Learn about Data 360 Clean Rooms

What are the key components of a Clean Room?

Clean Rooms include use case templates for configuration, mapping templates for data association, invitation workflows between collaborators, privacy-compliant query capabilities with private join functionality, automated reporting, and multi-key match support.

How do collaborations work?

Both parties must map their data following a use case template that defines required fields and collaboration terms. The template specifies permitted queries, query execution responsibilities, and result distribution. Collaborations can now also be configured to run automated, scheduled reports without requiring manual query initiation each time.

How does data sharing work?

Data 360 Clean Rooms use a zero-copy, federated architecture that enables secure data collaboration without moving raw data. For DC-DC Clean Rooms, data sharing between Data Cloud orgs allows secure metadata association and federated querying. For cross-cloud scenarios, Data 360 Clean Rooms integrate natively with AWS Clean Rooms, allowing organizations to collaborate across Salesforce and AWS environments while keeping data in place.

How do Clean Rooms relate to DC-DC sharing?

1. Foundation: DC-DC sharing provides the underlying infrastructure for secure data sharing between Data Cloud orgs using zero-copy technology
2. Clean Rooms Layer: Clean rooms add privacy-safe collaboration capabilities on top of DC-DC sharing, allowing organizations to analyze combined data without exposing raw information

• Zero-copy data sharing between different Data Cloud orgs
• Direct access to shared data streams
• Real-time collaboration between organizations

• Privacy-compliant federated queries and private joins
• Aggregated insights without raw data exposure
• Secure collaborative analysis for marketing, audience overlap, and campaign optimization

Security & Governance

How do Clean Rooms protect data privacy?

Clean Rooms use robust privacy measures including SHA256 hashing for sensitive data like PII, enforced privacy thresholds to prevent small-group identification, and detailed audit logs for transparency. Raw data is never exposed during collaboration.

What level of control do participants have over Clean Room collaborations and their data? 

Participants have extensive control over Clean Room collaborations. Providers determine which use cases they support and can refine their configurations. Consumers choose which partners and use cases to opt-in to. Both parties maintain full control over the specific data they contribute to each collaboration via Data Cloud data model objects, including applying row-level filter criteria to ensure only necessary data is shared.

How is data governance managed within the Clean Room? Who controls the data? 

Each participating organization retains full ownership and control over its own data. The Clean Room acts as a secure, neutral environment for privacy-enhanced computations. Data governance is managed through clear metrics, regular audits, and predefined rules for data usage and access.

What are the compliance requirements?

Organizations must agree to terms and conditions before collaboration. All sensitive data must be encrypted using SHA256 hashing before entering the clean room, and privacy policies are enforced during queries

Technical Requirements and Setup

Setting up a data clean room involves several technical requirements and configurations to ensure secure, privacy-compliant data collaboration. These requirements can be broadly categorized into prerequisites, one-time setup steps for both data providers and consumers, and ongoing operational considerations.

Prerequisites for Data Clean Room Setup:

1. Salesforce Data Cloud Customer Status: Both collaborators (provider and consumer) are required to be Salesforce Data Cloud customers.

One-Time Setup for Data Providers (Sell-Side):

1) Configure Use Case Templates:

• Providers must create and configure use case templates within Data Cloud Setup. These templates define the data structure, collaboration rules, and supported queries for specific scenarios.
• Configuration options include a logo image URL for branding, a display name, an API name, the use case type (e.g., Segment Overlap, Campaign Performance), invitation contact methods, supported match keys (consistent with Activation Toolkit), a method to designate a unified individual identifier (e.g., unifiedIndividual), allowed/included third parties (e.g., identity boost from LiveRamp), and an indication if activation is supported.
• These configured use cases can be packaged for discoverability and installation via Salesforce AppExchange. Alternatively, providers can be added to an "Allow List" for private, peer-to-peer connections.

2) Data Definition and Connectivity:

• Providers must define the shape and location of their data. This involves checking for an existing AWS Glue Catalog for the desired use case and, if it doesn't exist, creating one. The Glue Catalog defines the data in S3 and how it associates with Glue tables.
• Specific data required for use cases like "Segment Overlap and Reach" includes:
• Segment Metadata: Unique segment ID, segment display name, category, and parent category.
• Segment Membership: Unique segment ID and a unique identifier for the individual/unified individual who is a member of the segment.
• Contact Graph: Unique identifier for the individual, a contactPoint/device/partyId ID for each ID associated with the individual, and a field indicating the source of the ID (e.g., HEM_MD5, HEM_SHA256, DEVICE_IDFA) to facilitate matching with buy-side data.
• Identity Graph: A unified individual to individual graph.

3) Configure Query Constraints and Analysis Rules:

• Define how data can be queried, including allowed columns, join conditions, and whether results are aggregate or row-level.
• Establish minimum thresholds for aggregate results (e.g., a minimum of 1,000 unique records must be present before a result is returned) to protect individual privacy.
• Apply analysis rules (e.g., aggregation rules, list for record-level) to the configured tables, specifying aggregate functions, columns, join columns, dimension controls, scalar functions, and aggregation constraints.
• For multi-key match configurations, define the set of match keys (e.g., hashed email + device ID) to be used in tandem.

4) Designate Query Results Destination: Specify an S3 location where query results can be delivered for ingestion, mapping, and visualization.

One-Time Setup for Data Consumers (Buy-Side):

1) Discover and Install Collaborator Use Cases:

• Admins for the consumer organization can browse and install available collaboration packages from AppExchange.
• Alternatively, if not using AppExchange, a trusted provider's Org ID, Domain URL, and Offcore Tenant ID can be added to an "Allow-list".

2) Initiate Collaboration Invitation: The consumer admin can then initiate a one-time invitation to a participating sell-side collaborator.

3) Create Data Mapping: Collaborators must associate their specific data fields to the clean room environment using data mappings. This defines the data to be contributed to a clean room collaboration and specifies mandatory and optional fields (e.g., Segment ID, Hashed Email ID for Segment Overlap).

• Specific data required from the buy-side collaborator includes:
• Segment Metadata: Unique segment ID and segment display name.
• Segment Membership: Unique segment ID and a unique identifier for the individual/unified individual who is a member of the segment.
• Identity Graph: Unique identifier for the individual/unified individual and a contactPoint/device/partyId ID for each ID associated with the individual to join with sell-side data.

4) Create Data Collaboration: The marketer (consumer) creates a new collaboration by selecting an installed or allow-listed provider and the desired use case. This process involves associating a mapping template and triggers an invitation to the provider for approval.