KSN Question

[likeastar20]

For example, when I used ESET, any file that wasn't recognized or was new was automatically uploaded to them in the background. I enabled the notification in the settings to see this. Does Kaspersky KSN upload files? What happens if an unknown file is run but not detected by any module, including the behavior blocker?

[Flood and Flood's wife]

  On 5/16/2024 at 7:55 AM, likeastar20 said:

when I used ESET, any file that wasn't recognized or was new was automatically uploaded to them in the background. I enabled the notification in the settings to see this.

1. Does Kaspersky KSN upload files?
2. What happens if an unknown file is run but not detected by any module, including the behavior blocker?

Expand  

Hello @likeastar20, 

Welcome back!

1.  & 2. KSN is a reputation based checker, please read: Participating in Kaspersky Security Network, Checking application reputation & the KASPERSKY SECURITY NETWORK (KSN) STATEMENT ->

  Reveal hidden contents

KASPERSKY SECURITY NETWORK (KSN) STATEMENT

A. INTRODUCTION

Please read this document thoroughly. It provides important information that you should be acquainted with before continuing to use our services or software. We reserve the right to modify this Statement at any time by making changes to this page.

AO Kaspersky Lab (further Kaspersky) has created this Statement in order to inform about and disclose its data gathering and dissemination practices for the Software.

Kaspersky has a strong commitment to providing superior service to all of our customers and particularly respecting your concerns about Data Processing. 

This Statement contains numerous general and technical details describing the steps we take to respect your Data Processing concerns. Meeting your needs and expectations forms the foundation of everything we do – including protecting your Data.

The Kaspersky Security Network service allows users of Kaspersky security products from around the world to help facilitate identification and reduce the time it takes to provide protection against new ("in the wild") security risks targeting your computer, which helps to identify new threats and their sources and improve a user's security level. Such information is utilized by Kaspersky for no other purpose than to enhance its security products and to further advance solutions against malicious threats and viruses. 

By participating in Kaspersky Security Network, you and the other users of Kaspersky security products from around the world contribute significantly to a safer Internet environment.

Legal Issues (if applicable)

Kaspersky Security Network may be subject to the laws of several jurisdictions because its services may be used in different jurisdictions, including the United States of America. Kaspersky shall disclose information without your permission when required by law, or in good-faith belief that such action is necessary to investigate or protect against harmful activities to Kaspersky guests, visitors, associates, property or to others. As mentioned above, laws related to data and information processed by Kaspersky Security Network may vary by country.

Kaspersky Security Network shall duly inform the users concerned when initially processing the above-mentioned information of any sharing of such information and shall allow these Internet users to opt in (in the EU Member States and other countries requiring opt-in procedures) or opt out (for all other countries) online from the commercial use of this data and/or the transmission of this data to third parties.

Kaspersky may be required by law enforcement or judicial authorities to provide some information to appropriate governmental authorities. If requested by law enforcement or judicial authorities, we shall provide this information upon receipt of the appropriate documentation. Kaspersky may also provide information to law enforcement to protect its property and the health and safety of individuals as permitted by statute.

B. RECEIVED INFORMATION

In order to help detect new and evasive information security threats and their sources, identify potential intrusion threats, and act promptly to improve the level of protection of the information stored and processed by the User on the computer and for marketing purposes the User agrees to automatically submit the following information:

- Information about the Rightholder's installed Software: Software installation ID (PCID); full version of the Software; Software update ID; type of the installed Software; Software ID; installation date and time for the Software; date and time of System Watcher start; type of the notification which should be shown when the user is busy; Software localization; indicator of interactive mode; ID of the type of notification shown to the user; information about displayed window prompting for application action; time of sending statistics about using application GUI; ID of the displayed window; name of the modified software setting; old value of the software setting; new value of the software setting; ID of the control in the user interface; name of the window prompting for user action; type of the window prompting for user action; severity of the window prompting for user action; user's choice in the window prompting for action; data in the window prompting for user action; information about system memory usage by the Software; Software health status after update; reason for stopping protection; idle time of protection; current status of the Software extension; name of the script, execution of which was interrupted by an error; number of the string in the script where the error has occurred; number of the character in the script string where the error has occurred; list of functions of the call stack where the error has occurred; notification type, that triggered the statistic sending; duration of software operation until the failure; name of method of detection of the software failure; version of the installed software; the Software component ID; source file path; Software module ID; nested error occurred during the application work; version of the Software's component; type of weakening of protection in Safe Money; extended code of weakening of protection in Safe Money; name and version number of the browser that runs in the protected mode; actions performed with the web address in the Software settings; type of scanning rarely used software; start mode of the Safe Money component for the web service; indicator of presence of web address in the Safe Money database; indicator of remembered choice of action location for the web service; operating status of the Software component; Software component name; modification type of connection mode to VPN server; starting mode of Kaspersky VPN Secure Connection; operating mode of Kaspersky VPN Secure Connection; type of choosing country for connection to VPN server; exit country of VPN traffic; network category specified in Kaspersky VPN Secure Connection (unknown, safe, unsafe); network category specified in Kaspersky VPN Secure Connection (home, work, public); ID of the starting scenario of VPN connection; code of the partner organization associated with the Software rebranding; user actions with the interface element in the application window; ID of the full version of the Unwanted App Installation Blocker component; ID of the user action; user story name; user story type; Software rebranding ID; event type and value; name of the Software module that made a code injection; data about a third-party application that had caused an error: the application image file name and path, the application image file size and checksum (MD5, SHA256, SHA-1), the application process identifier (PID), date and time of the application process image file compiling and creation, application process memory stack and application process memory address where an error had occurred, application uptime before the error had occurred, names, versions and checksums (MD5, SHA256, SHA-1) of the application components' files; Software protection components usage state; event date and time; ID of the marketing campaign;

- Information about the User environment: device ID; external IP address; Device Guard (Windows) enablement status; OS Service Pack version; date and time of the OS launch; local port that was attacked; date and time of the BSOD or unexpected power off; full version of the OS kernel; user's decision on the detected incompatible software; ID of the account under which the controlled process was started; OS error code; a web-browser usage mode; CPU load level; disk load level; product delays time; additional information about OS features; additional information about CPU features; information about problems with third-party software; code integrity options; current operating mode of software drivers; OS version supported by software drivers; OS version supported by software drivers; hypervisor support mode; OS ID; type of hardware platform; Wi-Fi network name; checksum (MD5 with salt) of the MAC address of the access point; checksum (SHA256 with salt) of the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name; Wi-Fi network ID based on the MAC address of the access point; Wi-Fi network ID based on the Wi-Fi network name and the MAC address of the access point; Wi-Fi network authentication type; Wi-Fi network encryption type; Wi-Fi signal strength; DHCP settings (checksums of the local IP address of the gateway, DHCP IP, DNS1 IP, DNS2 IP, and subnet mask); DHCP settings (checksums of gateway local IPv6, DHCP IPv6, DNS1 IPv6, DNS2 IPv6, subnet mask); user classification of the Wi-Fi network; flag indicating whether the DNS domain exists; URL of the service used to access the internet; local time of the start and end of the Wi-Fi network connection; detected device type; flag indicating whether the device is plugged in; list of available Wi-Fi networks and their settings; user's choice regarding controlling device connections to the home Wi-Fi network; information about localization of OS; browser type; browser version; first 5 bytes of device MAC address; operating system family; device type; number of symbols in the device name; vendor of the device or network card; data of the intercepted DHCP package from the device; obfuscated device name; S.M.A.R.T. attribute ID; threshold value of the attribute; attribute data; drive type; size of the source S.M.A.R.T. attribute; data read mode of the S.M.A.R.T. attribute; unique device ID; calculated value of the S.M.A.R.T. attribute; hard drive model; shortened serial number of the hard drive; hard drive firmware; calculated size of the hard drive; type of the hard drive; hard drive health; hard drive power on hours; hard drive temperature; size of data on the hard drive; interface type of the hard drive; database major version; database minor version; bit mask of the disk module operating states; vendor ID of the controller of the USB device; ID of controller mode for the USB device; controller type of the USB device; Software ID derived from the license;

- Other information: protocol used to exchange data with KSN; version of KSN request about file reputation; version of the statistics being sent; date and time of receipt of the application request (GMT); debug detection indicator; ID of the notification which is shown when the user is busy; user activity type when a notification should be shown to the user; protocol ID; object time in the buffer; statistics message type; date and time when statistics started being received; date and time when statistics stopped being received; number of successful connections to infrastructure service; number of unsuccessful connections to infrastructure service; number of successful transactions to infrastructure service; number of unsuccessful transactions to infrastructure service; temporal distribution of successful requests to infrastructure service; type of dump created by the Software; image name of the process the dump of which was detected by the Software; name of the module in which the failure probably occurred; date and time of dump creation; error type; name of subsystem in which the error occurred; error code; name of task in which the error occurred; type of statistics about unknown files; ID of the infrastructure service accessed by the Software; total number of requests to infrastructure service; number of requests to infrastructure services for which a response was found in the local request database; number of unsuccessful requests to infrastructure service caused by network problems; number of unsuccessful requests to infrastructure service caused by the Software settings; number of unsuccessful requests to infrastructure service caused by routing errors; temporal distribution of cancelled requests to infrastructure service; temporal distribution of requests to infrastructure service that timed out; ID of the KSN service accessed by the Software; temporal distribution of successful connections to infrastructure service; temporal distribution of unsuccessful connections to infrastructure service; temporal distribution of successful transactions to infrastructure service; temporal distribution of unsuccessful transactions to infrastructure service; number of connections to infrastructure service taken from the cache; number of new connections to infrastructure service; text of the error message; line number of the source file in the exception handler; authentication token in the Rightholder's services; token TTL; unique request ID to the Rightholder services; token type; Web-Portal service name; server access duration; the memory stack of the Software process failure; address for Software module loading; process system ID (PID); ID of the action performed by user within the Software; indicator of action location when starting protected browser in Safe Money; method used to detect devices in the network; direction of a network connection; source of the web-traffic being processed: local host or remote host;

- Information about an object being processed: checksum (MD5) of the object being processed; number of software runs since the last time the file checksum was sent; format of the object being processed; checksum (SHA256) of the object being processed; name of the object being processed; size of the object being processed; attributes that were assigned to an object being processed during scanning; the Software's decision on the object being processed; weight of the detected access to the phishing web service; phishing attack target; confidence of detecting access to the phishing web service; ID of the mail being scanned; path to the object being processed; directory code; name of the foreground application; description of an object being processed as defined in the object properties; name of the detected malware or legitimate software that can be used to damage the user's device or data; IP address of the attacker; detect location within the web traffic being processed; detected network attack name; trust indicator of the processed object according to KSN; information about file signature check results; application image size; value of the subsystem attribute from the PE file header; value of the characteristics attribute from the PE file header; number of sections in the PE file; bit mask of the Data Directories section in the PE file; overlay size in the PE file; properties and check sums of the parts of the execution file; type of executable file scan task that sends statistics; emulation depth; emulator version; version of a certain compiler; checksum (MD5) of the object being processed; entropy calculated over the first 4096 bytes of the section; entropy calculated over the last 4096 bytes of the section; zero value frequency calculated over the first 4096 bytes of the section; zero value frequency calculated over the last 4096 bytes of the section; numeric value frequency calculated over the first 4096 bytes of the section; numeric value frequency calculated over the last 4096 bytes of the section; 4-byte vector calculated over the first 4096 bytes of the section; 4-byte vector calculated over the last 4096 bytes of the section; virtual size of the PE file section; real size of the PE file section; DNS server response; IP address of the DNS server; time of DNS server response in the buffer; detect characteristics; object type code; flag indicating whether the object being processed is a PE file; checksum (MD5) of the mask that blocked the web service; date and time of signing the object; certificate serial number; certificate issuer name; certificate owner name and settings; digital certificate thumbprint of the scanned object and hashing algorithm; public key of the certificate; result of certificate verification; vulnerability ID; vulnerability danger class; ID of the task in which detection was performed; checksum type for the object being processed; checksum (SHA3) of an object being processed; type of the module being loaded; date and time of linking the executable file; information on who signed the file being processed; names of the packers that packed the object being processed; entropy of the file being processed; date and time of creating an executable file being processed; attributes of executable file being processed; a flag indicating an application which runs automatically at startup; trust indicator of the module which integrity is checked by the Software; date and time of signing the module which integrity is checked by the Software; signer organization name; result of the module integrity check; flag indicating the presence of a signed timestamp in the digital certificate; digital certificate numerical order in the chain of trust; indicator showing whether the operation was allowed by self-defense; type of the program resource protected by self-defense, with which the operation is performed; name of the resource protected by self-defense, with which the operation is performed; name of operations performed to access the process; ID of the attacked software process; attributes of the process that attacked Software Self-Defense; sequence number of the script detected on the web page by the application; operation type of restoring object state; operation status of restoring object; information about object restoring error; version of the object being processed; information about failure in third-party software; name from the system log for the error occurred in third-party software; memory address with an offset, in which the third-party software failure occurred; duration of third-party software operation until the failure; checksum (SHA1) of an object being processed; date and time of signing the file; ID of the process into which the module was loaded; number of the module in the load queue since Software start; attribute of an object being processed, that allowed to recall the false positive decision on the object; trust group (system category) the file was moved to; trust group (system category) the file was moved from; reason for moving the file to the category; current protection level of browser in Safe Money; time until full launch of the protected browser by Safe Money; name and version number of the browser from which the protected browser was launched by Safe Money; launch type of the protected browser by Safe Money; result of the protected browser launch by Safe Money; result of the browser protection by Safe Money; information about software being updated; Software name; Software vendor name; Software language ID; installation type of software update; Software update ID; localization ID of the Software update module; return code of the uninstallation process; command line; attribute signifying a violation of the integrity of the update file; Software installation/uninstallation status; list of image names of the processes that block software uninstallation; state of detected rarely used software; result of processing the object in the task of searching for software recommended to remove; source of the installation date and time of the detected software; installation date and time of the detected software; date and time of the last use of the detected software; type of the detected third-party software; indicator showing that software update is critical; user's choice regarding software update; string to uninstall the application update; update uninstallation result; location of the object being processed on the disk; web address to download the Software update; code of the error while downloading the update; location of the object being processed in Add/Remove Programs; string to uninstall the object being processed from the registry; bit mask of application categories in the application update component; object category in the application update component; indicator showing that the application is placed to exclusions; ID of shutdown type of the Unwanted App Installation Blocker component; type of pattern that triggered Unwanted App Installation Blocker; version of pattern that triggered Unwanted App Installation Blocker; type ID of the interface element in the application window; path to the interface element in the application window; data at the interface element in the application window; available actions with the interface element; x coordinate of the interface element in the window; y coordinate of the interface element in the window; external name of the file that matches the process and was detected by Unwanted App Installation Blocker; internal name of the file that matches the process and was detected by Unwanted App Installation Blocker; copyright string for the file that was detected by Unwanted App Installation Blocker; indicator showing that Unwanted App Installation Blocker was started from the command line; ID of the weak security setting; action performed with the detected weak security setting; type of the user that performs the action with the weak security setting; type of scan task that detected the weak setting; result of the task of scanning weak security settings;

- Information about local database update: the Software database record ID; timestamp of the triggered record in the Software's anti-virus databases; type of the triggered Software anti-virus databases record; release date and time of the Software's databases; ID of the triggered record in the Software's anti-virus databases; number of update-apply cycles for anti-virus databases; date and time of the most recent update and application of anti-virus databases; name of the original index file downloaded during the last update; date and time of downloading local original index file; number of failed update installations for the updater component; number of update installation error for the updater component; version of the updater component; number of files downloaded in one session from the update source; total size of information downloaded during update; average speed of interaction with the update source; type of usage error of the software update web server; the Software database record version; type of the triggered Software anti-virus databases record; update task type; error code of the update task; timestamp of the root index of available updates; timestamp of the root index of updates being downloaded; component name; timestamp of the update component (updated version); timestamp of the component (local version); code of the error category; result of the Software update installation; error code of software update installation; ID of the previous software update; timestamp of the Software databases;

- Information about accessing a web service: type of client used to access the web service; web address of the source of the web service request (referer); DNS address of the web service being accessed; host source; information about the client that uses a network protocol (user agent); indicator showing that the message is a part of a bundle of messages belonging to one access to the web service; accessed address of the web service (URL, IP); http request method; remote port and IP address of the web service being accessed; information about implementation of the web service access handler; protocol processing error type; method used for authentication in the Software; code of the error while processing the secure connection; total duration of request processing; response status of the Rightholder's service; type of the decision on a web address being processed; reason for blocking access to the web service; category of reason for blocking access to the web service; web address being processed; accessed IPv4 address of the web service; accessed IPv6 address of the web service; name of the service that provides user behavior tracking; category of the service that provides user behavior tracking, specified in the Software settings;

- Information about the System Watcher component: code of the event that caused an event queue overflow while being processed by System Watcher; number of events that caused an event queue overflow while being processed by System Watcher; total number of queue overflows for events being processed by System Watcher; probability of sending statistics by System Watcher; code of the event that took longer than the standard time to process by System Watcher; processing time of the event that took longer than the standard time to process by System Watcher; database processing time of the event that took longer than the standard time to process by System Watcher; total number of events that took longer than the standard time to process by System Watcher; maximum allowed time for processing an event by System Watcher; date and time of received event of an action in the OS; processing delay time of the event about OS action in the persistent event storage subsystem; processing delay time of the event about OS action in the proactive defense subsystem; processing delay time of the event about OS action in the behavioral analysis subsystem; number of waiting synchronous OS action events; number of processed OS action events; number of processed synchronous OS action events; number of delayed OS action events of the current type; total delay of all OS action events of the current type; total delay of all OS action events; ID of the interception that was timed out while being processed in System Watcher; major and minor numbers of the interception filter that caused the interception that was timed out while being processed in System Watcher; type of the event that was timed out while being processed (klif/swmon); queue size of the System Watcher events that were timed out while being processed; time difference between the first event in the queue and the current event when sending statistics package by System Watcher; number of klif events that were timed out when sending statistics package by System Watcher; number of System Monitor events that were timed out when sending statistics package by System Watcher; date and time of detecting software by System Watcher; reason of detecting software by System Watcher; number of the detected software in the System Watcher context;

- Information about the license and other agreements: type of Software license used; Software license key creation date and time; Software activation date; Software key expiration date and time; number of devices/accounts covered by the Software license; serial number of the Software license key; Software license ID;

- Information about Anti-Spam component: Anti-Spam engine version; names of triggered heuristic rules; sender IP address heuristically derived from the received headers and SMTP session; most likely IP address of the source of spam; technical information about status of scanning the email message for spam; technical information about method used to detect spam; technical information about probability that the email message is spam; full version of the Software before update; OS version, OS build number, OS update number, OS edition, extended information about the OS edition;

- Information on interaction with Web-Portal: Web-Portal account ID;

Additional information about detection: 
- Information about running applications and their modules; information about processes running in the system (system process ID (PID); process name; account under which the process was started; the application or command that started the process; the full path to process files; the command string used to launch the process; a description of the software to which the process belongs (software name and publisher information); information about digital certificates used; information needed to verify their authenticity; information to the effect that the file does not have a digital signature); information about modules loaded into processes: their names; sizes; types; creation dates; attributes; checksums (MD5, SHA2-256, SHA1), and paths to them; header information of PE files; names of the packer (if the file was packed);
- If an object that can be used by criminals to damage the Computer or personal data has been detected, the transmission includes information about process memory data; elements of the hierarchy of system objects (ObjectManager); UEFI BIOS memory data; names of registry keys and their values;
- Information about system log events: event time; name of the log where the event has been detected; type and category of event; name of the event source and event description;
- Information about network connections: version and checksums (MD5, SHA2-256, SHA1) of the file of the process that opened the port; path to the process file and its digital signature; local and remote IP addresses; numbers of the local and remote connection ports; connection status; port opening time;
- Names and paths of the files that were accessed by the process; names of registry keys and their values that were accessed by the process; URL and IP addresses that were accessed by the process; URL and IP addresses from which the executable file was downloaded;
- Information about the versions of the operating system (OS) and service packs installed on the Computer; version and checksums (MD5, SHA2-256, SHA1) of the OS kernel file; parameters of the OS operating mode;
- Information about software installed on the Computer: software name and the name of its vendors; information about registry keys and their values; information about files of components of installed software (including checksums (MD5, SHA2-256, SHA1) of the file; file name; path to the file on the Computer; size; version; digital signature);
- Information about hardware installed on the Computer: type; name; model; version of firmware; parameters of integrated and plug-in devices;
- Information about the failed last OS reboot (number of failed reboots);

If software had been unloaded, the data are not transmitted but may be stored in a limited-size storage on the User's computer. Such data cannot be restored after software is removed. After software has loaded, such data will be relayed to Kaspersky for the purposes mentioned above.

In order to increase the effectiveness of protection provided by the Software, the Rightholder may receive objects that could be exploited by intruders to harm the Computer and create information security threats. Such objects include: executable and non-executable files or their parts; portions of the Computer's RAM; sectors involved in the process of booting the OS; network traffic data packets; web pages and emails containing suspicious and malicious objects; description of the classes and instances of classes of the WMI repository; application activity reports.

Such application activity reports contain the following data about files and processes: the name, size and version of the file being send; its description and checksums (MD5, SHA2-256, SHA1); file format identifier; the name of the file's vendor; the product name to which the file belongs; full path on the Computer; template code of the file path; the creation and modification timestamps of the file; start and end date/time of the validity period of the certificate (if the file has a digital signature); the date and the time of the signature; the name of the issuer of the certificate; information about the certificate holder; the fingerprint; the certificate's public key and appropriate algorithms; certificate serial number; the name of the account from which the process is running; checksums (MD5, SHA2-256, SHA1) of the name of the Computer on which the process is running; titles of the process windows; identifier for the anti-virus databases; name of the detected threat according to Rightholder's classification; data about the installed license; license identifier; license type and expiration date; local time of the Computer at the moment of the provision of information; names and paths of the files that were accessed by the process; names of registry keys and their values that were accessed by the process; URL and IP addresses that were accessed by the process; URL and IP addresses from which the running file was downloaded.

Also, in order to prevent false positives, the Rightholder may receive trusted executable and non-executable files or their parts.

Kaspersky protects the information received in accordance with applicable governing law and Kaspersky's rules. Data is transmitted over a secure channel.

Securing the Transmission and Storage of Data

Kaspersky is committed to protecting the security of the information it processes. The information processed is stored on computer servers with limited and controlled access. Kaspersky operates secure data networks protected by industry-standard firewall and password protection systems. Kaspersky uses a wide range of security technologies and procedures to protect information from threats such as unauthorized access, use, or disclosure. Our security policies are periodically reviewed and enhanced as necessary, and only authorized individuals have access to the data that we process. Kaspersky takes steps to ensure that your information is treated securely and in accordance with this Statement. Unfortunately, no data transmission can be guaranteed secure. As a result, while we strive to protect your data, we cannot guarantee the security of any data you transmit to us or from our products or services, including without limitation Kaspersky Security Network, and you use all these services at your own risk.

We treat the data we process as confidential information; it is, accordingly, subject to our security procedures and corporate policies regarding protection and use of confidential information. All Kaspersky employees are aware of our security policies. Your data is only accessible to those employees who need it in order to perform their jobs. Kaspersky does not combine the data stored by Kaspersky Security Network with any data, contact lists, or subscription information that is processed by Kaspersky for promotional or other purposes.

C. USE OF THE PROCESSED DATA

Kaspersky processes the data in order to analyze and identify the source of potential security risks, and to improve the ability of Kaspersky's products to detect malicious behavior, fraudulent websites, crimeware, and other types of Internet security threats to provide the best possible level of protection to Kaspersky customers in the future.

Disclosure of Information to Third Parties

Kaspersky may disclose any of the information processed if asked to do so by a law enforcement official as required or permitted by law, in response to a subpoena or other legal process or if we believe in good faith that we are required to do so in order to comply with applicable law, regulation, subpoena, or other legal process or enforceable government request. Kaspersky may also disclose information when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating this Statement, the terms of your agreements with the Kaspersky or to protect the safety of our users and the public or under confidentiality and licensing agreements with certain third parties which assist us in developing, operating and maintaining the Kaspersky Security Network. In order to promote awareness, detection and prevention of Internet security risks, Kaspersky may share certain information with research organizations and other security software vendors. Kaspersky may also make use of statistics derived from the information processed to track and publish reports on security risk trends.

D. DATA PROCESSING – RELATED INQUIRIES AND COMPLAINTS

Kaspersky takes and addresses its users' Data Processing concerns with utmost respect and attention. If you believe that there was an instance of non-compliance with this Statement with regard to your information or data, or you have other related inquiries or concerns, you may write or contact Kaspersky by email: *****@*****.tld.

In your message, please describe in as much detail as possible the nature of your inquiry. We will investigate your inquiry or complaint promptly.

CHOICES AVAILABLE TO YOU

In case of refusal to participate in KSN the above data is not transmitted. The data is processed and stored in a restricted and protected partition on the user's computer. This data cannot be restored after uninstallation. If you agree to participate in KSN, the data is transferred to Kaspersky for the above purposes.

Kaspersky protects the information received in accordance with applicable governing law and Kaspersky's rules. Data is transmitted over a secure channel.

Participation in Kaspersky Security Network is optional. You can activate and deactivate the Kaspersky Security Network service at any time by altering the Feedback settings on your Kaspersky product's option's tab. Please note, however, if you choose to deactivate the Kaspersky Security Network service, we may not be able to provide you with some of the services dependent upon the processing of this data.

We also reserve the right to send infrequent alert messages to users to inform them of specific changes that may impact their ability to use our services that they have previously signed up for. We also reserve the right to contact you if compelled to do so as part of a legal proceeding or if there has been a violation of any applicable licensing, warranty or purchase agreements.

Kaspersky is retaining these rights because in limited cases we feel that we may need the right to contact you as a matter of law or regarding matters that may be important to you. These rights do not allow us to contact you to market new or existing services if you have asked us not to do so, and issuance of these types of communications is rare. 

© 2021 AO Kaspersky Lab

Thank you?
Flood?+?