You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Name of the service

SWAMID Identity Provider Test Suite is combined of the following test Service Providers

  • SWAMID Entity Category Release Check - No EC
  • SWAMID Entity Category Release Check - REFEDS R&S
  • SWAMID Entity Category Release Check - GÉANT CoCo part 1
  • SWAMID Entity Category Release Check - GÉANT CoCo part 2
  • SWAMID Entity Category Release Check - GÉANT CoCo part 3
Description of the service

This is an test service for Identity Provider administrators to test that they follow the SWAMID Best Current Practice for Entity Category Attribute Release.

Data controller and a contact personSwedish Research Council
SWAMID Operations Manager Pål Axelsson, pax@sunet.se
JurisdictionSE Sweden
Personal data processedA. Following data is retrieved from your Home Organisation:
- your unique user identifier (SAML persistent identifier)
- your role in your Home Organisation (eduPersonAffiliation attribute)
...
B. Following data is gathered from yourself:
- your profile
...
Please make sure the list A. matches the list of requested attributes in the Service Provider's SAML 2.0 metadata.
Purpose of the processing of personal dataDon't forget to describe also the purpose of the log files, if they contain personal data (usually they do).
Third parties to whom personal data is disclosedNotice section 2.f: Third Parties of the Code of Conduct for Service Providers
Are the 3rd parties outside EU/EEA or the countries whose data protection EC has decided to be adequate? If yes, notice also section 2.l
How to access, rectify and delete the personal dataContact the contact person above.
To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk.
Data retentionWhen the user record is going to be deleted or anonymised? Remember, you cannot store user records infinitely. It is not sufficient that you promise to delete user records on request. Instead, consider defining an explicit period.
Personal data is deleted on request of the user or if the user hasn't used the service for two years.
Data Protection Code of ConductYour personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.
  • No labels