Professional Documents
Culture Documents
The information in this document applies solely to the hardware/software product (“Product”) specified herein, and only as specified herein.
This document is intended for use by Nokia' customers (“You”) only, and it may not be used except for the purposes defined in the agreement
between You and Nokia (“Agreement”) under which this document is distributed. No part of this document may be used, copied, reproduced,
modified or transmitted in any form or means without the prior written permission of Nokia. If you have not entered into an Agreement
applicable to the Product, or if that Agreement has expired or has been terminated, You may not use this document in any manner and You
are obliged to return it to Nokia and destroy or delete any copies thereof.
The document has been prepared to be used by professional and properly trained personnel, and You assume full responsibility when using
it. Nokia welcome Your comments as part of the process of continuous development and improvement of the documentation.
This document and its contents are provided as a convenience to You. Any information or statements concerning the suitability, capacity,
fitness for purpose or performance of the Product are given solely on an “as is” and “as available” basis in this document, and Nokia reserves
the right to change any such information and statements without notice. Nokia has made all reasonable efforts to ensure that the content of
this document is adequate and free of material errors and omissions, and Nokia will correct errors that You identify in this document. But,
Nokia' total liability for any errors in the document is strictly limited to the correction of such error(s). Nokia does not warrant that the use of
the software in the Product will be uninterrupted or error-free.
This document is Nokia’ proprietary and confidential information, which may not be distributed or disclosed to any third parties without the
prior written consent of Nokia.
Nokia is a registered trademark of Nokia Corporation. Other product names mentioned in this document may be trademarks of their
respective owners, and they are mentioned for identification purposes only.
Nokia is continually striving to reduce the adverse environmental effects of its products and services. We would like to encourage you
as our customers and users to join us in working towards a cleaner, safer environment. Please recycle product packaging and follow the
recommendations for power use and proper disposal of our products and their components.
If you should have questions regarding our Environmental Policy or any of the environmental services we offer, please contact us at Nokia for
any additional information.
Privacy Considerations for EdenNet DN1000007909 1-1 Table of Contents
Contents
1 Summary of changes...................................................................................................................................... 4
2 Introduction...................................................................................................................................................... 6
4 Engineering privacy........................................................................................................................................ 8
5 Privacy goals....................................................................................................................................................9
6 Privacy considerations................................................................................................................................. 10
1 Summary of changes
• Privacy considerations
• Privacy considerations
EdenNet 20 No change.
• Privacy considerations
• Privacy considerations
EdenNet 19 No change.
2 Introduction
This document provides information on the product features that impact privacy and the measures tak-
en to protect such data.
Any free and open-source software or third party products included in the product may have additional
or different privacy considerations that may not be covered as part of this document.
4 Engineering privacy
Privacy is a key consideration in the creation and delivery of Nokia products. Our product teams have
integrated privacy (Privacy by Design) and security (Design for Security) into their Product Develop-
ment Lifecycle (PDL). Privacy engineering and assurance procedures ensure identification and mitiga-
tion of privacy impacts, building of privacy elements into all Nokia products, and verification of compli-
ance with Nokia's requirements.
5 Privacy goals
Nokia applies privacy requirements related to the following privacy goals for products:
6 Privacy considerations
These privacy considerations are related to the product delivered or to be delivered to the customer.
The privacy considerations describe the processing of personal data by this product, possible privacy
impact from that processing and applicable privacy measures.
By 'processing' Nokia means any essential feature operation or set of operations performed by the
product on personal data or on sets of personal data, whether or not by automated means, such as
collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation,
use, disclosure by transmission, dissemination or otherwise making available, alignment or combina-
tion, restriction, erasure, or destruction.
The data subject is Customer employee. The following categories of customer employee personal da-
ta may be collected and/or processed by EdenNet and could be classified as:
• Account Information
• Contact Information
• Usage Information
Account Information
The data elements in the account information category are Login name, First name, Last Name, User
Group and so on.
These data elements are stored encrypted in secure LDAP and EdenNet DB. They are used by the
EdenNet administrator while creating a user. EdenNet uses this information to allow customers to log
in to the system. The storage of account information is customer configurable. The Admin user can
delete the account information that is not required. Personal data is not shared outside of EdenNet. It
is accessible via the GUI, secure LDAP, and EdenNet DB. The Admin user can access the details of
all other users configured on the EdenNet system.
In EdenNet, only the Username and Password are mandatory data to log in to the EdenNet applica-
tion. Additional data processing is not done by EdenNet.
User group is stored in a secure EdenNet database. EdenNet uses this information to provide specific
roles to the customer employee user to perform the EdenNet role-based access control functionality.
The Admin user can delete the assigned user group of the required user in case of internal or external
LDAP without group support. In case of customer having external LDAP with group support, only those
users in customers LDAP, which have specific SON roles are synchronized to the EdenNet DB. The
synchronization is customer configurable. Examples of user group are SON Module Executor, SON
Monitor, and SON Module Manager. EdenNet uses this information to provide specific roles to the
customer employee user for using the EdenNet functionality.
Contact Information
The data element in the contact information category is the email address. This is usually the cus-
tomer employee email address or any other support email address used by the customer. EdenNet us-
es this information to inform the user about the status of module execution (if the user has subscribed
to it).
The email address is added during account creation or while performing module configuration. It is
stored encrypted in the secure LDAP or EdenNet DB. The retention period is customer configurable.
The Admin user can remove the email address and user account from EdenNet in case of internal
LDAP users only. In case of external LDAP servers, the user account and their email address will re-
main on external LDAP servers. A specific user can also remove the email address configured in the
respective account or change it to a support/non-personal email address.
The email address is accessible via the GUI, secure LDAP, or EdenNet DB. The email address is not
shared outside of EdenNet. It is available in log files. The retention of log files is customer configurable
for some log files. For other log files, such as OEM log files, it is default settings within the OEM.
Usage Information
The data element in the usage information category is timestamp. This is the system timestamp of
user activity logged in the audit log files on the particular EdenNet node, for example, on GUI node,
DB Node, and so on.
EdenNet uses this information to inform the user about the various operations performed, and the time
of the operations. Timestamp is present as text. It is a mandatory information in log files. Only the root,
vson, administrator, and logged in user with privileges can view the information.
The data element in this category is the Keycloak API key. This is generated on the EdenNet GUI for
a specific SDK user. EdenNet uses the API key to authenticate and authorize the user to use the SDK
feature.
API key is customer configurable. With the support of Admin user, the API key for a user can be re-
generated. It is stored encrypted in Keycloak.