Privacy Settings
Zoho Vault allows you to define how your user's information must be handled based on the privacy regulations followed by your company and geography. For example, privacy law such as the GDPR demand that user data to be deleted after a certain period. This is to ensure the complete privacy of the user's data, while also helping your organization stay compliant with internal and external audits, as well as industry-recommended compliance standards.
- Data retention
- Data masking
Data retention
Super admins can set how long a user's data must be retained after user deletion in Zoho Vault.
- Click Privacy Settings from the Security section of Settings tab.
- Select how long you'd like to retain the user's data after user deletion from the dropdown box, then click Update.
Note: By default, a user's data is retained for 30 days. You can either set the data to be deleted right when a user's removed from Vault, or even retain their data for 15, 45, or 60 days as well, based on your security requirements.
Data masking
Super admins can mark certain fields of the password categories as personal data. You can restrict these selected fields from getting exported and mask them based on your requirements. To enable privacy setting for personal data:
- Select Password Categories from the Security section of Settings tab.
- Edit the password categories and mark the required fields as personal data. These categories are now tracked under Privacy Settings.
- Search and select Privacy Settings from the left panel.
- Enable privacy settings for personal data to view all relevant categories.
- Restrict export and mask fields for these categories according to your privacy policies, then click Update.
Note: By default, the IP address will be marked as personal data in the Audits section. These default settings can be modified as required. Data masking is only available in the web version.