Privacy Policy
| Name of the service | GARR Satosa Gateway |
|---|---|
| Description of the service | GARR Satosa Gateway bridges SAML and OIDC authentication protocols to simplify and increase interoperabilty for GARR operated services. The Gateway translates SAML attrbutes into OIDC claims for backend services. Please read specific services privacy policies for more details on how each service use the user data claims. |
| Data Controller and contact | Consortium GARR, info@garr.it |
| Jurisdiction | IT, Italy |
| Personal data processed | For authenticated users The following data is transmitted by the user's organization: |
| Purpose of the processing of personal data | The personal data of authenticated users are translated from SAML notation into OIDC format, and then forwarded to the service requested by the user. During the translation process some logging on the attribute translation are collected to ensure that the Gateway is converting data formats as expected. |
| Recipients to whom the data can be communicated | The log data will not be released to third parties, except to comply with legal obligations. |
| How to verify, correct and delete your personal data | To rectify the data released by your organization, contact your organization's IT help desk. For more information contact & |
| Duration of treatment | Personal data is deleted at the request of the user |
| Code of Conduct for the Protection of Personal Data | Your personal data will be protected in accordance with the Conduct for Service Providers , a common standard for the research and education sector to protect your privacy |
| Privacy Policy | This privacy policy is; based on Data protection Code of Conduct Privacy policy guidelines for Service Providers |