Difference between revisions of "GOCDB/data privacy"
< GOCDB
Jump to navigation
Jump to search
m |
|||
Line 3: | Line 3: | ||
==GOCDB Personal Data Privacy and Code of Conduct== | ==GOCDB Personal Data Privacy and Code of Conduct== | ||
'''DRAFT - Under construction''' | '''DRAFT - Under construction''' | ||
=== | ===Data Protection Code of Conduct and Account Registration=== | ||
* Registering a GOCDB account means you accept that your ID string, your basic user details and roles will be visible to all other | * Registering a GOCDB account means you accept that your ID string, your basic user details and roles will be visible to all other users and client-services that authenticate to GOCDB. This includes those authenticated by: | ||
** a certificate issued from a Certification Authority (CA) that is registered by the [[https://www.igtf.net/ Interoperable Global Trust Federation (IGTF)]]. | ** a certificate issued from a Certification Authority (CA) that is registered by the [[https://www.igtf.net/ Interoperable Global Trust Federation (IGTF)]]. | ||
** <strike>an organisation registered with the UK Access Management Federation</strike> (future - not yet implemented). | ** <strike>an organisation registered with the UK Access Management Federation</strike> (future - not yet implemented). | ||
Line 32: | Line 32: | ||
| '''Personal data processed''' | | '''Personal data processed''' | ||
| ''Unique user identifier:'' <br> | | ''Unique user identifier:'' <br> | ||
If you login/register your GOCDB account using the [[http://www.ukfederation.org.uk/ UK Access Management Federation]] your '''eduPersonPrincipalName''' is retrieved from your home organisation. If you register your GOCDB account using the [[https://www.igtf.net Interoperable Global Trust Federation (IGTF)]], your '''Distinguished Name (DN)''' is retrieved from your personal certificate loaded in your web browser. | * If you login/register your GOCDB account using the [[http://www.ukfederation.org.uk/ UK Access Management Federation]] your '''eduPersonPrincipalName''' is retrieved from your home organisation. | ||
* If you register your GOCDB account using the [[https://www.igtf.net Interoperable Global Trust Federation (IGTF)]], your '''Distinguished Name (DN)''' is retrieved from your personal certificate loaded in your web browser. | |||
<br/><br/> | <br/><br/> | ||
''Basic Contact Details:'' <br> | ''Basic Contact Details:'' <br> | ||
Line 46: | Line 47: | ||
|- | |- | ||
| '''Third parties to whom personal data is disclosed''' | | '''Third parties to whom personal data is disclosed''' | ||
| After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and authenticated client-services of GOCDB via its Web interface and its REST API. This includes those authenticated by the [[https://www.igtf.net Interoperable Global Trust Federation]]] (note, IGTF includes countries outside the European Economic Area) | | After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and authenticated client-services of GOCDB via its Web interface and its REST API. This includes those authenticated by: | ||
* a certificate issued from a Certification Authority (CA) that is registered in the [[https://www.igtf.net Interoperable Global Trust Federation]]] (note, IGTF includes countries outside the European Economic Area). | |||
* users authenticating using the [[http://www.ukfederation.org.uk UK Access Management Federation (UKAMF)]]. | |||
<br/> | <br/> | ||
These details are not shared unless '''positive informed consent is provided by the user''' which is obtained during GOCDB account creation (see screen capture below). This conforms to the [[http://www.ukfederation.org.uk/library/uploads/Documents/rules-of-membership.pdf rules of membership]] for the UKAMF (section 4.1) and [[http://www.geant.net/uri/dataprotection-code-of-conduct/v1/Pages/default.aspx GEANT Data Protection Code of Conduct]] (section f c.) - both stipulate prior consent is required from the end user before their attributes can be shared to third parties including collaboration partners. | |||
|- | |- | ||
| '''Data retention''' | | '''Data retention''' | ||
| The personal information listed above is removed on deletion of a GOCDB account. GOCDB accounts are also deleted after a period of 3yrs of inactivity. | | The personal information listed above is removed on deletion of a GOCDB account. GOCDB accounts are also deleted after a period of 3yrs of inactivity. | ||
<!-- | |||
|- | |- | ||
| '''Data Protection Code of Conduct''' | | '''Data Protection Code of Conduct''' | ||
| Your personal data will be protected following the guidelines set out in the [[http://www.geant.net/uri/dataprotection-code-of-conduct/v1/Pages/default.aspx Code of Conduct for Service Providers ]], a common standard for the research and higher education sector to protect your privacy. | | Your personal data will be protected following the guidelines set out in the [[http://www.geant.net/uri/dataprotection-code-of-conduct/v1/Pages/default.aspx Code of Conduct for Service Providers ]], a common standard for the research and higher education sector to protect your privacy. | ||
--> | |||
|} | |} | ||
Revision as of 15:16, 19 August 2015
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Tools menu: | • Main page | • Instructions for developers | • AAI Proxy | • Accounting Portal | • Accounting Repository | • AppDB | • ARGO | • GGUS | • GOCDB |
• Message brokers | • Licenses | • OTAGs | • Operations Portal | • Perun | • EGI Collaboration tools | • LToS | • EGI Workload Manager |
GOCDB Personal Data Privacy and Code of Conduct
DRAFT - Under construction
Data Protection Code of Conduct and Account Registration
- Registering a GOCDB account means you accept that your ID string, your basic user details and roles will be visible to all other users and client-services that authenticate to GOCDB. This includes those authenticated by:
- a certificate issued from a Certification Authority (CA) that is registered by the [Interoperable Global Trust Federation (IGTF)].
an organisation registered with the UK Access Management Federation(future - not yet implemented).an organisation registered in a federation that participates in eduGAIN(future - not yet implemented).- new authentication/security realms will be added here and you will be notified by email and in the portal.
- Your details are re-published by GOCDB and are used by EGI for Monitoring, Accounting and for use in its data processing systems.
- If you do not provide this consent, please [do NOT register | DELETE your account].
This table follows the [template suggested by GEANT] in their privacy policy guidelines for Service Providers:
Name of Service | Grid Operations Centre Database (GOCDB) hosted by the [Science and Technology Facilities Council (STFC)] on behalf of the [European Grid Initiative (EGI.eu)]. |
Description of Service | GOCDB is a central registry to record information about the topology of the EGI e-Infrastructure. This includes entities such as Operations Centres, Resource Centres, service types, service endpoints and their downtimes, user contact information and roles of users responsible for operations at different levels |
Data Controller/Processor and contact | Data Controller: [EGI.eu], Data Processor: [Science and Technology Facilities Council] |
Jurisdiction of data processor | GB |
Personal data processed | Unique user identifier:
|
Purpose of processing personal data | The personal data listed above is used to establish a persistent user account within EGI. Your identifier is re-published by GOCDB to trusted third party service-providers for use in Monitoring, Accounting and other data processing systems. Log files that include your personal identifier are also kept for fault diagnostics, auditing and for security monitoring purposes. |
Third parties to whom personal data is disclosed | After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and authenticated client-services of GOCDB via its Web interface and its REST API. This includes those authenticated by:
|
Data retention | The personal information listed above is removed on deletion of a GOCDB account. GOCDB accounts are also deleted after a period of 3yrs of inactivity. |
User Provided Positive Informed Consent