Name of the service Grouper
Description of the service Grouper group management system for IDEM Identity Italian Federation.

Data controller and a contact person Consortium GARR, info @ garr.it
Jurisdiction IT, Italy
Personal data processed For authenticated users
Following data is retrieved from your Home Organisation:

  • ePPN (O) to obtain access to the system,
  • mail (R) to receive notification by the system,
  • givenName (R) to configure the name of the user logged on the system,
  • surname (R) to configure the surname of the user logged on the system
  • Purpose of the processing of personal data For authenticated users, personal data is used to identify users (who applied which changes to which file), for access control (e.g. only authenticated users can access specific files), for customization (personal preferences) and to notify users in case a file is shared with them. At last the organization is collected to assign the user to the institutional quote agreed with GARR.

    Third parties to whom personal data is disclosed No raw data will be released to third parties.

    Authenticated users editing wiki pages must be aware that their name and potentially email address are visible to other users of the wiki.

    How to access, rectify and delete the personal data Contact idem-help @ garr.it.
    To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk.
    Data retention When the user record is going to be deleted or anonymised? Remember, you cannot store user records infinitely. It is not sufficient that you promise to delete user records on request. Instead, consider defining an explicit period.
    Personal data is deleted on request of the user or if the user hasn't used the service for two years.
    Data Protection Code of Conduct Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.

    This privacy policy is based on the Data protection Code of Conduct Privacy policy guidelines for Service Providers