cc_privacyLevel 1

P - Privacy

The SOC 2 Privacy criterion (code cc_privacy) evaluates how an organization collects, uses, retains, discloses, and destroys personal information in accordance with its privacy commitments and applicable regulations. It requires documented policies, controls, and processes that limit data handling to authorized purposes, provide notice to individuals, and ensure appropriate safeguards throughout the data lifecycle. Compliance demonstrates that the entity respects individuals' privacy rights and mitigates risks of unauthorized exposure.

GET/api/v1/systems/reg_soc2/nodes/cc_privacy

Manual TranscriptionProprietary (AICPA)Source

Hierarchy Explorer

Hierarchy ExplorerChevron to expand - click title to open

p1_1P1.1 - Privacy Notice Provided

p2_1P2.1 - Choices for Collection and Use of Personal Information

p3_1P3.1 - Personal Information Collected for Identified Purposes

p4_1P4.1 - Personal Information Used for Identified Purposes

Cross-system equivalences0

No cross-system equivalences mapped for this node.

Report a data issue