Differenze tra le versioni di "Privacy Policy (EN)"

Da WIKI IDEM GARR.
Jump to navigation Jump to search
Riga 21: Riga 21:
 
2. For authenticated users<br>
 
2. For authenticated users<br>
 
Following data is retrieved from your Home Organisation:<br>
 
Following data is retrieved from your Home Organisation:<br>
* your unique user identifier (SAML persistent identifier) to obtain reading access - '''eduPersonTargetedID/edTID (R)''', <br />
+
* '''eduPersonPrincipalName/eppn (R)''': your unique user identifier to obtain writing access and the groups from the istance of Grouper to which this Wiki is connected, <br/>
* your unique user identifier to obtain writing access - '''eduPersonPrincipalName/eppn (R)''', <br/>
+
* '''mail (O)''': your e-mail address to receive notification by the system,<br/>
* your e-mail address to receive notification by the system -  '''mail (R)''',<br/>
+
* '''cn (O)''' o '''givenName + sn (O)''': your Name and your Surname to customize your graphics interface
* your Name and your Surname to customize your graphics interface - '''cn (R)''' o '''givenName + sn (R)'''
 
 
|-
 
|-
 
!Purpose of the processing of personal data
 
!Purpose of the processing of personal data
Riga 41: Riga 40:
 
|-
 
|-
 
!Data Protection Code of Conduct
 
!Data Protection Code of Conduct
|Your personal data will be protected according to the [https://refeds.terena.org/index.php/Data_protection_coc Code of Conduct for Service Providers], a common standard for the research and higher education sector to protect your privacy.
+
|Your personal data will be protected according to the [http://www.geant.net/uri/dataprotection-code-of-conduct/v1 Code of Conduct for Service Providers], a common standard for the research and higher education sector to protect your privacy.
 
|}
 
|}
  
This privacy policy is based on the [https://refeds.terena.org/index.php/Data_protection_coc Data protection Code of Conduct Privacy policy guidelines for Service Providers]
+
This privacy policy is based on the [http://www.geant.net/uri/dataprotection-code-of-conduct/v1 Data protection Code of Conduct Privacy policy guidelines for Service Providers]

Versione delle 23:05, 21 mar 2016

Name of the service IDEM WIKI
Description of the service A collaborative platform for IDEM bodies and day by day operations of IDEM Federation. It provides a lot of information from IDEM bodies about the running of IDEM Federation. Anonymous users can read only some pages, tipically the archives.

Authenticated users can read all the pages. Writing is permitted only to authorized users, tipically the commitees' members and the GARR staff.

Data controller and a contact person Consortium GARR, info@garr.it
Jurisdiction IT, Italy
Personal data processed

1. For all users

  • IP address
  • Referrer address (the web page a user is coming from)

2. For authenticated users
Following data is retrieved from your Home Organisation:

  • eduPersonPrincipalName/eppn (R): your unique user identifier to obtain writing access and the groups from the istance of Grouper to which this Wiki is connected,
  • mail (O): your e-mail address to receive notification by the system,
  • cn (O) o givenName + sn (O): your Name and your Surname to customize your graphics interface
Purpose of the processing of personal data The IP and referrer addresses of all web page visitors are stored in the web server log file for statistical purposes (e.g. to find out from which countries users are accessing the wiki) and for accountability (e.g. in case of misuse of the wiki).

For authenticated users, personal data is used to identify users (who applied which changes to which page), for access control (e.g. only authenticated users can edit wiki pages), for customization (personal preferences) and to (optionally on request) notify users in case a wiki page changed.

Third parties to whom personal data is disclosed No raw data will be released to third parties.

Authenticated users editing wiki pages must be aware that their name and potentially email address are visible to other users of the wiki.

How to access, rectify and delete the personal data Contact system.support@garr.it.
To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk.
Data retention When the user record is going to be deleted or anonymised? Remember, you cannot store user records infinitely. It is not sufficient that you promise to delete user records on request. Instead, consider defining an explicit period.
Personal data is deleted on request of the user or if the user hasn't used the service for two years.
Data Protection Code of Conduct Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.

This privacy policy is based on the Data protection Code of Conduct Privacy policy guidelines for Service Providers