tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Customer Identity and Access Management
    Documentation
    Download PDF

    Data Processing And Security Agreement

    Last updated: 2023-12-22 11:45:18
    Download PDF

      1. BACKGROUND

      This Module applies if you use Customer Identity and Access Management (CIAM) (“Feature”). This Module is incorporated into the Data Processing and Security Agreement located at (“DPSA”). Terms used but not defined in this Module shall have the meaning given to them in the DPSA. In the event of any conflict between the DPSA and this Module, this Module shall apply to the extent of the inconsistency.

      2. PRECESSING

      We will process the following data in connection with the Feature:
      Personal Information
      Use
      User Management Configuration Data: Preset user attributes determined by you (description, nationality, user position, birthday, gender and address); User group (user group list, name, remarks, creation time and included user list).
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our TencentBD for MongoDB (MongoDB) and feature, and is also integrated with our TencentDB for Redis (Redis) feature.
      Application Management Data:
      M2M application: icon, application name, application type, industry, Client ID, password key, application description, access token validity, security domain, and specific configured URI of CORS;
      Mini-Program application: style application download, configuration guide, icon, application name, application type, industry, ClientID, password key, application description, redirect URI, logout redirect URI, access token validity, refresh token, claims, registration and login process configuration, URI of security domain CORS specific configuration;
      Mobile app: icon, application name, application type, industry, ClientID, password key, application description, redirect URI, logout redirect URI, access token validity, refresh token, claims, registration process, login process, MFA process, password forgetting process, user name forgetting process, protocol management, URI of specific configuration of security domain CORS;
      Web application and web application: icon, application name, application type, industry, ClientID, password key, application description, redirect URI, logout redirect URI, access token validity, refresh token, claims, registration process, login process, MFA process, password forgetting process, user name forgetting process, protocol management, URI of specific configuration of security domain CORS.
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our Cloud Object Storage (COS) and MongoDB features.
      Data Synchronization Settings Data: Data source name, data source ID, description, configuration guide, ClientID, client password key, token, user URL, group URL.
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our MongoDB feature.
      Certification Management Data:
      General authentication source: authentication source icon, authentication source name, authentication source attribute, authentication source description, password policy, SMS verification code length, SMS verification code validity period, email verification code length, email verification code validity period;
      Social authentication source: authentication source icon, authentication source name, authentication source description, AppID, app password key, attribute mapping.
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our COS and MongoDB features. If you have purchased our Short Message Service (SMS) and Simple Email Service (SES) services, general authentication source data is also integrated with our SMS and SES features.
      Personalization Data:
      Domain name setting: domain name set and provided by you (or if needed, standard domain name provided by us) ;
      Template setting (configuration settings regarding option to use SMS and/or SES features): SMS template (SMS server, SMS login signature, SMS template ID); Mailbox template (email server, verification code template ID, retrieve password template ID, retrieve user name template ID) ;
      Real name authentication template (real name authentication service provider, security credentials of API caller (secret ID, secret key)).
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our MongoDB feature. If you have purchased our SMS and SES services, template setting data is also integrated with our SMS and SES features.
      Built In User Attributes Data: wrong login times, locking time, Alipay user ID, email address, update time, user time zone, geographical location, latest login time, phone number, creation time, user group, user pool, user nickname, user ID, user name, WeChat open ID, whether you have logged in for the first time, user source, Wechatunion ID, user status, QQ open ID, QQunion ID, whether you have real name authentication, real name authentication method Name, ID number, whether or not the main account
      We only process this data for the purposes of providing the Feature to you.
      
      Please note that this data is integrated with, stored and backed up in our MongoDB and feature, and is also integrated with our Redis feature. If you have purchased our SMS and SES services, phone number is also integrated with our SMS feature, and email address is integrated with our SES feature.

      3. SERVICE REGION

      As specified in the DPSA.

      4. SUB-PROCESSORS

      As specified in the DPSA.

      5. DATA RETENTION

      We will store personal data processed in connection with the Feature as follows:
      Personal Information
      Retention Policy
      User Management Configuration Data Application Management Data Data Synchronization Settings Data Certification Management Data Personalization Data Built In User Attributes Data
      We retain such data until you manually delete such data. Otherwise, when you delete your account or terminate your use of the Feature, we will delete such data.
      You can request deletion of such personal data in accordance with the DPSA.

      6. SPECIAL CONDITIONS

      You must ensure that this Feature is only used by end users who are of at least the minimum age at which an individual can consent to the processing of their personal data. This may be different depending on the jurisdiction in which an end user is located.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy