Name: Consortium GARR
Address: Via dei Tizii 6, Roma, Lazio, 00185, Italia

IDEM-Tester

Privacy Policy

Service name	IDEM-Tester
Service description	IDEM-Tester is a modular web application designed both to automate the preliminary checks for organizations wishing to join the IDEM digital identity federation and to verify the validity of metadata over time.
Data Controller and contact	Data Controller: Consortium GARR, email contact: privacy@garr.it - Data Protection Officer: Dr. Davide Vaghetti, email contact: dpo@garr.it
Jurisdiction	IT, Italy
Personal data processed	For authenticated users, the following data are transmitted by the user's home organization: ePPN (required) to gain access to the system, mail (required) to receive notifications from the system, surname (required) to assign the correct last name to the logged-in user, givenName (required) to assign the correct first name to the logged-in user, For non-authenticated users, the following data are transmitted by the user's home organization: mail (required) to receive notifications from the system
Purpose of personal data processing	Common personal data (first and last name) are processed to associate requests and test results with the requester. Identification data, particularly the identifier transmitted by the authentication system, are used to assign users the permissions necessary to use the application.
Legal basis for processing	Personal data are processed as part of a contractual relationship, specifically regarding obligations related to the registration of services within the IDEM GARR AAI Federation.
Recipients to whom the data may be disclosed	Log data will not be released to third parties except where required by law.
How to verify, rectify, and delete your personal data	To rectify the data released by your home organization, contact your organization’s IT support. For further information, contact dpo@garr.it
Data retention period	Personal data are stored for a maximum period of 1 year, after which they are automatically deleted unless an early deletion request has been submitted by the user. Data related to tests may be kept anonymously for statistical and service improvement purposes.
Code of Conduct for Personal Data Protection	Your personal data will be protected in accordance with the "REFEDS Data Protection Code of Conduct ver 2.0". For more information, you can consult the code at the following link: REFEDS Data Protection Code of Conduct ver 2.0

IDEM-Tester

Privacy Policy

Service name	IDEM-Tester
Service description	IDEM-Tester is a modular web application designed both to automate the preliminary checks for organizations wishing to join the IDEM digital identity federation and to verify the validity of metadata over time.
Data Controller and contact	Data Controller: Consortium GARR, email contact: privacy@garr.it - Data Protection Officer: Dr. Davide Vaghetti, email contact: dpo@garr.it
Jurisdiction	IT, Italy
Personal data processed	For authenticated users, the following data are transmitted by the user's home organization: ePPN (required) to gain access to the system, mail (required) to receive notifications from the system, surname (required) to assign the correct last name to the logged-in user, givenName (required) to assign the correct first name to the logged-in user, For non-authenticated users, the following data are transmitted by the user's home organization: mail (required) to receive notifications from the system
Purpose of personal data processing	Common personal data (first and last name) are processed to associate requests and test results with the requester. Identification data, particularly the identifier transmitted by the authentication system, are used to assign users the permissions necessary to use the application.
Legal basis for processing	Personal data are processed as part of a contractual relationship, specifically regarding obligations related to the registration of services within the IDEM GARR AAI Federation.
Recipients to whom the data may be disclosed	Log data will not be released to third parties except where required by law.
How to verify, rectify, and delete your personal data	To rectify the data released by your home organization, contact your organization’s IT support. For further information, contact dpo@garr.it
Data retention period	Personal data are stored for a maximum period of 1 year, after which they are automatically deleted unless an early deletion request has been submitted by the user. Data related to tests may be kept anonymously for statistical and service improvement purposes.
Code of Conduct for Personal Data Protection	Your personal data will be protected in accordance with the "REFEDS Data Protection Code of Conduct ver 2.0". For more information, you can consult the code at the following link: REFEDS Data Protection Code of Conduct ver 2.0