Help Center/ Database Security Service/ Service Overview/ Overview/ Personal Data Protection Mechanism
Updated on 2022-09-22 GMT+08:00

Personal Data Protection Mechanism

To ensure that website visitors' personal data, such as the username, password, and mobile phone number, will not be obtained by unauthorized or unauthenticated entities or people and to prevent data leakage, DBSS controls access to the data and records logs for operations performed on the data.

Personal Data

Table 1 lists the personal data generated or collected by DBSS.

Table 1 Personal data

Type

Collection Method

Can Be Modified

Mandatory

Username

Entered by users on the console login page.

No

Yes

Usernames are used to identify users.

Email

Entered by users when configuring email notifications for database audit.

Yes

No

Storage Mode

  • Usernames are not sensitive data and stored in plaintext.
  • Emails are encrypted before storage.

Access Control

Only users having the DBSS System Administrator permission can configure email notifications. Users can view only their own emails.

Logging

All non-query operations on users' personal data, including creating and deleting instances, are recorded in audit logs by DBSS and uploaded to CTS. Users can only view their own audit logs.