jupyter.cs privacy notice

The Aalto JupyterHub for Teaching is a service for light computation including teaching purposes. It facilitates general work and releasing, collecting, and grading of assignments by other course instructors. Data is processed under agreement to provide you with light computational services. The service itself does not process or share the data on it: it provides services for its users to process their own data.

Primary privacy notices

The following are the legal privacy noticed for the different types of data used by jupyter.cs:

Useful information

Administrative metadata (A)

User data (B)

Course data (C)

Consists of

Account data

Your own files

Files submitted to courses and managed by course instructors

Primary privacy notice

IT Services privacy notice

IT Services privacy notice

Privacy notice for students

Usage

Login and allocating resources

As you wish

As course instructors decide

Retention time

30 days (this is only a cache of Aalto account data)

Until removed by the controller (you), automatically deleted after Aalto account expires

Until controller (course instructor) confirms removal after the course is completed.

Contact / help

this site, guru at cs.aalto.fi

this site, guru at cs.aalto.fi

course instructors

Data is stored of any one who chooses to use the service. There are two types of data: (A) Administrative metadata consists of username, information about currently running servers, and technical logging information, (B) the user’s own data stored on drives, of which they are the controller, and (C) course data as controlled by the course instructor.

Our responsibility for (B,C) data is limited to providing the controller (you or course instructor) access or removing it should you be no longer contactable (for the purposes of data processing, we are a processor, not controller). Our responsibility for data submitted to courses as part of nbgrader functionality (C) is limited to providing it to those responsible for the course so they can answer any requests you may have, and deleting it should those responsible for the course become unavailable. Those responsible for the course are the controller for assignments you submit. We do not access the contents of data without your explicit permission, but may look at file metadata in order to solve problems and operate the system. (B) Data is not used for any other purpose.

Your (B) data is stored for as long as you request. Data may be deleted should you not use the service for one year, or if you fail to respond to service announcements saying otherwise.

Your (A) data consists of your Aalto username along with technical information about currently running servers and past usage. All other account information is only stored by Aalto itself, and our local copy of administrative metadata is removed several months after last login.

Non-identifiable statistics about use of this service may be shared for any purpose.

Less useful information

The controller of the administrative metadata is Aalto University Computer Science IT, which can be reached at guru at cs dot aalto.fi

You have the right to request rectification or erasure of your data. However, for your own (B) data, you are the controller and you must do this yourself, as we do not access it. Administrative metadata (A) is kept for its duration because it is technical logs necessary for us to offer the service to you. Should you notice an error it the service, please contact us.

Access to (B) data is only via Aalto account, and your data is inaccessible and eventually removed once your Aalto account is no longer valid.

The Aalto data protection office can be reached at dpo at aalto.fi. The Finnish data protection authorities can be reached at https://tietosuoja.fi/. You may make a complaint to either of these authorities.

See also

Privacy notices linked above for legal information.