jupyter.cs privacy notice
See also
The Aalto JupyterHub for Teaching is a service for light computation including teaching purposes. It facilitates general work and releasing, collecting, and grading of assignments by other course instructors. Data is processed under agreement to provide you with light computational services. The service itself does not process or share the data on it: it provides services for its users to process their own data.
Primary privacy notices
The following are the legal privacy noticed for the different types of data used by jupyter.cs:
Accounts: Your account data is not actually stored in this system, but is handled under the generic IT Services privacy notice.
Your user data is controlled by yourself, and is handled similarly to Aalto home directories (see “Home directory” under this account information. This is covered under the generic IT Services privacy notice (at least as much as it applies to your user data).
Course data is covered under the Privacy notice for students or whatever privacy notice your course uses.
Useful information
Administrative metadata (A) |
User data (B) |
Course data (C) |
|
---|---|---|---|
Consists of |
Account data |
Your own files |
Files submitted to courses and managed by course instructors |
Primary privacy notice |
|||
Usage |
Login and allocating resources |
As you wish |
As course instructors decide |
Retention time |
30 days (this is only a cache of Aalto account data) |
Until removed by the controller (you), automatically deleted after Aalto account expires |
Until controller (course instructor) confirms removal after the course is completed. |
Contact / help |
this site, guru at cs.aalto.fi |
this site, guru at cs.aalto.fi |
course instructors |
Data is stored of any one who chooses to use the service. There are two types of data: (A) Administrative metadata consists of username, information about currently running servers, and technical logging information, (B) the user’s own data stored on drives, of which they are the controller, and (C) course data as controlled by the course instructor.
Our responsibility for (B,C) data is limited to providing the controller (you or course instructor) access or removing it should you be no longer contactable (for the purposes of data processing, we are a processor, not controller). Our responsibility for data submitted to courses as part of nbgrader functionality (C) is limited to providing it to those responsible for the course so they can answer any requests you may have, and deleting it should those responsible for the course become unavailable. Those responsible for the course are the controller for assignments you submit. We do not access the contents of data without your explicit permission, but may look at file metadata in order to solve problems and operate the system. (B) Data is not used for any other purpose.
Your (B) data is stored for as long as you request. Data may be deleted should you not use the service for one year, or if you fail to respond to service announcements saying otherwise.
Your (A) data consists of your Aalto username along with technical information about currently running servers and past usage. All other account information is only stored by Aalto itself, and our local copy of administrative metadata is removed several months after last login.
Non-identifiable statistics about use of this service may be shared for any purpose.
Less useful information
The controller of the administrative metadata is Aalto University Computer Science IT, which can be reached at guru at cs dot aalto.fi
You have the right to request rectification or erasure of your data. However, for your own (B) data, you are the controller and you must do this yourself, as we do not access it. Administrative metadata (A) is kept for its duration because it is technical logs necessary for us to offer the service to you. Should you notice an error it the service, please contact us.
Access to (B) data is only via Aalto account, and your data is inaccessible and eventually removed once your Aalto account is no longer valid.
The Aalto data protection office can be reached at dpo at aalto.fi. The Finnish data protection authorities can be reached at https://tietosuoja.fi/. You may make a complaint to either of these authorities.
See also
Privacy notices linked above for legal information.