CESNET CA 4 - Code of Conduct
- Name of the service
- CESNET CA 4 certificates
- Description of the service
- Federalized login to the CESNET CA 4 certificates
- Terms of service
- You can find the terms of service at https://pki.cesnet.cz/en/st-cca-services.html
- Data controller and a contact person
- CESNET, a.l.e.
Jan Chvojka, (jan.chvojka@cesnet.cz)
- Jurisdiction
- CZ Czech Republic
- Personal data processed
- The following data are retrieved from your browser:
- The following data are retrieved from your Home Organisation:
- First name (givenName attribute) [mandatory]
- Surname (sn attribute) [mandatory]
- Firstname and surname without the diacritics (commonNameASCII attribute) [mandatory]
- E-mail address (mail attribute) [mandatory]
- Unique user identifiaction (eduPersonUniqueId attribute) [mandatory]
- Organization name (o attribute) [mandatory]
- Purpose of the processing of personal data
-
- Creating a user profile that can be used to apply for certificates.
- User identification in accordance with international standards.
The specific reasons for each attribute are listed below:
- The IP address of the user requesting the certificate is stored on the webserver for later proof of the legitimacy of the access.
- The first name is used in the CA user profile to apply for certificates.
- The surname is used in the CA user profile to apply for certificates.
- The firstname and surname without the diacritics is used in the CN attribute of the issued certificate, in order to identify the certificate holder in accordance with international standards.
- The e-mail address is used in the e-mail attribute of the issued certificate and in the CA user profile, in order to identify the certificate holder in accordance with international standards.
- The unique user identification is used in the CA user profile to apply for certificates.
- The organization name is used in the attribute of the issued certificate, to identify the certificate holder in accordance with international standards, and in the CA user profile, in order to apply for certificates.
- Third parties to whom personal data is disclosed
- No personal data will be released to any third party. Aggregated and anonymized data may be published.
- How to access, rectify and delete the personal data
- Contact the oou-zadost@cesnet.cz.
- Data retention
- The user account and the personal data associated with it are stored until deleted at
the request of the user. Personal data processed in accordance with international standards
for the purpose of identifying certificate holders are stored for the duration of
the certificate of the issuing CA, ie until 2/2029.
- Data Protection Code of Conduct
- Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy.