Privacy Policy Membership Management Policy for <Collaboration name>This policy is effective from <insert date>. The current collaboration manager can be found at <insert link>. INTRODUCTION This policy establishes practices that are adopted by <collaboration X> in the management of its members. Accurate management of a collaboration’s members and their authorisation attributes is fundamental to ensuring secure access control. Trust between <collaboration X>, underlying infrastructure and partner collaborations may be established by rigorous application of this policy. COLLABORATION MANAGER<Collaboration X> defines a Collaboration Manager role and assigns this role to two or more individuals. The Collaboration Manager is responsible for meeting the requirements identified in this policy. This responsibility may be devolved to designated personnel in the Collaboration or in the Infrastructure, and their trusted agents (such as Institute Representatives or Resource Centre Managers). MEMBERSHIP LIFE CYCLE REQUIREMENTS Membership Life Cycle: RegistrationMembership Registration is the process by which an applicant joins the Collaboration and becomes a Member. Registration Data must be collected at the time of Registration, verified and stored in compliance with the Privacy Notice [ref]. Reasonable efforts must be spent to validate the data. Membership Life Cycle: Assignment of AttributesAssignment of attributes (such as group membership, entitlements, or roles) shall be the responsibility of the Collaboration Manager or of designated person(s).
Attributes shall be assigned only for as long as they are applicable. Membership Life Cycle: RenewalMembership Renewal is the process by which a User remains a member. Renewal procedures shall
* ensure that accurate Registration Data is maintained
* confirm continued eligibility of the User to use Resources assigned to the Collaboration
* confirm continued eligibility of the User to any attributes
* ensure the reaffirmation of acceptance of the Collaboration AUP
The maximum time span between Registration and Renewal, and between Renewals, shall be <INSERT RENEWAL TIMESPAN>. The User shall be able to correct and amend their Registration Data at any time. Membership Life Cycle: SuspensionThe Suspension of Collaboration membership is the temporary revocation of full or partial rights and of any attributes. Suspension is done by or on behalf of the Collaboration Manager.
A User should be suspended when the Collaboration Manager is presented with reasonable evidence that the member’s identity or credentials have been used, with or without the user’s consent, in breach of relevant Policy.
The Collaboration Manager must act on any requests for suspension without delay.
User’s rights shall not be reinstated unless the Collaboration Manager has sent timely prior notification to all those who requested Suspension. Membership Life Cycle: TerminationThe Termination of Collaboration membership is the removal of a member from the Collaboration. Following Termination, the former member is no longer eligible to use Infrastructure Resources assigned to the Collaboration. The Collaboration must no longer assert membership or attributes for the former member.
In absence of overriding reasons, a request by the User for removal must be honoured.
The events that shall trigger possible termination of the User’s membership of the Collaboration include:
* failure to complete a membership Renewal process within the allotted time
* end of participation of the User in the Collaboration REGISTRATION DATA REQUIREMENTSThe Registration data for a User comprises verified information:
* family name(s)
* given name(s)
* the employing organisation name and address
* a professional email address
* unique and non-reassigned identifier(s) of the User and the source of authority of each identifier
* <Add or delete lines as required>
and is recommended to contain:
* professional contact telephone number so as to inform the User promptly during the investigation of security incidents and of lifecycle events
* other contact information, as voluntarily provided and maintained by the User.
The types of information recorded must be listed in the Privacy Notice AUDIT AND TRACEABILITY REQUIREMENTSThe Collaboration records and maintains an audit log of all membership lifecycle transactions. This audit log is kept for a minimum period consistent with the Traceability and Logging Policies of all Infrastructures that provide resources to the Collaboration.
* Membership,
* assignment of or change to a member’s attributes,
* membership renewal,
* membership suspension,
* membership termination or re-evaluation.
Each logged event should record the date and time, the originator, the details of the event, and whether or not it was approved. The identity of the person granting or refusing the request should be recorded, including any verification steps involved and other people consulted. ACCEPTABLE USE POLICY REQUIREMENTSCollaboration X defines an Acceptable Use Policy (AUP) [ref]. The AUP must be shown to all persons joining the Collaboration. Acceptance of the AUP by Collaboration members who act as responsible persons towards the Infrastructure must be an explicit action, must be recorded, and must be a prerequisite for registration in the Collaboration [ref]. The AUP should provide awareness on inappropriate actions by individual users that may affect the ability of other members to use an infrastructure. Attribution Name of the Service | SHOULD be the same as mdui:DisplayName | | Description of the Service | SHOULD be the same as mdui:Description | | Data controller and a contact person | You may wish to include the Data Controller defined for the Infrastructure, rather than per-service | | Data controller’s data protection officer (if applicable) |
| | Jurisdiction and supervisory authority | The country in which the Service Provider is established and whose laws are applied. SHOULD be an ISO 3166 code followed by the name of the country and its subdivision if necessary for qualifying the jurisdiction. How to lodge a complaint to the competent Data protection authority: Instructions to lodge a complaint are available at... | | Personal data processed and the legal basis | 1. Personal data retrieved from your Home organisation: * your unique user identifier (SAML persistent identifier) *
* your role in your Home Organisation (eduPersonAffiliation attribute) *
* your name *
* ...
2. Personal data gathered from yourself
* Logfiles on the service activity*
* Your profile
* …
* = the personal data is necessary for providing the Service. Other personal data is processed because you have consented to it.
Please make sure the list A. matches the list of requested attributes in the Service Provider's SAML 2.0 metadata.
| | Purpose of the processing of personal data | Don’t forget to describe also the purpose of the log files, if they contain personal data (they usually do) | | Third parties to whom personal data is disclosed | Notice clause of the Code of Conduct for Service Providers. Are the 3rd parties outside EU/EEA or the countries or international organisations whose data protection EC has decided to be adequate? If yes, references to the appropriate or suitable safeguards. | | How to access, rectify and delete the personal data and object to its processing | Contact the contact personal above. To rectify the data released by your Home Organisation, contact your Home Organisation’s IT helpdesk. | | Withdrawal of consent | If personal data is processed on user consent, how can he/she withdraw it? | | Data portability | Can the user request his/her data be ported to another Service? How? | | Data retention | When the user record is going to be deleted or anonymised? Remember, you cannot store user records infinitely. It is not sufficient that you promise to delete user records on request. Instead, consider defining an explicit period.
Personal data is deleted on request of the user or if the user hasn't used the Service for 18 months
| | Data Protection Code of Conduct | Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy |
| 