Information regarding the processing of personal data by the Indico service
---------------------------------------------------------------------------

When creating a user account in the Indico service, and when logging in to and using the Indico service, personal data is being processed.
Processing is carried out in accordance with the Personal Data Act (1998:204).

The personal data being processed is the following:

  * first and last name
  * organization
  * e-mail address
  * address
  * phone number
  * fax number
  * unique identifier from federated login (e.g., Joint Web Login at Uppsala University), in the case you have chosen to use this login method (called "Single SignOn" in the service)

The purpose of the processing is solely to be able to create your user account and to maintain its information (based on current information) to allow you to use the service.
No personal data is disclosed to any third party.
No personal data is transferred to any third country (a country outside the EU and EEA).

Controller of personal data, and Service Provider, is:

  Uppsala University
  Box 256
  SE-751 05 Uppsala
  Sweden

Facilitator, for the Indico service, is:

  Roger Ruber (please see http://katalog.uu.se/profile/?id=N94-1736_2 for contact details)

Jurisdiction of the Service Provider: Sweden

The controller of personal data is liable to, upon request from an applicant, provide a transcript of personal data records for that applicant.
The controller of personal data is also liable to, upon request from an applicant, rectify incorrect, incomplete or misleading personal data for that applicant.

Personal data is stored for the entire lifetime of the service, given that you have an active user account.
Should you, for some reason, wish to terminate your user account, and have your personal data erased, you are asked to contact the controller of personal data to facilitate this.
For technical reasons (user account management in the Indico software), erasure of certain personal data may be performed through anonymization rather than depletion.

The service adheres to the EU Data Protection Directive in accordance with the G√ČANT Data Protection Code of Conduct (http://www.geant.net/uri/dataprotection-code-of-conduct/v1).