Authorization Service Privacy Statement
Notes
- The data in this privacy statement must be added to Service Now as a document of type "Record of Processing Operations" (RPO), and must be updated at every release.
- The RPO document should also address these points of the GDPR Compliance: User stories document:
- 1.1: “As a user, I want access to a text that explains what personal data is held about me, for which purpose and for how long” => this is the information provided by the RPO.
- 1.3: “As a user, I would like to be informed about how CERN can get my personal information when I don’t provide it directly” => federated authentication.
Links
Current "Record of Processing Operations" for SSO.
Data processed by the service
Basis = Legitimate interest of CERN
Data | Purposes | Source |
---|---|---|
User identifiers Login and Unix User ID |
|
Identity provider CERN LDAP service, federated institution, external authentication provider like Google, Facebook etc |
|
Identity provider | |
Full name |
|
|
Groups membership |
|
Authorization Service |
IP Addresses |
|
Service portals |
Reasons:
- The service must process all the necessary information to authenticate the user (username, email) and determine the user access rights (group membership).
- The service must provide applications some data to display human readable user information (full name). This is so that the application can display "Authenticated as John Doe" rather than "Authenticated as md5hash@social.network".
Data stored by the service
For CERN users
Data | Retention Period | Purpose |
---|---|---|
CERN Person ID Numeric identifier for a person in the CERN personnel database |
Unlimited. |
|
Full name |
|
|
Birth date |
|
User identification Can be useful e.g. for the Service Desk to distinguish two users with the same name |
Organizational information Department, group, section, supervisor, team leader, type and validity dates of contract or relationship with CERN, office location, acceptance of computing rules |
Duration of affiliation with CERN The data is no longer valid or relevant afterwards |
|
SSO authentication and authorization data User name, email, groups membership |
|
|
For non-CERN users
Data | Retention Period | Purpose |
---|---|---|
SSO authentication and authorization data (User name, email, groups membership). |
Lifetime of the account Deleted on demand |
|
For all users
Data | Retention Period | Purpose |
---|---|---|
Single Sign-On logs Who logs in to which application, username, IP address, destination site, authentication method) |
30 days |
|
Service logs Debug logs |
30 days |
|
User actions auditing | 30 days |
|
Reason:
- The service will store a minimum amount of data so that a person (especially a CERN user) can be identified by the Service Desk if needed (full name, birth date, department and group information etc).
- The service needs to store authentication and authorization data (username, mail, group memberships) to provide them to other applications.
- User actions and logs must be stored for service troubleshooting and to display them to the user.
Data transfered to 3rd parties
Data: User Record attributes
Purpose: Provide validated authentication and user attributes to applications using SSO for authentication.
Who:
- SNow
- Alumni
- EduGain members
- SmartRecruiters
- Kuantic
Reason:
- The service must be able to authenticate users to external applications.