Commit 59ef63ca authored by Lukas Burgey's avatar Lukas Burgey

Make minor changes to the privacy policy

parent b8c91940
<html lang="en">
<head>
<meta charset="utf-8">
<style>
<head>
<meta charset="utf-8">
<style>
@font-face {
font-family: octicons-anchor;
src: url(data:font/woff;charset=utf-8;base64,d09GRgABAAAAAAYcAA0AAAAACjQAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABMAAAABwAAAAca8vGTk9TLzIAAAFMAAAARAAAAFZG1VHVY21hcAAAAZAAAAA+AAABQgAP9AdjdnQgAAAB0AAAAAQAAAAEACICiGdhc3AAAAHUAAAACAAAAAj//wADZ2x5ZgAAAdwAAADRAAABEKyikaNoZWFkAAACsAAAAC0AAAA2AtXoA2hoZWEAAALgAAAAHAAAACQHngNFaG10eAAAAvwAAAAQAAAAEAwAACJsb2NhAAADDAAAAAoAAAAKALIAVG1heHAAAAMYAAAAHwAAACABEAB2bmFtZQAAAzgAAALBAAAFu3I9x/Nwb3N0AAAF/AAAAB0AAAAvaoFvbwAAAAEAAAAAzBdyYwAAAADP2IQvAAAAAM/bz7t4nGNgZGFgnMDAysDB1Ml0hoGBoR9CM75mMGLkYGBgYmBlZsAKAtJcUxgcPsR8iGF2+O/AEMPsznAYKMwIkgMA5REMOXicY2BgYGaAYBkGRgYQsAHyGMF8FgYFIM0ChED+h5j//yEk/3KoSgZGNgYYk4GRCUgwMaACRoZhDwCs7QgGAAAAIgKIAAAAAf//AAJ4nHWMMQrCQBBF/0zWrCCIKUQsTDCL2EXMohYGSSmorScInsRGL2DOYJe0Ntp7BK+gJ1BxF1stZvjz/v8DRghQzEc4kIgKwiAppcA9LtzKLSkdNhKFY3HF4lK69ExKslx7Xa+vPRVS43G98vG1DnkDMIBUgFN0MDXflU8tbaZOUkXUH0+U27RoRpOIyCKjbMCVejwypzJJG4jIwb43rfl6wbwanocrJm9XFYfskuVC5K/TPyczNU7b84CXcbxks1Un6H6tLH9vf2LRnn8Ax7A5WQAAAHicY2BkYGAA4teL1+yI57f5ysDNwgAC529f0kOmWRiYVgEpDgYmEA8AUzEKsQAAAHicY2BkYGB2+O/AEMPCAAJAkpEBFbAAADgKAe0EAAAiAAAAAAQAAAAEAAAAAAAAKgAqACoAiAAAeJxjYGRgYGBhsGFgYgABEMkFhAwM/xn0QAIAD6YBhwB4nI1Ty07cMBS9QwKlQapQW3VXySvEqDCZGbGaHULiIQ1FKgjWMxknMfLEke2A+IJu+wntrt/QbVf9gG75jK577Lg8K1qQPCfnnnt8fX1NRC/pmjrk/zprC+8D7tBy9DHgBXoWfQ44Av8t4Bj4Z8CLtBL9CniJluPXASf0Lm4CXqFX8Q84dOLnMB17N4c7tBo1AS/Qi+hTwBH4rwHHwN8DXqQ30XXAS7QaLwSc0Gn8NuAVWou/gFmnjLrEaEh9GmDdDGgL3B4JsrRPDU2hTOiMSuJUIdKQQayiAth69r6akSSFqIJuA19TrzCIaY8sIoxyrNIrL//pw7A2iMygkX5vDj+G+kuoLdX4GlGK/8Lnlz6/h9MpmoO9rafrz7ILXEHHaAx95s9lsI7AHNMBWEZHULnfAXwG9/ZqdzLI08iuwRloXE8kfhXYAvE23+23DU3t626rbs8/8adv+9DWknsHp3E17oCf+Z48rvEQNZ78paYM38qfk3v/u3l3u3GXN2Dmvmvpf1Srwk3pB/VSsp512bA/GG5i2WJ7wu430yQ5K3nFGiOqgtmSB5pJVSizwaacmUZzZhXLlZTq8qGGFY2YcSkqbth6aW1tRmlaCFs2016m5qn36SbJrqosG4uMV4aP2PHBmB3tjtmgN2izkGQyLWprekbIntJFing32a5rKWCN/SdSoga45EJykyQ7asZvHQ8PTm6cslIpwyeyjbVltNikc2HTR7YKh9LBl9DADC0U/jLcBZDKrMhUBfQBvXRzLtFtjU9eNHKin0x5InTqb8lNpfKv1s1xHzTXRqgKzek/mb7nB8RZTCDhGEX3kK/8Q75AmUM/eLkfA+0Hi908Kx4eNsMgudg5GLdRD7a84npi+YxNr5i5KIbW5izXas7cHXIMAau1OueZhfj+cOcP3P8MNIWLyYOBuxL6DRylJ4cAAAB4nGNgYoAALjDJyIAOWMCiTIxMLDmZedkABtIBygAAAA==) format('woff');
......@@ -718,44 +718,44 @@
margin: 0 auto;
padding: 45px;
}
</style>
</head>
<body>
<article class="markdown-body">
<h1 id="feudal-privacy-policy-and-description">FEUDAL privacy policy and description</h1>
<h2 id="description-of-the-service">Description of the service</h2>
<p>The service <strong>FEUDAL</strong>, or a <em>FEderated User credential DEployment Portal</em>, is a system to reliably deploy local accounts on remote, federated systems. FEUDAL enables users to upload their SSH public keys, and subsequently deploys them to their respective Virtual Machines. In this instance, <strong>FEUDAL</strong> acts as a Portal for users to deploy their SSH public keys to designated <a href="https://www.helmholtz-data-federation.de">Helmholtz Data Federation</a> services. The service is operated by the Karlsruhe Institute of Technology <a href="https://www.kit.edu">(KIT).</a></p>
<h2 id="what-personal-data-is-collected-and-why-purpose-of-data-processing">What personal data is collected and why (purpose of data processing)</h2>
<p>Each time you access FEUDAL the following information is collected:</p>
<ul>
<li>First name, Last name, email address, and identifier released by the OIDC Provider (OP).</li>
</ul>
<p>This data is necessary for account management purposes (e.g. to contact you to inform you of changes to the service or for security purposes), and for the reasons given in the paragraph below.</p>
<p>Log records of your access to and actions on FEUDAL are retained. These records contain:</p>
<ul>
<li>Information mentioned above (personal name, email, identifier)</li>
<li>The network (IP) address from which you access FEUDAL</li>
<li>Time and date of access</li>
<li>Details of actions you perform</li>
</ul>
<p>This data is necessary to ensure that the FEUDAL service is reliable and secure, such as for assisting in the analysis of reported problems, contacting you if a problem is identified with your account and responding to security incidents. This data may also be used for authorised services acting on behalf of authorised users.</p>
<h2 id="who-your-personal-data-is-disclosed-to">Who your personal data is disclosed to</h2>
<p>The collected personal data is only accessible by the authorised personnel of KIT, and then only for reasons outlined above. Your data may be disclosed to outside parties part in accordance to <em>[relevant HDF security policy/GEANT Code of Conduct v2 draft]</em>, as part of incident response procedures.</p>
<h2 id="how-to-access-rectify-and-delete-your-personal-data">How to access, rectify, and delete your personal data</h2>
<p>FEUDAL receives personal data from the OIDC provider. If used provider permits or support info editing functionality, you may edit the data there. Please be aware that changing certain data (e.g. identifier sent by the OIDC provider), may render some of the functionality inaccessible.</p>
<p>For the data retained by FEUDAL, you may use service manager contacts provided below to access or rectify information.</p>
<h2 id="how-long-your-personal-data-will-be-retained">How long your personal data will be retained</h2>
<p>Records of your use of FEUDAL, collected for reasons of security (described in 4 above) will be deleted, at latest, 24 months after your last use of the service.</p>
<p>Other personal data can be deleted immediately or on request as described above.</p>
<h2 id="contact-information">Contact information</h2>
<p>Service managers: <a href="watts-prod@lists.kit.edu" class="uri">watts-prod@lists.kit.edu</a></p>
<p>Data controller: <a href="watts-prod@lists.kit.edu" class="uri">watts-prod@lists.kit.edu</a></p>
<h4 id="supervisory-authorities-dpas">Supervisory authorities (DPAs):</h4>
<ul>
<li><p><a href="https://www.bfdi.bund.de/DE/Home/home_node.html">German DPA</a>. Details for raising concerns for the German DPA can be found <a href="https://www.bfdi.bund.de/DE/Service/Datenschutzerklaerung/datenschutzerklaerung-node.html">here</a></p></li>
<li><p><a href="https://www.baden-wuerttemberg.datenschutz.de/">Baden-Württemberg DPA</a>. <a href="https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde/">Link</a> to file a complaint.</p></li>
</ul>
</article>
</body>
</style>
</head>
<body>
<article class="markdown-body">
<h1 id="feudal-privacy-policy-and-description">FEUDAL privacy policy and description</h1>
<h2 id="description-of-the-service">Description of the service</h2>
<p>The service <strong>FEUDAL</strong>, or a <em>FEderated User credential Deployment PortAL</em>, is a system to reliably deploy local accounts on remote, federated systems. FEUDAL enables users to upload their SSH public keys, and subsequently deploys them to their respective Virtual Machines. In this instance, <strong>FEUDAL</strong> acts as a Portal for users to deploy their SSH public keys to designated <a href="https://www.helmholtz-data-federation.de">Helmholtz Data Federation</a> services. The service is operated by the Karlsruhe Institute of Technology <a href="https://www.kit.edu">(KIT).</a></p>
<h2 id="what-personal-data-is-collected-and-why-purpose-of-data-processing">What personal data is collected and why (purpose of data processing)</h2>
<p>Each time you access FEUDAL the following information is collected:</p>
<ul>
<li>First name, Last name, email address, and identifier released by the OIDC Provider (OP).</li>
</ul>
<p>This data is necessary for account management purposes (e.g. to contact you to inform you of changes to the service or for security purposes), and for the reasons given in the paragraph below.</p>
<p>Log records of your access to and actions on FEUDAL are retained. These records contain:</p>
<ul>
<li>Information mentioned above (personal name, email, identifier)</li>
<li>The network (IP) address from which you access FEUDAL</li>
<li>Time and date of access</li>
<li>Details of actions you perform</li>
</ul>
<p>This data is necessary to ensure that the FEUDAL service is reliable and secure, such as for assisting in the analysis of reported problems, contacting you if a problem is identified with your account and responding to security incidents. This data may also be used for authorised services acting on behalf of authorised users.</p>
<h2 id="who-your-personal-data-is-disclosed-to">Who your personal data is disclosed to</h2>
<p>The collected personal data is only accessible by the authorised personnel of KIT, and then only for reasons outlined above. Your data may be disclosed to outside parties part in accordance to <em>[relevant HDF security policy/GEANT Code of Conduct v2 draft]</em>, as part of incident response procedures.</p>
<h2 id="how-to-access-rectify-and-delete-your-personal-data">How to access, rectify, and delete your personal data</h2>
<p>FEUDAL receives personal data from the OIDC provider. If used provider permits or support info editing functionality, you may edit the data there. Please be aware that changing certain data (e.g. identifier sent by the OIDC provider), may render some of the functionality inaccessible.</p>
<p>For the data retained by FEUDAL, you may use service manager contacts provided below to access or rectify information.</p>
<h2 id="how-long-your-personal-data-will-be-retained">How long your personal data will be retained</h2>
<p>Records of your use of FEUDAL, collected for reasons of security (described in 4 above) will be deleted, at latest, 24 months after your last use of the service.</p>
<p>Other personal data can be deleted immediately or on request as described above.</p>
<h2 id="contact-information">Contact information</h2>
<p>Service managers: <a href="watts-prod@lists.kit.edu" class="uri">hdf-admin@lists.kit.edu</a></p>
<p>Data controller: <a href="watts-prod@lists.kit.edu" class="uri">hdf-admin@lists.kit.edu</a></p>
<h4 id="supervisory-authorities-dpas">Supervisory authorities (DPAs):</h4>
<ul>
<li><p><a href="https://www.bfdi.bund.de/DE/Home/home_node.html">German DPA</a>. Details for raising concerns for the German DPA can be found <a href="https://www.bfdi.bund.de/DE/Service/Datenschutzerklaerung/datenschutzerklaerung-node.html">here</a></p></li>
<li><p><a href="https://www.baden-wuerttemberg.datenschutz.de/">Baden-Württemberg DPA</a>. <a href="https://www.baden-wuerttemberg.datenschutz.de/online-beschwerde/">Link</a> to file a complaint.</p></li>
</ul>
</article>
</body>
</html>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment