Grid5000:General Conditions of Use

From Grid5000
Jump to navigation Jump to search


Preamble

In addition to Grid'5000 Usage Policy, this document defines the General Conditions of Use of resources withing the infrastructure, specifying the legal frame and the application of the law to help users be aware of their rights and responsibilities.

Terms

"Infrastructure" means all the hardware and software resources within Grid'5000 that can be made available to the user.

"User" means any person having access to the Infrastructure, regardless of its status.

"Operator" means entity that is operating the Infrastructure (at executive or technical level).

Regulatory compliance

In compliance with French and European Union law, threats to the core values of research and education, including in particular the principles of religious, political and commercial neutrality, are also (but not exclusively) banned and if necessary sanctioned by criminal means. This encompasses:

  • Infringement of the privacy of others, including the transmission without consent of their image or the dissemination of confidential or private written material.
  • Defamation and insult
  • The provocation of minors to commit illegal or dangerous acts, fostering the corruption of a minor, exploitation of pornographic images of a minor, the dissemination of messages in a violent or pornographic way
  • Provocation to commit a crime and or commit suicide, provocation leading to discrimination, including racial hatred, or violence
  • Harassment, unwanted communication to third parties or publicize any illegal information.
  • Copying, distributing or reproducing any software or document protected by copyright law, or in general handling data that affect the rights of third parties (copyright, right of brands, right to respect of privacy, etc.).

As a public service infrastructure, any use of the Infrastructure, for commercial, political or recreational means, if not explicitly allowed by the Operator, is prohibited.

Access to the Infrastructure

Access to the Infrastructure is provided to the user for professional or educational purposes.

The right of access to computing resources is strictly personal and non-transferable. The User is responsible for the use of the resources accessed from its personal connection.

The right of access is temporary. It is removed in the following cases:

Data stored in the Infrastructure

Any data stored in the Infrastructure is considered to be professional, unless its file name contains one of the words: private, personal, privé, personnel.

Before the deletion of their account, users will be informed by e-mail. They must then destroy or retrieve their data.

The Infrastructure is not responsible for loss of data. No backup system is provided by the Infrastructure, users must ensure that their important data is correctly backup.

Security

User is responsible for its use of the Infrastructure. User must not perform any operations that can affect the operation of the Infrastructure or integrity of other users data.

If the user suspects that its password could be compromised, it should immediately be changed. The Operator will not ask for the disclosure a User password.

User must follow basic security rules to manage its personal computer accessing the Infrastructure: encrypt its data, lock its session when away of its workstation, take care when reading emails and browsing the web, apply security updates…

Personal information

User and Operator must comply with rules relative to personal data protection, in accordance January 6, 1978 rules on information technology and freedom and the European Union General Data Protection Regulation 2016/679.

Operator is committed to use personal data only for the purpose for which they are collected (opening the account, performing technical controls…). It makes available upon user request the purpose and the destination of the information recorded and its storage period. It ensures the right to access and to correct the data concerned. The user acknowledges and agrees that some of his personal information cannot be completely removed from the Infrastructure for technical reasons (e.g. use of backup, exchange of e-mails).

When handling files containing personal information, User is required to comply with above-mentioned rules, and in particular:

  • to request authorization by the Operator before any handling of sensitive data, so that the operator can ensure the conformity of the operations intended.
  • to respect the procedures with the national commission for computing and liberties (CNIL), and General Data Protection Regulation.

The Infrastructure provides various system for users to publish information (e.g. wiki). The content of these individual publishing systems is made up by the user under his/her sole responsibility. He is the editor in the sense of the law No. 861067 of 30 September 1986. In the event where these pages obviously contain illicit content, the Infrastructure will suspend its usage.

The Infrastructure is under a legal obligation for the Operator to implement a logging system, archiving Internet access and exchanged digital communications. These archives can be made available by judicial application and contain information allowing the identification of the user, data related to the equipment used, date, time and duration of each communication and services requested. This archive is kept for one year.

In addition, in order to ensure the funding of the infrastructure, the infrastructure keeps statistics about users activity, such as historical information about resources reservations, and users affiliations. The user is informed that this data is intended to be kept forever, even after their account is removed.