This work is co-funded by the EOSC-hub project (Horizon 2020) under Grant number 777536.
Data Protection
Description of the Service
The EGI Accounting service (hereinafter referred to as: “the service” or “Accounting”) stores user accounting records from various services offered by EGI, such as Cloud, High Throughput Compute and storage usage. Accounting data is sent, using the Messaging service, to the central Accounting Repository and can be consulted online through the EGI Accounting Portal. This privacy notice describes how we, the EGI Foundation (hereinafter referred to as "we" or "the Data Controller"), collect and process data by which you can be personally identified (“Personal Data”) when you use the service.Data controller
EGI Foundation Science Park 140 1098 XG Amsterdam Netherlands.
Data protection officer
EGI Foundation Data Protection Officer Science Park 140 1098 XG Amsterdam NetherlandsE-mail: dpo@egi.eu
Jurisdiction and supervisory authority
Jurisdiction: NL, Netherlands EGI Foundation's lead supervisory authority is the Dutch Data Protection Authority. They can be contacted at https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-usPersonal data processed
The service may process the following personal data:- Identification data
- Name
- Identification number (as provided by identity providers like a home institution, or identifiers from third parties like ORCID)
- E-mail address
- Affiliation
- IP address
- Certificate Distinguished Name (DN)
- Behavioural data:
- Usage data
- Technical logs with timestamps
- Data allowing conclusions on the personality:
- Memberships
- Roles
Purpose of the processing of personal data
The purpose of the collection, processing and use of the personal data mentioned above is: To provide the service functions, i.e. collect and publish accounting data about the EGI Federation infrastructure and identify the users accessing the service, and authorise them providing them with capabilities based on their roles. To monitor and maintain service stability, performance and securityLegal basis
The legal basis for processing personal data is: Legitimate interests pursued by the controller or by a third party according to Art. 6 (1) (f) GDPR.Third parties to whom personal data is disclosed
Personal data will not be used beyond the original purpose of their acquisition. In particular, the data you provide to us will not be used for marketing. For the purposes given in this privacy policy, personal data are passed to the following third parties:Within the EU / EEA:
- CESGA: resource provider and sub-contracted data processor operating the Accounting Portal
- GRNET: resource provider, sub-contracted data processor operating the Messaging Service
- Authenticated users with a specific role (i.e. VO managers) can access some personal data
Outside the EU / EEA:
- UKRI: resource provider and sub-contracted data processor operating the Accounting Repository
- Authenticated users with a specific role (i.e. VO managers) can access some personal data
Your rights
You can exercise the following rights at any time by contacting our data protection officer using the contact details provided in the Data Protection Officer section:- Information about your data stored with us and their processing
- Correction of incorrect personal data
- Deletion of your data stored by us
- Restriction of data processing, if we are not yet allowed to delete your data due to legal obligations
- Objection to the processing of your data by us
- Data portability
- You can complain at any time to the supervisory data protection authority (DPA) responsible for you. Your responsible DPA depends on your country and state of residence, of your workplace or of the presumed violation. A list of the supervisory authorities with addresses can be found at https://edpb.europa.eu/about-edpb/board/members_en.
- You can contact EGI Foundation's lead supervising authority using the contact details provided in the Jurisdiction and Supervisory Authority section.