Default Collection
Trend Micro Cloud One™ – Conformity (Conformity) collects and transmits the following data through a combination of manual and automatic processes, some of which may be considered personal data in certain jurisdictions. It is necessary to collect this data to provide the contracted service, as well as manage the security functions of this product.If you do not want Trend Micro to access this data, you should not proceed to subscribe to the product or unsubscribe if you are a current subscribed user.
To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.
| Product Feature | Data transmitted to Trend Micro | Feature Configuration Location | Description |
|---|---|---|---|
| User Subscription |
| This feature cannot be disabled | Individuals have to provide this information in order to subscribe to, and be able to use Conformity. |
| Knowledge Base |
| This feature cannot be disabled | Cookies are used to make sure that authenticated users have full access to the knowledge base. |
| All API & Web Features |
| This feature cannot be disabled | IP addresses are captured by the AWS WAF as part of the configured security settings in order to track/allow/block traffic as required. |
| Conformity checks and Real-time Monitoring (RTM) |
| This feature cannot be disabled | Customer’s Cloud data in Conformity (e.g. Organization details, Checks) are captured by the Conformity Bot in order to provide the customer with their compliance and security posture. |
Configurable Features
Trend Micro Cloud One™ – Conformity (Conformity) includes the following features, which may collect and transmit data, some of which may be considered personal in certain jurisdictions, to Trend Micro. You can disable the configurable features at any time to prevent the corresponding data from being sent to Trend Micro. However, disabling these features may impact how Conformity runs rules and provides monitoring services for your Cloud environment.
Cloud Account Access
Conformity requires access to your Cloud Account data to run rules and provide monitoring services. Account access is initially granted when you Add Cloud Account, and can be modified for existing accounts. The account access policy/rules can be configured to allow access to and the collection of your Cloud environment’s metadata.
To configure the Cloud account access policy, please follow the following steps:
- For your AWS Account: https://www.cloudconformity.com/help/conformity-bot/aws-integration.html
- For your Azure Account: https://www.cloudconformity.com/help/conformity-bot/azure-integration.html
Other than the above configurable features, there are no user-configurable features to prevent the collection and transmission of the following information to Trend Micro:
- First name
- Last name
- Email address
- Phone number (optional)
- IP address
- Cookies ID’s