Difference between revisions of "SPG:Drafts:Data Privacy EGI CheckIn"

From EGIWiki
Jump to: navigation, search
Line 1: Line 1:
EGI AAI DATA PRIVACY POLICY
+
== Draft EGI CheckIn Data Privacy Policy  ==
  
This Privacy Policy explains how we, the EGI CheckIn Service (“We”), treat data by which you can be personally identified (“Personal Data”) as a result of your registration for and use of the EGI e-Infrastructure (“Infrastructure”).
+
This Privacy Policy explains how we, the EGI CheckIn Service (“We”), treat data by which you can be personally identified (“Personal Data”) as a result of your registration for and use of the EGI e-Infrastructure (“Infrastructure”).  
  
We collect the following Personal Data to identify you to enable us to grant you access to the Infrastructure and the services such as compute, storage and network that its participants offer:
+
=== What Personal Data do We collect and process?  ===
  
* Data for User authentication.
+
We collect and process the following Personal Data to identify you thereby enabling us to grant you access to the Infrastructure and to the services and resources provided by the Infrastructure:
**      Identifiers unique to you released by your authentication service     
 
* Data for registration with the EGI CheckIn service and collaboration management
 
**      Your name
 
**      Your institute
 
**      Your e-mail address
 
* Data which may be used to grant you access to the services
 
**      Home Institute, Infrastructure and User Community specific information relating to your affiliations and rights
 
  
 +
*Data for User authentication
 +
**Identifiers unique to you as released by your authentication service
 +
*Data for registration with the EGI CheckIn service and for collaboration management
 +
**Your name
 +
**Your Institute
 +
**Your e-mail address
 +
*Data which may be used to grant you access to the services
 +
**Home Institute, Infrastructure and User Community specific information relating to your affiliations and rights
 +
 +
<br>
  
 
  To enable the Infrastructure to be safe and reliable for your use and to preserve your rights as a user we adhere to The Policy on the Processing of Personal Data (“The Policy”) available here: [see below].
 
  To enable the Infrastructure to be safe and reliable for your use and to preserve your rights as a user we adhere to The Policy on the Processing of Personal Data (“The Policy”) available here: [see below].
  
Purposes?
+
Purposes? We process your personal data solely to grant and manage your access to services provided by the Infrastructure or by User Communities that are bound to the Infrastructure policies.  
We process your personal data solely to grant and manage your access to services provided by the Infrastructure or by User Communities that are bound to the Infrastructure policies.  
 
  
Besides this processing, We will store your personal data in log files and audit archives. These logs and other records are used solely for administrative, operational, monitoring, security and dispute resolution purposes. These may be shared for security incident response purposes with other authorised participants in the academic and research distributed digital infrastructures via secured mechanisms, only for the same purposes and only as far as necessary to provide the incident response capability.
+
Besides this processing, We will store your personal data in log files and audit archives. These logs and other records are used solely for administrative, operational, monitoring, security and dispute resolution purposes. These may be shared for security incident response purposes with other authorised participants in the academic and research distributed digital infrastructures via secured mechanisms, only for the same purposes and only as far as necessary to provide the incident response capability.  
  
 +
<br> Stored were?
  
Stored were?
+
Accessed by whom?  
  
Accessed by whom?
+
Retained for how long?  
  
Retained for how long?
+
Your Personal Data will be shared but only where -
  
Your Personal Data will be shared but only where  -
+
*1. The recipient has agreed to abide by The Policy
  
* 1. The recipient has agreed to abide by The Policy
+
or
  
or
+
*2. Doing so is likely to assist in the investigation of suspected misuse of Infrastructure resources.
  
* 2. Doing so is likely to assist in the investigation of suspected misuse of Infrastructure resources.
+
Your usage of the Infrastructure will be monitored. Records of this use, containing your Personal Data, may be shared as described above for operational, security and accounting purposes only. These records will be purged or anonymised after, at latest, 18 months. You can contact our Data Protection Officer ([insert contact details here]) to obtain a copy of your Personal Data, request that it is corrected in case of factual error or if you suspect that it has been misused. You can also request that we stop using your Personal Data but this will affect your access to the Infrastructure. This Policy should be read with reference to the Policy on the Processing of Personal Data and other Infrastructure policies available at [insert link to Infrastructure Policies here]. [Insert Name and Contact Details of Infrastructure Participant]
Your usage of the Infrastructure will be monitored. Records of this use, containing your Personal Data, may be shared as described above for operational, security and accounting purposes only. These records will be purged or anonymised after, at latest, 18 months.  
 
You can contact our Data Protection Officer ([insert contact details here]) to obtain a copy of your Personal Data, request that it is corrected in case of factual error or if you suspect that it has been misused. You can also request that we stop using your Personal Data but this will affect your access to the Infrastructure.
 
This Policy should be read with reference to the Policy on the Processing of Personal Data and other Infrastructure policies available at [insert link to Infrastructure Policies here].
 
[Insert Name and Contact Details of Infrastructure Participant]
 

Revision as of 17:28, 7 November 2016

Draft EGI CheckIn Data Privacy Policy

This Privacy Policy explains how we, the EGI CheckIn Service (“We”), treat data by which you can be personally identified (“Personal Data”) as a result of your registration for and use of the EGI e-Infrastructure (“Infrastructure”).

What Personal Data do We collect and process? 

We collect and process the following Personal Data to identify you thereby enabling us to grant you access to the Infrastructure and to the services and resources provided by the Infrastructure:

  • Data for User authentication
    • Identifiers unique to you as released by your authentication service
  • Data for registration with the EGI CheckIn service and for collaboration management
    • Your name
    • Your Institute
    • Your e-mail address
  • Data which may be used to grant you access to the services
    • Home Institute, Infrastructure and User Community specific information relating to your affiliations and rights


To enable the Infrastructure to be safe and reliable for your use and to preserve your rights as a user we adhere to The Policy on the Processing of Personal Data (“The Policy”) available here: [see below].

Purposes? We process your personal data solely to grant and manage your access to services provided by the Infrastructure or by User Communities that are bound to the Infrastructure policies.

Besides this processing, We will store your personal data in log files and audit archives. These logs and other records are used solely for administrative, operational, monitoring, security and dispute resolution purposes. These may be shared for security incident response purposes with other authorised participants in the academic and research distributed digital infrastructures via secured mechanisms, only for the same purposes and only as far as necessary to provide the incident response capability.


Stored were?

Accessed by whom?

Retained for how long?

Your Personal Data will be shared but only where -

  • 1. The recipient has agreed to abide by The Policy

or

  • 2. Doing so is likely to assist in the investigation of suspected misuse of Infrastructure resources.

Your usage of the Infrastructure will be monitored. Records of this use, containing your Personal Data, may be shared as described above for operational, security and accounting purposes only. These records will be purged or anonymised after, at latest, 18 months. You can contact our Data Protection Officer ([insert contact details here]) to obtain a copy of your Personal Data, request that it is corrected in case of factual error or if you suspect that it has been misused. You can also request that we stop using your Personal Data but this will affect your access to the Infrastructure. This Policy should be read with reference to the Policy on the Processing of Personal Data and other Infrastructure policies available at [insert link to Infrastructure Policies here]. [Insert Name and Contact Details of Infrastructure Participant]