Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

GOCDB/data privacy

From EGIWiki
Jump to navigation Jump to search
Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


Tools menu: Main page Instructions for developers AAI Proxy Accounting Portal Accounting Repository AppDB ARGO GGUS GOCDB
Message brokers Licenses OTAGs Operations Portal Perun EGI Collaboration tools LToS EGI Workload Manager



GOCDB Personal Data Privacy and Code of Conduct

DRAFT - Under construction

This document follows the [template suggested by GEANT] in their privacy policy guidelines for Service Providers:

Name of Service Grid Operations Centre Database (GOCDB) hosted by the [Science and Technology Facilities Council (STFC)] on behalf of the [European Grid Initiative (EGI.eu)].
Description of Service GOCDB is a central registry to record information about the topology of the EGI e-Infrastructure. This includes entities such as Operations Centres, Resource Centres, service types, service endpoints and their downtimes, user contact information and roles of users responsible for operations at different levels
Data Controller/Processor and contact Data Controller: [EGI.eu],
Data Processor: [Science and Technology Facilities Council]
Jurisdiction of data processor GB
Personal data processed Unique user identifier
If you register your GOCDB account using the [UK Access Management Federation] the eduPersonPrincipalName unique identifier is retrieved from your home organisation. If you register your GOCDB account using the [Interoperable Global Trust Federation (IGTF)], the Distinguished Name (DN) unique identifier is retrieved from your personal certificate.


The following data are provided by you on account creation (see below screen capture):

  • Title
  • First name
  • Last name
  • Email address
  • Tel (optional)
Purpose of processing personal data The personal data listed above is used to establish a persistent user account within EGI. Your identifier is re-published by GOCDB to trusted third party service-providers for use in Monitoring, Accounting and other data processing systems. Log files that include your personal identifier are also kept for fault diagnostics, auditing and for security monitoring purposes.
Third parties to whom personal data is disclosed On registering a GOCDB account, the identity string and the personal information listed above is made visible to all other authenticated users and authenticated client-services of GOCDB via its Web interface and its REST API. This includes those authenticated by the [Interoperable Global Trust Federation]] (note, IGTF includes countries outside the European Economic Area) and the [UK Access Management Federation (UKAMF)].


Information is not shared unless positive informed consent is provided by the user which is obtained during GOCDB account creation (see screen capture below). This conforms to the [rules of membership] for the UKAMF (section 4.1) and [GEANT Data Protection Code of Conduct] (section f c.) - both stipulate prior consent is necessary from the end user before their attributes can be shared to third parties including collaboration partners.

Data retention The personal information listed above is removed on deletion of a GOCDB account. GOCDB accounts are also deleted after a period of 3yrs of inactivity.
Data Protection Code of Conduct Your personal data will be protected following the guidelines set out in the [Code of Conduct for Service Providers ], a common standard for the research and higher education sector to protect your privacy.

User Provided Positive Informed Consent

x