Personal Data Protection Mechanism
No personal data is gathered by a CBH instance. After an instance is created, you need to create a user account for logging in to the CBH system. Creating a user account for logging in to the system requires personal data.
To ensure that your personal data, such as the username, password, and mobile phone number for logging in to a CBH system, will not be obtained by unauthorized or unauthenticated entities or people and to prevent data leakage, CBH encrypts your personnel data before storing it to control access to the data and records logs for operations performed on the data.
Personal Data to Be Collected
Table 1 lists the personal data generated or collected by CBH.
Item |
Type |
Collection Method |
Can Be Modified |
Mandatory |
---|---|---|---|---|
CBH instances |
Login name |
Login name configured by the system administrator during user creation |
No |
Yes Login names are used to identify users. |
Password |
|
Yes |
Yes This password is used by the user to log in to a CBH system. |
|
|
|
Yes |
Yes This email address is used to receive notifications sent by the CBH system. |
|
Mobile number |
|
Yes |
Yes
|
Storage Mode
CBH uses encryption algorithms to encrypt users' sensitive data and stores encrypted data.
- Login names are not sensitive data and stored in plaintext.
- Passwords, email addresses, and mobile numbers are encrypted for storage.
Access Permission Control
Your personal data is encrypted for storage in CBH. A security code is required for the system administrators and upper-level administrators when they attempt to view your mobile number and email addresses. However, passwords of all users are invisible to all.
Two-factor Authentication
After multi-factor authentication is configured for a user, the user needs to be authenticated twice when logging in to the CBH system. The secondary authentication includes SMS message, mobile OTP, USB key, and dynamic token modes. This effectively protects sensitive user information.
Logging
The CBH system records audit logs for all operations on users' personal data, including adding, modifying, querying, and deleting data. The logs can be backed up to a remote server or local computer. Users with the audit permission can view and manage logs of user accounts in lower-level departments. The system administrator admin has the highest permissions and can view and manage operation records of all user accounts used to log in to the CBH system.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.