Heroku + Heroku Connect

To retain customer information, Privacy Center replicates the data in a Heroku database. Then the replicated data is stored. If your retention policy deletes data, the original data is deleted from your Salesforce org. If your retention policy masks data, the original data is transformed as specified in the policy. While this replicated data is stored in a secure environment, the data security measures in place for your Salesforce org don’t carry over to your Heroku retention store. We recommend that you give only customer admins access to your Heroku space, as anyone with access can view all data in the Postgres tables.

Additionally, because of the replication step, your Salesforce and Heroku stores sometimes differ. You store only the parts of a field that are important to you, so the same data table in Salesforce and Heroku have different storage capacities. As a result, some of your Heroku rows take up less space, as only the important subset is copied over.

Because Heroku stores your data in tables, you can add to or modify them by using External Objects or by using a database tool or an API. If you choose to use External Objects, configure them only on the cache schema tables, as these tables match the data subset that you chose to retain. In contrast, the Salesforce schema tables are an exact copy of the data already stored in your Salesforce org. Adding External Objects here would be just like modifying your actual Salesforce org storage. If you use External Objects, we recommend using an indirect lookup model to access them and limiting access to only the relevant views. Both actions help you control access and keep your customer data safe.