# Data Handling

## Overview <a href="#h_8d15dec865" id="h_8d15dec865"></a>

Arnica identifies risks in the DevOps tools based on historical behavior of the identities in them. To identify the most accurate risks, access to audit logs, commits, pull requests, and other objects in the DevOps tools is fundamental.

## Data ingestion <a href="#h_6fc9a84482" id="h_6fc9a84482"></a>

The data ingestion process collects the following data from Source Control Management (SCM) systems:

* Core components, such as organizations, projects and repositories.
* Security components, such as identities, group membership and permissions.
* Behavioral data, such as commits, pull requests and audit trails.
* Source code snippets of vulnerable code only.

### Data transformation

Arnica transforms sensitive information into metadata instead persisting it. For example, when Arnica identifies a hardcoded secret, the code snippet is not being persisted.

### On-premises deployment <a href="#h_3e7920034b" id="h_3e7920034b"></a>

While the data ingestion process does not store any of the raw collected data, the data ingestion component can be deployed on customers' premises.

## Data persistance <a href="#h_95fef0779e" id="h_95fef0779e"></a>

All data collected from customers' systems is encrypted at rest and segregated per tenant. Any communication to persist the data is encrypted over TLS v1.2 and v1.3.

## Data destruction <a href="#h_32a5d9076d" id="h_32a5d9076d"></a>

Arnica tenant owners can delete the tenant, which will cause to a deletion of all associated data. Any integration removal from Arnica's platform will keep the records within the context of the tenant, so that historical issues can be tracked as long as the tenant is active.

For more information, please reference our [Privacy Policy](https://www.arnica.io/privacy).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.arnica.io/arnica-documentation/security/data-handling.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.