Difference between revisions of "GOCDB/data privacy"
Line 53: | Line 53: | ||
|- | |- | ||
| '''Third parties to whom personal data is disclosed''' | | '''Third parties to whom personal data is disclosed''' | ||
| After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and client-services of GOCDB via its Web | | After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and client-services of GOCDB via its Web interfaces. This includes clients authenticated by: | ||
* a certificate issued from a Certification Authority (CA) that is registered in the [[https://www.igtf.net Interoperable Global Trust Federation]]] | * a certificate issued from a Certification Authority (CA) that is registered in the [[https://www.igtf.net Interoperable Global Trust Federation]]] | ||
** this includes <b>countries outside the European Economic Area that may NOT have adequate data protection</b> (pursuant to Article 25.6 of the directive 95/46/EC). | ** this includes clients from <b>countries outside the European Economic Area that may NOT have adequate data protection</b> (pursuant to Article 25.6 of the directive 95/46/EC). | ||
* <strike>users authenticating using the [[http://www.ukfederation.org.uk UK Access Management Federation (UKAMF)]]</strike> (future - not yet implemented). | * <strike>users authenticating using the [[http://www.ukfederation.org.uk UK Access Management Federation (UKAMF)]]</strike> (future - not yet implemented). | ||
<br/> | <br/> |
Revision as of 12:27, 2 December 2015
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Tools menu: | • Main page | • Instructions for developers | • AAI Proxy | • Accounting Portal | • Accounting Repository | • AppDB | • ARGO | • GGUS | • GOCDB |
• Message brokers | • Licenses | • OTAGs | • Operations Portal | • Perun | • EGI Collaboration tools | • LToS | • EGI Workload Manager |
GOCDB Personal Data Privacy and Code of Conduct
DRAFT - Under construction
Some discussion and Q/A on using eppn in EGI/GOCDB: GOCDB/notifications
Data Protection Code of Conduct and Account Registration
The following warning text is shown to all users who register a new GOCDB account (see screen grab below), also note that clicking an 'OK' dialog is required:
- Registering a GOCDB account means you accept that your ID string, your basic user details and roles will be visible to all other users and client-services that authenticate to GOCDB. This includes those authenticated by:
- a certificate issued from a Certification Authority (CA) that is registered by the [Interoperable Global Trust Federation (IGTF)]. Please note, this includes clients from countries from outside the European Economic Area and from countries that may NOT have adequate data protection (pursuant to Article 25.6 of the directive 95/46/EC).
an organisation registered with the UK Access Management Federation(future - not yet implemented).an organisation registered in a federation that participates in eduGAIN(future - not yet implemented).- new authentication/security realms will be listed here and you will be updated by email and notified in the portal.
- Your details are re-published by GOCDB and are used by EGI for Monitoring, Accounting and for use in its data processing systems.
- If you do not provide this consent, please [do NOT register | DELETE your account].
Terms and Conditions table below follows the [template suggested by GEANT] in their privacy policy guidelines for Service Providers:
Name of Service | Grid Operations Centre Database (GOCDB) hosted by the [Science and Technology Facilities Council (STFC)] on behalf of the [European Grid Initiative (EGI.eu)]. |
Description of Service | GOCDB is a central registry to record information about the topology of the EGI e-Infrastructure. This includes entities such as Operations Centres, Resource Centres, service types, service endpoints and their downtimes, user contact information and roles of users responsible for operations at different levels |
Data Controller/Processor and contact | Data Controller: [EGI.eu], Data Processor: [Science and Technology Facilities Council] |
Jurisdiction of data processor | GB |
Personal data processed | Unique user identifier:
|
Purpose of processing personal data | The personal data listed above is used to establish a persistent user account within EGI. Your ID string is re-published by GOCDB to third party service-providers for use in Monitoring, Accounting and other data processing systems. Log files that include your personal identifier are also kept for fault diagnostics, auditing and for security monitoring purposes. |
Third parties to whom personal data is disclosed | After registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and client-services of GOCDB via its Web interfaces. This includes clients authenticated by:
|
Data retention | The personal information listed above is removed on deletion of a GOCDB account. GOCDB accounts will also be deleted after a period of 3yrs of inactivity (will be implemented soon). |
User Provided Positive Informed Consent