1. Security Guide
  2. General Privacy and Security Information

3 General Privacy and Security Information

Privacy by Design

As a Data Privacy enhancements, retail applications have created a data privacy web service interface and command line tool to provide retailers with services for requesting access to personal information for review and forget/update the personal information if requested.

Some of the examples of the personal information can be:

  • Full Name

  • Home address

  • Email address

  • Date of birth

The following features are handled as part of Retail Insights data privacy the using data privacy command line the tool:

  • Right to Access (RTA)

    Enable retailers to accept and respond to end-user requests for data access, correction, and deletion for individual end-user data records they store in the Oracle service.

  • Right to be Forgot (RTF)

    Based on end-users right to request to forget/update their personal information, enable the retailers to delete/update (mask) end-users personal data during the services period. Some of the data critical for the business or is part of the legal requirement might not be deleted.

Data Minimization

RI uses database role, enterprise role, and application role to control who has access to the data. At the front-end side, RI provides default enterprise roles based on their corresponding application roles provided by RI. Users assigned with a specific enterprise role can only access specific function area. For detail, see the User Creation and the Assign members to a role sections in the Oracle Retail Insights Cloud Service Administration Guide. At the database level, different database roles are assigned to different type of users. The front-end user role only has read permission to RI data. Batch user role has read, insert, update, and delete permission to RI data.

Data Deletion

The data deletion concept has always been of high importance in RI. The Retail Insights product is a Business Intelligence system which stores the customer centric/ Merchandising data for a specified time limit only, as this is required for making business decisions. When data reaches the threshold it can be deleted from the system to release the memory occupied by stale data. This will not be automatic unless already agreed on during setup.

Right to Access / Right to Forget

RI provides a web service interface (file RetailAppsDataPrivServices-7.0.1-RetailAppsDataPrivServices.ear) for right to access and right to forget. The service provides a REST call to return end-user information based on a provided key and provides a REST call to forget the end-user based on a provided key. See Retail Insights Installation Guide on how to deploy the service. The feature is also available via the command line by using jar file RetailAppsDataPrivServices-7.0.1-RetailAppsDataPrivTool.jar

RI provides three groups (type_id) for right to access and right to forget. See Appendix C for how type_id is used.

  • CustomerRecord

    By providing customer number as key, the end user can access or forget the PII data for the customer, customer address, and history sales information related with this customer.

  • Employee

    By providing employee number as key, the end user can access or forget the PII data for the employee.

  • Supplier

    By providing primary contact name as key, the end user can access or forget supplier contact name and supplier contact phone number information.

See Appendix C on how to use command line for the right to access and right to forget feature. See the Data Privacy Services REST Endpoints section in Appendix C for service REST Endpoints

Data Portability

RI provides the capability for the end users to export the downloaded report to transmit data to another controller.

Encryption

RI uses Oracle Transparent Data Encryption TDE tablespace encryption to encrypt entire RI tablespaces.

Data Masking

Oracle data redaction is used for RI data masking. A data redaction policy has been created in RI on the W_PARTY_PER_D. ETHNICITY_NAME and W_PARTY_PER_D. ETHNICITY_CODE columns. Only users that are granted EXEMPT REDACTION POLICY can view the data. Out of the box, only the RI batch user is granted EXEMPT REDACTION POLICY.