Privacy Policy of EISCAT Portal and data services

Carl-Fredrik Enell

This policy is in effect from August 24, 2021

These Portal and Radar Data Download services (The Services) use identification information from EGI Checkin for user authentication and radar data download authorization. Information on the users' affiliations needs to be retained to enable funding agencies to track radar data usage per Associate and Affiliate. As a consequence, EISCAT Scientific Association (EISCAT) may process personal data for the operation of these services. This privacy notice describes how we collect and process personal data when you use the services.

Name of the service EISCAT Portal and Radar Data Download services
Description of the service EISCAT radar online schedule, experiment request and data download portal.
Data controller and contact person EISCAT Scientific Association
Box 812
SE-98128 Kiruna, Sweden.
Contact: services@eiscat.se
Jurisdiction and supervisory authority EISCAT is a registered non-profit organisation in SE (Sweden), NO (Norway), and FI (Finland).
All EISCAT data are the property of EISCAT and the data protection is entirely an EISCAT responsibility. Questions should be directed to the Director, director@eiscat.se
Personal data processed

The services may retrieve and process the following personal and other identity data:

A

Identity data retrieved from EGI services

Note, names and email addresses are stored only on EGI services (Checkin and the Perun attribute management systeem). Refer to their respective Privacy Policies which have to be accepted when registering.

  • Affiliation (eduperson_scoped_affiliation)

  • VO group attributes (eduperson_entitlement)

B

Personal data gathered from yourself

  • IP address

  • Name (Experiment request only)

  • Email (Experiment request only)

  • Phone/Fax (Experiment request only)

Purpose of the processing of personal data

The purpose of the collection, processing and use of the data mentioned above is:

  • Grant usage in accordance with EISCAT statutes and other applicable requirements including funding policies and legal requirements.

  • Log, monitor and debug the operation of the services.

  • Detect possible abuse of the services.

Legal basis The legal basis for processing personal data is: compliance with a legal obligation, and legitimate interests pursued by the controller or by a third party
Third parties to whom personal data is disclosed
  • Within the EU/EEA:

    • GRNET (Checkin service provider)

    • CESNET (Perun service provider)

  • Outside the EU/EEA:

How to access, rectify and delete the personal data and object to its processing Contact the contact persons as listed above. To rectify the data released by your Home Organisation, contact their IT help desk or its equivalent.
Withdrawal of consent When personal data has been processed on user consent, the user can withdraw consent by contacting our contact persons as listed above.
Data retention and deletion The radar data services log your IP address, group membership attributes, and data downloads. Log files will be kept for N years in order to allow EISCAT and funders to monitor the use of our services and radar data.Question from Simon: What to do with the existing Schedule and Notes files? They contain much more personal information
Security We take appropriate technical and organisational measures to ensure personal data security and the protection against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access.
Data Protection Code of Conduct Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.