Skip to main content

Privacera Documentation


This functionality integrates Privacera data services into customer's data center. It secures business data within customer's own data center instead of sending it to Privacera for processing. With this, customer uses PrivaceraCloud to create and manage policies and audit information while the data remains stored in the customer's data center and is only accessible from within enterprise network. The two major components of this architecture are as follows:

  • Control Plane: This is hosted on PrivaceraCloud. It is used for policy management, audit management, and user management. Privacera is responsible for managing it.

  • Data Plane: This is hosted within customer's data center or Virtual Private Cloud (VPC). The Privacera Manager utility installs data management components such as, DataServer, PolicySync, Discovery, Encryption, and UserSync. Customer is responsible for managing this deployment and its infrastructure.

High-level Architecture
Figure 5. High-level architecture for PrivaceraCloud (Data Plane mode)
High-level architecture for PrivaceraCloud (Data Plane mode)

As part of the Data Plane, the following Privacera components run in customer's own VPC:

  • Privacera PolicySync connectors are used to distribute access management policies to datasources in your own data center or VPC/VNet. Snowflake, Databricks Unity Catalog, and PostgreSQL are examples of datasources

  • Privacera DataServer

  • Privacera UserSync to retrieve user information from your own Identity Provider (IdP) systems, such as LDAP/AD or Okta.

  • Privacera Discovery

  • Privacera Encryption Gateway (PEG)


The following are the benefits of using Privacera services from PrivaceraCloud in data plane mode:

  • Reduced data security risk.

  • High availability of control plane components hosted on PrivaceraCloud.