Authenticating ...

Privacy policy

All user-related data is kept exclusively to facilitate personal testing. No user-related data is displayed to other Lab users or released to anyone else. There is no possibility that the user's true identity may be uncovered by the EAPlab personell .

Name of the service SENSE EAPlab
Description of the service Virtual laboratory for testing EAP supplicants in a variaty of configuration scenarios.
Data controller and a contact person GEANT Project contact via Server operated by PSNC, ul Z. Noskowskiego 12/14, 61-704 PoznaƄ, Poland.
Jurisdiction PL Poland Poznan.
User data processed 1. For all users
  • IP address
  • Referrer address (the web page a user is coming from)

2. Only for authenticated users

  • A. Data provided by user's Home Organisation upon login:
    • User identifier (Mandatory)
      SAML persistent ID/eduPersonTargetedID. eduPersonPrincipalName is preferred (this is a perisistant identifier which can be linked to the actual user exclusively at the user's home organisation).
  • B. Data supplied by the user himself:
    • Name or nickname
    • Personal settings required by EAPlab testing scenarios
  • C. Data stored in operational logs:
    • Time of EAPlab scenario changes
Purpose of the processing of user data The IP and referrer addresses of all web page visitors are stored in the web server log file for statistical purposes (e.g. to find out from which countries users are accessing the EAPlab) and for technical problem solving.
For authenticated users, the EAPlab receives the user data mentioned-above Home Organisation. This data is used to build a link between the user and an EAPlab profile. User's nickname is is used to display in the page header.
The time of last user's activity is recorded for EAPlab usage statistics and also to determine if a given user profile should be deleted.
Third parties to whom user data is disclosed No raw data will be released to third parties. Aggregated and anonymized data (e.g. how many visitors the Lab had last year) may be published.
How to access, rectify and delete the user data The persistant user identifier is provided by the Home Organisation and cannot be changed. All other data is user supplied and user modifiable.
Authenticated user can delete all account and activity information except for the Web server standard logfile information.
Data retention User data is deleted directly by the user or if the user profile has not been actively used for at least 12 months.
Log files containing IP addresse and Referrer are deleted automatically after one year.
Data Protection Code of Conduct User data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect the user's privacy.