Terms of Use for the EUDAT B2ACCESS service


Version: 1.2

Date: 27 Sep 2017

References: https://b2access.eudat.eu/unitygw/VAADIN/files/terms-of-use.html
      https://b2access.eudat.eu/unitygw/VAADIN/files/data-privacy-statement.html
This Terms of Use is derived from the generic EUDAT Services Terms of Use and it relates to the Data Privacy Statement.

1. B2ACCESS

The purpose of the B2ACCESS service https://b2access.eudat.eu is to arbitrate authenticated access of users, based on their primary identity, to services in the context of the EUDAT Collaborative Data Infrastructure. Multiple security protocols are supported by the B2ACCESS service to allow users, on the one hand side, to choose their preferred primary identity provider and to allow, on the other hand side, service providers to integrate their services by using their preferred security protocols to obtain the information about the user identity and attributes when they are necessary to make user and role-based access decisions.

The purpose of the EUDAT suite of services, including B2ACCESS, is to facilitate science and research in the public interest. This service is for researchers, science and research communities and the interested public.

2. Use

B2ACCESS should be used in good faith. The service must not be used for any personal, recreational, political or commercial purposes. The B2ACCESS service must not be used for any unlawful purpose and no attempt to breach or circumvent any administrative or security controls must be executed.

Every user is accountable for the usage of resources and services made under his/her identity and therefore is obliged to protect his/her passwords.

Every user must provide personal information truthfully.

Logged information, including information provided during the registration purposes, is used for administrative, operational, accounting, monitoring and security purposes only. This also includes the use of cookies which are used to bind sessions temporarily to identities. This information may be disclosed, via secured mechanisms, only for the same purposes and only as far as necessary to provide the B2ACCESS service to other organizations cooperating with EUDAT. Although efforts are made and security measures are taken to maintain confidentiality, no guarantees are given.

3. Sanctions

EUDAT is entitled to regulate, suspend or terminate access to the service. The user is liable for the consequences of violation of any of the conditions of use. Any violation being identified will be subject to corrective action, including possible termination of access, legal action, and criminal liability.

4. General

Users must adhere to the general EUDAT Services Terms of Use on proper use of information services, information security, privacy and computing, storage and networking facilities, and legal terms.

In case of problems, users can request assistance from the EUDAT Help Desk via https://eudat.eu/support-request to ensure the protection of their rights.

Users should report any issues caused by themselves or other users or issues with a service or resource used and which are related to the violation of this Terms of Use or the Data Privacy Statement in a reasonable timeframe. Reports about violations should be directed to the EUDAT Help Desk which will document and redirect the issue report to the appropriate person(s) who take actions, depending on the level of severity and where the violation has occurred.


Terms of Use for EUDAT

INTRODUCTION

Use of EUDAT services and resources

This document describes the Terms of Use (ToU) of EUDAT resources and services. Before using any EUDAT services and resources each user must have read and agreed to understand and follow these terms.

This ToU can be subject of change.

Definitions

Resource and Service description

The shared services and resources made available to users for research purposes are software, (compute) servers, storage devices, media and network devices which are part of the EUDAT infrastructure.

Scope of application

The current document applies to all EUDAT services and resources. It applies for users who are using EUDAT services. The user's consent to this Terms of Use is particularly assumed after he/she has logged into a EUDAT services (e.g. B2DROP, B2SHARE).

Targeted Audience

This ToU is addressed to community data managers, (third party) service providers using resources or services of any EUDAT site (e.g. the Service Hosting Framework) as well as end users of EUDATs B2-services (e.g. the B2DROP, B2SHARE, B2FIND or B2ACCESS). This targeted audiences is called "Users".

USERS RIGHTS AND DUTIES

Users must adhere to the general EUDAT policies and procedures described below including policies on the proper use of information services, information security, privacy and computing, storage and networking facilities, and legal terms.

In case of problems and to ensure the protection of their rights, users can request assistance from EUDAT Help Desk: http://eudat.eu/support-request.

Users should report issues caused by the user or about issues with a service, service component or resource provided by EUDAT partners in a reasonable timeframe, if the issue is related to a violation of these terms. Reports about violations should be directed to the EUDAT Help Desk which will document and redirect the issue report to the appropriate site and person(s) for action or will handle it directly, depending where the violation has occurred.

Personal information

When necessary for providing a requested service, users must provide truthful and relevant personal information such as name, address, and project. They also must notify administrators with any changes to these records. Details concerning the personal information needed are specified for each service in a separate document.

Acceptable use and limited liability

You shall only use EUDAT services and resources to perform work, or transmit or store data consistent with the stated goals, policies and conditions of use as defined by the body or bodies granting you access.

You shall not use EUDAT services and resources for any unlawful purpose and not (attempt to) breach or circumvent any administrative or security controls.

You shall respect intellectual property and confidentiality agreements.

You shall protect your access credentials (e.g. private keys or passwords).

You shall immediately report any known or suspected security breach or misuse of EUDAT services and resources to the EUDATCSIRT csirt@eudat.eu.

Use of the EUDAT services and resources is at your own risk. There is no guarantee that the EUDAT services and resources will be available at any time or that it will suit any purpose. EUDAT is not liable to any compensation in case of lost data or loss of service.

Logged information, including information provided by you for registration purposes, is used for administrative, operational, accounting, monitoring and security purposes only. This information may be disclosed, via secured mechanisms, only for the same purposes and only as far as necessary to other organizations cooperating with EUDAT. Although efforts are made to maintain confidentiality, no guarantees are given.

The access-granting bodies and Resource Providers are entitled to regulate, suspend or terminate your access, within their domain of authority, and you shall immediately comply with their instructions.

You are liable for the consequences of your actions if these are violating any of these conditions of use.

Access conditions

If necessary and where not provided by the user’s community, a userid will be assigned by EUDAT with an associated password generated by and under the control of the user. Access rights to EUDAT services and resources are granted and bound to the user’s identity wherever and whenever necessary. Access is granted for a limited period of time, at the end of which a renewal can be obtained. The range of resources and services which can be accessed and used by the user can be restricted.

These access rights to EUDAT services and resources (required in case of write access or read access to access-restricted resources), as well as the means to use it, are personal, non-transferable, and temporary. Users whose access rights will terminate for any reasons will be informed in a proper time frame. Details may depend on a service level agreement.

Each user is accountable for the resource usage made from his account. To fulfill these responsibilities, some precaution measures should be taken, among which:

Confidentiality

User files are personal, even if they are physically accessible. Consequently, users must:

USE OF SHARED SERVICES AND RESOURCES

The use of EUDAT services and resources by a large numbers of users with different needs requires compliance to some rules. Thus, and in addition of the above, users should:

LEGAL RESTRICTIONS

EUDAT computing, storage and network resources are provided for science and research purposes. There can be restrictions based on country or state laws which will be stated explicitly.

Use of research resources

EUDAT resources and services should not be used for personal or business purposes; for example, computing and network facilities may be used neither in connection with compensated outside work nor for the benefit of organizations not related to EUDAT. It is thus inappropriate to use EUDAT resources for:

Before a commercial service is going to use EUDAT resources, EUDAT must be contacted via the Helpdesk.

Personal information and data privacy

EUDAT resources can potentially make personal information available to users. Access to such data is provided only for statistical and research purposes. Personal Information shall not be used for any other purposes without the prior written consent of EUDAT and where necessary the data producer(s):

Users should:

On termination of the current document for whatever reason, all access to the Personal Information related to the Purpose shall cease forthwith, and electronic access be denied.

EUDAT reserves the right to monitor, record, and audit, or to request a written report from the users regarding, the use and activities relating to the use, of the Personal Information by the users during the lifetime of this agreement.

Any incidents of unauthorized access to, processing of, or disclosing of, the Personal Information must be reported immediately to EUDAT.

Software protection

Users must respect the legal protection provided by copyright and licensing of software and data; for example, not to make copies of a licensed computer program to avoid paying additional license fees or to share it with other users.

Inappropriate content

In addition to the software protection, users are not allowed to use EUDAT resources to store or access any potentially unlawful or clearly inappropriate content or data. Any violation being identified on the EUDAT resources will lead to sanctions, access termination and legal actions.

POTENTIAL SANCTIONS

Any user who abuses the privilege of their access to EUDAT resources in violation of this policy will be subject to corrective action, including possible termination of access, legal action, and criminal liability.

Administrative action

Access rights can be suspended and access can be immediately denied as soon as the user’s position or projects do no longer require it. Access rights can also be suspended or terminated if the user abuses the rules defined in this policy document; for example, supplying deliberately erroneous information, using another user's account, copying or distributing copyrighted or licensed software or data will be considered as a policy violation, and as such will be subject to termination of access.

Legal action

EUDAT may mandate local representatives to take legal action based on laws in place in the country or state where the violation has been taken place, regardless of the administrative actions taken.