diff --git a/templates/core/auth/login_page.html b/templates/core/auth/login_page.html index bb2e89d..a728f72 100644 --- a/templates/core/auth/login_page.html +++ b/templates/core/auth/login_page.html @@ -25,7 +25,7 @@ {% set other_local_providers = providers|rejectattr('is_external')|reject('equalto', active_provider)|list %} diff --git a/templates/privacy_policy.html b/templates/privacy_policy.html new file mode 100644 index 0000000..22cb1d6 --- /dev/null +++ b/templates/privacy_policy.html @@ -0,0 +1,368 @@ + + +
+ + + + + + +Author: UK Atomic Energy Authority
+Date: July 30, 2024
+ +Personal Data |
+ Purpose |
+ Basis |
+ Source |
+
---|---|---|---|
Your Name and Title, Affiliation |
+ [User] To identify you; Allowing others to find you on Indico; + Pre-filling your information in events at which you register; Allowing + event managers to contact you and to generate booklets, badges and + timetables |
+ Legitimate interest of UKAEA |
+ User or UKAEA Account, LDAP, or Active Directory + Services |
+
Your e-mail address |
+ [User] To identify you as an Indico user, to provide you with the + service, for technical support and troubleshooting, to communicate with + you, to send you e-mail notifications; Allowing others to find you on + Indico; Pre-filling your information in events at which you register; + Allowing event managers to contact you and to generate booklets, badges + and timetables |
+ Legitimate interest of UKAEA |
+ User or UKAEA Account, LDAP, or Active Directory + Services |
+
Your user preferences (language, time zone, preferred + display and navigation settings) and favourite categories and + users |
+ [User] Improving your experience while using Indico, adapting the + interface to your preferences |
+ Legitimate interest of UKAEA |
+ User |
+
Which events you are involved in, in which categories, + and your role in them |
+ [Event] Allowing you to access protected contents and to manage + access rights in Indico |
+ Legitimate interest of UKAEA |
+ User and/or event organizers and/or category managers |
+
Which categories you manage |
+ [User] Access Control, allowing others to contact you so that you + grant permissions to them |
+ Legitimate interest of UKAEA |
+ Access privileges granted by another manager or an + administrator |
+
Any actions you perform while managing an event + (creating/removing/editing content, mails sent through Indico, etc...) + and timestamp |
+ [Event] To enable event managers to investigate possible + problems, to provide technical support and troubleshooting by the Indico + Service |
+ Legitimate interest of UKAEA |
+ Automatically detected from your interactions with the + system |
+
Your IP address, visited URLs and corresponding + timestamp |
+ Debugging of the Indico application, Security Auditing |
+ Legitimate interest of UKAEA |
+ Automatically detected from your interactions with the + system |
+
+ *Legitimate interest of UKAEA: In the legitimate interests of UKAEA + supporting the professional activities of the individual or their + security and safety. +
+ + Personal data that is stored +Personal Data |
+ Retention Period |
+ Purpose |
+
---|---|---|
All data above labelled [User] |
+ Lifetime of your Indico account |
+ To provide you with the Indico service |
+
All data above labelled [Event] |
+ Until the event is deleted or the retention period of + registration data, selected by event organisers, expires. |
+ To provide you with the Indico service |
+
Your IP address, visited URLs and corresponding timestamp + |
+ 30 days after the timestamp |
+ Debugging, Security Auditing and Security incident investigation + and response |
+
+ Indico Service Administrators can be contacted to either: +
+anonymise and unlink user account data on request,
delete user account information and associated materials
+ Event Organisers can be contacted separately to remove registrations and + data according to the events privacy policy +
+Personal Data |
+ Who |
+ Purpose |
+
---|---|---|
All data above |
+ Indico Service Providers |
+ To provide you with the Indico service, Debugging, Security + Auditing and Security incident investigation and response, technical + support and troubleshooting |
+
Your Name if you are a category manager |
+ All UKAEA users with access to the category you manage |
+ Provision of transparency about the responsibilities for a + category, allowing others to contact you in order to ask for + privileges |
+
Your e-mail address, Your Name, which events you are + involved in, in which categories, and your role in + them |
+ Indico or UKAEA Users who can access/manage the same events as + you |
+ Provision of transparency about the responsibilities for an + event |
+
Your Name and Title, Affiliation, Your e-mail + address |
+ All users holding an Indico account |
+ To allow other Indico users to find you, for example to mention + you as a participant in an event |
+
+ This Privacy Policy describes how UKAEA ("we", "us", or "our") collects, + uses, and protects personal information collected through the UKAEA’s + Indico instance ("Service"). +
+
+
+ 1.1 Personal Information: When you use the Service, we
+ may collect personal information that you provide voluntarily, such as
+ your name, email address, affiliation, and other contact details.
+
+
+ 1.2 Event Information: We may also collect information
+ related to events you create or register for, including event titles,
+ dates, locations, and any additional details provided.
+
+
+ 1.3 Usage Data: We may collect usage data automatically
+ when you access or use the Service, including your IP address, browser
+ type, operating system, and other technical information.
+
+ 2.1 Service Provision: We use the information collected
+ to provide, maintain, and improve the Service, including facilitating
+ event registration, managing event details, and providing support.
+
+
+ 2.2 Communication: We may use your contact information
+ to communicate with you about events, updates, promotions, and other
+ relevant information related to the Service.
+
+
+ 2.3 Analytics: We may use usage data for analytics
+ purposes to understand how users interact with the Service, diagnose
+ technical issues, and improve user experience.
+
+ 3.1 Third-Party Service Providers: We may share
+ personal information with third-party service providers who assist us in
+ operating the Service, such as hosting providers, payment processors,
+ and analytics services.
+
+
+ 3.2 Legal Compliance: We may disclose personal
+ information when required by law or in response to valid legal requests,
+ such as court orders or subpoenas.
+
+ 4.1 Retention Period: We retain personal information + for as long as necessary to fulfil the purposes outlined in this Privacy + Policy, unless a longer retention period is required or permitted by + law. +
++ 5.1 Security Measures: We implement appropriate + technical and organizational measures to protect personal information + against unauthorized access, disclosure, alteration, or + destruction. +
+
+ 6.1 Access, Correction, and Deletion: You have the
+ right to access, correct, or update your personal information at any
+ time. Additionally, you have the right to request the deletion of your
+ personal information where permitted by law. You may exercise these
+ rights by accessing your account settings, contacting us directly, or
+ submitting a deletion request through the designated channels.
+
+
+ 6.2 Opt-Out: You may opt out of receiving promotional
+ communications from us by following the unsubscribe instructions
+ provided in such communications or by contacting us directly.
+
+ 7.1 Age Limitation: The Service is not intended for use + by individuals under the age of 13. We do not knowingly collect personal + information from children under the age of 13 without parental + consent. +
++ 8.1 Updates: We may update this Privacy Policy from + time to time to reflect changes in our practices or legal requirements. + We will notify you of any material changes by posting the updated + Privacy Policy on the Service. +
++ 9.1 Questions: If you have any questions about this + Privacy Policy or our privacy practices, please contact us at help@indico.ukaea.uk +
+Author: UK Atomic Energy Authority
+Date: July 30, 2024
+ ++ These terms and conditions ("Terms") govern your access to and use of + the UKAEA Indico instance ("Service"). By accessing or using the + Service, you agree to be bound by these Terms. If you do not agree to + these Terms, you may not access or use the Service. +
+
+ 1.1 Eligibility: Access to the Service is available to both registered
+ users and external visitors. External visitors are permitted to view and
+ register for public events without registering for an account. However,
+ by registering for an account, you represent and warrant that all
+ registration information you submit is truthful and accurate.
+
+
+ 1.2 Access Credentials: You are responsible for maintaining the
+ confidentiality of your account credentials and for all activities that
+ occur under your account. You agree to notify us immediately of any
+ unauthorized use of your account or any other breach of security.
+
+
+ 1.3 Violation of Terms: UKAEA reserves the right, without notice or
+ liability and at its sole discretion, to restrict or remove a user’s
+ access where it considers that use of the Service violates the
+ Terms.
+
+ 2.1 Permitted Use: You may use the Service only for lawful purposes and
+ in accordance with these Terms. You agree not to use the Service in any
+ way that violates any applicable law or regulation.
+
+
+ 2.2 Prohibited Activities: You agree not to engage in any of the
+ following activities:
+
+
Use the Service in any manner that could disable, overburden, + damage, or impair the Service or interfere with any other party's use of + the Service.
Attempt to gain unauthorized access to, interfere with, damage, + or disrupt any parts of the Service, the server on which the Service is + hosted, or any server, computer, or database connected to the + Service.
Use the Service to transmit any viruses, defects, or items of a + destructive nature.
+ 3.1 Ownership: The Indico software and its original content, features,
+ and functionality are developed and maintained by the Indico development
+ team and the open-source community. UKAEA utilises the Indico software
+ as an Event Management Solution. The Indico software is licensed under
+ the MIT license:
+
+
+
+ Copyright (c) European Organization for Nuclear Research (CERN) +
+ + Permission is hereby granted, free of charge, to any person obtaining a + copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: +
+ + The above copyright notice and this permission notice shall be included + in all copies or substantial portions of the Software. +
+ + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS + OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +
+ 4.1 Privacy Policy: Your use of the Service is subject to UKAEA's
+ Privacy Policy, which is incorporated into these Terms by reference. By
+ using the Service, you consent to the collection and use of your
+ information in accordance with the Privacy Policy.
+ 5.1 Disclaimer: The Service is provided "as is" and "as available"
+ without any representations or warranties of any kind, express or
+ implied. UKAEA disclaims all warranties, whether express, implied,
+ statutory, or otherwise, including but not limited to any warranties of
+ merchantability, non-infringement, and fitness for particular
+ purpose.
+
+ 5.2 Limitation of Liability: In no event shall UKAEA be liable for any
+ indirect, special, incidental, consequential, or punitive damages,
+ including but not limited to loss of profits, data, or use, arising out
+ of or in connection with the Service or these Terms.
+
+ 6.1 Jurisdiction: These Terms shall be governed by and construed in + accordance with the laws of England, without regard to its conflict of + law principles, and the parties hereby submit to the exclusive + jurisdiction of the English courts. +
+
+ 7.1 Entire Agreement: These Terms constitute the entire agreement
+ between you and UKAEA regarding your use of the Service and supersede
+ all prior and contemporaneous agreements, understandings,
+ representations, and warranties.
+
+
+ 7.2 Modification: UKAEA reserves the right to modify or revise these
+ Terms at any time by posting the updated Terms on the UKAEA Indico
+ instance. Your continued use of the Service after any such changes will
+ constitute your acceptance of the updated Terms.
+
+
+ 7.3 Severability: If any provision of these Terms is found to be
+ unenforceable or invalid, that provision shall be limited or eliminated
+ to the minimum extent necessary so that these Terms shall otherwise
+ remain in full force and effect.
+