Consortium GARR is entitled for user's personal data processing provided by the service, according to art.24 of GDPR 2016/679, and entitled to protect user's personal data privacy and for the communication of the informations related to articles 13 and 14 of GDPR 2016/679 .

Jurisdiction and control authority

Processed Personal Data and Law references basis for the processing

1. Some of all of the following personal data collected:
   1. one or more unique identifiers (uid, schacPersonalUniqueID, eduPersonOrcid, eduPersonTargetedID, SAML persistent identifier);
   2. Identification credentials (userPassword);
   3. Surname and Name (sn, givenName, cn, displayName);
   4. email address (mail);
   5. role in the Organization (eduPersonAffiliation,eduPersonEntitlement);
   6. Organization Name (schacHomeOrganization,schacHomeOrganizationType);
2. User personal data directly collected during normal service operation:
   1. Preferences about consensus on using resources over the internet;
   2. IdP service log records: user identifier, date and time of usage, requested service, attributes sent to the service;
   3. Log record of other services (http, ldap, …).

Consortium GARR ensure user's personal data processing is fully compliant to GDPR 2016/679.
Identification user's credentials (username/password) are stored on GARR IT systems, managed by GARR staff only and will never be transferred to 3rd party entities.
However user's attributes, necessary for user's Resource Providers access through SAML protocol and released using minimization rule, could be transferred to remote Resource Providers (in UE or extra UE, depending on Resource Provdider location) after user's consent approval request form.
Collected personal data are gathered and stored in Italy on Consortium GARR IT systems according to GDPR 2016/679 regulation and for service access only. Their processing is necessary to provide the service.
User's personal data are subjected to limitations of Art.23 GDPR 2016/679

personal data processing policy usage

User personal data collected (during service registration and service use) are necessary to authenticate him/her, granting access to network services he/she requested.

Due to SAML-federated authentication protocol proper nature, user's credentials (username/password) are never sent to 3rd party (both Resource Providers or others Identity Providers).

However end user's attributes identitying him/her,accordingly to SAML protocol, could be sent to Resource Providers, with user's explicit consent, to grant him/her access to the resource he/she requested.

Subscribing this service end user give his/her consent to Consortium GARR to treat his/her data according to EU GDPR 2016/679 and further modifications.

Service logs, containing user's personal data, are collected only to verify service right availability, operation and security according to italian laws.

According to GDPR 2016/679 art.2 section d and art.23, in case of user account violation/compromission user will be notified of it and, if requested by police control authorities, logs could be be given to them for further investigations.

3rd parties data transfer

Consortium GARR Direzione Identity Provider Direzione sends user's attributes to Resource Providers he/she wants to access to following principle of minimization. User's personal data are transferred only when user requests access to the 3rd party Resource Provider and only to access to that 3rd party service.

Such resources are:

• All IDEM Federation resources (https://www.idem.garr.it/servizi/sp);
• eduGAIN interfederation resources, compliant with the GDPR 2016/679 DP Code of Conduct (http://monitor.edugain.org/coco/?show=list_sps);
• eduGAIN resources compliant with Research and Scholarship (https://wiki.refeds.org/display/ENT/Research+and+Scholarship+Review+2017);
• All resources of eduGAIN interfederation (https://technical.edugain.org/entities);

Third parties outside EAA:

• Resources compliant to Data Protection Code of Conduct;
• Resources compliant with Research and Scholarship;
• Resource restricted to direzione GARR staff only;

How to access to, correct, delete personal data and oppose to their processing.

Contact the above mentioned Data Processors.

How to revoke user consent

The only collected data with user consent are preferences about the transmission of attributes to third parties. Data are gathered online at the time of first access to resources, and can be deleted, with the outcome of eliminating consent to their transmission, starting over the login procedure and checking the "Clear prior granting of permission for release of your information to this service" box.

Data portability

User can request to data processor his/her data portability related to digital identities, including credentials and consent information. These will be provided according to Art. 20 of GDPR 2016/679 .

If requested to data processor, data portability will be provided free of charge at the end of service.

>Data Processing Timelife

User's personal data are kept for the whole duration of the user's service request access.
Consortium GARR, previously communicating to the end user, can remove his/her data in case of service (Identity Provider Direzione Consortium GARR) disposal.
User can request standby/delete of his/her profile and data writing to Data Protection Entitled Manager, Data Processing Entitled Manager or Data Processor Entitled Referee (see above).
In case of user's standby procedure his/her data are stored for maximum of 6 months, to evaluate if user can/must be re-activated. At the end of 6 months, if not explicitly requested by the user, all the account's data are permanently deleted.
In case of account disposal user's credentials and data are permanently deleted.

Service logs are stored according to italian privacy and security laws for 6 months, and if necessary and requested by police for crime investigations related to user's service usage for further 6 months. At the end of such period (6 months if not requested by security public authorities for cime investigatin) service logs are permanently deleted.