Privacy by Design (PbD)

Huawei Cloud Applies the PbD Concept in the Full Lifecycle of Personal Data to Build Secure Cloud Services with Privacy Protection Features
  • Overview of PbD

    Privacy by Design (PbD) was first used to protect privacy during product R&D. In recent years, it has gradually evolved into a management concept for privacy protection. PbD advocates for the comprehensive, advanced, and proactive integration of privacy protection into businesses and activities to help organizations take initiative in privacy protection.

  • Privacy Protection Principles

    Huawei Cloud products are designed based on the PbD principle. This means Huawei Cloud protects personal data and privacy by design and applies privacy protection concepts to all phases of products and services.


    Huawei Cloud implements the following seven basic privacy protection principles:

    Lawfulness, fairness, and transparency:

    Collect and process personal data lawfully, fairly, and transparently.

    Purpose limitation

    Collect personal data only for specific, explicit, and legitimate purposes.

    Data minimization

    Only collect and process personal data that is necessary to provide services. Huawei commits to anonymizing or pseudonymizing your personal data to the best of its abilities.

    Accuracy:

    Personal data must be accurate and, where necessary, kept up to date. Based on the purposes of data processing, appropriate measures must be taken to promptly delete or modify incorrect personal data.

    Storage limitation

    Personal data must be stored only for the duration necessary to fulfil processing requirements, and must be deleted or anonymized after the associated business is complete.

    Integrity and confidentiality:

    Based on existing technologies, implementation costs, and privacy risk levels, use appropriate technical or organizational measures to process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, and against accidental loss, tampering, and unauthorized access and disclosure.

    Accountability:

    The data controller is responsible for implementing the preceding principles and must keep records of the collection and processing process for audit.

  • Basic Principles of Privacy by Design

    Huawei Cloud Privacy by Design principles apply throughout the personal data lifecycle (notification to data subjects; data subjects' choice and consent; collection, use, retention, and disposal; disclosure to third parties; cross-border transfer of personal data; data subjects' permission to access), and they comply with the Generally Accepted Privacy Principles (GAPP), General Data Protection Regulation (GDPR), and other privacy laws and regulations of Germany, France, UK, and Canada.


    For details on how Huawei Cloud applies the Privacy by Design principles in each phase of the personal data lifecycle, visit the Huawei Cloud Personal Data Protection Practice page.

Huawei Cloud Applies the PbD Concept in the Full Lifecycle of Personal Data to Build Secure Cloud Services with Privacy Protection Features

Overview of PbD

Privacy by Design (PbD) was first used to protect privacy during product R&D. In recent years, it has gradually evolved into a management concept for privacy protection. PbD advocates for the comprehensive, advanced, and proactive integration of privacy protection into businesses and activities to help organizations take initiative in privacy protection.

Privacy Protection Principles

Huawei Cloud products are designed based on the PbD principle. This means Huawei Cloud protects personal data and privacy by design and applies privacy protection concepts to all phases of products and services.


Huawei Cloud implements the following seven basic privacy protection principles:

Lawfulness, fairness, and transparency:

Collect and process personal data lawfully, fairly, and transparently.

Purpose limitation

Collect personal data only for specific, explicit, and legitimate purposes.

Data minimization

Only collect and process personal data that is necessary to provide services. Huawei commits to anonymizing or pseudonymizing your personal data to the best of its abilities.

Accuracy:

Personal data must be accurate and, where necessary, kept up to date. Based on the purposes of data processing, appropriate measures must be taken to promptly delete or modify incorrect personal data.

Storage limitation

Personal data must be stored only for the duration necessary to fulfil processing requirements, and must be deleted or anonymized after the associated business is complete.

Integrity and confidentiality:

Based on existing technologies, implementation costs, and privacy risk levels, use appropriate technical or organizational measures to process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, and against accidental loss, tampering, and unauthorized access and disclosure.

Accountability:

The data controller is responsible for implementing the preceding principles and must keep records of the collection and processing process for audit.

Basic Principles of Privacy by Design

Huawei Cloud Privacy by Design principles apply throughout the personal data lifecycle (notification to data subjects; data subjects' choice and consent; collection, use, retention, and disposal; disclosure to third parties; cross-border transfer of personal data; data subjects' permission to access), and they comply with the Generally Accepted Privacy Principles (GAPP), General Data Protection Regulation (GDPR), and other privacy laws and regulations of Germany, France, UK, and Canada.


For details on how Huawei Cloud applies the Privacy by Design principles in each phase of the personal data lifecycle, visit the Huawei Cloud Personal Data Protection Practice page.