tencent cloud

Feedback

Privacy FAQs

Last updated: 2019-09-19 20:45:04

    1.Introduction

    We take your data privacy and security very seriously. Whether you are an individual user, a small business owner or a large corporation, we take steps to ensure that your content is stored and processed by us in a transparent way and using secure and reliable technology.

    We understand that your trust is something we earn. As part of that process, we work to keep you informed of our data security policies and measures, as they may change over time.

    These FAQs explain some basic principles that we apply to our provision of Tencent Cloud, particularly for those customers and prospective customers who have questions about how Tencent Cloud meets the requirements of data protection laws and other applicable regulations concerning data privacy and security.

    These FAQs are intended to be a general overview and do not constitute legal advice. We urge you to consult with your own legal counsel to familiarise yourself with the requirements that govern your specific circumstances and to take advice as necessary.

    For further information regarding Tencent Cloud's data privacy and security practices and these FAQs:

    (a)Please review the Tencent Cloud Privacy and Data Processing Policy – which sets out how we collect, store and process your content on Tencent Cloud.

    (b)Please contact our Customer Support team via phone at +86 4009 100 100, or online at https://console.tencentcloud.com/workorder. We would be pleased to discuss with you how we maintain the privacy and security of your content and answer any questions or concerns you may have.

    2.Who owns and controls your content?

    You do. All content that you upload to Tencent Cloud remains yours, and you remain in control of it.

    We do not access or use your content for any purpose, other than for providing Tencent Cloud to you. For example, Tencent will not use your content for marketing purposes or perform analytics on your content.

    You decide who may access your content and how that access is made available – Tencent makes available various security and authentication methods to help you with such efforts. Tencent delivers Tencent Cloud using commercially available internet connections and browser software. You (and any related users you choose to give access to your content) may log into Tencent Cloud using unique usernames and passwords.

    3.Does Tencent share your content with third parties?

    No. Tencent Cloud is designed to protect the security and confidentiality of your content. We will not share your content with anyone else other than in exceptional circumstances, such as where we believe we are legally required to do so (for example, if we are subject to a court order for disclosure), or where we need to do so in order to enforce or protect your rights, our own rights or the rights of other users.

    Please consult our Tencent Cloud Terms of Service for further details of the limited circumstances in which we will disclose your content.

    4.Where does Tencent store your content?

    We offer you the right to select where your content is stored from a list of potential locations. All of our data centres meet industry-accepted technical and security standards.

    If at any time we are no longer able to store your content in your selected location, we will notify you and offer you the alternative storage locations available at that time.

    5.Does Tencent comply with data protection laws?

    Yes. We have a comprehensive privacy and security programme directed at protecting your content, including your personal data (see below, Q7. How does Tencent protect your content?). We comply with our obligations under data protection laws.

    Because we only process your content in order to provide Tencent Cloud to you in accordance with your instructions, we are considered a "data processor" (or the equivalent designation under data protection laws in your jurisdiction). While the law varies from jurisdiction to jurisdiction as to the obligations applicable to data processors, we comply with all obligations binding on us in our role as a data processor in providing Tencent Cloud to you.

    6.How does Tencent help you comply with data protection laws when you use Tencent Cloud?

    Because you maintain ultimate control over the collection and use of your content, you will be considered a "data controller" (or equivalent designation) under data protection laws in respect of your content that contains personal data. This means that you will need to comply with data protection laws when you use Tencent Cloud.

    We have designed Tencent Cloud in a way that enables you to comply with your obligations. We do this by:

    (a)allowing you to maintain control over the manner in which your content is accessed and processed (see** Q2. Who owns and controls your content?**);

    (b)not sharing your content with third parties, except in accordance with our Terms of Service (see Q3. Does Tencent share your content with third parties?);

    (c)allowing you to choose the location of storage of your content (see Q4. Where does Tencent store your content?);
    (d)complying with applicable data protection laws (see Q5. Does Tencent comply with data protection laws?); and
    (e)maintaining industry-accepted security measures for the purpose of protecting your content (see Q7. How does Tencent protect your content?).

    Please note that data protection laws and regulations and how they are interpreted and enforced may change over time, and there may be other laws and regulations that apply to you. You should obtain legal advice to ensure that you are familiar with the requirements governing your use of data and other aspects of your business.

    7.How does Tencent protect your content?

    We have implemented a comprehensive privacy and security programme for the purpose of protecting your content. This programme includes the following:

    7.1 Data security. We have designed and implemented the following measures to protect customer's data against unauthorised access:

    (a)standards for data categorisation and classification;

    (b)a set of authentication and access control capabilities at the physical, network, system and application levels;
    and

    (c)a mechanism for detecting big data-based abnormal behaviour.

    *7.2 Network security. *We implement stringent rules on internal network isolation to achieve access control and border protection for internal networks (including office networks, development networks, testing networks and production networks) by way of physical and logical isolation.

    7.3Physical and environmental security. Stringent infrastructure and environment access controls have been implemented for Tencent Cloud's data centres based on relevant regional security requirements. An access control matrix is established, based on the types of data centre personnel and their respective access privileges, to ensure effective management and control of access and operations by data centre personnel.

    7.4Incident management. We operate active and real-time service monitoring, combined with a rapid response and handling mechanism, that enables prompt detection and handling of security incidents.

    7.5Compliance with standards. We comply with the following standards:

    (a)Information security management system – ISO 27001:2013.

    (b)IT service management – ISO/IEC 20000-1:2011.

    (c)Quality management system – ISO/IEC 9001:2015.

    8.How does Tencent respond to regulatory requests for your content?

    We may, from time to time, receive regulatory requests to disclose your content to regulators or law enforcement bodies. When we receive these requests, we take reasonable steps to query them and establish whether or not we are legally required to respond to them. When we are required to respond to such a request, we do everything we reasonably can to protect your confidentiality.

    9.How can you protect your content?

    Tencent Cloud provides a number of features that allow you to enhance the protection of your content. It is your responsibility to carefully select and use the features that are appropriate to you, in accordance with your own security policies. For example:

    (a)you can select the transmission method and transmission protocols for your data (e.g. HTTPS, SSH); and

    (b)you can select enhanced network security protection products such as dedicated access lines and IPSec VPN.

    Please take steps to keep your (and your authorised users') account login credentials safe. Please change your Tencent Cloud account passwords regularly to reduce the risk of your account being improperly accessed. Passwords should be unique and be difficult for others to deduce. If you suspect an unauthorised person has accessed your Tencent Cloud account, please notify us immediately – until we disable your account after receiving such notification from you, you are responsible for all acts and omissions within your Tencent Cloud account.

    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support