Account/Contact Information | - Administrator email address
- Administrator first and last name, company account information (company name, street, city, state/region, country, phone number, unique account ID)
- Billing contact name
| Data deleted upon request. |
DNS Usage and Event Data | - DNS query data contained in DNS logs (domain, DNS record type, DNS response, IP address, potential user email ID)
- Device ID
- Applications associated with user or device
- If using DNS block page: HTTP traffic and HTTP header info (for example: URL), but excluding HTTP body content contained in proxy logs.
| Automatically deleted after two years. |
| - When using the roaming client with IP layer enforcement enabled, for suspicious destinations: all ports and protocol meta information including source IP and port, destination IP and port, application, date, timestamp, but excluding the packet content
| Data deleted upon request. |
Proxy Usage and Event Data | - HTTP traffic and HTTP header info (for example: URL), but excluding HTTP body content contained in proxy logs
- Applications associated with users or devices
- Timestamps
| Automatically deleted after two years. |
| - Data contained in customer files sent to Cisco Umbrella for analysis
| Files inspected by Umbrella are only held transiently and purged after they are scanned by Umbrella. |
| - Summarized DNS and proxy log data
| Automatically deleted two years after log creation date. |
Cloud-Delivered Firewall | All ports and protocol meta information including: - source IP and port
- destination IP and port
- application
- date
- timestamp
Information excludes the packet content. | Automatically deleted after two years. |
Cloud Malware | - User ID and/or email address
- User first and last name
- IP Addresses for end users
- Any other personal data that may be inspected for malware because it is stored on the applicable cloud environment
| Data deleted upon request except for usernames, email addresses, and IDs. Umbrella retains the content from inspected files to calculate the hash. After generating the hash, Umbrella deletes the data. |
| | Data deleted upon request. |
Data Loss Prevention (DLP) | DLP record metadata including: - File name
- Active Directory information for applicable users
- Redacted snippet of text (for example: the last 4 digits of a credit card number) that triggers a customer Data Loss Prevention policy violation (“DLP Metadata”)
| Data deleted upon request. |
Remote Browser Isolation (RBI) | - Browser configuration
- User input in the isolation platform
- Any other personal data contained in user requests or user input in the isolation platform
- Any other personal data present on pages that are isolated by the platform
| Transient |
| | Deleted after 24 hours. |
| | Data deleted upon request. |
Configuration Information | - Audit logs (administrator name)
- Policy settings (administrator name, IP address)
- Unique account ID
- If using Active Directory add-on: Active Directory identity (first name, last name, username, device ID)
| Data deleted upon request. |
Dashboard Activity Information | - Administrators’ first and last name, email address, IP address, user ID, country, region, city.
- Device information: device name, device serial number, device type, device owner name, device owner email
| Data deleted upon request. |
Support Information | - First and last name
- Email address
- Phone number of the employees appointed to open the service request
- Customer account information: company name, street, city, state/region, country, unique
account ID
| Data deleted upon request. |
Business and Product Analytics | - Product usage, contact and user information, which may include the following types of personal data:
- Administrators’ first and last name, title
- Company name
- Physical address (street, city, state/region, country)
- Email address
- Username and/or ID
- IP address
- Phone number
- Device ID/serial number, operating system type and version of the user
- Unique account ID
- Timestamp for login
| Data deleted upon request. |
