Data Processing And Security Agreement
Last updated: 2024-10-16 16:50:25
1. BACKGROUND
This Module applies if you use Data Security Audit (“Feature”). This Module is incorporated into the Data Processing and Security Agreement located at (“DPSA”). Terms used but not defined in this Module shall have the meaning given to them in the DPSA. In the event of any conflict between the DPSA and this Module, this Module shall apply to the extent of the inconsistency.
2. PROCESSING
We will process the following data in connection with the Feature:
| Personal Information | Use |
|---|---|
| Configuration Data: |
We only process this data for the purposes of providing the Feature to you in accordance to your specific configuration. Please note that this data is stored and backed up in our TencentDB for MySQL feature. Please note that we have no access to the personal data, if any, stored in your database or control over your assets or data. |
| Agent information: deployment IP, VPC, operating system, machine load, last reporting time, running status, deployment location, open status, and assets IP collected by the agent. |
We only process this data for the purposes of providing the Feature to you, including to display to you the operational status of deployed agents. Please note that this data is stored and backed up in our TencentDB for MySQL feature. |
| User operation log data: operation time, operation account, operation IP, behavior classification, operation behavior. |
We only process this data for the purposes of providing the Feature to you. Please note that this data is stored and backed up in our TencentDB for MySQL feature. |
| Audit data: 1. Database audit log (SQL log/SQL CMDs): including asset name, database IP, database port, database name, user name, client IP, SQL statement, table name, number of rows affected, execution time, return message, tools, and terminal name, risk level. 2. Audit session log: including asset name, database IP, database port, database name, user name, session start time, session end time, IP of user/customer accessing the asset, SessionID, login status. 3. Audit report: report file (user-specified data statistics for report generation, which contains information of the audit log). |
We only process this data for the purposes of providing the Feature to you, in order to record and report database operations and audit results. Please note that this database audit log and audit session log are stored in and backed up in our Elasticsearch feature, and the audit report is stored in our Cloud Object Storage feature. In addition, the database audit log and audit session log are also received from the database traffic flow and data that you selected to upload for the use of this Feature. Please note that we have no access to the personal data, if any, stored in your database or control over your assets or data. |
3. SERVICE REGION
As specified in the DPSA.
4. SUB-PROCESSORS
As specified in the DPSA.
5. DATA RETENTION
We will store personal data processed in connection with the Feature as follows:
| Personal Information | Retention Policy |
|---|---|
| We retain such data for until you terminate your use of the Feature, in which case we will delete such data 7 days thereafter (unless you request for deletion of such data, in which case we will delete it within 3 working days after receipt of your request). |
You can request deletion of such personal data in accordance with the DPSA.
6. SPECIAL CONDITIONS
You must ensure that this Feature is only used by end users who are of at least the minimum age at which an individual can consent to the processing of their personal data. This may be different depending on the jurisdiction in which an end user is located.
You represent, warrant and undertake that you shall obtain and maintain all necessary consents from data subjects in respect of the processing of their personal data (as applicable) in respect of the Feature (including for the purposes of providing the Feature), in accordance with applicable laws and so as to enable us to comply with applicable laws. You agree you will indemnify and hold Tencent harmless from and against all claims, liabilities, costs, expenses, loss or damage (including consequential losses, loss of profit and loss of reputation and all interest, penalties and legal and other professional costs and expenses) incurred by Tencent arising directly or indirectly from a breach of this requirement.
You acknowledge, understand and agree that (i) we do not make any representation or warranty or give any undertaking that this Feature will be in compliance with any applicable laws or regulations, and (ii) any reliance on or use of this Feature is at your sole risk.
This Feature is not intended for the processing of sensitive data. You must ensure that this Feature is not used to transfer or otherwise process any sensitive data by you or your end users.
Yes
No
Was this page helpful?