Privacy Policy

Name of the service

ILC4CLARIN Service Provider

Description of the service

The ILC4CLARIN Service Provider enables federated authentication within the CLARIN Service Provider Federation, allowing seamless and secure access to digital resources. Built on SimpleSAMLphp, this system ensures compliance with identity federation standards, providing Single Sign-On (SSO) capabilities for applications of the Institute for Computational Linguistics "A. Zampolli".

By leveraging this authentication framework, users can securely access various services while maintaining a unified and efficient login experience.

Data controller and contact person

Institute for Computational Linguistics "Antonio Zampolli"
c/o Area della Ricerca di Pisa
Via G. Moruzzi, 1
56124 Pisa
Italy
Phone: +39 050 315 8379
Fax: +39 050 315 2839

Technical contact

Michele Mallia
michele.mallia@ilc.cnr.it
michele.mallia@cnr.it

Jurisdiction

IT, Italy

Personal Data Processed

The following personal information is fetched from the Identity Provider server of your home organisation every time you log in to the service:

  • urn:oid:1.3.6.1.4.1.5923.1.1.1.6 (eduPersonPrincipalName)
  • urn:oid:0.9.2342.19200300.100.1.3 (email)
  • urn:oid:2.16.840.1.113730.3.1.241 (displayName)
  • urn:oid:1.3.6.1.4.1.5923.1.1.1.10 (eduPersonTargetedID)
  • urn:oid:1.3.6.1.4.1.5923.1.1.1.9 (eduPersonScopedAffiliation)

If not all of the attributes above are released by the user's Identity Provider the user might be asked to provide these fields herself.
Log files are created at various levels which include:

  • Personal data information: metadata, IP addresses, User-Agent
  • SAML Requests information: SAML assertions, user's attributes, Issuer, Destination, AuthnRequests
  • System's Information: SAML assertions, user's attributes, Issuer, Destination, AuthnRequests

Purpose of the Processing of Personal Data

The personal data collected during authentication is processed for the following purposes:

  • Authentication and Access Control: To verify user identity and grant access to services.
  • Single Sign-On (SSO) Functionality: To enable seamless login across multiple federated services.
  • Security and Fraud Prevention: To detect unauthorized access attempts and enhance system security.
  • Logging and Auditing: To maintain security logs and comply with legal or institutional requirements.
  • Personalized User Experience: To tailor service access based on user roles and affiliations.
  • Federation Compliance: To ensure compatibility with the CLARIN Service Provider Federation and adhere to its policies.
  • Service Improvement and Monitoring: To analyze authentication trends and enhance system performance.
  • Incident Response and Troubleshooting: To diagnose technical issues and support users in case of authentication failures.

Third parties to whom personal data is disclosed

The personal data are not disclosed to anyone outside of the ILC-CNR for CLARIN-IT team.

How to access, rectify and delete the personal data

The personal information is visible in your profile. If there is no profile, no personal data is directly stored. Use the technical contact above for any requests. To rectify the data released by your Home Organisation, contact your Home Organisation's IT helpdesk.

Data retention

Personal data is deleted on request of the user or if the user hasn't used the service for five years.

Data Protection Code of Conduct

Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.