diff --git a/src/main/resources/aup.txt b/src/main/resources/aup.txt index e3d7059424c147c7c2536bb40fed35e9e531d59c..9349bb15fe603a804d45e56fc60327b9a976eaf0 100644 --- a/src/main/resources/aup.txt +++ b/src/main/resources/aup.txt @@ -1,46 +1,3 @@ -<h3>Acceptable Use Policy for NMaaS Service</h3> -<p>Network Management as a Service (<a href="https://www.geant.org/NMaaS">NMaaS</a>) provides a portfolio of network management applications run on a per-user, secured network monitoring infrastructure (“NMaaS” or “Service”).</p> +<h3><strong>Acceptable Use Policy</strong></h3> -<ol> - <li><strong>Authorized Use:</strong> - <ul> - <li>NMaaS is for authorized users to manage and monitor network infrastructure.</li> - </ul> - </li> - <li><strong>Prohibited Activities:</strong> - <ul> - <li>Unauthorized access, illegal activities, data manipulation, and distribution of malicious software are strictly prohibited.</li> - </ul> - </li> - <li><strong>Data Protection:</strong> - <ul> - <li>Users must safeguard data confidentiality and integrity, refraining from sharing login credentials.</li> - </ul> - </li> - <li><strong>Resource Conservation:</strong> - <ul> - <li>Users must use NMaaS resources responsibly to avoid impacting performance or availability.</li> - </ul> - </li> - <li><strong>Reporting Violations:</strong> - <ul> - <li>Users must promptly report suspected violations to the NMaaS administrator or support team.</li> - </ul> - </li> - <li><strong>Consequences of Violation:</strong> - <ul> - <li>Violations may lead to disciplinary action or legal consequences.</li> - </ul> - </li> - <li><strong>Policy Review:</strong> - <ul> - <li>This Policy may be updated periodically, with users notified of any changes.</li> - </ul> - </li> -</ol> - -<p>By using NMaaS, users agree to abide by this Policy.</p> - -<p>GÉANT reserves the right to enforce this Policy at its discretion.</p> - -<p>Last Revision: [Insert Date]</p> \ No newline at end of file +Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. \ No newline at end of file diff --git a/src/main/resources/privacy.txt b/src/main/resources/privacy.txt index 7bc31aff9f457d8f1ba2ee60412c512b5d5267fe..eb6ce1b04cf3ec03a128c3d82535cd6ca165c68a 100644 --- a/src/main/resources/privacy.txt +++ b/src/main/resources/privacy.txt @@ -1,108 +1,3 @@ -<h2><strong>NMaaS Privacy Notice</strong></h2> -<h4><strong>Description of the NMaaS Service</strong></h4> -<p><a href="https://www.geant.org/NMaaS" target="_blank">Network Management as a Service (NMaaS)</a> provides a -portfolio of network management applications run on a per-user, secured network monitoring infrastructure. </p> -<p>NMaaS simplifies domain network management by providing the infrastructure and tools via a cloud-based, -multi-tenant and secure network management system. It enables the deployment of network management tools, -as well as management and monitoring of client networks, although NMaaS does not monitor and manage the network by -itself. </p> -<p>To view the general Privacy Notice for GÉANT, please visit the <a href="https://www.geant.org/privacy-notice" -target="_blank">GÉANT website</a>.</p> -<br> -<h4><strong>Why We Process Personal Data</strong></h4> -<p>NMaaS processes personal data: <ul> -<li>to fulfill the service and user support processes; </li> -<li>for user authentication and authorization purposes; </li> -<li>for personalized notification purposes (email communication enabling the change of password, -email notification about events in the system relevant for user operations, e.g. deployed applications and -email notification about general events in the system, e.g. planned downtime, maintenance); </li> -<li>to monitor the use of the NMaaS service for security purposes; </li> -<li>to monitor the use of the NMaaS service for improved resource and performance optimizations; </li> -<li>to track personal data related events (new user registration, user data update and role assignment or revocation). -</li> -</ul></p> -<br> -<h4><strong>What Personal Data We Process</strong></h4> -<p>NMaaS user data is stored in a central relational database and application log files.</br> -The database contains the following user personal data:<ul> -<li><strong>username</strong>, </li> -<li><strong>user identifier</strong> – unique identifier assigned internally by NMaaS, </li> -<li><strong>user IdP identifier</strong> – unique identifier assigned by the Identity Provided used by the user to log in to the -NMaaS Portal (applicable if eduGAIN log in option is used), </li> -<li><strong>password</strong> – user password used to log in to the NMaaS Portal (applicable if user account is being registered -directly in NMaaS), </li> -<li><strong>first name</strong> (optional), </li> -<li><strong>last name</strong> (optional), </li> -<li><strong>email address</strong>. </li></ul></p> -<p>The service log files contain the following user personal data:<ul> -<li><strong>username</strong>, </li> -<li><strong>user identifier</strong>, </li> -<li><strong>first name</strong>, </li> -<li><strong>last name</strong>, </li> -<li><strong>email address</strong>, </li> -<li><strong>IP address</strong> (from which user logged into the NMaaS Portal). </li></ul></p> +<h2><strong>Privacy Notice</strong></h2> -<p>The purpose of NMaaS is to facilitate automated deployment of network management and monitoring applications. -It should be noted that the data collected and stored by particular applications deployed through NMaaS is neither -controlled nor processed by NMaaS service and the NMaaS Operational Team however it might contain user personal data. -NMaaS does not take any responsibility for the data being collected and stored by those applications. </p> -<p>During the application deployment process NMaaS provides a configuration wizard functionality to ease the initial -setup of the application. Wizard prompts the user to provide different type of data about the equipment to be managed -depending on the application being deployed and this data may include for example device access credentials. It should -be noted that it is not advised to provide in the wizard any user personal data and use generic device access accounts -if possible. NMaaS does not take any responsibility for the data being provided by the user in the wizard. </p> -<br> -<h4><strong>Who Do We Share Data With?</strong></h4> -<p>Personal data persisted in the database and in the log files is processed according to the clearly defined goals -by the NMaaS service Operational Team and is not shared with any third party. </p> -<br> -<h4><strong>Personal Data Retention</strong></h4> -<p>NMaaS user personal data is retained in the database for the period in which particular user uses the service. -Since the moment of reception of user account removal request the data is still kept in the database for a period of -6 months after which it is removed. </p> -<p>Log files are retained for a period of 180 days. </p> -<br> -<h4><strong>Security</strong></h4> -<p>We support the following processes to ensure the security of your personal data: -<ul> -<li>Minimisation of personal data we collect;</li> -<li>Managing, limiting and controlling access to personal data;</li> -<li>Resilience of processing systems and services;</li> -<li>Regular testing of the effectiveness of measures implemented. </li></ul></p><br> -<h4 ><strong>Your Rights</strong></h4> -<p>While we process your personal data, we ensure that:<ul> -<li>We process your data fairly and lawfully;</li> -<li>Your data is accurate;</li> -<li>The data we collect is not excessive but only the data we require to provide the service;</li> -<li>Your data is secure;</li> -<li>Your personal data is securely destroyed when no longer required</li></ul></p> -<p>You have the right to ask what personal data we hold about you, and to complain to the Supervisory Authority -(Autoriteit Persoonsgegevens at <a href="https://autoriteitpersoonsgegevens.nl" target="_blank"> -https://autoriteitpersoonsgegevens.nl</a>) about our data processing activities if you feel your data is not -being managed as described here. </p> -<br> -<h4><strong>Contact Information</strong></h4> -<br> -<table class="table table-responsive"> - <tr> - <td><p><strong style="vertical-align: middle">Data Controller and Contact</strong><br></td> - <td> - <strong>Data Protection Officer</strong><br> - GÉANT Association<br> - Hoekenrode 3<br> - 1102 BR<br> - Amsterdam – Zuidoost<br> - Netherlands<br> - Telephone number: +31 20 530 4488<br> - email: <a href="mailto:gdpr@geant.org">gdpr@geant.org</a></p> - </td> - </tr> - <tr> - <td><p><strong style="vertical-align: middle">Jurisdiction</strong><br></td> - <td><strong>Netherlands</strong><br> - Dutch Data Protection Authority <br> - Autoriteit Persoonsgegevens<br> - Postbus 93374 2509 AJ DEN HAAG.<br> - Telephone number: (+31) – (0)70 – 888 85 00. <br></p></td> - </tr> -</table> \ No newline at end of file +Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. \ No newline at end of file