Personal Information Processed
ATP Cloud processes several types of files as set forth below depending in part on a customer’s configuration. Juniper ATP Cloud limits the amount of personal information collected to what is necessary to provide the service and can further limit the type of data collected by configuring the service’s features based on customer preference. To the extent the below files contain personal information, such information may be incidentally processed as part of ATP Cloud’s threat analysis processing.
ATP Cloud processes executable files which do not ordinarily contain personal information in the form they are analyzed by ATP Cloud. Examples of executables include any file that has headers indicating it is a Windows/DOS executable, a COFF executable, an ELF executable, or the EICAR virus test file, and any file name ending in "bin", "exe", "com", "elf", "prx", "ex", or “ex_” that isn’t clearly some other file type.
ATP Cloud may process files that do not fall into the above Executables category to determine if the file is malicious. Such files may include documents, spreadsheets, .pdfs, and archives, which may contain personal information.
ATP Cloud may process the following metadata of inspected Executables and Documents as part of its threat analysis processing, which may include personal information:
- Account activity (e.g., number of log-ins, actions taken including but not limited to applications purchased or canceled, and IP address)
- Client Host
- Client IP Address
- File Name
- Username (if User Firewall is turned on)
- Vendor or creator
- Date/Time Submitted
- Device Name
TLS Session Enablement Packets
If a customer enables analysis of Encrypted Traffic, ATP Cloud processes TLS session enablement packets, also known as connection packets, which are exchanged when a session is first created. Packets exchanged after the session is established are not analyzed. The types of information analyzed in these initial packets include IP address of the system that initiated the connection, the destination IP address, and connection metadata like ciphers, hostname requested, and encryption parameters.
ATP Cloud may process the following email data (through either SMTP or IMAP) if the customer configures ATP Cloud to quarantine emails:
- Message Content
Purposes of Processing Personal Information
Juniper ATP Cloud analyzes the files, packets, and other information set forth above to generate a threat score used by customers to dynamically protect their network and take corrective or preventative action, where such analysis may include incidental and temporary processing of personal information contained within or related to such files, packets, or other information.
Retention of Personal Information
Any file (which may incidentally contain personal information) processed in connection with the provision of Juniper ATP Cloud will be discarded promptly to the extent it is not necessary for detecting and protecting systems from malware, providing customers with valuable information in understanding threats to their network, and taking corrective or preventative action. Any personal information not discarded promptly will be retained as needed to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements, and customers may in some cases be able to configure retention periods for certain types of files.
Changes to this Supplement
We may update this Supplement from time to time to reflect any changes in our ATP Cloud personal information processing practices.
Updated August 2020