Merge pull request #3 from norealroots/main

Update ska-privacy.md
stfc · Jan 29, 2025 · 497354a · 497354a
2 parents 860085d + 3675fdb
commit 497354a
Showing 1 changed file with 16 additions and 16 deletions.
diff --git a/docs/policies/ska-privacy.md b/docs/policies/ska-privacy.md
@@ -4,18 +4,18 @@ This notice, the SKA IAM Privacy Notice, is effective from *29th Jan, 2025*.
 
 The SKA Regional Centre Network (“SRCNet”) is a body under the SKA Observatory ("SKAO") that develops a collaborative and federated network of SKA Regional Centres, globally distributed across SKA partner countries, to host the SKA Science Archive and maximise the scientific productivity and impact of the SKA.
 
-The SKA IAM (Identity and Access Manager) Prototype provides an Authentication and Authorization Infrastructure (AAI) solution to SKAO and SRCNet. The IAM acts as a proxy service, allowing SKAO collaborators access to other SKAO services.
+The SKA IAM (Identity and Access Manager) Prototype provides an Authentication and Authorization Infrastructure (AAI) solution to SKAO and SRCNet. The IAM acts as a proxy service, allowing SKAO collaborators access to SRCNet services.
 
 ## General Principles
 
-SKAO considers it important to process only such personal data as is required for the proper functioning of SKAO services.
+SRCNet considers it important to process only such personal data as is required for the proper functioning of SRCNet services.
 
-The personal data detailed below is collected for the purposes of identification, authentication, authorisation, access control, accounting, billing, resource management and information security. The legal basis for processing this data is for the purposes of the legitimate interests pursued by SKAO and the science communities that SKAO supports in order to provide IT services to its users.
+The personal data detailed below is collected for the purposes of identification, authentication, authorisation, access control, accounting, billing, resource management and information security. The legal basis for processing this data is for the purposes of the legitimate interests pursued by SRCNet and the science communities that SRCNet supports in order to provide IT services to its users.
 
 ## What personal data is collected from you and why?
 
 ### 1. Registration
-When you register with SKA IAM to use SKAO services, the following data may be collected and associated with your account:
+When you register with SKA IAM to use SRCNet services, the following data may be collected and associated with your account:
 
 - Personal Name
 - Professional email address
@@ -25,40 +25,40 @@ When you register with SKA IAM to use SKAO services, the following data may be c
 - Professional address and telephone number
 - A non-reassigned, unique personal identifier - for example, the Subject Distinguished Name (DN) from your personal certificate
 
-This data is necessary for security and accounting purposes to uniquely and properly identify and authenticate you when creating an account for subsequently accessing SKAO services.
+This data is necessary for security and accounting purposes to uniquely and properly identify and authenticate you when creating an account for subsequently accessing SRCNet services.
 
 ### 2. Access
 
-When you access SKAO services, log records of your access to and actions on SKAO resources are created. These records may contain:
+When you access SRCNet services, log records of your access to and actions on SRCNet resources are created. These records may contain:
 
 - your unique identifier (as described in 1, above)
 - your science community group(s) and role(s)
 - the network (IP) address from which you access the services
 - the date and time of access
 - details of actions you perform
 
-In combination with the registration data above, these log records are necessary to meet the reliability and security requirements of SKAO services and for resource management purposes. This includes authentication, authorisation, accounting, security incident handling, assisting in the analysis of reported problems and for contacting you if a problem is identified with your account.
+In combination with the registration data above, these log records are necessary to meet the reliability and security requirements of SRCNet services and for resource management purposes. This includes authentication, authorisation, accounting, security incident handling, assisting in the analysis of reported problems and for contacting you if a problem is identified with your account.
 
 ## For how long will your Personal Data be kept?
 Access logs and accounting records are kept for up to 18 months before being anonymised or deleted.
 
-SKAO will keep your user registration data for as long as you remain a registered member of your Science Community plus the maximum accounting record retention period. In order to enable SKAO to support the user employment life cycle, e.g. to confirm your identity when you return after a period of absence, and unless you explicitly request otherwise, SKAO may keep your registration data for up to 36 months after you leave.
+SRCNet will keep your user registration data for as long as you remain a registered member of your Science Community plus the maximum accounting record retention period. In order to enable SRCNet to support the user employment life cycle, e.g. to confirm your identity when you return after a period of absence, and unless you explicitly request otherwise, SRCNet may keep your registration data for up to 36 months after you leave.
 
 ## How your personal data is protected?
 
-The SKAO IAM is committed to following the REFEDS Data Protection Code of Conduct. Your personal data will be protected according to the [Code of Conduct for Service Providers](https://geant3plus.archive.geant.net/Pages/uri/V1.html), a common standard for the research and higher education sector to protect your privacy.
+The SKA IAM is committed to following the REFEDS Data Protection Code of Conduct. Your personal data will be protected according to the [Code of Conduct for Service Providers](https://geant3plus.archive.geant.net/Pages/uri/V1.html), a common standard for the research and higher education sector to protect your privacy.
 
 Your personal data is protected against unauthorised disclosure, modification or deletion, by technical and organisational measures, including during transfer as described below.
 
 ## Who has access to your personal data?
 
-SKA IAM will make your personal data accessible only to those authorised by SKAO, and only for the purposes described above.
+SKA IAM will make your personal data accessible only to those authorised by SRCNet, and only for the purposes described above.
 
 ## To whom do we transfer your data?
 
-Your personal data may be transferred only to the following parties, and only as far as is necessary to provide the SKAO services that you make use of:
+Your personal data may be transferred only to the following parties, and only as far as is necessary to provide the SRCNet services that you make use of:
 
-- SKAO participants where necessary for the provisioning, operation and security of SKAO services
+- SRCNet participants where necessary for the provisioning, operation and security of SRCNet services
 - trusted third parties for the purposes of security incident response
 
 Other transfers are not allowed except where legally required.
@@ -73,20 +73,20 @@ You have the right to access a copy of the personal data we hold about you and y
 
 If your request is not admissible, we will write to tell you of this including the reasons why.
 
-Changes to or removal of personal data may limit your access to SKAO services.
+Changes to or removal of personal data may limit your access to SRCNet services.
 
 Please make your request using the contact details given below.
 
 ## What legal basis do we use for processing your personal data?
 
-We use legitimate interest as the legal basis for processing data as it is reasonable to expect that we process such data for the purpose of providing you with SKAO services in a safe and secure manner.
+We use legitimate interest as the legal basis for processing data as it is reasonable to expect that we process such data for the purpose of providing you with SRCNet services in a safe and secure manner.
 
 ## Who to contact if you have a query about this privacy notice?
 
 - Customer portal: [STFC Fed Service Team Customer Portal](https://stfc.atlassian.net/servicedesk/customer/portal/31) 
 - Contact Email (STFC Federating Service Team): [iris-iam-support@gridpp.rl.ac.uk](mailto:iris-iam-support@gridpp.rl.ac.uk), with subject "ATTN: Privacy Policy"
 
-The SKAO IAM is operated by the Science and Technology Facilities Council which is part of UK Research and Innovation (UKRI), at:
+The SKA IAM is operated by the Science and Technology Facilities Council which is part of UK Research and Innovation (UKRI), at:
 ```
 SKA IAM Team, Scientific Computing Dept., R89
 Science and Technology Facilities Council
@@ -102,4 +102,4 @@ The applicable jurisdiction for SKA IAM is the **United Kingdom of Great Britain
 ## Source and copyright
 This work, the “SKA Privacy Notice” by the SKA Service Management Team on behalf of SRCNet and SKAO, is licensed under a [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/) license.
 ### Other Sources/Attribution/Acknowledgements:
-The authors acknowledge input from the [WLCG](https://wlcg.web.cern.ch/) and [EGI](https://www.egi.eu/) security policy groups.
+The authors acknowledge input from the [WLCG](https://wlcg.web.cern.ch/) and [EGI](https://www.egi.eu/) security policy groups.