|
|
tbd |
|
|
\ No newline at end of file |
|
|
# Privacy policy document for the [INFN DODAS IAM service][dodas-iam]
|
|
|
|
|
|
## Name of the service
|
|
|
|
|
|
INFN DODAS Identity and Access Management Service
|
|
|
|
|
|
https://dodas-iam.cloud.cnaf.infn.it
|
|
|
|
|
|
## Description of the service
|
|
|
|
|
|
The Dynamic On Demand Analysis Service (DODAS) is a Platform as a Service tool which allows to instantiate on-demand container-based clusters. Both HTCondor batch systems, and platforms for Big Data analysis based for example on Spark or Hadoop, can be deployed on any cloud-based infrastructures with almost zero effort.
|
|
|
|
|
|
DODAS acts as cloud enabler designed for scientists seeking to easily exploit distributed and heterogeneous clouds to process data. Aiming to reduce the learning curve as well as the operational cost of managing community specific services running on distributed cloud, DODAS completely automates the process of provisioning, creating, managing and accessing a pool of heterogeneous computing and storage resources.
|
|
|
|
|
|
The DODAS Identity and Access Management (IAM) service is a central service used to manage identities and authorization policies for DODAS deployments.
|
|
|
|
|
|
## Data Controller and a contact person
|
|
|
|
|
|
INFN-CNAF
|
|
|
|
|
|
Viale Berti Pichat 6/2, 40127 Bologna Italy
|
|
|
|
|
|
Davide Salomoni
|
|
|
|
|
|
davide.salomoni@cnaf.infn.it
|
|
|
|
|
|
Tel: +39 0512095 465
|
|
|
|
|
|
## Jurisdiction
|
|
|
|
|
|
IT-RM Italy Rome
|
|
|
|
|
|
## Processed data
|
|
|
|
|
|
The DODAS Identity and Access Management (IAM) is a service used to manage identities and authorization policies related to DODAS deployments.
|
|
|
|
|
|
The following personal information is requested from the Identity Provider server of your home organisation every time you log in to the service:
|
|
|
- Name
|
|
|
- Email address
|
|
|
- Unique ID used to identify the user (eduPersonPrincipalName or SAML persistent ID/eduPersonTargetedID)
|
|
|
- Affiliation (eduPersonScopedAffiliation)
|
|
|
|
|
|
## Purpose of the processing of personal data
|
|
|
|
|
|
|
|
|
Personal data and log files are used for:
|
|
|
- User authentication and authorization at the service or at trusted DODAS services
|
|
|
- Automated sending of email messages necessary for use of the service
|
|
|
- Statistics and development of the service
|
|
|
- Integration testing
|
|
|
|
|
|
## Regular disclousure of personal data to third parties
|
|
|
|
|
|
Personal data is not regularly disclosed to third parties.
|
|
|
|
|
|
## Data retention
|
|
|
|
|
|
Personal data is stored until the user asks to be removed from the service by interacting with the contact person for the service.
|
|
|
Access logs are deleted after 12 months.
|
|
|
|
|
|
## Transfer of personal data outside the EU or EEA
|
|
|
|
|
|
Personal data shall not be transferred outside the European Union or the European Economic Area.
|
|
|
|
|
|
## How to access, rectify and delete the personal data
|
|
|
|
|
|
Get in contact with the contact person for the service.
|
|
|
To rectify the data released by a Home Organisation, contact that Home Organisation's IT helpdesk.
|
|
|
|
|
|
## Data protection code of conduct
|
|
|
|
|
|
Personal data will be protected according to the [Code of Conduct for Service Providers][code-of-conduct], a common standard for the research and higher education sector to protect the user's privacy.
|
|
|
|
|
|
|
|
|
[dodas-iam]: https://dodas-iam.cloud.cnaf.infn.it
|
|
|
[code-of-conduct]: http://www.geant.net/uri/dataprotection-code-of-conduct/v1 |
|
|
\ No newline at end of file |