SUPPLEMENTAL STATEMENT ON DATA PROCESSING (SUPPLEMENTAL STATEMENT) Supplemental Statement On Data Processing (hereinafter “Statement”) relates to Kaspersky Anti-Ransomware Tool for Home (hereinafter “Software”). All terms used in this Statement have the same meaning as defined in the “Definitions” clause of the End User License Agreement (EULA). This Statement along with the EULA for the Software, in particular in the Section “Conditions regarding Data Processing,” specifies the conditions, responsibilities, and procedures relating to transmission and processing of the data indicated in this Statement. Please carefully read the terms of this Statement, as well as all documents referred to in this Statement, before accepting it. If the Software is used within a legal entity or on the Computer used by several individuals, You must ensure that they have understood and accepted the conditions of this Statement before data processing begins. Data Protection and Processing The Rightholder handles the data it receives from the End User under this Statement in accordance with the Rightholder’s Privacy Policy published at: https://www.kaspersky.com/products-and-services-privacy-policy. Purposes of Processing Data During use of the Software, processing data is necessary to protect the End User from known threats to information security, as described in the User Manual. Processing data under this Statement could lead to an increase in the effectiveness of protection against information and network security threats provided by the Software. The purposes are achieved by: - determining the reputation of scanned objects; - identifying information security threats that are new and challenging to detect, and their sources; - taking prompt measures to increase the protection of the data stored and processed by the End User on the Computer; - reducing the likelihood of false positives; - increasing the efficiency of Software components; - investigating of infection of a user’s computer; - improving the performance of the Rightholder’s products; - receiving reference information about the number of objects with known reputation. Processed Data Certain data which is processed under this Statement could be considered personal data according to laws of some countries. With Your consent, the following data will be automatically sent on a regular basis to the Rightholder under this Statement: - fragment content of the object being processed; - date and time when the certificate expires; - date and time when the certificate was issued; - version of list of revoked Software service's decisions; - event date and time; - text of the error message; - number of update-apply cycles for anti-virus databases; - date and time when the anti-virus databases were last updated and applied; - the Software database record version; - ID of the triggered record in the Software's anti-virus databases; - timestamp of the triggered record in the Software's anti-virus databases; - type of the triggered record in the Software's anti-virus databases; - release date and time of the Software's databases; - OS bit size; - additional information about OS features; - full version of the OS kernel; - additional information about CPU features; - flag indicating that the user device is a virtual machine; - device ID; - OS build number; - extended information about the OS edition; - operating system family; - OS version, OS build number, OS update number, OS edition, extended information about the OS edition; - OS ID; - OS Service Pack version; - date and time of the OS launch; - type of hardware platform; - CRC32 checksum of the user account security identifier; - Device Guard (windows) enablement status; - version of the operating system; - IP address; - version of the operating system installed on the user's computer; - ID of the key from the keystore used for encryption; - user login for the Web-Portal account; - version of KSN request about file reputation; - the config identifier; - protocol used to exchange data with KSN; - ID of the KSN service accessed by the Software; - encryption characteristics of data package that is being sent to KSN; - ID of data package that is being sent to KSN; - installation type of software update; - fragment order in the object being processed; - data of the internal log, generated by the anti-virus Software module for an object being processed; - contents of the digital certificate being processed; - certificate issuer name; - public key of the certificate; - calculation algorithm of public key of the certificate; - certificate serial number; - date and time of signing the object; - certificate owner name and settings; - digital certificate thumbprint of the scanned object and hashing algorithm; - date and time of the last modification of the object being processed; - date and time of creating an object being processed; - detect characteristics; - objects or its parts being processed; - description of an object being processed as defined in the object properties; - format of the object being processed; - checksum type for the object being processed; - checksum (MD5) of the object being processed; - name of the object being processed; - checksum (SHA256) of the object being processed; - size of the object being processed; - name of the detected malware or legitimate software that can be used to damage the user's device or data; - Software vendor name; - the Software's decision on the object being processed; - version of the object being processed; - source of the decision made for the object being processed; - checksum of the object being processed; - parent application name; - result of the module integrity check; - path to the object being processed; - directory code; - information about file signature check results; - operating system bit version; - OS edition; - Software ID derived from the license; - date and time of System Watcher start; - version of the Software's component; - full version of the Software; - ID of the topic in the Software help; - Software update ID; - Software ID; - installation date and time for the Software; - Software localization; - full name of the partner organization through which the Software license order was placed; - Software installation ID (PCID); - Software rebranding ID; - full version of the Software before upgrade; - number of detects by the Software; - number of the objects, detected by the Software; - code of the partner organization associated with the Software rebranding; - the Software screens, events on the Software screens, duration of the Software screen displaying; - Software health status after update; - information about date and frequency of sending KSN statistics by the Software; - information about the Software state when sending the KSN statistics; - type of installed Software; - flag indicating whether the Software is connected to Web-Portal; - the Software update date and time; - flag indicating whether participation in KSN is enabled; - format of the data in the request to Rightholder infrastructure; - Software group; - link name; - the Software component ID; - logon session key; - encryption algorithm for the logon session key; - the result of the Software action; - flag indicating whether the user has accepted the terms of the legal agreement while using the Software; - type of legal agreement accepted by the user while using the Software; - date and time when the user accepted the Agreement terms while using the Software; - version of the legal agreement accepted by the user while using the Software; - date and time when statistics stopped being received; - error code; - Software ID; - Software installation/uninstallation status; - installation error code; - flag indicating whether the installation was aborted by the user; - device type (laptop, desktop, tablet); - OS type (server, workstation, domain controller); - ID of the Software rebranding; - duration of Software installation in seconds; - installation type (new installation, update); - version of the protocol of interaction between the Software and marketing messages; - number of KSN connections taken from the cache; - number of requests for which a response was found in the local request database; - number of unsuccessful KSN connections; - number of unsuccessful KSN transactions; - temporal distribution of cancelled requests to KSN; - temporal distribution of unsuccessful KSN connections; - temporal distribution of unsuccessful KSN transactions; - temporal distribution of successful KSN connections; - temporal distribution of successful KSN transactions; - temporal distribution of successful requests to KSN; - temporal distribution of requests to KSN that timed out; - number of new KSN connections; - number of unsuccessful requests to KSN caused by routing errors; - number of unsuccessful requests caused by KSN being disabled in the Software settings; - number of unsuccessful requests to KSN caused by network problems; - number of successful KSN connections; - number of successful KSN transactions; - total number of requests to KSN; - code integrity options; - hypervisor support mode; - OS version supported by software drivers; - OS version supported by software drivers; - current operating mode of software drivers; - information about problems with third-party software; - date and time when statistics started being received; - probability of sending statistics by System Watcher; - code of the event that took longer than the standard time to process by System Watcher; - database processing time of the event that took longer than the standard time to process by System Watcher; - processing delay time of the event about OS action in the behavioral analysis subsystem; - number of delayed OS action events of the current type; - maximum allowed time for processing an event by System Watcher; - processing delay time of the event about OS action in the proactive defense subsystem; - number of processed OS action events; - number of processed synchronous OS action events; - total delay of all OS action events of the current type; - processing delay time of the event about OS action in the persistent event storage subsystem; - processing time of the event that took longer than the standard time to process by System Watcher; - total number of events that took longer than the standard time to process by System Watcher; - total delay of all OS action events; - number of waiting synchronous OS action events; - date and time of detecting software by System Watcher; - number of the detected software in the System Watcher context; - reason of detecting software by System Watcher; - date and time of received event of an action in the OS; - code of the event that caused an event queue overflow while being processed by System Watcher; - number of events that caused an event queue overflow while being processed by System Watcher; - total number of queue overflows for events being processed by System Watcher; - time difference between the first event in the queue and the current event when sending statistics package by System Watcher; - type of the event that was timed out while being processed (klif/swmon); - major and minor numbers of the interception filter that caused the interception that was timed out while being processed in System Watcher; - ID of the interception that was timed out while being processed in System Watcher; - number of klif events that were timed out when sending statistics package by System Watcher; - queue size of the System Watcher events that were timed out while being processed; - number of System Monitor events that were timed out when sending statistics package by System Watcher; - storage time for object being processed; - algorithm for calculating the digital certificate thumbprint; - number of failed update installations for the updater component; - number of update installation error for the updater component; - error code of software update installation; - error code of the update task; - ID of the Software update start; - update task type; - version of the updater component; - description of user registration error; - statuses of filling in the fields in user registration form; - ID of user registration form; - serial number of user registration offer; - user registration type; - user registration error code; - ID of the user of the Rightholder's website; - accessed address of the web service (URL, IP); - port number; - web address of the source of the web service request (referer); - web address being processed. The Rightholder also processes data in a form that does not, on its own, permit direct association with any specific individual. You can find the list of such data and purposes of their processing for a given Software by visiting https://help.kaspersky.com, selecting the Software, and viewing its respective “Data provision” section. Your Choice to Participate It is entirely Your choice to automatically send data on a regular basis to the Rightholder under this Statement. You can at any time withdraw Your consent by uninstalling the Software. © 2021 AO Kaspersky Lab