AWS 服務的隱私權特點
AWS 非常重視您的隱私權,我們提供現今最靈活且最安全的雲端運算環境。使用 AWS,您即可擁有自己的資料、控制資料的位置,並控管資料的存取權。我們很清楚地公開 AWS 服務會如何處理您上傳至 AWS 帳戶的個人資料 (客戶資料);我們提供各種功能,方便您加密、刪除並監控對您客戶資料的處理程序。
使用 AWS 服務時,您可以確信您的客戶資料就放置在您所選取的 AWS 區域中。有小部分 AWS 服務涉及客戶資料傳輸,例如,為了開發和改善特定服務,在這種情況下您可以選擇退出傳輸,或者因為傳輸本身就是服務的主要部分 (例如內容交付服務)。我們禁止且我們的系統旨在防止 AWS 人員出於任何目的 (包括服務維護) 從遠端存取客戶資料,除非您自己要求,或用於防止欺詐和濫用,或是為了遵守法律需要,才可存取。
以下我們將提供 AWS 服務之主要隱私權功能的概觀,供您用來執行資料傳輸的相關評定,並可符合歐洲聯盟法院的 Schrems II 決議以及歐洲資料保護委員會針對輔助傳輸工具所提出的措施建議。
您可以按一下以下 AWS 文件資料表的底線核取符號,其中的內容提及了 AWS 服務如何讓客戶加密、刪除和監控對其客戶資料的處理程序。
AWS 服務 | 客戶可以加密 | 客戶可以刪除 | 客戶可以監控處理程序 | 無遠端存取* |
Amazon API Gateway | ✓ | ✓ | ✓ | ✓ |
Amazon AppFlow | ✓ | ✓ | ✓ | ✓ |
Amazon AppStream 2.0 | ✓ | ✓ | ✓ | ✓ |
Amazon AppStream 2.0 使用者集區 | ✓ | ✓ | ✓ | ✓ |
Amazon Athena | ✓ | ✓ | ✓ | ✓ |
Amazon Augmented AI (A2I) | ✓ | ✓ | ✓ | ✓ |
Amazon Aurora | ✓ | ✓ | ✓ | ✓ |
Amazon Bedrock1 | ✓ | ✓ | ✓ | ✓ |
Amazon Braket | ✓ | ✓ | ✓ | ✓ |
Amazon Chime | ✓ | ✓ | ✓ | ✓ |
Amazon 雲端目錄 | ✓ | ✓ | ✓ | ✓ |
Amazon CloudFront | ✓ | ✓ | ✓ | ✓ |
Amazon CloudWatch | ✓ | ✓ | ✓ | ✓ |
Amazon CloudWatch Logs |
✓ | ✓ | ✓ | ✓ |
Amazon CodeGuru Profiler | ✓ | ✓ | ✓ | ✓ |
Amazon CodeGuru Reviewer | ✓ | ✓ | ✓ | ✓ |
Amazon Cognito | ✓ | ✓ | ✓ | ✓ |
Amazon Comprehend | ✓ | ✓ | ✓ | ✓ |
Amazon Connect | ✓ | ✓ | ✓ | ✓ |
Amazon Detective | ✓ | ✓ | ✓ | ✓ |
Amazon DocumentDB (with MongoDB compatibility) | ✓ | ✓ | ✓ | ✓ |
Amazon DynamoDB | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Block Store (Amazon EBS) | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Compute Cloud (Amazon EC2) | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Container Registry (Amazon ECR) | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Container Service (Amazon ECS) | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic File System (Amazon EFS) | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Inference | ✓ | ✓ | ✓ | ✓ |
Amazon Elastic Kubernetes Service (Amazon EKS) | ✓ | ✓ | ✓ | ✓ |
Amazon ElastiCache for Memcached | ✓2 | ✓ | ✓ | ✓ |
Amazon ElastiCache for Redis | ✓ | ✓ | ✓ | ✓ |
Amazon EMR | ✓ | ✓ | ✓ | ✓ |
Amazon EventBridge | ✓ | ✓ | ✓ | ✓ |
Amazon Forecast | ✓ | ✓ | ✓ | ✓ |
Amazon Fraud Detector | ✓ | ✓ | ✓ | ✓ |
Amazon FSx for Lustre | ✓ | ✓ | ✓ | ✓ |
Amazon FSx for ONTAP | ✓ | ✓ | ✓ | ✓ |
Amazon FSx for OpenZFS | ✓ | ✓ | ✓ | ✓ |
Amazon FSx for Windows File Server | ✓ | ✓ | ✓ | ✓ |
Amazon GameLift | ✓ | ✓ | ✓ | ✓ |
Amazon GuardDuty | ✓ | ✓ | ✓ | ✓ |
Amazon Healthlake | ✓ | ✓ | ✓ | ✓ |
Amazon Inspector | ✓ | ✓ | ✓ | ✓ |
Amazon Inspector Classic | ✓ | ✓ | ✓ | ✓ |
Amazon Interactive Video Service (IVS) | ✓ | ✓ | ✓ | ✓ |
Amazon Kendra | ✓ | ✓ | ✓ | ✓ |
Amazon Keyspaces | ✓ | ✓ | ✓ | ✓ |
適用於 Java 應用程式的 Amazon Managed Service for Apache Flink | ✓ | ✓ | ✓ | ✓ |
適用於 SQL 應用程式的 Amazon Managed Service for Apache Flink | ✓ | ✓ | ✓ | ✓ |
Amazon Kinesis Data Firehose | ✓ | ✓ | ✓ | ✓ |
Amazon Kinesis Data Streams | ✓ | ✓ | ✓ | ✓ |
Amazon Kinesis VideoStreams | ✓ | ✓ | ✓ | ✓ |
Amazon Lex | ✓ | ✓ | ✓ | ✓ |
Amazon Lightsail | ✓ | ✓ | ✓ | ✓ |
Amazon Location Service | ✓ | ✓ | ✓ | ✓ |
Amazon Macie | ✓ | ✓ | ✓ | ✓ |
Amazon Managed Blockchain (AMB) | ✓ | ✓ | ✓ | ✓ |
Amazon Managed Service for Grafana (AMG) | ✓ | ✓ | ✓ | ✓ |
Amazon Managed Service for Prometheus (AMP) | ✓ | ✓ | ✓ | ✓ |
Amazon Managed Streaming for Kafka (MSK) | ✓ | ✓ | ✓ | ✓ |
Amazon Managed Workflows for Apache Airflow (MWAA) | ✓ | ✓ | ✓ | ✓ |
Amazon MemoryDB for Redis | ✓ | ✓ | ✓ | ✓ |
Amazon MQ | ✓ | ✓ | ✓ | ✓ |
Amazon Neptune | ✓ | ✓ | ✓ | ✓ |
Amazon OpenSearch Service | ✓ | ✓ | ✓ | ✓ |
Amazon Personalize | ✓ | ✓ | ✓ | ✓ |
Amazon Pinpoint | ✓ | ✓ | ✓ | ✓ |
Amazon Polly | ✓ | ✓ | ✓ | ✓ |
Amazon Quantum Ledger Database (QLDB) | ✓ | ✓ | ✓ | ✓ |
Amazon QuickSight | ✓ | ✓ | ✓ | ✓ |
Amazon Redshift | ✓ | ✓ | ✓ | ✓ |
Amazon Rekognition | ✓ | ✓ | ✓ | ✓ |
Amazon Relation Database Service (Amazon RDS) | ✓ | ✓ | ✓ | ✓ |
Amazon SageMaker | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Email Service (Amazon SES) | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Notification Service (Amazon SNS) | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Queue Service (Amazon SQS) | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Storage Service(Amazon S3) | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Storage Service Glacier | ✓ | ✓ | ✓ | ✓ |
Amazon Simple Workflow Service (Amazon SWF) | ✓ | ✓ | ✓ | ✓ |
Amazon Textract | ✓ | ✓ | ✓ | ✓ |
Amazon Timestream | ✓ | ✓ | ✓ | ✓ |
Amazon Transcribe |
✓ | ✓ | ✓ | ✓ |
Amazon Translate | ✓ | ✓ | ✓ | ✓ |
Amazon Virtual Private Cloud (Amazon VPC) | ✓ | ✓ | ✓ | ✓ |
Amazon WorkDocs | ✓ | ✓ | ✓ | ✓ |
Amazon WorkLink | ✓ | ✓ | ✓ | ✓ |
Amazon WorkMail | ✓ | ✓ | ✓ | ✓ |
Amazon WorkSpaces |
✓ | ✓ | ✓ | ✓ |
Amazon WorkSpaces Application Manager (Amazon WAM) | ✓ | ✓ | ✓ | ✓ |
AWS Amplify | ✓ | ✓ | ✓ | ✓ |
AWS App Mesh | ✓ | ✓ | ✓ | ✓ |
AWS App Runner | ✓ | ✓ | ✓ | ✓ |
AWS Application Discovery Service | ✓ | ✓ | ✓ | ✓ |
AWS Application Migration Service | ✓ | ✓ | ✓ | ✓ |
AWS AppSync | ✓ | ✓ | ✓ | ✓ |
AWS Audit Manager | ✓ | ✓ | ✓ | ✓ |
AWS Backup | ✓ | ✓ | ✓ | ✓ |
AWS Certificate Manager (ACM) | ✓ | ✓ | ✓ | ✓ |
AWS Clean Rooms | ✓ | ✓ | ✓ | ✓ |
AWS Cloud9 | ✓ | ✓ | ✓ | ✓ |
AWS CloudFormation | ✓ | ✓ | ✓ | ✓ |
AWS CloudHSM | ✓ | ✓ | ✓ | ✓ |
AWS CloudShell | ✓ | ✓ | ✓ | ✓ |
AWS CloudTrail | ✓ | ✓ | ✓ | ✓ |
AWS CodeArtifact | ✓ | ✓ | ✓ | ✓ |
AWS CodeBuild | ✓ | ✓ | ✓ | ✓ |
AWS CodeCommit | ✓ | ✓ | ✓ | ✓ |
AWS CodeDeploy | ✓ | ✓ | ✓ | ✓ |
AWS CodePipeline | ✓ | ✓ | ✓ | ✓ |
AWS CodeStar | ✓ | ✓ | ✓ | ✓ |
AWS Config | ✓ | ✓ | ✓ | ✓ |
AWS Control Tower | ✓ | ✓ | ✓ | ✓ |
AWS Database Migration Service (AWS DMS) | ✓ | ✓ | ✓ | ✓ |
AWS Data Exchange | ✓ | ✓ | ✓ | ✓ |
AWS DataSync | ✓ | ✓ | ✓ | ✓ |
AWS Device Farm | ✓ | ✓ | ✓ | ✓ |
AWS Direct Connect | ✓ | ✓ | ✓ | ✓ |
AWS Directory Service | ✓ | ✓ | ✓ | ✓ |
AWS Elastic Beanstalk | ✓ | ✓ | ✓ | ✓ |
AWS 彈性災難復原 | ✓ | ✓ | ✓ | ✓ |
AWS Elastic Transcoder | ✓ | ✓ | ✓ | ✓ |
AWS Elemental MediaConnect | ✓ | ✓ | ✓ | ✓ |
AWS Elemental MediaConvert |
✓ | ✓ | ✓ | ✓ |
AWS Elemental MediaLive |
✓ | ✓ | ✓ | ✓ |
AWS Elemental MediaPackage | ✓ | ✓ | ✓ | ✓ |
AWS Elemental MediaStore | ✓ | ✓ | ✓ | ✓ |
AWS Entity Resolution | ✓ | ✓ | ✓ | ✓ |
AWS Fargate | ✓ | ✓ | ✓ | ✓ |
AWS Firewall Manager | ✓ | ✓ | ✓ | ✓ |
AWS Global Accelerator | ✓ | ✓ | ✓ | ✓ |
AWS Glue | ✓ | ✓ | ✓ | ✓ |
AWS Glue DataBrew | ✓ | ✓ | ✓ | ✓ |
AWS IAM Identity Center | ✓ | ✓ | ✓ | ✓ |
AWS IoT Analytics | ✓ | ✓ | ✓ | ✓ |
AWS IoT Core | ✓ | ✓ | ✓ | ✓ |
AWS IoT Device Management | ✓ | ✓ | ✓ | ✓ |
AWS IoT Events | ✓ | ✓ | ✓ | ✓ |
AWS IoT Greengrass V1 |
✓ | ✓ | ✓ | ✓ |
AWS IoT Greengrass V2 | ✓ | ✓ | ✓ | ✓ |
AWS IoT SiteWise | ✓ | ✓ | ✓ | ✓ |
AWS IoT Things Graph | ✓ | ✓ | ✓ | ✓ |
AWS IQ | ✓ | ✓ | ✓ | ✓ |
AWS Key Management Service (AWS KMS) | ✓ | ✓ | ✓ | ✓ |
AWS Lake Formation | ✓ | ✓ | ✓ | ✓ |
AWS Lambda | ✓ | ✓ | ✓ | ✓ |
AWS License Manager | ✓ | ✓ | ✓ | ✓ |
AWS Migration Hub | ✓ | ✓ | ✓ | ✓ |
AWS OpsWorks for Chef Automate | ✓ | ✓ | ✓ | ✓ |
AWS OpsWorks for Puppet Enterprise | ✓ | ✓ | ✓ | ✓ |
AWS OpsWorks Stacks | ✓ | ✓ | ✓ | ✓ |
AWS Outposts | ✓ | ✓ | ✓ | ✓ |
AWS RoboMaker | ✓ | ✓ | ✓ | ✓ |
AWS Secrets Manager | ✓ | ✓ | ✓ | ✓ |
AWS Security Hub | ✓ | ✓ | ✓ | ✓ |
AWS Serverless Application Repository |
✓ | ✓ | ✓ | ✓ |
AWS Service Catalog | ✓ | ✓ | ✓ | ✓ |
AWS Snowball Edge |
✓ | ✓ | ✓ | ✓ |
AWS Snowcone | ✓ | ✓ | ✓ | ✓ |
AWS Snowmobile | ✓ | ✓ | ✓ | ✓ |
AWS Step Functions | ✓ | ✓ | ✓ | ✓ |
適用於 FSx 檔案閘道的 AWS Storage Gateway | ✓ | ✓ | ✓ | ✓ |
適用於 S3 檔案閘道的 AWS Storage Gateway | ✓ | ✓ | ✓ | ✓ |
適用於磁帶閘道的 AWS Storage Gateway | ✓ | ✓ | ✓ | ✓ |
適用於磁碟區閘道的 AWS Storage Gateway | ✓ | ✓ | ✓ | ✓ |
AWS Systems Manager | ✓ | ✓ | ✓ | ✓ |
AWS Transfer Family | ✓ | ✓ | ✓ | ✓ |
AWS WAF | ✓ | ✓ | ✓ | ✓ |
AWS X-Ray | ✓ | ✓ | ✓ | ✓ |
CloudEndure Disaster Recovery (AWS 旗下公司) | ✓ | ✓ | ✓ | ✓ |
CloudEndure Migration (AWS 旗下公司) | ✓ | ✓ | ✓ | ✓ |
Contact Lens for Amazon Connect | ✓ | ✓ | ✓ | ✓ |
FreeRTOS | ✓ | ✓ | ✓ | ✓ |
*除非您請求存取,否則必須確保存取免遭欺詐和濫用,或必須確保存取合法。
1 處理與您選擇的基礎模型 (FM) 一起執行。
2 Amazon ElasticCache for Memcached 支援傳輸中加密。根據設計,Memcached 不提供持久磁碟儲存,只在客戶應用程式所需的時間內將資料儲存在記憶體中。選擇 r6g 和 m6g 系列類型的 Graviton 執行個體時,ElastiCache 也會支援記憶體加密。所有資料儲存 AWS 服務都提供加密。
允許客戶選擇退出客戶資料傳輸的 AWS 服務
以下 AWS 服務傳輸客戶資料以開發和提高這些服務,您可以選擇退出傳輸。
- Amazon CodeGuru Profiler
- Amazon Comprehend
- Amazon Connect Customer Profiles
- Amazon Connect forecasting, capacity planning, and scheduling
- Amazon Connect Outbound Campaigns
- Amazon Connect Wisdom
- Amazon Fraud Detector
- Amazon GuardDuty*
- Amazon Lex
- Amazon Polly
- Quicksight 中的 Amazon Q
- Amazon Rekognition
- Amazon Textract
- Amazon Transcribe
- Amazon Translate
- Contact Lens for Amazon Connect
*如果您已啟用新的 Amazon GuardDuty 惡意軟體防護功能,則此 AWS 服務將進行傳輸。
將傳輸客戶資料作為基本服務功能的 AWS 服務
以下 AWS 服務將傳輸客戶資料作為基本服務功能。例如,如果您選擇透過 Amazon Simple Notification Service 傳輸訊息,則這些訊息的內容將傳輸到收件人地址。
- Amazon AppStream 2.0 使用者集區
- Amazon Chime
- Amazon CloudFront
- Amazon Cognito*
- AWS IAM Identity Center**
- Amazon Interactive Video Service (IVS)
- Amazon Location Service
- Amazon Pinpoint
- Amazon Simple Email Service
- Amazon Simple Notification Service
- Amazon WorkMail
- AWS Elemental MediaConnect
- AWS IoT Core***
* 在某些情況下,Amazon Cognito 會使用 Amazon Simple Email Service (Amazon SES) 來傳送使用者電子郵件,並使用 Amazon Simple Notification Service (Amazon SNS) 來傳送使用者簡訊。如果區域中無法使用 Amazon SES,Amazon Cognito 會呼叫不同 AWS 區域中的 Amazon SES 端點。您可在這裡找到更多資訊。同樣,如果區域中無法使用 Amazon SNS,Amazon Cognito 會呼叫不同 AWS 區域中的 Amazon SNS 端點。您可在這裡找到更多資訊。
** 在某些情況下,AWS IAM Identity Center 使用 Amazon Simple Email Service (Amazon SES) 來傳送使用者電子郵件。如果區域中無法使用 Amazon SES,IAM Identity Center 會呼叫不同 AWS 區域中的 Amazon SES 端點。您可在這裡找到更多資訊。
*** 在您使用 IoT Core for Amazon Sidewalk 功能,或啟用 HERE 支援的裝置位置功能時。