Help Center/ Data Security Center/ Service Overview/ Personal Data Protection Mechanism
Updated on 2023-07-17 GMT+08:00

Personal Data Protection Mechanism

To ensure that your personal data, such as the username, password, and mobile phone number, will not be leaked or obtained by unauthorized or unauthenticated entities or people, DSC controls access to the data and records logs for operations performed on the data.

Personal Data

Table 1 lists the personal data generated or collected by DSC.

Table 1 Personal data

Type

Source

Modifiable

Mandatory

Tenant ID

  • Tenant ID in the token used for authentication when an operation is performed on the console
  • Tenant ID in the token used for authentication when an API is called

No

Yes

Password

Entered by the tenant on the console

Yes

Yes. When scanning, desensitizing, and injecting watermarks to database data, DSC needs to use the database password to connect to the database and obtain data.

Storage Mode

  • Tenant ID is not sensitive data and can be stored in plaintext.
  • Database password: encrypted for storage.

Access Permission Control

Users can view only logs related to their own services.

Log Records

DSC records logs for all operations, such as modifying, querying, and deleting, performed on personal data. The logs are uploaded to Cloud Trace Service (CTS). You can view only the logs generated for operations you performed.