Privacy Considerations Guide
Intended audience: ADMINISTRATORS SECURITY DATA GOVERNANCE
AO Platform: 4.3
Overview
This guide describes how the AO Platform deals with User Identifiable Data (UID), including what UID is persisted, retention policy (ie, can UID be deleted manually or on a schedule), and how UID is protected (ie, can UID be exported, can sensitive data be viewed, is UID encrypted for non-Admins, etc…).
These privacy considerations are related to the product delivered or to be delivered to the customer.
Any customer-specific customization, development or modification of the product may introduce privacy impact beyond that described here.
User Identifiable Data - Details
The privacy considerations describe the processing of personal data by this product, the possible privacy impact from that processing, and applicable privacy measures.
By 'processing' App Orchid means any essential feature operation or set of operations performed by the product on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
The following categories of data are collected and/or processed by the AO Platform and associated solutions that could be classified as personal data:
Contact Information
The AO Platform software can store contact information, such as the user's name, e-mail address, and phone number as it relates to user account creation. This data is stored in the Server's configuration database schema and is configured by the administrator to identify users. In cases where an external authentication system is used, such as an LDAP/AD store, the AO Platform software does not store specific user contact information. The user’s name is displayed in the application once the user is logged in. Access to user contact information requires Administrator level account permissions to the AO Platform, to prevent unauthorized access and use of the information for unintended purposes. Access to user contact information directly from the configuration database is protected by additional database-level authentication. User contact information is retained in the configuration database (or connected external authentication system) until the administrator deletes it.
User Account Information
The AO Platform software collects User account information, such as passwords. This data is collected and stored in the Server's configuration database schema to provide accountability for the proper operation of the product features and is processed only to give the user access to the intended features of the product. This information is secured from unauthorized access by restricting access to the configuration database, where they are stored, to only individuals with authorized access rights. The password for User accounts is further encrypted before saving to the configuration database. The User account information is retained in the database until the Administrator deletes it.
Network Identifiers
The AO Platform software collects Network identifier information, such as domain/IP address and port number of integrated systems and gateways. This data is stored in the Server's configuration database schema. They are collected as part of the configuration of the AO Platform server environment. The domain/IP and port addresses are used to connect to the external integration points, such as email gateway, streaming services, analytics services and databases, and web services in general. This information, when captured in log files, is only available to Administrators with authorized access to the AO Platform’s Administrative interface and/or the file system of the server infrastructure. The domain/IP address and the port number details are retained in the configuration database and logs until the Administrator deletes the configuration and log files. Some typical integration points, most of which are optional, available in the AO Platform server environment:
SQL database connections, including AO Platform’s own configuration database, PostgreSQL
ActiveMQ connection
Kafka connection
Elasticsearch connection
Weaviate (or Pinecone) connection
Solr connection
Hadoop Data Platform connection
R server connection
SAP connection
SMTP server connection
ABBYY OCR connection
DocuSign connection
Python connection
Google Search Engine connection
Neo4j connection
Kx Database connection
Arango Database connection
AWS S3 connection
GCP connection
OpenAI connection
Proxy server connection
Online Map services, including Google Maps, Highcharts Maps, Esri Maps, and CesiumJS
Web Service connections in general
all AO Platform server connections in a cluster configuration
Location Information
The AO Platform software facilitates the access, display, and analysis of location information, including:
Map displays and location search and measurement - The AO Platform user interface facilitates the display of geographic maps allowing for the identification of specific locations of resources and assets. Additionally, the user can perform a location search within the map display. Access to map displays is configurable by Administrator.
Use of map displays and location search is separately licensed by customers directly with the online map service provider based on map service provider's terms & conditions.
Geographical latitude and longitude information - Such data is collected and stored according to the requirements and scope of a solution developed with AO Platform and deployed by customers, in the customer's own database environment. The purpose of storing this information relative to applications is to identify the geographical location of resources and assets owned by the customer deploying the solution. This information is secured from unauthorized access by the customer's own security implementation. Where authentication is required to access Location information, the AO Platform manages and protects access through its Administrator interface requiring Administrator level permissions.
Geo-location service information - The AO Platform user interface facilitates access to the Internet Browser's geo-location service API to detect and store a user's "current location". The current location information is an optional feature of the user's interface. If current location detection is accepted, the Internet Browser will store the user's preference. The user can optionally change the Internet Browser preference to disable the current location feature relative to his AO Platform solution. The AO Platform does not persist any information relative to a user's current location.
License Key
The AO Platform software is licensed using a license key. The license key contains one or more Feature Codes identifying which capabilities are enabled/disabled in the AO Platform. License keys can be term-limited or perpetual in nature and are generated based on the purchase agreement to enable different capabilities of a deployment. The license key information and associated feature codes are visible within the AO Platform Admin solution and new license keys can be added by Administrator.
Web Session ID
The AO Platform software creates a Web session ID which is set after every successful login to an application. Cookies are used to maintain the session for the logged-in user. Active user sessions are persisted to log files and stored in the configuration database for audit purposes. Information about logged-in users and active sessions, in general, is available to Administrator via log files.