Updated on 2023-12-25 GMT+08:00

Personal Data Protection

To ensure that your personal data, such as the username, password, and mobile phone number, will not be obtained by unauthorized or unauthenticated entities or people and to prevent data leakage, CCM encrypts your personal data before storing it to control access to the data and records logs for operations performed on the data.

Personal Data

Table 1 lists the personal data generated or collected by CCM.

Table 1 Personal data

Type

Collection Method

Can Be Modified

Mandatory

Tenant ID

  • Tenant ID in the token when an operation is performed on the console
  • Tenant ID in the token when an API is invoked

No

Yes. The tenant ID is the certificate resource ID.

Name

Contact name entered when applying for an SSL certificate.

Yes

Yes. The contact name is mandatory in the manual verification phase.

Email Address

Email address entered when applying for the SSL certificate or private certificate

  • Email address entered when applying for an SSL certificate: Yes
  • Email address entered when applying for a private certificate: No
  • Email address entered when applying for an SSL certificate: Yes. This parameter is mandatory in the manual review phase.
  • Email address entered when applying for a private certificate: No

Mobile number

Contact mobile number entered when applying for an SSL certificate.

Yes

Yes. The contact name is mandatory in the manual verification phase.

Enterprise's business license

When applying for an SSL certificate, you can upload the enterprise's business license.

Yes

No

Bank account opening permit

You can upload the bank account opening permit when applying for an SSL certificate.

Yes

No

Enterprise project ID

When applying for or using an SSL certificate or private certificate, you can assign an enterprise project to the certificate.

Yes

Enterprise project enabled: Yes

Enterprise project enabled: No

Storage

CCM uses encryption algorithms to encrypt your sensitive data and stores encrypted data.

  • Tenant IDs: Tenant IDs are not sensitive data and are stored in plaintext.
  • Name, email address, and mobile number: encrypted for storage

Access Control

Token authentication is required for accessing your personal data in the CCM database.

Logging

CCM logs all operations involving personal data, such as editing, querying, and deleting personal data. The logs are uploaded to Cloud Trace Service (CTS). You can view only the logs for your operations.