Site Factory
Site Factory Product Privacy Notice
Last revision of this Product Notice: [v1.1– 17 May 2021 – hyperlinks updated]
Prior version(s) of this Product Notice: [v1.0 – 25 January 2021 – initial version]
This Product Notice describes the privacy relevant aspects of the above-mentioned Acquia product/services.
Acquia Cloud Platform is a Drupal-tuned application lifecycle management suite with an infrastructure to support Drupal deployment workflow processes from development and staging through to production. Acquia’s customer creates, owns, and maintains their Drupal application (a website for internal or external use) and submits it to Acquia Cloud Platform for the aforementioned lifecycle management. For details about this Product, visit Site Factory Product Guide.
The objective of Processing of Personal Data by data importer is the performance of the Services pursuant to the Agreement.
Categories of Personal Data | Categories of Data Subjects | Purpose of Processing | Categories of Data Recipients | Needed for Core Features | Processing Location | Acquia Inc. acts as Processor |
|---|---|---|---|---|---|---|
| Through the configuration, design, and administration of their own Drupal application, Customer in its sole discretion determines and controls the categories of personal data collected by their Drupal Application. These may be individual identifiers, contact details, online identifiers, network activity, location data, and any sensitive data categories. | Through the configuration, design, and administration of their own Drupal application, Customer in its sole discretion determines and controls the categories of data subjects collected by their Drupal Application. Primarily, these would be Customer’s end-users including visitors to Customer’s website. | Provision of the Services by Acquia to Customer | Site administrators, customers, and visitors of Customer’s Drupal application | Yes | Depends on the data center location chosen by Customer | Yes |
Objective | Technology / Measure | Data at Rest | Data in Transit |
|---|---|---|---|
Anonymization and Pseudonymization | Data anonymization at Customer level optional for Customer | Yes | Yes |
Data confidentiality | Access control measures Encryption at customer level Encryption at Acquia level | Yes | Yes |
Data integrity | Ant-tampering technology | Yes | Yes |
Data availability including restoring availability, restoring access to personal data, and data resilience | Business continuity and disaster recovery measures | Yes | n/a |
Through the Product’s administration console and through the Customer’s own Drupal application, the Customer may manage, update, retrieve, and erase individual Personal Data.
The specific list of sub-processors is available from: Acquia Sub-processors.
Any current Acquia customer with a data processing agreement in place with Acquia may subscribe to receive notifications of new or changed sub-processors through above website.
Data importer has implemented and will maintain appropriate administrative, physical, and technical safeguards for the protection of the security, confidentiality and integrity of Personal Data uploaded to the Services, as described in the Acquia Security Annex (available from Acquia & GDPR Compliance) applicable to the specific Services purchased by data exporter, as updated from time to time, and made available by data importer upon request. The data exporter is wholly responsible for implementing and maintaining security and data administration within any data exporter applications, configuration settings, or log settings used by data exporter in conjunction with the Services.
Regular testing, assessing and evaluating of TOMs |
Regular security and process reviews |
Yes |
n/a |
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Regular testing, assessing and evaluating of TOMs |
Regular security and process reviews |
Yes |
n/a |
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Site Factory