Privacy policy document for the ESCAPE Identity and Access Management service

Name of the service

ESCAPE Identity and Access Management Service

https://iam-escape.cloud.cnaf.infn.it

Description of the service

ESCAPE (European Science Cluster of Astronomy & Particle physics ESFRI research infrastructures) brings together the astronomy, astroparticle and particle physics communities. With this, ESCAPE puts together a cluster with ESFRI projects with aligned challenges of data-driven research, with demonstrated capabilities in addressing various stages of data workflow and concerned with fundamental research through complementary approaches.

ESCAPE aims to produce versatile solutions, with great potential for discovery, to support the implementation of EOSC thanks to open data management, cross-border and multi-disciplinary open environment, according to FAIR (Findable, Accessible, Interoperable and Reusable) principles. The ESCAPE foundations lay on the capacity building of the ASTERICS project work towards enabling interoperability between the facilities, minimising fragmentation, encouraging cross-fertilisation and developing joint multiwavelength/multi-messenger capabilities in astronomy, astrophysics and particle astrophysics communities.

Data Controller

Istituto Nazionale di Fisica Nucleare (INFN)

Via E. Fermi n. 54, 00044 Frascati (Roma)

email: presidenza@presid.infn.it

PEC: amm.ne.centrale@pec.infn.it

Data Protection Officer

email: dpo@infn.it

Contact Person

INFN-CNAF

Viale Berti Pichat 6/2, 40127 Bologna Italy

email: ds@lists.cnaf.infn.it

Jurisdiction

IT-RM Italy Rome

Processed data

The following personal information is requested from the Identity Provider server of your home organisation every time you log in to the service:

  • Name (givenName, surname)
  • Email address
  • Unique ID used to identify the user (eduPersonPrincipalName or SAML persistent ID/eduPersonTargetedID)
  • Affiliation (eduPersonAffiliation, eduPersonScopedAffiliation)

Purpose of the processing of personal data

The ESCAPE Identity and Access Management (IAM) is a central service used to manage identities and authorization policies on ESCAPE computing resources. Personal data and log files are used for:

  • User authentication and authorization at the service or at trusted ESCAPE services
  • Automated sending of email messages necessary for use of the service
  • Statistics and development of the service
  • Integration testing

Regular disclousure of personal data to third parties

Personal data is not regularly disclosed to third parties.

Data retention

Personal data is stored until the user asks to be removed from the service by interacting with the contact person for the service. Access logs are deleted after 12 months.

Transfer of personal data outside the EU or EEA

Personal data shall not be transferred outside the European Union or the European Economic Area.

How to access, rectify and delete the personal data

Get in contact with the contact person for the service. To rectify the data released by a Home Organisation, contact that Home Organisation's IT helpdesk.

Data protection code of conduct

Personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect the user's privacy.

results matching ""

    No results matching ""