information on who signed the file being processed; names of the packers that packed the object being processed; entropy of the file being processed; date and time of creating an executable file being processed; attributes of executable file being processed; a flag indicating an application which runs automatically at startup; trust indicator of the module which integrity is checked by the Software; date and time of signing the module which integrity is checked by the Software; signer organization name; result of the module integrity check; flag indicating the presence of a signed timestamp in the digital certificate; digital certificate numerical order in the chain of trust; indicator showing whether the operation was allowed by self-defense; type of the program resource protected by self-defense, with which the operation is performed; name of the resource protected by self-defense, with which the operation is performed; name of operations performed to access the process; ID of the attacked software process; attributes of the process that attacked Software Self-Defense; sequence number of the script detected on the web page by the application; operation type of restoring object state; operation status of restoring object; information about object restoring error; version of the object being processed; information about failure in third-party software; name from the system log for the error occurred in third-party software; memory address with an offset, in which the third-party software failure occurred; duration of third-party software operation until the failure; checksum (SHA1) of an object being processed; date and time of signing the file; ID of the process into which the module was loaded; number of the module in the load queue since Software start; attribute of an object being processed, that allowed to recall the false positive decision on the object; trust group (system category) the file was moved to; trust group (system category) the file was moved from; reason for moving the file to the category;

- Information about local database update: the Software database record ID; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered record in the Software's anti-virus databases; release date and time of the Software's databases; ID of the triggered record in the Software's anti-virus databases; number of update-apply cycles for anti-virus databases; date and time of the most recent update and application of anti-virus databases; name of the original index file downloaded during the last update; date and time of downloading local original index file; number of failed update installations for the updater component; number of update installation error for the updater component; version of the updater component; number of files downloaded in one session from the update source; total size of information downloaded during update; average speed of interaction with the update source; type of usage error of the software update web server; the Software database record version; type of the triggered Software anti-virus databases record; update task type; error code of the update task; timestamp of the root index of available updates; timestamp of the root index of updates being downloaded; component name; timestamp of the update component (updated version); timestamp of the component (local version); code of the error category; result of the Software update installation; error code of software update installation; ID of the previous software update;

- Information about accessing a web service: type of client used to access the web service; web address of the source of the web service request (referer); DNS address of the web service being accessed; host source; information about the client that uses a network protocol (user agent); indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; accessed address of the web service (URL, IP);

- Information about the System Watcher component: code of the event that caused an event queue overflow while being processed by System Watcher; number of events that caused an event queue overflow while being processed by System Watcher; total number of queue overflows for events being processed by System Watcher; probability of sending statistics by System Watcher; code of the event that took longer than the standard time to process by System Watcher; processing time of the event that took longer than the standard time to process by System Watcher; database processing time of the event that took longer than the standard time to process by System Watcher; total number of events that took longer than the standard time to process by System Watcher; maximum allowed time for processing an event by System Watcher; date and time of received event of an action in the OS; processing delay time of the event about OS action in the persistent event storage subsystem; processing delay time of the event about OS action in the proactive defense subsystem; processing delay time of the event about OS action in the behavioral analysis subsystem; number of waiting synchronous OS action events; number of processed OS action events; number of processed synchronous OS action events; number of delayed OS action events of the current type; total delay of all OS action events of the current type; total delay of all OS action events; ID of the interception that was timed out while being processed in System Watcher; major and minor numbers of the interception filter that caused the interception that was timed out while being processed in System Watcher; type of the event that was timed out while being processed (klif/swmon); queue size of the System Watcher events that were timed out while being processed; time difference between the first event in the queue and the current event when sending statistics package by System Watcher; number of klif events that were timed out when sending statistics package by System Watcher; number of System Monitor events that were timed out when sending statistics package by System Watcher; date and time of detecting software by System Watcher; reason of detecting software by System Watcher; number of the detected software in the System Watcher context;

- Information about the license and other agreements: type of Software license used; Software license key creation date and time; Software activation date; Software key expiration date and time; number of devices/accounts covered by the Software license; serial number of the Software license key; Software license ID;

Additional information about detection:
- Information about running applications and their modules; information about processes running in the system (system process ID (PID); process name; account under which the process was started; the application or command that started the process; the full path to process files; the command string used to launch the process; a description of the software to which the process belongs (software name and publisher information); information about digital certificates used; information needed to verify their authenticity; information to the effect that the file does not have a digital signature); information about modules loaded into processes: their names; sizes; types; creation dates; attributes; checksums (MD5, SHA2-256, SHA1), and paths to them; header information of PE files; names of the packer (if the file was packed);
- If an object that can be used by criminals to damage the Computer or personal data has been detected, the transmission includes information about process memory data; elements of the hierarchy of system objects (ObjectManager); UEFI BIOS memory data; names of registry keys and their values;
- Information about system log events: event time; name of the log where the event has been detected; type and category of event; name of the event source and event description;
- Information about network connections: version and checksums (MD5, SHA2-256, SHA1) of the file of the process that opened the port; path to the process file and its digital signature; local and remote IP addresses; numbers of the local and remote connection ports; connection status; port opening time;
- Names and paths of the files that were accessed by the process; names of registry keys and their values that were accessed by the process; URL and IP addresses that were accessed by the process; URL and IP addresses from which the executable file was downloaded;
- Information about the versions of the operating system (OS) and service packs installed on the Computer; version and checksums (MD5, SHA2-256, SHA1) of the OS kernel file; parameters of the OS operating mode;
- Information about software installed on the Computer: software name and the name of its vendors; information about registry keys and their values; information about files of components of installed software (including checksums (MD5, SHA2-256, SHA1) of the file; file name; path to the file on the Computer; size; version; digital signature);
- Information about hardware installed on the Computer: type; name; model; version of firmware; parameters of integrated and plug-in devices;
- Information about the failed last OS reboot (number of failed reboots);

If software had been unloaded, the data are not transmitted but may be stored in a limited-size storage on the User's computer. Such data cannot be restored after software is removed. After software has loaded, such data will be relayed to Kaspersky Lab for the purposes mentioned above.

In order to increase the effectiveness of protection provided by the Software, the Rightholder may receive objects that could be exploited by intruders to harm the Computer and create information security threats. Such objects include: executable and non-executable files or their parts; portions of the Computer's RAM; sectors involved in the process of booting the OS; network traffic data packets; web pages and emails containing suspicious and malicious objects; description of the classes and instances of classes of the WMI repository; application activity reports.

Such application activity reports contain the following data about files and processes: the name, size and version of the file being send; its description and checksums (MD5, SHA2-256, SHA1); file format identifier; the name of the file's vendor; the product name to which the file belongs; full path on the Computer; template code of the file path; the creation and modification timestamps of the file; start and end date/time of the validity period of the certificate (if the file has a digital signature); the date and the time of the signature; the name of the issuer of the certificate; information about the certificate holder; the fingerprint; the certificate's public key and appropriate algorithms; the certificate's serial number;  the name of the account from which the process is running; checksums (MD5, SHA2-256, SHA1) of the name of the Computer on which the process is running; titles of the process windows; identifier for the anti-virus databases; name of the detected threat according to Rightholder's classification; data about the installed license; license identifier; license type and expiration date; local time of the Computer at the moment of the provision of information; names and paths of the files that were accessed by the process; names of registry keys and their values that were accessed by the process; URL and IP addresses that were accessed by the process; URL and IP addresses from which the running file was downloaded.

Also, in order to prevent false positives, the Rightholder may receive trusted executable and non-executable files or their parts.

Depending on the specific Software You use or switch to, additional data will also be processed.

If You use or switch to Kaspersky Internet Security, the following data will also be processed:
- Information about accessing a web service: type of the decision on a web address being processed; reason for blocking access to the web service; category of reason for blocking access to the web service; web address being processed; accessed IPv4 address of the web service; accessed IPv6 address of the web service; name of the service that provides user behavior tracking; category of the service that provides user behavior tracking, specified in the Software settings;
- Information about the Rightholder's installed Software: version of the Software's component; type of weakening of protection in Safe Money; extended code of weakening of protection in Safe Money; name and version number of the browser that runs in the protected mode; actions performed with the web address in the Software settings; start mode of the Safe Money component for the web service; indicator of presence of web address in the Safe Money database; indicator of remembered choice of action location for the web service; ID of the full version of the Installation Assistant component;
- Information about an object being processed: current protection level of browser in Safe Money; time until full launch of the protected browser by Safe Money; name and version number of the browser from which the protected browser was launched by Safe Money; launch type of the protected browser by Safe Money; result of the protected browser launch by Safe Money; result of the browser protection by Safe Money; information about software being updated; Software name; Software vendor name; full version of the Software before update; Software language ID; installation type of software update; Software update ID; localization ID of the Software update module; return code of the uninstallation process; command line; attribute signifying a violation of the integrity of the update file; Software installation/uninstallation status; list of image names of the processes that block software uninstallation; aggregated statistics of results of checking files against the offline KSN database; number of objects found to be trusted based on the explicit trusted signature; aggregated statistics of results of checking files against the online KSN database; number of files found to be trusted based on the signature; number of objects found to be trusted based on the trusted web address; number of objects found to be trusted based on the logic of trust inheritance from a trusted process; number of unknown objects for which a trusted or untrusted verdict has not been issued; number of objects that the user marked as trusted; number of objects with unique full path that were found to be unknown when determining trust status; number of objects with unique full path that were found to be untrusted when determining trust status; number of objects with unique full path that were found to be trusted when determining trust status; version ID of the Trusted Applications mode settings; stage ID of the Trusted Applications mode; indicator showing that software update is critical; user's choice regarding software update; string to uninstall the application update; update uninstallation result; result of processing the object in the task of searching for software recommended to remove; source of the installation date and time of the detected software; installation date and time of the detected software; date and time of the last use of the detected software; location of the object being processed on the disk; type of the detected third-party software; result (code) of checking application by the Trusted Applications component; web address to download the Software update; code of the error while downloading the update; location of the object being processed in Add/Remove Programs; string to uninstall the object being processed from the registry; bit mask of application categories in the application update component; object category in the application update component; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); indicator showing that the application is placed to exclusions; ID of shutdown type of the Installation Assistant component; type of pattern that triggered Installation Assistant; version of pattern that triggered Installation Assistant; type ID of the interface element in the application window; path to the interface element in the application window; data at the interface element in the application window; user actions with the interface element in the application window; available actions with the interface element; x coordinate of the interface element in the window; y coordinate of the interface element in the window; description of an object being processed as defined in the object properties; external name of the file that matches the process and was detected by Installation Assistant; internal name of the file that matches the process and was detected by Installation Assistant; copyright string for the file that was detected by Installation Assistant; indicator showing that Installation Assistant was started from the command line;
- Information about local database update: timestamp of the Software databases;
- Other information: indicator of action location when starting protected browser in Safe Money;
- Information about the User environment: Wi-Fi network name; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network encryption type; Wi-Fi signal strength; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6, subnet mask); user classification of the Wi-Fi network; flag indicating whether the DNS domain exists; URL of the service used to access the internet; local time of the start and end of the Wi-Fi network connection; detected device type; flag indicating whether the device is plugged in; list of available Wi-Fi networks and their settings; user's choice regarding controlling device connections to the home Wi-Fi network; browser type; browser version;

If You use or switch to Kaspersky Total Security, the following data will also be processed:
- Information about accessing a web service: type of the decision on a web address being processed; reason for blocking access to the web service; category of reason for blocking access to the web service; web address being processed; accessed IPv4 address of the web service; accessed IPv6 address of the web service; name of the service that provides user behavior tracking; category of the service that provides user behavior tracking, specified in the Software settings;
- Information about the Rightholder's installed Software: version of the Software's component; type of weakening of protection in Safe Money; extended code of weakening of protection in Safe Money; name and version number of the browser that runs in the protected mode; actions performed with the web address in the Software settings; start mode of the Safe Money component for the web service; indicator of presence of web address in the Safe Money database; indicator of remembered choice of action location for the web service; ID of the full version of the Installation Assistant component;
- Information about an object being processed: current protection level of browser in Safe Money; time until full launch of the protected browser by Safe Money; name and version number of the browser from which the protected browser was launched by Safe Money; launch type of the protected browser by Safe Money; result of the protected browser launch by Safe Money; result of the browser protection by Safe Money; information about software being updated; Software name; Software vendor name; full version of the Software before update; Software language ID; installation type of software update; Software update ID; localization ID of the Software update module; return code of the uninstallation process; command line; attribute signifying a violation of the integrity of the update file; Software installation/uninstallation status; list of image names of the processes that block software uninstallation; aggregated statistics of results of checking files against the offline KSN database; number of objects found to be trusted based on the explicit trusted signature; aggregated statistics of results of checking files against the online KSN database; number of files found to be trusted based on the signature; number of objects found to be trusted based on the trusted web address; number of objects found to be trusted based on the logic of trust inheritance from a trusted process; number of unknown objects for which a trusted or untrusted verdict has not been issued; number of objects that the user marked as trusted; number of objects with unique full path that were found to be unknown when determining trust status; number of objects with unique full path that were found to be untrusted when determining trust status; number of objects with unique full path that were found to be trusted when determining trust status; version ID of the Trusted Applications mode settings; stage ID of the Trusted Applications mode; indicator showing that software update is critical; user's choice regarding software update; string to uninstall the application update; update uninstallation result; result of processing the object in the task of searching for software recommended to remove; source of the installation date and time of the detected software; installation date and time of the detected software; date and time of the last use of the detected software; location of the object being processed on the disk; type of the detected third-party software; result (code) of checking application by the Trusted Applications component; web address to download the Software update; code of the error while downloading the update; location of the object being processed in Add/Remove Programs; string to uninstall the object being processed from the registry; bit mask of application categories in the application update component; object category in the application update component; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); indicator showing that the application is placed to exclusions; ID of shutdown type of the Installation Assistant component; type of pattern that triggered Installation Assistant; version of pattern that triggered Installation Assistant; type ID of the interface element in the application window; path to the interface element in the application window; data at the interface element in the application window; user actions with the interface element in the application window; available actions with the interface element; x coordinate of the interface element in the window; y coordinate of the interface element in the window; description of an object being processed as defined in the object properties; external name of the file that matches the process and was detected by Installation Assistant; internal name of the file that matches the process and was detected by Installation Assistant; copyright string for the file that was detected by Installation Assistant; indicator showing that Installation Assistant was started from the command line;
- Information about local database update: timestamp of the Software databases;
- Other information: indicator of action location when starting protected browser in Safe Money;
- Information about the User environment: Wi-Fi network name; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network encryption type; Wi-Fi signal strength; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6, subnet mask); user classification of the Wi-Fi network; flag indicating whether the DNS domain exists; URL of the service used to access the internet; local time of the start and end of the Wi-Fi network connection; detected device type; flag indicating whether the device is plugged in; list of available Wi-Fi networks and their settings; user's choice regarding controlling device connections to the home Wi-Fi network; browser type; browser version;

If You use or switch to Kaspersky Security Cloud for Windows, the following data will also be processed:
- Information on interaction with Web-Portal: Web-Portal account ID;
- Information about the User environment: unique device ID; OS ID; OS version, OS build number, OS update number, OS edition, extended information about the OS edition; OS Service Pack version; type of hardware platform; Wi-Fi network name; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network encryption type; Wi-Fi signal strength; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6, subnet mask); user classification of the Wi-Fi network; flag indicating whether the DNS domain exists; URL of the service used to access the internet; local time of the start and end of the Wi-Fi network connection; detected device type; flag indicating whether the device is plugged in; list of available Wi-Fi networks and their settings; user's choice regarding controlling device connections to the home Wi-Fi network; browser type; browser version; S.M.A.R.T. attribute ID; threshold value of the attribute; attribute data; drive type; size of the source S.M.A.R.T. attribute; data read mode of the S.M.A.R.T. attribute; calculated value of the S.M.A.R.T. attribute; hard drive model; shortened serial number of the hard drive; hard drive firmware; calculated size of the hard drive; type of the hard drive; hard drive health; hard drive power on hours; hard drive temperature; size of data on the hard drive; interface type of the hard drive; database major version; database minor version; bit mask of the disk module operating states; vendor ID of the controller of the USB device; ID of controller mode for the USB device; controller type of the USB device; first 5 bytes of device MAC address; operating system family; device type; number of symbols in the device name; vendor of the device or network card; data of the intercepted DHCP package from the device;
- Information about local database update: value of the update task TARGET filter; timestamp of the Software databases;
- Information about accessing a web service: type of the decision on a web address being processed; reason for blocking access to the web service; category of reason for blocking access to the web service; web address being processed; accessed IPv4 address of the web service; accessed IPv6 address of the web service; name of the service that provides user behavior tracking; category of the service that provides user behavior tracking, specified in the Software settings;
- Information about the Rightholder's installed Software: version of the Software's component; type of weakening of protection in Safe Money; extended code of weakening of protection in Safe Money; name and version number of the browser that runs in the protected mode; actions performed with the web address in the Software settings; start mode of the Safe Money component for the web service; indicator of presence of web address in the Safe Money database; indicator of remembered choice of action location for the web service; ID of the full version of the Installation Assistant component; name of the modified software setting;
- Information about an object being processed: current protection level of browser in Safe Money; time until full launch of the protected browser by Safe Money; name and version number of the browser from which the protected browser was launched by Safe Money; launch type of the protected browser by Safe Money; result of the protected browser launch by Safe Money; result of the browser protection by Safe Money; information about software being updated; Software name; Software vendor name; full version of the Software before update; Software language ID; installation type of software update; Software update ID; localization ID of the Software update module; return code of the uninstallation process; command line; attribute signifying a violation of the integrity of the update file; Software installation/uninstallation status; list of image names of the processes that block software uninstallation; aggregated statistics of results of checking files against the offline KSN database; number of objects found to be trusted based on the explicit trusted signature; aggregated statistics of results of checking files against the online KSN database; number of files found to be trusted based on the signature; number of objects found to be trusted based on the trusted web address; number of objects found to be trusted based on the logic of trust inheritance from a trusted process; number of unknown objects for which a trusted or untrusted verdict has not been issued; number of objects that the user marked as trusted; number of objects with unique full path that were found to be unknown when determining trust status; number of objects with unique full path that were found to be untrusted when determining trust status; number of objects with unique full path that were found to be trusted when determining trust status; version ID of the Trusted Applications mode settings; stage ID of the Trusted Applications mode; indicator showing that software update is critical; user's choice regarding software update; string to uninstall the application update; update uninstallation result; result of processing the object in the task of searching for software recommended to remove; source of the installation date and time of the detected software; installation date and time of the detected software; date and time of the last use of the detected software; location of the object being processed on the disk; type of the detected third-party software; result (code) of checking application by the Trusted Applications component; web address to download the Software update; code of the error while downloading the update; location of the object being processed in Add/Remove Programs; string to uninstall the object being processed from the registry; bit mask of application categories in the application update component; object category in the application update component; network category specified in Kaspersky VPN Secure Connection (home, work, public); network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); indicator showing that the application is placed to exclusions; ID of shutdown type of the Installation Assistant component; type of pattern that triggered Installation Assistant; version of pattern that triggered Installation Assistant; type ID of the interface element in the application window; path to the interface element in the application window; data at the interface element in the application window; user actions with the interface element in the application window; available actions with the interface element; x coordinate of the interface element in the window; y coordinate of the interface element in the window; description of an object being processed as defined in the object properties; external name of the file that matches the process and was detected by Installation Assistant; internal name of the file that matches the process and was detected by Installation Assistant; copyright string for the file that was detected by Installation Assistant; indicator showing that Installation Assistant was started from the command line;
- Other information: indicator of action location when starting protected browser in Safe Money; detection of device usage by a child; method used to detect devices in the network;

Your Choice to Participate
It is entirely Your choice to automatically send data to the Rightholder on a regular basis under this Statement. You can withdraw Your consent at any time in the settings of the Software as described in the User Manual.

© 2020 AO Kaspersky Lab
;ver=GDPR/KSN/2021/MR3/
;:10K4Qr2l6FcjB4MtWOKqcwK5b8qajPvqT2nrdc+q7OwcYD6xypsdBl0POETNmcAIzn2bltHNNoqNRbHOwC7K3xRx%%
=!AQAAEAwAPVpr7QAA0+t1010
*0B+t200.0
* cэV>$O>{'?0f0}/0Evv0
*0J10	URU10
UMoscow10U

Kaspersky Lab10U	3520p1_KL0
201222141227Z
220317141227Z0[10	URU10
UMoscow10U

Kaspersky Lab1#0!Ucompid=PRODUCTANY_type=BIN0h0!*0	**C @27<	-cu!/W	AuIn7r1&^/r%>RV !K_T1{00+U#$0" هkޞΨ<(ILA
l0)U" ]-[xU(Y>b<|0U0U0 0U%0
+0$+t0
+t0
*A )<AJb}gu.C<6
GKphTn=I1$ae󂍫UG<50:0 h6OWvo$0
*0G10	URU10
UMoscow10U

Kaspersky Lab10
U3520p10
200903110145Z
480120110145Z0J10	URU10
UMoscow10U

Kaspersky Lab10U	3520p1_KL0h0!*0	**C @ä@Y6I_AyشxO{b\CgF@:&04NlE7O_/P00+U#$0"  柡?΂F[qכZ0)U" هkޞΨ<(ILA
l0U0U00#+t0+t0
*A q*,;\
A:OM#q
W0*~? Bڧ7NhI> No10" ]-[xU(Y>b<|0
*0
*@"êմ\0E Fzlp<mO;wS@H&
	ExpJd0`
+71P0L	*H
=0910
*0j*H
	[Y0W*0.0
* (A@h1hTC1QQW20210506110533.1931461Z|0>0OANOpr0
*0T10	URU10
UMoscow10U

Kaspersky Lab10U3520p1_KL_Timestamp0
210405141340Z
210604141340Z0O10	URU10
UMoscow10U

Kaspersky Lab10Utype=Timestamp0h0!*0	**C @haK	Y
G7{;N)'n{r>T&қRvY6gt!?a00+U#$0" ;*%uӮӕ] Np<B=ta/0)U" &*8zMf9s~i,0U0U0 0U%0
+0
*A 	y1.r
*^ƳpSqQԉ/>,yI?!.060G~YFCADm\0
*0G10	URU10
UMoscow10U

Kaspersky Lab10
U3520p10
200903110221Z
480120110221Z0T10	URU10
UMoscow10U

Kaspersky Lab10U3520p1_KL_Timestamp0h0!*0	**C @k8 P8qFٝAن4Lyxc)G,V:TZ.BFG
{ף00+U#$0"  柡?΂F[qכZ0)U" ;*%uӮӕ] Np<B=ta/0U0U00U%0
+0
*A (^i!rO@an^沕醙*Ճ18J-=O{BzI;𤙨J1804" &*8zMf9s~i,0
*0	*H
	1
*H
	0	*H
	1
210506110533Z0/	*H
	1" 8-ǆT`q+:_	=0C*H
	/1402000.0
* eVFb@
-i2U0
*@"f+-Pb'mGD%3`&5Y2r`rB6Pd-%%