Privacy Policy

Name of service: {{suite}}

Service description

{{suite}} enables the operation of computer pools with non-persistent virtual machines, which are tailored by lecturers to their courses. Those VMs can optionally be shared across universities.

Obligations

Every user who uploads or modifies virtual teaching environments is responsible for ensuring that all license provisions applicable at their own institution are complied with. At the same time, they are also obliged to ensure to the best of their knowledge and belief that there is no malware (viruses, trojans, etc.) in the virtual teaching environments in accordance with the recommendations of the {{suite}} team.

Data controller and contact information

University of Freiburg, IT Services: {{helpmail}}

Jurisdiction: DE-BW Germany Baden-Württemberg

Personal data processed

The following data is requested from your Home Organisation

• your unique user identifier (IdPPersistentNameIdentifier)
• your role in your Home Organisation (eduPersonScopedAffiliation)
• your permission to use this service independent of your role (eduPersonEntitlement)
• your first and last name (sn, givenName) (*)
• your email address (mail) (*)

The data marked with (*) is not stored on our servers but only forwarded to your institution, unless you participate in the central VM exchange.

Purpose of the processing of personal data

The data is used

• to authorise your access to and use of the resources we provide
• to relate shared public VMs to the owning/uploading person

Third parties to whom personal data is disclosed

We may share your personal data with third parties (or otherwise allow them access to it) in the following cases:

1. (a) to satisfy any applicable law, regulation, legal process, subpoena or governmental request
2. (b) to enforce this Privacy Notice, including investigation of potential violations thereof
3. (c) to relate shared VMs with the owner/uploading person e.g. when the VM is downloaded to a {{suite}} satellite server of another institution using the service

Your personal data may also be accessible by others users of the service if you shared a public VM.

How to access, rectify and delete the personal data

Contact the data controller above. To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk.

Data retention: Personal data is deleted on request by the user or if the user hasn't used the service for two years.

Data Protection Code of Conduct

Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.

Datenschutz

Bei der Registrierung für den {{suite}}-Dienst werden die folgenden Nutzerinformationen von der Heimateinrichtung an den zentralen {{suite}}-Server des Dienstbetreibers ({{provider}}) verschlüsselt übermittelt:

• Vor- und Nachname (sn, givenName) (*)
• E-Mailadresse (mail) (*)
• Eindeutige, anonyme Nutzerkennung (IdPPersistentNameIdentifier)
• Heimateinrichtung (eduPersonScopedAffiliation)
• Status des Nutzers (Dozent/Mitarbeiter, Student, ..., eduPersonScopedAffiliation)

Die mit (*) gekennzeichneten Daten werden nicht zentral gespeichert, sondern nur an Ihre Einrichtung weitergeleitet, es sei denn, Sie nehmen am zentralen VM-Austausch teil.
Wenn Sie nicht am {{suite}}-Dienst teilnehmen, werden keine Daten übertragen. Die Vorschriften des Landesdatenschutzgesetzes (LDSG) und bereichsspezifische Datenschutzvorschriften (insbesondere TKG, TMG) in den jeweils geltenden Fassungen werden beachtet.

Pflichten

Jeder Nutzer, der virtuelle Lehrumgebungen hochlädt oder modifiziert, ist dafür verantwortlich, dass alle an der eigenen Institution gültigen Lizenzbestimmungen eingehalten werden. Gleichzeitig ist er auch dazu verpflichtet, dass er gemäß der Empfehlungen des {{suite}}-Teams nach bestem Wissen und Gewissen dafür sorgt, dass sich keine Schadsoftware (Viren, Trojaner, …) in den virtuellen Lehrumgebungen befindet.