SUPPLEMENTAL STATEMENT ON DATA PROCESSING (SUPPLEMENTAL STATEMENT) Supplemental Statement On Data Processing (hereinafter “Statement”) relates to the computer program Kaspersky Anti-Ransomware Tool for Business (hereinafter “Software”). All terms used in this Statement have the same meaning as defined in the “Definitions” paragraph of the End User License Agreement (EULA). This Statement along with the EULA for the Software, in particular in the Section “Conditions regarding Data Processing,” specifies the conditions, responsibilities, and procedures relating to transmission and processing of the data indicated in this Statement. Please carefully read the terms of the Statement, as well as all documents referred to in the Statement, before accepting it. When the End User uses the Software, the End User is fully responsible for ensuring that the processing of personal data of Data Subjects is lawful, particularly, within the meaning of Article 6 (1) (a) to (1) (f) of Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) if Data Subject is in the European Union, or applicable laws on confidential information, personal data, data protection, or similar thereto. Data Protection and Processing The Rightholder handles the data it receives from the End User under this Statement in accordance with the Rightholder’s Privacy Policy published at: https://www.kaspersky.com/products-and-services-privacy-policy. Purposes of Processing Data During use of the Software, processing data is necessary to protect the End User from known threats to information security, as described in the User Manual. Processing data under this Statement could lead to an increase in the effectiveness of protection against information and network security threats provided by the Software. The purposes are achieved by: - determining the reputation of scanned objects; - identifying information security threats that are new and challenging to detect, and their sources; - taking prompt measures to increase the protection of the data stored and processed by the End User on the Computer; - reducing the likelihood of false positives; - increasing the efficiency of Software components; - investigating of infection of a user’s computer; - improving the performance of the Rightholder’s products; - receiving reference information about the number of objects with known reputation. Processed Data During use of the Software, the following data will be sent to the Rightholder automatically and on a regular basis under this Statement: - fragment content of the object being processed; - date and time when the certificate expires; - date and time when the certificate was issued; - version of list of revoked Software service`s decisions; - battery level and battery discharge rate; - event date and time; - number of update-apply cycles for anti-virus databases; - date and time when the anti-virus databases were last updated and applied; - the Software database record version; - ID of the triggered record in the Software's anti-virus databases; - timestamp of the triggered record in the Software's anti-virus databases; - type of the triggered record in the Software's anti-virus databases; - release date and time of the Software's databases; - information on network bandwidth and its usage; - number of processor cores; - logical processors count; - current and maximum processor frequency; - CPU usage information; - information on disk usage (IOPS); - disk operations count; - device ID; - information about system memory usage by the Software; - OS version, OS build number, OS update number, OS edition, extended information about the OS edition; - OS ID; - OS Service Pack version; - date and time of the OS launch; - physical RAM size; - Device Guard (windows) enablement status; - IP address; - version of the operating system installed on the user's computer; - ID of the key from the keystore used for encryption; - protocol used to exchange data with KSN; - ID of the KSN service accessed by the Software; - encryption characteristics of data package that is being sent to KSN; - ID of data package that is being sent to KSN; - data about a third-party application that had caused an error: the application image file name and path, the application image file size and checksum (MD5, SHA256, SHA-1), the application process identifier (PID), date and time of the application process image file compiling and creation, application process memory stack and application process memory address where an error had occurred, application uptime before the error had occurred, names, versions and checksums (MD5, SHA256, SHA-1) of the application components' files; - Software language ID; - fragment order in the object being processed; - data of the internal log, generated by the anti-virus Software module for an object being processed; - contents of the digital certificate being processed; - certificate issuer name; - public key of the certificate; - calculation algorithm of public key of the certificate; - certificate serial number; - date and time of signing the object; - certificate owner name and settings; - digital certificate thumbprint of the scanned object and hashing algorithm; - date and time of the last modification of the object being processed; - date and time of creating an object being processed; - detect characteristics; - objects or its parts being processed; - date and time of creating an executable file being processed; - description of an object being processed as defined in the object properties; - format of the object being processed; - checksum type for the object being processed; - application image size; - checksum (MD5) of the object being processed; - name of the object being processed; - Software name; - checksum (SHA256) of the object being processed; - size of the object being processed; - name of the detected malware or legitimate software that can be used to damage the user's device or data; - Software vendor name; - the Software's decision on the object being processed; - version of the object being processed; - source of the decision made for the object being processed; - checksum of the object being processed; - parent application name; - result of the module integrity check; - path to the object being processed; - directory code; - process system ID (PID); - information about file signature check results; - operating system bit version; - OS edition; - date and time of System Watcher start; - version of the Software's component; - full version of the Software; - Software update ID; - installation date and time for the Software; - Software installation ID (PCID); - Software health status after update; - type of installed Software; - format of the data in the request to Rightholder infrastructure; - the Software component ID; - logon session key; - encryption algorithm for the logon session key; - the memory stack of the Software process failure; - flag indicating whether the user has accepted the terms of the legal agreement while using the Software; - type of legal agreement accepted by the user while using the Software; - date and time when the user accepted the Agreement terms while using the Software; - version of the legal agreement accepted by the user while using the Software; - type of the hard drive; - calculated size of the hard drive; - name of the module in which the failure probably occurred; - date and time when statistics stopped being received; - name of the process that caused software failure; - duration of software operation until the failure; - ID of the Software rebranding; - number of KSN connections taken from the cache; - number of requests for which a response was found in the local request database; - number of unsuccessful KSN connections; - number of unsuccessful KSN transactions; - temporal distribution of cancelled requests to KSN; - temporal distribution of unsuccessful KSN connections; - temporal distribution of unsuccessful KSN transactions; - temporal distribution of successful KSN connections; - temporal distribution of successful KSN transactions; - temporal distribution of successful requests to KSN; - temporal distribution of requests to KSN that timed out; - number of new KSN connections; - number of unsuccessful requests to KSN caused by routing errors; - number of unsuccessful requests caused by KSN being disabled in the Software settings; - number of unsuccessful requests to KSN caused by network problems; - number of successful KSN connections; - number of successful KSN transactions; - total number of requests to KSN; - volume of inbound traffic; - volume of outbound traffic; - statistics message type; - date and time when statistics started being received; - probability of sending statistics by System Watcher; - code of the event that took longer than the standard time to process by System Watcher; - database processing time of the event that took longer than the standard time to process by System Watcher; - processing delay time of the event about OS action in the behavioral analysis subsystem; - number of delayed OS action events of the current type; - maximum allowed time for processing an event by System Watcher; - processing delay time of the event about OS action in the proactive defense subsystem; - number of processed OS action events; - number of processed synchronous OS action events; - total delay of all OS action events of the current type; - processing delay time of the event about OS action in the persistent event storage subsystem; - processing time of the event that took longer than the standard time to process by System Watcher; - total number of events that took longer than the standard time to process by System Watcher; - total delay of all OS action events; - number of waiting synchronous OS action events; - date and time of detecting software by System Watcher; - number of the detected software in the System Watcher context; - reason of detecting software by System Watcher; - date and time of received event of an action in the OS; - code of the event that caused an event queue overflow while being processed by System Watcher; - number of events that caused an event queue overflow while being processed by System Watcher; - total number of queue overflows for events being processed by System Watcher; - time difference between the first event in the queue and the current event when sending statistics package by System Watcher; - type of the event that was timed out while being processed (klif/swmon); - major and minor numbers of the interception filter that caused the interception that was timed out while being processed in System Watcher; - ID of the interception that was timed out while being processed in System Watcher; - number of klif events that were timed out when sending statistics package by System Watcher; - queue size of the System Watcher events that were timed out while being processed; - number of System Monitor events that were timed out when sending statistics package by System Watcher; - duration of third-party software operation until the failure; - memory address with an offset, in which the third-party software failure occurred; - information about failure in third-party software; - name from the system log for the error occurred in third-party software; - storage time for object being processed; - algorithm for calculating the digital certificate thumbprint; - number of failed update installations for the updater component; - number of update installation error for the updater component; - error code of the update task; - update task type; - version of the updater component; - accessed address of the web service (URL, IP); - port number; - web address of the source of the web service request (referer); - web address being processed. Your Choice to Participate You can at any time withdraw Your consent by uninstalling the Software. © 2021 AO Kaspersky Lab