How Kaspersky VPN Secure Connection processes your data
Last updated 10.09.2020
Kaspersky VPN helps protect your privacy online. We use VPN servers to encrypt all internet traffic from your device. The VPN servers replace your real IP address with a virtual address so your real one remains hidden. Your actions stay private and protected as you work, bank, shop or use the internet for any other reasons.
Kaspersky is a global cybersecurity company. More about Kaspersky.
The VPN servers are provided by our trusted partner, the Pango software company, via their Pango Platform. More about Pango.
Like any other VPN application, Kaspersky VPN still needs to process some of your data to function properly.
The application data are processed by Kaspersky and by Pango:
- As the VPN service provider, Pango processes data needed to arrange VPN sessions.
- Kaspersky processes data that is needed for the application to function.
We handle data in strict adherence with the highest data protection standards, we apply legal, organizational, and technical measures to protect your data https://www.kaspersky.com/about/data-protection.
Your online activity is not logged
Kaspersky and Pango don’t log online activity such as the pages you open or files you download.
No information we receive from you can be connected with your online activity. It’s technically impossible to share your online activity with anyone because this information isn’t logged.
Your data is never used for advertising
Kaspersky doesn't show third-party ads in any of its applications, neither in free or trial versions, nor in paid versions.
The services that Kaspersky VPN uses to function, such as Pango or mobile application services, are prohibited from using any of the data for advertising purposes.
Brief summary of application data
Here is how we process the data.
Data to start a VPN connection and VPN session statistics
Kaspersky VPN and Pango VPN servers exchange data to start and hold VPN sessions. Only the bare minimum of data is logged to ensure the service works properly.
Starting a VPN session
To start a VPN session, Kaspersky VPN sends Pango technical information for you to enter the service and connect to the VPN. It doesn’t contain any data you provide about yourself, such as your email or name. Pango keeps a technical log of the data to analyze crashes or possible incidents. Out of all the data, Pango only logs the installation ID generated by Kaspersky VPN, stores it for a month and then deletes it.
After you enter the service, a token is generated to connect your device to the optimum VPN server. The token only exists for 24 hours. The login event is stored for a month.
Pango generates and stores an encrypted user and device ID to identify you in the service, for example, to check your license or the number of devices you use to connect to the VPN. The service deletes the data after a period of inactivity of the device in the service.
The IP address of the device is necessary to establish a VPN session and select the optimum VPN server to provide a fast VPN connection. The VPN server keeps the IP address in the memory as long as the VPN session is held. The IP address doesn't exist when the session is closed; it is not logged.
VPN session statistics
Pango keeps statistics about your VPN session necessary for service provision, for example, to decide whether more VPN servers are needed to provide a high-quality VPN service (https://pango.gitbook.io/pango-platform/resources/faq/what-data-collect-the-platform#vpn-session-statistics).
The statistics are stored for a year.
You can view the statistics of your VPN session in My Kaspersky Management Console (when the session starts and ends). The service never logs any traffic content.
Other data the application requires to function
Kaspersky processes the minimum data required for the application to function and maintain a high quality of service, for example, to activate the application on your device or data for the application to determine when to start the VPN.
Additional purposes: Some of the data that are required for the application to function can also be useful for marketing purposes, i.e., we improve the quality, appearance and performance of future versions of the application by analyzing aggregate data on how you interact with the program, your experience and satisfaction. In GDPR regions, we only use this data for additional marketing purposes after receiving your specific consent (Marketing statement).
Data for the application to determine when it’s time to start the VPN. When you connect to a Wi-Fi network, Kaspersky VPN checks if the network is encrypted adequately. The application prompts you to start a secure VPN connection if the Wi-Fi network is unencrypted, for example, when you use free Wi-Fi in a public place.
Starting the VPN based on website and app category or reputation. When the VPN is not enabled, you can use other features to help Kaspersky VPN determine that it's time to start a VPN connection.
In the Windows application, you can configure to start a VPN connection when you visit websites of specific categories, for example, payment systems, banks, or social networks. You can use the feature if Kaspersky Internet Security, Kaspersky Total Security, or Kaspersky Security Cloud is installed on your device.
The Android version of Kaspersky VPN uses Adaptive Security technology that enables you to automatically turn on a VPN connection based on the reputation of websites and applications. This function is turned on if you select Accessibility on your device. Kaspersky VPN on your device 'normalizes' website and app information, deleting all personal data from them before it checks the information against Kaspersky’s own reputation cloud database. Even in this case, we never get any information about your browsing history because the information isn't logged.
Information about your license. Information about your license is required to activate the application. We use it to identify legitimate licenses, renew licenses and provide timely updates.
We don’t have access to the payment data you used to purchase the license. We don't have access to your bank card data or other information about you that was provided when purchasing a license. You use the pages of our e-commerce partners to purchase the application. For example, if you buy a mobile version of the application from Appstore and Google Play, your data is processed by them.
Your My Kaspersky account data. If you choose to identify yourself by registering with My Kaspersky, you provide your email address (login) to register and confirm your account. The email address and other account information generated by the application are stored for one calendar month after the account has been deleted, after which they are deleted as well.
Your login isn’t required if you don’t register with My Kaspersky, for example, if you activate the application with an activation code.
Operating system and Kaspersky VPN installation on your device. Because the application operates on Windows, Mac and iOS and Android, information about your operating system is required to activate the application. This information is also used for troubleshooting purposes.
We check if Kaspersky VPN is installed together with other Kaspersky applications. You can use some of the functions from the windows of other Kaspersky applications, for example, turn on the VPN if the Wi-Fi network is not encrypted adequately from Kaspersky Security Cloud for Mac.
Crash data and mobile-specific data. We require your special permission to get dump files if Kaspersky VPN crashes on your device. The information is stored at the Kaspersky dump server; it helps us to understand what has gone wrong with the application on your device and to prepare a fix that you receive with an application update.
Some data is required when using the application on an iOS or Android device. For example, the Google FireBase Cloud Messaging mobile service uses the data on your device to deliver push notifications that Kaspersky servers send.
Statistics sent specifically for marketing and protection improvement purposes
Some statistics are used specifically for marketing purposes. You can also choose to contribute to Kaspersky Security Network to improve the quality of protection and help us find new complex security and network threats, for example, help Kaspersky VPN determine the security of Wi-Fi networks more precisely (https://www.kaspersky.com/ksn).
In this case, Kaspersky requests your consent for the application to send additional statistics.
If you grant your consent, we receive information specifically for the following marketing purposes:
- To improve the quality, appearance and performance of the application by analyzing how you interact with it, as well as your experience and satisfaction.
- To offer you security solutions that best match your needs.
- To create user categories based on certain parameters to provide relevant information about maintaining your security level, marketing offers and promotional materials.
We request statistics about your interaction with the application, its settings and events.
This information can’t be linked with your online activity.
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
About the VPN service provider Pango
Pango (formerly AnchorFree) is one of the oldest VPN service providers. The company is headquartered in Redwood City, California, USA (https://www.pango.co/about/).
The VPN servers that encrypt traffic are located in many countries around the world.
According to the agreement between Kaspersky and Pango, Pango is prohibited from making any changes to the software or hosted infrastructure without Kaspersky’s written consent. We have signed an additional data processing agreement to ensure GDPR compliance. Pango can use the data only for VPN service provision; it is not allowed to use the data for any other purposes.