Go to EUDAT website

Data Privacy Statement


Name of the Service

EUDAT B2SAFE DPM - Data Policy Manager

Description of the Service

DPM is a tool that provides data policy management functionality. It can be used by data managers to define data policies, store them and share them with the data service providers, who will enforce them; service integrators to integrate a third-party service with the DPM relying on the XML DB API; B2SAFE service administrators to have a view on the policies defined by a community data manager -They can download and enforce them and provide feedback to the data managers.

Data controller and a contact person

Research Infrastructure Services
Division for Research Computing
University Center for Information Technology
University of Oslo
P.O. Box 1059 Blindern
N-0316 OSLO
Norway

Service Administrator Team
E-Mail: dpm-admin@usit.uio.no

Data controller’s data protection officer

Morten Opsal
Internal Auditing Unit
University of Oslo
P.O. Box 1154 Blindern
N-0318 OSLO
Norway
Tel.: +47-22856314
E-Mail: personvernombud@uio.no

Jurisdiction and supervisory authority

The Norwegian Data Protection Authority

A complaint can be lodged at:
The Norwegian Data Protection Authority
P.O. Box 458 Sentrum,
NO-0105 Oslo
Norway
E-Mail: postkasse@datatilsynet.no

Personal data processed and the legal basis A. Personal data retrieved from your remote identity provider (EUDAT B2ACCESS):
  • your unique user identifier (unity:persistent)*
  • your email address (mail)*
B. Personal data gathered from you:
  • logfiles on the service activity*

* the personal data is necessary for providing the Service.

Purpose of the processing of personal data

The personal data retrieved from external identity provider is needed to provide an author to the policies you create and allow the DPM manager to the send approval message for the service and to send any emails relevant to the service (such as outages or upgrades). The logfiles are needed to provide support in case you had problems with the service as well as retrospective examination of security incidents.

Third parties to whom personal data is disclosed

Your unique identifier is exposed to users of the policy.

How to access, rectify and delete the personal data and data policies.

To rectify the data released by EUDAT B2ACCESS, please update them at EUDAT B2ACCESS.
To request an account deletion, please contact us and provide your email address and your federated cloud id (your data policy author id).

Withdrawal of consent

Given consent of attribute releases to service providers within the EUDAT CDI can be withdrawn in B2ACCESS. To withdraw the consent to the DPS or ToU delete the account in B2ACCESS. If you delete your account, you will lose access to all B2* services as well as any date stored therein.

Data portability

You can download your data policies from the service after you logged in. In case of any problems, please contact the person above (Data controller and contact person).

Data retention

Personal data is deleted on your request after the data policies created by you has been withdrawn and removed from the service.

Data Protection Code of Conduct

Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.

Update of this privacy statement

We may update our Privacy Statement from time to time. Updates of our Privacy Statement will be published at this location. Any amendments become effective upon publication. We therefore recommend that you regularly visit the site to keep yourself informed on possible updates.

Version: 1.0
Date: 01.09.2018