1. BACKGROUND
This Module applies if you use the Bastion Host feature (“Feature”). This Module is incorporated into the Data Processing and Security Agreement located at (“DPSA”). Terms used but not defined in this Module shall have the meaning given to them in the DPSA. In the event of any conflict between the DPSA and this Module, this Module shall apply to the extent of the inconsistency.
2. PROCESSING
We will process the following data in connection with the Feature:
| Personal Information | Use |
|---|---|
| Asset management information: host IP, host OS, host port, host account, database IP, database type, database Port, database account, asset group, asset password | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Payment records data: instance ID, client IP, instance number, expire time, region, operation | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Access control information: authority name, status, username, asset account, authorized actions, high-risk command | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| User management information: name, phone number, verify methods, email, user group, access time | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Maintenance information: task id/name, execution method, execution period, execution time, execution command, asset information | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Operation log: asset ip, source ip, asset account, time, asset name, username, session duration\session size, command amount\blocking command amount, status, operation replay | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| System access log: time, username、source ip、login method, login result, resolution, access mode. | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Audit log: time, auditor account, source ip, audited asset id, audited asset ip, operation, session type, audit details | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Risk event log: events type, events description, time | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| System configuration: white list, security setting (web inactivity duration, the times of password error, blocking duration), verify setting (password complexity, minimum password length, password expiry date, same historical password, two-factor authentication, ldap information) | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored in our MySQL feature. |
| Backup log: system login log (time, username、source ip、login method, login result), asset login log (asset ip, source ip, asset account, time, asset name, username, session duration) | We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is backed up in our Security Operations Center feature. |
3. SERVICE REGION
As specified in the DPSA.
4. SUB-PROCESSORS
As specified in the DPSA.
5. DATA RETENTION
We will store personal data processed in connection with the Feature as follows (unless otherwise required by applicable Data Protection Laws):
| Personal Information | Retention Policy |
|---|---|
| Asset management information | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Payment records data | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Access control information | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| User management information | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Maintenance information | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Operation log | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| System access log | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Audit log | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Risk event log | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| System configuration | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
| Backup log | We retain such data until you terminate your subscription for the Feature, upon which such data will be deleted within 7 days. |
You can request deletion of such personal data in accordance with the DPSA.
6. SPECIAL CONDITIONS
You acknowledge, understand and agree that (i) we do not make any representation or warranty or give any undertaking that this Feature will be in compliance with any applicable laws or regulations, (ii) you have obtained any necessary licenses, registrations or approvals that may be required in connection with or related to the use of the Feature (such as in relation to payment processing activities, records of which may be reflected as part of the Feature’s functionalities) and (iii) any reliance on or use of this Feature is at your sole risk.
Yes
No
Was this page helpful?