Skip to Content
Security & ComplianceData Privacy

Data Privacy

Understanding what data AD Unlock collects, stores, and protects.

Data Categories

Stored Data

DataPurposeRetention
Tenant infoOrganization identityAccount lifetime
Admin usersPortal accessAccount lifetime
Enrolled usersWhatsApp-AD mappingUntil removed
PoliciesApproval rulesUntil deleted
Audit logsComplianceConfigurable
Connector metadataStatus trackingAccount lifetime

Transient Data

DataPurposeRetention
OTP codesIdentity verification5 minutes
Conversation contextRequest processing15 minutes
Job dataOperation executionUntil complete

Never Stored

DataHandling
AD passwordsGenerated, encrypted, emailed, zeroed
WhatsApp messagesProcessed, not stored
User credentialsOAuth tokens only

Data Location

Cloud Infrastructure

ComponentLocation
APIAWS São Paulo (sa-east-1)
DatabaseAWS RDS São Paulo
CacheAWS ElastiCache São Paulo
SecretsAWS Secrets Manager

Customer Network

DataLocation
Connector binaryCustomer server
CertificatesCustomer server
Config fileCustomer server
Local logsCustomer server

Data Isolation

Multi-Tenancy

  • Row Level Security (RLS) enforced in PostgreSQL
  • Every query filtered by tenant_id
  • No cross-tenant data access possible
  • Separate encryption keys per tenant (future)

Example RLS Policy

CREATE POLICY tenant_isolation ON users
  USING (tenant_id = current_setting('app.tenant_id')::uuid);

Data Subject Rights

GDPR/LGPD Compliance

RightImplementation
AccessExport user data via API
RectificationUpdate via portal
ErasureDelete enrollment
PortabilityExport in standard format

Requesting Data

Contact support@adunlock.me with:

  • Your organization name
  • Authorized requester identity
  • Specific request details

Data Retention

Configurable Retention

Data TypeDefaultConfigurable
Audit logs90 daysYes
Request history30 daysYes
Connector logs7 daysYes

Deletion

Upon account termination:

  1. All tenant data marked for deletion
  2. Deleted within 30 days
  3. Backup retention: 90 days
  4. Complete erasure confirmed
Last updated on
Certificates & mTLSAudit Logs