When you create an account that gives you access to CISM resources or events, you are asked to provide some personal information. At CISM, we value privacy and only collect the data we need in order to fulfil our service and help our users. This document explains how this data, and data that is linked to it, is stored on the CISM infrastructure and processed by the CISM team, in compliance with our obligations under the General Data Protection Regulation 2016/679 and the law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data.
The CISM is the supercomputing center of the Université catholique de Louvain. We operate compute clusters, interactive compute machines, and a storage infrastructure. More information can be found on our website at http://www.cism.ucl.ac.be.
The data we collect comes from two main sources:
- the form that you fill in order to create or renew the account, and
- the logs of the services you use on our infrastructure, such as SSH and Slurm.
We also collect data from quality surveys, but that data is not linked to your account.
Data collection serves three main purposes:
- the legitimate interest of reporting usage of the infrastructure to the funding authorities ;
- the legal obligation of protecting the infrastructure from malicious usage ;
- the performance of our contract assisting you in using the infrastructure or attending the events, notably through generic announcements (mailing lists) or individual contact whenever needed.
We treat your personal data diligently by keeping your personal data up to date; by storing and destroying it securely; by not collecting or retaining personal data not serving the above-stated purposes; by protecting personal data from loss, unauthorised access and public disclosure outside the scope of the CISM. The personal data is kept for as long as you are actively or passively using the CISM services ; for example for as long as you have files uploaded or generated by you stored on our systems.
We share your data only with third parties when that is necessary for you to access additional resource managed by said third party (e.g. Tier-1 clusters, CÉCI clusters, etc), or attend events organised by a third party (e.g. CÉCI user days). That always happens only upon explicit action on your part to request access to that additional resource.
The Responsable CISM is responsible for data processing. Should you wish to exercise your access, rectification, limitation, portability or opposition rights, or remove your consent at any time, please contact him at firstname.lastname@example.org. Any complain about the processing of your personal data can be addressed to the Autorité de protection des données/Gegevensbeschermingsautoriteit.
Feel free to contact us at email@example.com should you need additional information.