• Non ci sono risultati.

Processing of personal data

N/A
N/A
Info
Scarica
Protected

Academic year: 2022

Condividi "Processing of personal data"

Copied!
4
0
0

Caricamento.... (Visualizza il testo completo ora)

Scarica adesso ( 4 pagine )

Testo completo

(1)

Privacy Policy pursuant to Article 13 of EU Regulation 679/2016

Federated authentication service

Processing of personal data

Privacy Policy pursuant to Article 13 of EU Regulation 679/2016 - hereinafter GDPR)

Definitions

⚫ Owner: Legal or Natural Person who determines ways and means of processing personal data of a specific Organization to which the Users belong;

⚫ Data Processor: legal or natural person who processes data on behalf of the Owner within the limits of what has been agreed with him, the Data Processor carries out the instructions of the owner and accepts the controls, in particular on the effective adoption of adequate protection measures for personal data (coincides with the Legal person that manages the "Resource");

⚫ Identity Provider: IT system that provides the federated authentication service for the Users of a specific Organization;

⚫ Resources: services of third parties or of the Owner with which the User of the federated authentication service intends to access;

⚫ Federation of Identity: A group of Entities providing federated authentication services and Entities providing access services to resources that decide to interoperate according to a set of common rules.

⚫ User: natural person who uses the service;

⚫ Interested: natural person whose personal data are being processed by the Owner and any third parties (coincides with the User);

Service Name Identity Provider (IdP)

Description of service The federated authentication service allows users of the University of Teramo to access federated Resources using their institutional credentials.

The federated authentication Service is responsible for

authenticating the user and issuing an authentication token and, if required, a minimum set of personal data for access to the Resource.

(2)

Privacy Policy pursuant to Article 13 of EU Regulation 679/2016

Federated authentication service

Owner of Treatment Name: University of Teramo

Address: via Balzarini 1, 64100 Teramo

The University of Teramo, in the person of its protempore rector, is the owner of the processing of personal data managed through the Service.

Data Protection Officer (GDPR Section 4) (if applicable)

The Data Protection Officer (DPO) can be reached via E_mail at the address rpd@unite.it and by registered letter with return receipt to the address: University of Teramo - GDPR Office, Via Balzarini 1, 64100 - Teramo.

Jurisdiction and supervisory authority IT-IT

Guarantor for the Protection of Personal Data https://www.garanteprivacy.it

(3)

Privacy Policy pursuant to Article 13 of EU Regulation 679/2016

Federated authentication service

Categories of direct and indirect personal data processed and legal basis for the processing

1. one or more unique identifiers;

2. recognition credential;

3. name and surname;

4. e-mail address;

5. role in the organization;

6. membership in work groups;

7. specific rights on resources;

8. name of the relevant organization;

9. Log record of the IdP service: user identifier, date and time of use, requested resource, transmitted

attributes;

10. Log records of the services necessary for the functioning of the IdP service.

The personal data collected are stored in Italy in accordance with the GDPR. Their treatment is aimed at providing the authentication service. The personal data collected will be processed on the basis of European provisions, laws and regulations, for the performance of institutional activities (Article 6 letter e of the GDPR) relating to the Federated Authentication Service.

Purpose of the processing of personal data

Provide the federated authentication service in order to access the resources requested by the interested party.

Verify and monitor the proper functioning of the service and ensure its safety.

Fulfill any legal obligations or requests from the judicial authorities.

Third parties to whom the data is disclosed

The Owner of treatment, in order to provide the service correctly, communicates to the suppliers of the Resources to which the User intends to access the proof of authentication and only the personal data (attributes) required, in full compliance with the minimization principle.

Personal data are transmitted only when the interested party requests access to the third party's resource.

For purposes related to the fulfillment of legal obligations, some log data may be processed by third parties (eg. CERT, CSIRT, Judicial Authority).

Personal data will also be processed by the Cineca Consortium, Via

(4)

Privacy Policy pursuant to Article 13 of EU Regulation 679/2016

Federated authentication service

Magnanelli, 6/3 -40033 Casalecchio di Reno (BO), as external Data Processor.

Rights and exercise of the rights of the interested parties

The subjects to whom the personal data refer, in their capacity as interested parties, may at any time exercise:

• the right to access data,

• the right to request rectification, cancellation, or limitation of processing,

• the right to object to the processing,

• the right to data portability.

Furthermore, the interested party, pursuant to Article 7 paragraph 3 of EU Reg. 679/2016, has the right to withdraw their consent at any time, without however prejudicing the lawfulness of the processing based on the consent given prior to the revocation.

To exercise the aforementioned rights relating to this procedure, the interested party may contact the Data Protection Officer at the University of Teramo who can be contacted at the email address rpd@unite.it or by sending a registered letter with return receipt to the address University of Teramo, GDPR Office - Via Balzarini, 1 64100 Teramo.

Duration of Data Retention All personal data collected in order to provide the federated authentication service are kept for as long as it is necessary to provide the service.

After 12 months of deactivation, all personal data collected or generated by the use of the service are deleted.

Riferimenti

Scarica adesso ( PDF - 4 pagine - 167.16 KB )

Documenti correlati

The Application of Depth Migration for Processing GPR Data

Energy diagram is a good criterion to optimize the accuracy of determining propagation velocity by a migration algorithm.. Split Step Fourier, depth migration, could solve the

Nonzero |Ue3| from charged lepton corrections and the atmospheric neutrino mixing angle

to the bimaximal (LC) or tri-bimaximal value, the number of parameters reduces to three, and the Dirac phase δ in the PMNS matrix can be predicted in terms of the PMNS

An efficient tool for the assisted design of SAR ADCs capacitive DACs

The proposed tool also allows us to compute the DAC switching energy as a function of the output code for all the handled array topologies.. To this aim, the same static

General access to a novel class of silyl heterocycles

A solution of freshly prepared bromo(methoxy)methyl trimethylsilane (4.24 mmol) (obtained from methoxymethyl trimethylsilane and bromine in CCl4) was slowly added at room

Recensione a S Billings, Language, Globalization and the Making of a Tanzanian Beauty Queen

Sabrina Billings’ well-documented and innovative book Language, Globalization and the Making of a Tanzanian Beauty Queen (2013) focuses on the context of Tanzania

Measurement of the ratio of prompt chi_c to J/Psi production in pp collisions at sqrt(s)=7 TeV

28 Institute of Theoretical and Experimental Physics (ITEP), Moscow, Russia 29 Institute of Nuclear Physics, Moscow State University (SINP MSU), Moscow, Russia 30 Institute for

Organization of the Euclid Data Processing: Dealing with Complexity

They can be summarised as follows: LE1 provides telemetry unpacking and decompression (edited telemetry), plus Level 1 (raw) VIS and NISP images; VIS is in charge of processing