Huawei Cloud implements rigorous personal data protection principles in compliance with applicable laws and regulations. These principles cover the entire lifecycle of personal data to ensure security and safeguard individuals' rights.
Privacy by Design (PbD) for Personal Data Collection
Prior Notification
Before collecting personal data, Huawei Cloud informs users about the types of data collected, the purposes, processing methods, and retention periods, in accordance with its Privacy Statement.
Choice and Consent
Huawei Cloud only collects personal data for legitimate purposes or as agreed by the user. Users can modify the scope of data collection and withdraw consent at any time.
Data Minimization
Only the data necessary to provide services is collected.
Secure Use, Storage, and Disposal of Personal Data
Access Control | Encryption in Transit and at Rest | Storage Limitation | Log Audits
Access Control
A strict access management system assigns specific permissions based on user roles. Huawei Cloud integrates Identity and Access Management (IAM) to enhance data security.
Encryption in Transit and at Rest
Data at Rest : Huawei Cloud encrypts sensitive data by default using advanced algorithms.
Data in Transit : All communications are encrypted via TLS, with X.509 certificate authentication for secure exchanges.
Storage Limitation
Personal data is retained only for the duration necessary to provide services. After this period, data is either deleted or anonymized.
Log Audits
Huawei Cloud ensures rigorous traceability of access and activities through audit logs that comply with regulatory requirements.
Legal Disclosure of Personal Data
Personal data may be processed by contracted service providers under strict agreements. Huawei Cloud conducts prior assessments of their data protection capabilities.
Cross-Border Data Transfers
Regional Service Provision | Transfers Based on Agreements or Consent
Personal data may be stored and processed in different regions. Huawei Cloud ensures data remains protected per local laws. Cross-border transfers occur only with explicit user consent or under a data transfer agreement.
Protection of Data Subjects’ Rights
DSR Request Handling | Incident Reporting and Response
DSR Request Handling
Huawei Cloud enables users to exercise their rights of access, rectification, and deletion through a dedicated team that processes requests within regulatory timeframes.
Incident Reporting and Response
A rapid response system for security incidents is in place, including a dedicated team for preventing and managing data breaches.
Huawei Cloud is committed to safeguarding personal data with advanced security measures and regulatory compliance. For more details, consult our Privacy Statement and data security whitepapers.
