Case studies

Sensitive data localized compliant storage Building customer information security barriers

Ecosystems & Alliances│ Client Success stories

Publish date: 30 May 2024

The promulgation and implementation of the Personal Information Protection Law of the People's Republic of China (hereinafter referred to as the "Personal Information Protection Law") have put forward higher requirements for enterprise data security. With the continuous expansion of business, customers need to sort out existing system functions, store user personal information in compliance, improve business experience, strengthen operational security, and reduce system risks.

Sensitive data localized compliant storage Building customer information security barriers

Download the report

About Client

The customer is a manufacturing enterprise with a full industry chain from research and development, production, sales to after-sales service, covering over 100 countries and regions worldwide, and committed to developing localized operations according to local conditions. In response to the Personal Information Protection Law and internal audit compliance requirements, the client hopes to comprehensively review the functions of domestic business modules, localize the storage of sensitive personal information data, and reduce risks for the system and business.



Deloitte has developed an efficient and orderly plan to address pain points such as complex business objects, barriers to departmental requirements, redundant existing system functions, inconsistent technical solutions, and missing system architecture diagrams. Through in-depth understanding and analysis of the current operational status of customers, Deloitte has developed:

Sort out the scope of system module Upgrade

  • According to the Personal Information Protection Law, classify the existing Salesforce Customer Relationship Management (CRM) pre-sales, in sales, and after-sales modules, clarify the data scope involved in personal information localization, and deploy technical transformation and data migration phase goals.

Implement data transformation through Alibaba Cloud platform

  • Salesforce does not store personal sensitive information using Deloitte’s solution. Different business units input customer information into Salesforce, which is encrypted and stored on Alibaba Cloud. When different business entities view customer information in Salesforce CRM, Alibaba Cloud will desensitize the original personal information data and return it to Salesforce. At the same time, the transformed personal information data can be integrated and docked with domestic third-party systems (warehousing, e-commerce, after-sales, etc).

Overall project monitoring and optimization iteration

  • By providing weekly work reports, monitor the progress of migration and upgrade, regularly review code and conduct user validation, timely identify and resolve issues, and analyze insights to optimize space.


Deloitte × Salesforce

Salesforce platform is leading the customer experience transformation, with both parties joining forces and leveraging Salesforce's strengths in sales, service, commerce, marketing, and other fields, applying Deloitte's professional industry knowledge to provide customers with end-to-end digital transformation services.


Please contact Deloitte:

Frank Yu Chang Zhao
Deloitte China Salesforce Alliance Leader
Deloitte Consulting China Digital Customer Offering Deputy Leader

If you have any questions, please contact:

Fullwidth SCC. Do not delete! This box/component contains JavaScript that is needed on this page. This message will not be visible when page is activated.

-video-no-top-padding- , -fullwidth-scc-

Did you find this useful?