...
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| Name | Personal Data | Special Category | Data Format | Data Subject | Purpose | Legal bases | Location of PD | Retention Period | Controller Contacts | Processor Contact | Transfer | Recipient | Controls implemented | Interfaces |
| eduroam RADIUS server logs | Outer EAP-identity (username@institution_domain, username can be anonymised but not all users do that), Calling-Station-Id (users MAC address), Chargeable-User-Identity (users anonymous ID) | No | Digital | eduroam end users | debugging, providing quality service, monitoring load of system, dimensioning of the system, incident management and preventing fraud and misuse | (f) legitimate interest | ETLR located in Netherlands (Surfnet) and Denmark (DEIC) | TBD | GÉANTTBD | Surfnet (Netherlands) DEIC (Denmark) | not transfered | N/ATBD | (RADIUS + EAP (SSL used), HTTPS), protective measures according to each hosting centre's security policy. | data received from ETLR |
| eduroam F-ticks | realm, Calling-Station-Id (User’s device MAC address), | No | Digital | eduroam end users | debugging, providing quality service, monitoring load of system, dimensioning of the system, incident management and preventing fraud and misuse | (f) legitimate interest | European F-ticks server located in Croatia (Srce) | permanently | GÉANTTBD | Srce (Croatia) | not transfered | N/A? | protective measures according to each hosting centre's security policy. | data received from federation level RADIUS servers and optionaly from home and visited institution RADIUS servers |
| eduroam Database: NRO information | name, e-mail, phone number | No | Digital | (N)RO contact, if contact is person | performance of contract between GÉANT and (N)RO | (b) contract | Croatia | permanently | GÉANT | Srce | not transfered | N/A? | protective measures according to each hosting centre's security policy. | data received form (N)RO |
| eduroam Database: institution information | name, e-mail, phone number | No | Digital | Institution contact, if contact is person | performance of contract between GÉANT and institution (IdP or SP) | (b) contract | Croatia | permanently | GÉANT | Srce | not transfered | N/A? | protective measures according to each hosting centre's security policy. | data received form (N)RO |
| eduroam Database: service location information | name, e-mail, phone number | No | Digital | location contact, if contact is person | performance of contract between GÉANT and SP | (b) contract | Croatia | permanently | GÉANT | Srce | not transfered | N/A? | protective measures according to each hosting centre's security policy. | data received form (N)RO |
| eduroam CAT (as of version 1.1) | eduPersonTargetedId or equivalent, real name, email address (administrator authentication) email address of new institution administrator (administrator authorisation) | No | Digital | institution administrators | allowing administrators to upload and maintain the information needed to create eduroam installation programs ("installers") within their country / institution (CAT customization) | (b) contract | TBDNetherlands (Surfnet) | the authorisation status of administrators is retained permanently, TBD | GÉANT | Surfnet (Netherlands (Surfnet) | System sends emails with invitation tokens (one variant to institution administrators for sign-up, one variant to NRO personnel for general status updates) | NRO personnelTBD | protective measures according to each hosting centre's security policy. | data received from eduroam SP proxy |
| eduroam Managed IdP | eduPersonTargetedId or equivalent, real name, email address (administrator authentication) email address of new institution administrator (administrator authorisation) usernames of the institution's users (pseudonymous) Outer EAP-identity (username@institution_domain, username can be anonymised but not all users do that), Calling-Station-Id (users MAC address), Chargeable-User-Identity (users anonymous ID) | No | Digital | institution administrators, end users | allowing administrators to upload and maintain the information needed to manage their end user base to the end of creating eduroam installation programs ("installers") within their country / institution, and to authenticate their users in eduroam | (b) contract | TBD | the authorisation status of administrators is retained permanently, TBD | GÉANT | TBD | System sends emails with invitation tokens (one variant to institution administrators for sign-up, one variant to end-users for credentialing, one variant to NRO personnel for general status updates) | NRO personnel | TBD | eduroam database, eduroam SP proxy authentication, administrator input |
...