...
- When you roam and visit other countries, or as a user of the eduroam Managed IdP service, the European proxy servers will receive and log the following data: your realm (denoting your institution and federation) and MAC addresses. We can also receive your username if you have not chosen to anonymise this data (eduroam Managed IdP always uses opaque usernames). When you roam to another institution within your home country the European proxy servers don’t receive any data because they are not included in that process. The service has a legitimate interest in processing this information.
- When you roam and visit other countries or other institutions within your federation we may also process for monitoring, measuring and reporting services, in addition to the data mentioned above, the data about visited country, visited institution and authentication outcome. The service has a legitimate interest in processing this information.
- As part of supporting activities we maintain several public web sites (e.g. web of CAT service) where we collect normal web server logs, i.e. timestamp of access, IP address which requested the page, the page being requested, the HTML result code, etc. The data collected is for the purpose of troubleshooting and debugging potential problems of with eduroam web servers and therefore the service has a legitimate interest in processing this information.
- The eduroam Operational Team maintains a database where we collect data related to NROs, IdPS and SPs to enable supporting services and improve incident response and user support. The data is provided by the NROs based on the eduroam Policy.
- To ensure proper functioning of the of the eduroam Configuration Assistant Tool (CAT) and of the eduroam Managed IdP service we collect the identifers and e-mail addresses of the NRO and IdP admins responsible for the configurations that will be used be the end users. The service has a legitimate interest in processing this information.
The eduroam Managed IdP system also stores
pseudonyms of end users (as instructedan arbitrary identifier for you (given by the IdP administator), and
the second-levelmaintains pseudonyms of that identifier for the actual eduroam access credentials
as derived from those original pseudonyms. It also stores information about successful authentications linked to those pseudonyms.The service has a legitimate interest in processing this information.
Who Do We Share Data With?
...
The contact information collected in the eduroam database is used by the OT and NROs in order to resolve securty incident and debug problems reported by the end users.
Personal data collected for the eduroam Managed IdP are available only to the IdP administrators.
All other personal data is held and processed only by the eduroam OT.
...
All data related to roaming are kept for a period of six months, unless a different requirement is set by legislation in individual European countries.
Personal data stored as part of you credentials issued via eduroam Managed IdP are kept as long as you use those credentials for eduroam access, and until they are removed by the IdP administrators.
Security
We support the following processes to ensure the security of your data:
...
- We process your data fairly and lawfully;
- Your data is accurate (to rectify data released by your home organisation, please contact directly);
- The data we collect is not excessive but only the data we require to provide the service;
- Your data is secure;
- Your personal data is securely destroyed when no longer required.
You also have the right to ask what personal data we hold about you, and to complain to the Supervisory Authority (Autoriteit Persoonsgegevens at https://autoriteitpersoonsgegevens.nl) about our data processing activities if you feel your data is not being managed as described here.
...