Name of the service
INDIGO Identity and Access Management Service
Description of the service
The INDIGO Identity and Access Management (IAM) Service provides a layer where identities, enrollment, group membership and other attributes and authorization policies on distributed resources can be managed in an homogeneous way. In particular, the IAM acts as a central service for authentication and authorization management for linked INDIGO-Datacloud services.
Data Controller and a contact person
Viale Berti Pichat 6/2, 40127 Bologna Italy
Tel: +39 051 6092845
IT-RM Italy Rome
The following personal information is requested from the Identity Provider server of your home organisation every time you log in to the service:
- Email address
- Unique ID used to identify the user (eduPersonPrincipalName or SAML persistent ID/eduPersonTargetedID)
- Affiliation (eduPersonScopedAffiliation)
Purpose of the processing of personal data
The INDIGO IAM service provides a central service for authentication and authorization management for INDIGO-Datacloud services. Personal data and log files are used for:
- User authentication and authorization at the service or at trusted INDIGO services
- Automated sending of email messages necessary for use of the service
- Statistics and development of the service
- Integration testing
Regular disclousure of personal data to third parties
Personal data is not regularly disclosed to third parties.
Personal data is stored until the user asks to be removed from the service by interacting with the contact person for the service. Access logs are deleted after 12 months.
Transfer of personal data outside the EU or EEA
Personal data shall not be transferred outside the European Union or the European Economic Area.
How to access, rectify and delete the personal data
Get in contact with the contact person for the service. To rectify the data released by a Home Organisation, contact that Home Organisation's IT helpdesk.
Data protection code of conduct
Personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect the user's privacy.