Data privacy and security features
Oracle Audience Segmentation has several mechanisms to help meet your organization's data privacy and security requirements. Learn about the Oracle Audience Segmentation privacy and security features and where to find information about implementing them.
Also review Data Processing Agreement for Oracle Cloud Services and Oracle Cloud Hosting and Delivery Policies. Learn more about Oracle Marketing Cloud and General Data Protection Regulation (GDPR).
Collecting data
Oracle Audience Segmentation enables your organization to capture personal data across many different channels and systems. As part of these data capture processes, you have the ability to incorporate mechanisms that enable your customers to make informed decisions about the use of their personal data.
Managing consent requirements
There are many considerations surrounding the management of consent. Consent requirements vary from region to region and it is important to know and understand the regulations in the regions in which you operate.
Oracle Audience Segmentation has tools that allow you to manage your opt-in customer audience with segmentation. You can use customer attributes to target individuals that have given you permission to contact them by email, text message, phone, or mail.
Segmentation also allows you to create groups of customers by targeting geographic areas. This lets you manage your campaigns based on regional consent requirements.
Learn more about Segmentation.
Managing data
As today’s businesses capture vast amounts of personal data, marketing teams require tools that enable them to manage data at scale. Oracle Audience Segmentation provides a comprehensive portfolio of features that makes it easy for you and your organization to securely manage personal data.
Ingest and export jobs
Ingest and export jobs securely transfer data into and out of Oracle Audience Segmentation. By using a Secure File Transfer Protocol (SFTP) server, you can safely transfer the data you need so you can effectively manage your customer data. Learn more about Creating ingest jobs and Creating export jobs.
Protecting data
Oracle Audience Segmentation provides capabilities to help protect data. Features like granular user access controls, encryption, data redaction, anonymization, and more help your organization protect personal data at the highest possible standard. We ensure that we comply with all the requirements of the General Data Protection Regulation (GDPR).
Data minimization
Role-based access control in Oracle Audience Segmentation provides granular access to data. This includes privileges, such as read-only, based on the user's role and responsibilities. This ensures users only get access to the data they need to complete their job.
Oracle Audience Segmentation allows you to associate marketing permissions with customer data, so that you can control what channels are used to communicate with customers.
You get full control of the data in Oracle Audience Segmentation by doing the following:
- Managing the data model to your organization's specific needs. Learn more about Managing the Oracle Audience Segmentation data model.
- Creating and configuring ingest jobs so that you choose what data to import. Learn more about Creating ingest jobs and Managing ingest jobs.
- Deleting data as needed.
Separation of duties
Oracle Audience Segmentation enables separation of duties by supporting distinct admin and functional user roles. Functional roles include the following: business user, analytics user, data master, data engineer, and data user. Roles are assigned based on each user's responsibilities.
Data deletion and right to erasure and/or be forgotten
Privacy regulations vary region to region, so it's important to understand how you can manage and delete customer data from the Oracle Audience Segmentation application. Learn more about Deleting data from Oracle Audience Segmentation.
Data portability
Segments you create in Oracle Audience Segmentation can be exported to other marketing orchestration platforms for use in campaigns. You can set up these data exports through the creation of destinations and export jobs. Learn more about Creating export jobs and Creating destinations.
Source records of the data model can be requested after termination of your Oracle Audience Segmentation account. The request will be fulfilled 60 days after the termination date.
Data correction
Data can be corrected through the management of ingest jobs and the updating of data from sources. The source of data that Oracle Audience Segmentation uses (data from your organization's customer records) will need to be updated with the correct data. Oracle Audience Segmentation will then import this updated data during an ingest job. Learn more about Managing ingest jobs and Managing sources.
Notice and consent
Oracle Audience Segmentation has attributes in the data model that track the communication preferences of customers in your customer records. This data is stored within the Customer data object of the data model and includes the following attributes: okToEmail, okToCall, okToText, okToNotify, and okToMail. When ingest jobs run, the preferences are processed and stored in the data model. You can use these preferences when creating and managing segments. Learn about the default data model, Segmentation, and Managing ingest jobs.
Tracking technologies
Oracle Audience Segmentation incorporates the tracking capabilities of Oracle Data Cloud and/or Oracle Infinity. Oracle Audience Segmentation will integrate the data collection, security, and privacy practices to gather information and import that data. Learn more about Oracle Data Cloud (ODC) integration and Oracle Infinity integration.
Technologies that enable profile creation
Oracle Audience Segmentation uses the data it imports to understand your customers better and to create complete customer profiles. This data can originate from your organization's customer records or from third-party data platforms. Learn more about Oracle Data Cloud (ODC) integration and Oracle Infinity integration.
Oracle Audience Segmentation may use the data it collects to create intelligent attributes, which are attributes that collect and assess customer profile, behavioral, transactional, and demographic data. Learn more about Attributes.
Technologies related to (solely) automated decision making
Solely automated decision-making is the ability to make decisions by technological means without human involvement. Oracle Audience Segmentation does not provide any capabilities for (solely) automated decision making.
User authentication
Oracle Audience Segmentation uses Oracle Identity Cloud Service (IDCS) for user authentication to ensure that the proper authentication measures are in place to protect your organization's data. Learn more about Oracle Identity Cloud Service.
Encryption at Rest
Encryption at Rest is Oracle Audience Segmentation's solution to "data at rest encryption". Encryption at Rest provides security for data in files that are saved on disk (or at rest) by encrypting that data. Using Oracle Transparent Data Encryption (TDE) technology and Apache Key Management Server (KMS), Encryption at Rest encrypts Oracle Audience Segmentation data to prevent access from unauthorized users. For Oracle Audience Segmentation accounts with security mandates to protect their data at rest from unauthorized access, Encryption at Rest offers advanced data protection.
Encryption in Transit
Encrypted data in transit uses Hypertext Transfer Protocol Secure (HTTPS) and Secure File Transfer Protocol (SFTP) to ensure data is transferred securely. This data flows through a load balancer.
Availability
All data that is stored in Oracle services is available to you through the management of the Oracle Audience Segmentation data model, segmentation tools, and export jobs. Our API access mechanisms also ensure that you can retrieve the data in Oracle Audience Segmentation when you need it. Learn more about Managing the Oracle Audience Segmentation data model, Segmentation, and Creating export jobs.
Separate auditing and "detective control" privileges
Oracle Audience Segmentation has built-in audit and logging capabilities operating on Oracle Cloud Infrastructure to support security and compliance requirements. If needed, future audit capabilities can be added into the product. Oracle never sends these operational logs to any external destination.
Oracle Audience Segmentation never logs ingested customer data anywhere, but the system may log user-defined resource names as part of URI (Uniform Resource Identifier) or exception logs. For example, if you create a segment in Oracle Audience Segmentation named "2019 Summer Sale", Oracle Audience Segmentation might log the string "2019 Summer Sale", but not the customer data used to create the segment.
For audit and security purposes, Oracle Audience Segmentation maintains a regular service access log with the following data:
- Who (ID of user)
- When (time of access)
- What (URI)
Anonymization
Oracle Audience Segmentation enables anonymization of records when importing data. There are a couple of ways to handle data that needs to be anonymized.
Let’s say that a source file that you want to import into Oracle Audience Segmentation includes Social Security Number (SSN). You have two options for handling such sensitive Personally Identifiable Information (PII):
- You can omit this source field from field mapping when setting up the data ingestion job. Oracle Audience Segmentation will ignore that field in the source file, and the SSN data is never imported into Oracle Audience Segmentation.
- You can import the SSN data into Oracle Audience Segmentation, but anonymize it during ingestion. In your data ingestion job, you can select Static transformation and enter a string such as “xxxx”. Regardless of the value in the incoming file, Oracle Audience Segmentation will store it as “xxxx”, allowing you to anonymize this sensitive PII data.
Pseudonimization (key-coding)
To enable pseudonimization of data, you will need to configure it before importing into Oracle Audience Segmentation. You will need to create two sets of customer data (CustomerData): PIICustomer (presonally identifiable information) and NonPIICustomer (non-personally identifiable information).
Masking
Oracle Audience Segmentation enables masking of data during the configuration of ingest jobs, so that you can mask whole fields or only parts of them.
Let's say you want to import order transaction details into Oracle Audience Segmentation, and the source file includes credit card numbers. The first x digits of the credit card number can be masked. For example, if the first 12 digits are masked, the credit card number will be stored in Oracle Audience Segmentation as xxxxxxxxxxxx8734. You can do this through the use of Static transformation.
Truncation
Oracle Audience Segmentation enables truncation of data during the configuration of ingest jobs.
Let's say you want to import gender data into Oracle Audience Segmentation. A value of "Male" in the incoming field can be truncated and stored in Oracle Audience Segmentation as the value "M". You can do this through the use of Static transformation.
Tokenization
You will need to complete tokenization of data before importing it into Oracle Audience Segmentation.
Oracle Audience Segmentation system requirements