Personal Data Security

Personal data can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

OPI Cloud only collects minimal data (first name, last name, username, IP Address, and email) for the person who is assigned to manage the configuration. This data is collected for audit trail and notification purposes only. The users are managed in OPERA SSD and IDCS.

OPERA Cloud users are managed by OPERA SSD. Oracle personnel with proper privileges assigned will manage the PSP related configurations. OPI Cloud does not own or manage any IDCS or SSD.

The data saved in the database, such as audit records and configuration data, is secured by Oracle ADB’s database level Transparent Data Encryption (TDE). The data is secured in transmission by HTTPS with TLS 1.2. Tokenization is always enabled to protect the user’s credit card information. OPI Cloud does not persist credit card information and only uses masked values in logging.

OPI Cloud configuration logs user log in and out activities and also configuration data modifications. OPI Cloud logs are located in CNE ELK. The security logs retention period is 365 days.