What is data privacy?
Data Privacy or Information privacy is a part of the data protection area that deals with the proper handling of data focusing on compliance with data protection regulations.
Data Privacy is centered around how data should be collected, stored, managed, and shared with any third parties, as well as compliance with the applicable privacy laws (such as California Consumer Privacy Act- CCPA or General Data Protection Regulation GDPR).1*
Importance of data privacy
Allowing individuals control over their data and the use of their data is vital for secure research and investigation.
Personal data can be misused in a number of ways if it is not kept private or if people don’t have the ability to control how their information is used:
- Criminals can use personal data to defraud or harass users.
- Entities may sell personal data to advertisers or other outside parties without user consent, which can result in users receiving unwanted marketing or advertising.
- When a person’s activities are tracked and monitored, this may restrict their ability to express themselves freely, especially under repressive governments. 2*
Steps we take with MyLOFT to ensure data privacy
At MyLOFT, we take data privacy seriously. As a company that works in over 65 countries worldwide, user trust is a top priority. A few of the active actions we currently implement to ensure data privacy are:
- Relying on Top-Notch and Industry-standard Cloud providers for all our services.- Using
- Irreversible strong encryption to store user password
- MyLOFT components are deployed on the AWS Cloud infrastructure using a microservice architecture that is highly available, scalable and secure
- Data in transit and data at rest is encrypted
- Dedicated customer proxy IP with proxy hosted in the AWS region (or closer to) where customer institutes exist
- PII data loosely coupled with the core configuration data to meet User-Privacy requirements. PII data can be stored in customer’s choice of AWS region
- Automation in place to manage Deployments to avoid any Human error
- Using Industry standard protocols for Authentication and Authorization.
- Regular practice of conducting VAPT from external certified CERT-IN 3rd party Agency. 2
1 https://dataprivacymanager.net/5-things-you-need-to-know-about-data-privacy
2 https://www.cloudflare.com/learning/privacy/what-is-data-privacy/
Leave a Reply