Governments place legal requirements on industries to protect data and privacy. We provide features and functions to help you meet these requirements.
Cloud Elements does not provide legal advice in any form. Cloud Elements software supports data protection compliance by providing security features and data protection-relevant functions, such as blocking and the deletion of personal data. In many cases, compliance with applicable data protection and privacy laws is not covered by a product feature. Furthermore, this document should not be taken as advice or recommendation regarding additional features that would be required in specific IT environments. Decisions related to data protection must be made on a case-by-case basis, taking into consideration the given system landscapes and the applicable legal requirements. Definitions and other terms used in this documentation are not taken from a specific legal source.
We assume that you have not maintained any data related to an individual in the tools provided by Cloud Elements, exempt for the members of the account (for example, when designing integration content).
We expect that sensitive personal data can only be included in message payloads. This responsibility lies exclusively with you as the operator of an integration scenario using Cloud Elements and remains your responsibility. If you include sensitive personal data within payloads or message attachments, Cloud Elements may store this information on your behalf. This applies also for data maintained in the tools provided by Cloud Elements. However, data within payloads can be protected by enabling encrypted storage. For more details on Cloud Elements' use of personal data, see Information Report.
User Consent
Various types of customer data are processed by and stored on Cloud Elements at different times. This data gets the highest level of protection, and Cloud Elements takes dedicated measures to guarantee this security level.
To comply with user consent, Cloud Elements customers should customize the Cloud Elements to use their own identity provider. Cloud Elements customers using the custom identity provider should ensure that the necessary mechanism for user consent is available to allow personal data (of a natural person such as a customer, contact, or account) to be collected as well as transferred to the solution.
Read Access Logging
Read Access Logging (RAL) is used to monitor and log read access to sensitive data. Data may be categorized as sensitive by law, by external company policy, or by internal company policy.
Cloud Elements does not store any sensitive personal data.
For more information about audit logs, see User Management via API in the Roles tab.Information Report
An information report is a collection of data relating to a data subject. A data privacy specialist may be required to provide such a report, or an application may offer a self-service.
The only personal data of data subjects stored in the Cloud Elements is the user ID, the e-mail ID, as well as the first and last name of a member in the account. This user ID is stored whenever a user creates an artifact on Cloud Elements, for example a Connector Instance or a Formula, and this user ID can be obtained (read) only from that artifact or the corresponding member of the account.To enable data subjects to obtain information about their personal data in the Cloud Elements, a retrieval service for their personal data is provided. For more information, see Retrieve Personal Data in the Roles tab.
Erasure
When handling personal data, consider the legislation in the different countries where your organization operates. After the data has passed its end of purpose, regulations may require you to delete the data. However, additional regulations may require you to keep the data longer. During this period, you must block access to the data by unauthorized persons until the end of the retention period, when the data is finally deleted.
Personal data can also include referenced data. The challenge for deletion and blocking is to first handle referenced data and then other data, such as business partner data.
Cloud Elements stores the user IDs of members of the account. Storing the user ID is a business requirement and the user ID is deleted when the related member is deleted in the account or when capability is deactivated.
All the personal data stored in the application is deleted once the access for the corresponding user is revoked by removing the user from the member list of the account.
In Cloud Elements, integration developers can contact their Cloud Elements administrators to have their personal data erased and their access revoked. For more information, see the User Delete section in the Roles tab.
Change Log
For auditing purposes or for legal requirements, changes made to personal data should be logged, making it possible to monitor who made which changes and when. Changes made in the identity provider should be logged by the identity provider.
Cloud Elements does not allow users to make any changes to their personal data, except adding members to the account, deleting members from the account, and assigning authorization roles. These changes are logged by Cloud Elements and can be displayed. For more information, see Read Personal Data Change Logs.