Data privacy

Sitecore recommends that, as a customer, you gain an understanding of how their compliance obligations can be achieved when using SitecoreAI. Sitecore is committed to ensuring the security and privacy of customer data with SitecoreAI, and this commitment is reinforced by Sitecore’s compliance with globally recognized standards.

A shared responsibility

The foundation for SitecoreAI’s data security and privacy approach is built upon a shared responsibility model. With the shared responsibility model, Sitecore delivers a solution that safeguards the customer’s data, while customers properly implement SitecoreAI and their front-end application to meet their data security and privacy obligations.

Sitecore's responsibility

Sitecore ensures that SitecoreAI implements controls for securing and protecting customer data. The controls are in place at each tier of the SitecoreAI architecture, and they include, but are not limited to:

  • Public cloud infrastructure

    • Sitecore secures, manages, and monitors the cloud infrastructure used to run the SitecoreAI services in partnership with its public cloud partners: Microsoft Azure and Amazon Web Services (AWS).

    • Sitecore applies regular operating system updates.

    • Sitecore applies and monitors network and host-level controls, via the Sitecore Security Operations Center (SOC).

  • Storage

    • SitecoreAI segregates database and file storage between customers.

    • SitecoreAI manages customer data through Azure SQL and Azure Blob storage, with all data encrypted at rest and in transit. SitecoreAI uses Transparent Data Encryption (TDE) for Azure SQL and server-side encryption (SSE) for Blob storage. Both use Microsoft-managed 256-bit AES encryption keys that are FIPS 140-2 compliant.

    • SitecoreAI maintains database and storage backups in geo-redundant locations to ensure availability if a data center region is impacted.

    • Customer data in SitecoreAI is not accessed by Sitecore without the customer's explicit permission.

  • Application

    • SitecoreAI is implemented through a secure software development lifecycle to ensure that the SitecoreAI application is follows security best practices.

    • SitecoreAI uses scanning and third-party penetration testing to validate its products.

    • SitecoreAI logically separates customer environments.

    • SitecoreAI provides a role-based access control model that enables customers to define which users have access to their environments, Sitecore applications, and data.

    • SitecoreAI supports single sign-on (SSO) with OpenID Connect (OIDC) and SAML identity providers.

    • SitecoreAI services are invoked using APIs that run on endpoints such as edge-platform.sitecorecloud.io, a stateless proxy that doesn't store customer data.

  • Delivery

    • SitecoreAI users can only access their content in SitecoreAI using a secure access token.

    • SitecoreAI utilizes a web application firewall (WAF), content delivery network (CDN), and rate limiting to ensure a predictable quality of service.

The customer's responsibility

Customers are responsible for implementing SitecoreAI and their front-end head applications in a manner that enables them to meet their compliance obligations. Customers must be conscious of personal site visitor data that's presented or captured through their front-end application.

Data privacy implementation considerations

SitecoreAI is a content management system (CMS) and, by design, does not capture personal data. Some implementations of SitecoreAI might allow capturing personal data. These implementations and decisions regarding the handling of personal data must align with the customer's data policies and architectural guidelines.

When managing data that interfaces with SitecoreAI, customers must be aware of the following product functionality and implementation considerations.

SitecoreAI user information

The Sitecore identity service manages the SitecoreAI customer's users and their roles, and requires their names and email addresses. The identity service can be configured to use multi-factor authentication through the customer’s OpenID Connect (OIDC) or SAML SSO provider. The service does not store names or email addresses of the customer's website visitors.

Personal data

As a full-fledged content management system (CMS), SitecoreAI can be configured to store any type of content. However, SitecoreAI must never be used to store personally identifiable information (PII) or protected health information (PHI). Instead, Sitecore recommends that customers using PII or PHI follow modern web development best practices and keep that data in their system of record and not in SitecoreAI. If needed, the personal data can be accessed from the system of record through APIs to compose the content in the front-end head application.

Customers taking this approach can ensure that the personal data is managed within a single source, controlling where that data resides across their enterprise application, for ease of compliance.

Using visitor data for personalization

SitecoreAI’s personalization service enables customers to deliver personalized experiences to their site visitors. The personalization service tracks site visit engagement by storing first-party cookies in visitors' web browsers. Further details on cookie behavior can be found here.

Capturing visitor data using Forms

SitecoreAI Forms enables customers to collect data from site visitors through form submissions. Forms uses a fire and forget architecture, so that data submitted in a form is not saved in SitecoreAI or any other Sitecore system, but sent immediately to the configured webhook.

The exception to this is uploaded files: to ensure completion of the file upload, Sitecore temporarily stores the encrypted file while attempting to send the webhook. A stored file is deleted:

  • Within an hour of upload, if the form was not submitted.

  • Within 24 hours of upload, if the form was submitted successfully.

  • Immediately after a successful webhook delivery.

Do you have some feedback for us?

If you have suggestions for improving this article,