| Name of the service |
WAYF Testing Service |
|---|
| Description of the service |
The purpose is to enable developers to inspect the extent and syntactical quality of the information sent from an institution every time one of its users attempts to log into a web service through WAYF. |
|---|
| Data controller and a contact person |
WAYF, the Danish identity federation for research and education
|
|---|
| Jurisdiction |
Denmark |
|---|
| Personal data processed |
1. For all users
- IP address
- Referrer address (the web page a user is coming from)
2. Only for authenticated users
The following attributes are only processed/displayed if they are released by the organisation of the user that is accessing the Testing Service
- Affiliation
- Cell phone number
- Common Name
- Country of Citizenship
- Danish Business Registration Number
- Date of Birth
- Display Name of Home Organisation
- Display Name
- E-mail
- Group memberships
- Home organization type
- Home organization
- Level of Assurance
- National Identity Number (e.g. Danish CPR no.)
- Personal Unique Code
- Preferred language
- Primary affiliation
- Principal name
- Scoped affiliation
- Targeted ID/Persistent ID
- User ID
- Year of Birth
All of the above attributes are declared as required to check if they really are released by an organisation.
|
|---|
| Purpose of the processing of personal data |
The IP and referrer addresses of all web page visitors are stored in the web server log file for debugging purposes.
For authenticated users, the Testing Service may receive all personal data mentioned above. This personal data is only used to check if what attributes a Home Organisation is able to release. |
|---|
| Third parties to whom personal data is disclosed |
No data will be released to third parties but will be processed by our data processor, NORDUnet A/S. Personal data is only shown to the user himself. Data might also be used by WAYF staff members for debugging purposes. |
|---|
| How to access, rectify and delete the personal data |
Contact via sekretariat@wayf.dk.
To rectify the data released by an organisation about you, contact that Home Organisation's IT helpdesk. |
|---|
| Data retention |
Personal data, IP address and referrer are only stored in log files created by the web server and the SAML software. Log files are kept only for a short period of time, and are deleted manually no later than six months after their creation. |
|---|
| Data Protection Code of Conduct |
Personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect the user's privacy. |
|---|
