Data privacy and security features
Oracle Unity has several mechanisms to help meet your organization's data privacy and security requirements. Learn about the Oracle Unity privacy and security features and where to find information about implementing them.
Also review Data Processing Agreement for Oracle Cloud Services and Oracle Cloud Hosting and Delivery Policies. Learn more about Oracle Marketing Cloud and General Data Protection Regulation (GDPR).
Collecting data
Oracle Unity enables your organization to capture personal data across many different channels and systems. As part of these data capture processes, you have the ability to incorporate mechanisms that enable your customers to make informed decisions about the use of their personal data.
Managing consent requirements
There are many considerations surrounding the management of consent. Consent requirements vary from region to region and it is important to know and understand the regulations in the regions in which you operate.
Oracle Unity has tools that allow you to manage your opt-in customer audience with segmentation. You can use customer attributes to target individuals that have given you permission to contact them by email, text message, phone, or mail.
Segmentation also allows you to create groups of customers by targeting geographic areas. This lets you manage your campaigns based on regional consent requirements.
Learn more about Segmentation.
Managing data
As today’s businesses capture vast amounts of personal data, marketing teams require tools that enable them to manage data at scale. Oracle Unity provides a comprehensive portfolio of features that makes it easy for you and your organization to securely manage personal data.
Ingest and export jobs
Ingest and export jobs securely transfer data into and out of Oracle Unity. By using a Secure File Transfer Protocol (SFTP) server, you can safely transfer the data you need so you can effectively manage your customer data. Learn more about Creating ingest jobs and Creating export jobs.
Protecting data
Oracle Unity provides capabilities to help protect data. Features like granular user access controls, encryption, data redaction, anonymization, and more help your organization protect personal data at the highest possible standard. We ensure that we comply with all the requirements of the General Data Protection Regulation (GDPR).
Data minimization
Role-based access control in Oracle Unity provides granular access to data. This includes privileges, such as read-only, based on the user's role and responsibilities. This ensures users only get access to the data they need to complete their job.
Oracle Unity allows you to associate marketing permissions with customer data, so that you can control what channels are used to communicate with customers.
You get full control of the data in Oracle Unity by doing the following:
- Managing the data model to your organization's specific needs. Learn more about Managing the Oracle Unity data model.
- Creating and configuring ingest jobs so that you choose what data to import. Learn more about Creating ingest jobs and Managing ingest jobs.
- Deleting data as needed.
Separation of duties
Oracle Unity enables separation of duties by supporting distinct admin and functional user roles. Functional roles include the following: business user, analytics user, data master, data engineer, and data user. Roles are assigned based on each user's responsibilities.
Data deletion and right to erasure and/or be forgotten
Privacy regulations vary region to region, so it's important to understand how you can manage and delete customer data from the Oracle Unity application. Learn more about Deleting data from Oracle Unity.
Data portability
Segments you create in Oracle Unity can be exported to other marketing orchestration platforms for use in campaigns. You can set up these data exports through the creation of destinations and export jobs. Learn more about Creating export jobs and Creating destinations.
Source records of the data model can be requested after termination of your Oracle Unity account. The request will be fulfilled 60 days after the termination date.
Data correction
Data can be corrected through the management of ingest jobs and the updating of data from sources. The source of data that Oracle Unity uses (data from your organization's customer records) will need to be updated with the correct data. Oracle Unity will then import this updated data during an ingest job. Learn more about Managing ingest jobs and Managing sources.
Notice and consent
Oracle Unity has attributes in the data model that track the communication preferences of customers in your customer records. This data is stored within the Customer data object of the data model and includes the following attributes: okToEmail, okToCall, okToText, okToNotify, and okToMail. When ingest jobs run, the preferences are processed and stored in the data model. You can use these preferences when creating and managing segments. Learn about the default data model, Segmentation, and Managing ingest jobs.
Tracking technologies
Oracle Unity incorporates the tracking capabilities of Oracle Data Cloud and Oracle Infinity. Oracle Unity will integrate the data collection, security, and privacy practices to gather information and import that data. Learn more about Oracle Infinity integration.
Technologies that enable profile creation
Oracle Unity uses the data it imports to understand your customers better and to create complete customer profiles. This data can originate from your organization's customer records or from third-party data platforms. Learn more about Oracle Infinity integration.
Oracle Unity may use the data it collects to create intelligent attributes, which are attributes that collect and assess customer profile, behavioral, transactional, and demographic data. Learn more about Attributes.
Technologies related to (solely) automated decision making
Solely automated decision-making is the ability to make decisions by technological means without human involvement. Oracle Unity does not provide any capabilities for (solely) automated decision making.
User authentication
Oracle Unity uses Oracle Identity Cloud Service (IDCS) for user authentication to ensure that the proper authentication measures are in place to protect your organization's data. Learn more about Oracle Identity Cloud Service.
Encryption at Rest
Encryption at Rest is Oracle Unity's solution to "data at rest encryption". Encryption at Rest provides security for data in files that are saved on disk (or at rest) by encrypting that data. Using Oracle Transparent Data Encryption (TDE) technology and Apache Key Management Server (KMS), Encryption at Rest encrypts Oracle Unity data to prevent access from unauthorized users. For Oracle Unity accounts with security mandates to protect their data at rest from unauthorized access, Encryption at Rest offers advanced data protection.
Encryption in Transit
Encrypted data in transit uses Hypertext Transfer Protocol Secure (HTTPS) and Secure File Transfer Protocol (SFTP) to ensure data is transferred securely. This data flows through a load balancer.
Availability
All data that is stored in Oracle services is available to you through the management of the Oracle Unity data model, segmentation tools, and export jobs. Our API access mechanisms also ensure that you can retrieve the data in Oracle Unity when you need it. Learn more about Managing the Oracle Unity data model, Segmentation, and Creating export jobs.
Separate auditing and "detective control" privileges
Oracle Unity has built-in audit and logging capabilities operating on Oracle Cloud Infrastructure to support security and compliance requirements. If needed, future audit capabilities can be added into the product. Oracle never sends these operational logs to any external destination.
Oracle Unity never logs ingested customer data anywhere, but the system may log user-defined resource names as part of URI (Uniform Resource Identifier) or exception logs. For example, if you create a segment in Oracle Unity named "2019 Summer Sale", Oracle Unity might log the string "2019 Summer Sale", but not the customer data used to create the segment.
For audit and security purposes, Oracle Unity maintains a regular service access log with the following data:
- Who (ID of user)
- When (time of access)
- What (URI)
Anonymization
Oracle Unity enables anonymization of records when importing data. There are a couple of ways to handle data that needs to be anonymized.
Let’s say that a source file that you want to import into Oracle Unity includes Social Security Number (SSN). You have two options for handling such sensitive Personally Identifiable Information (PII):
- You can omit this source field from field mapping when setting up the data ingestion job. Oracle Unity will ignore that field in the source file, and the SSN data is never imported into Oracle Unity.
- You can import the SSN data into Oracle Unity, but anonymize it during ingestion. In your data ingestion job, you can select Static transformation and enter a string such as “xxxx”. Regardless of the value in the incoming file, Oracle Unity will store it as “xxxx”, allowing you to anonymize this sensitive PII data.
Pseudonimization (key-coding)
To enable pseudonimization of data, you will need to configure it before importing into Oracle Unity. You will need to create two sets of customer data (CustomerData): PIICustomer (presonally identifiable information) and NonPIICustomer (non-personally identifiable information).
Masking
Oracle Unity enables masking of data during the configuration of ingest jobs, so that you can mask whole fields or only parts of them.
Let's say you want to import order transaction details into Oracle Unity, and the source file includes credit card numbers. The first x digits of the credit card number can be masked. For example, if the first 12 digits are masked, the credit card number will be stored in Oracle Unity as xxxxxxxxxxxx8734. You can do this through the use of Static transformation.
Truncation
Oracle Unity enables truncation of data during the configuration of ingest jobs.
Let's say you want to import gender data into Oracle Unity. A value of "Male" in the incoming field can be truncated and stored in Oracle Unity as the value "M". You can do this through the use of Static transformation.
Tokenization
You will need to complete tokenization of data before importing it into Oracle Unity.
Oracle Unity system requirements