It's not necessary, it's just a side effect of communicating with a web server (there's no way around communicating the IP address, so it has to be communicated in the EULA).
This is just to legally cover off what we're scanning - I'd think users would definitely want us to scan temporary internet files and custom folders: otherwise, we'd miss any temporarily downloaded files...
We store information about the signatures of files and their behaviors for malware detection. We don't store personally identifiable data or anything which infringes upon your privacy.