CC-IN2P3 SSO - Privacy Policy

Name of the service


Description of the service

CC-IN2P3 Single Sign On service

Data controller and a contact person

Centre de Calcul IN2P3/CNRS
Domaine scientifique de La Doua
43 bd du 11 Novembre 1918
69622 Villeurbanne Cedex
Phone: +33 (0) 4 78 93 08 80
FAX: +33 (0) 4 72 69 41 70

Contact Details:

Email: webmaster AT cc DOT in2p3 DOT fr
Phone: +33 (0) 4 78 93 08 80
FAX: +33 (0) 4 72 69 41 70


FR-69 France Lyon

Personal data processed

  1. For all users
    • IP Address
    • Referrer Address (the web page a user is coming from)
  2. For authenticated users
    1. Data provided by user's Home Organisation upon registration (auto-provisionning):
      • mail - Required - the mail address is necessary to register an account in CC-IN2P3 SSO, SSO use mail address for notifications and lost password recovery
      • username in sso is mail address or the account username if the user has already an account
      • displayName - Required - we use it to fill Display Name in SSO
      • eduPersonalScopedAffiliation - Optional - we use it to fill Organization in sso if provided
    2. Data supplied by the user himself:
      • Personal profile on the CC-IN2P3 SSO
      • User can link his sso account with edugain identifiant in his profile to simplify authentication

Purpose of the processing of personal data

The IP and referrer addresses of all web page visitors are stored in web server log file for statistical purposes and for accountability.

For authenticated users, the CC-IN2P3 SSO receives the personal data mentioned-above (2 A) from the Home Organisation. This personal data is used for access control and for user profiles.

Third parties to whom personal data is disclosed

No raw data will be released to third parties. Aggregated and anonymized data may be published for statistical purposes.

Activity performed on the CC-IN2P3 SSO service by the user will be attributed to him/her.

How to access, rectify and delete the personal data

Email: webmaster AT cc DOT in2p3 DOT fr

To rectify the data released by a Home Organisation, contact that Home Organisation's IT helpdesk.

Data retention

User Profile is deleted on request of the user.

Any personal data published by the user voluntarily in the CC-IN2P3 SSO will be archived for ten years and will be kept online.

Log files containing IP addresses and Referrer are deleted automatically after twelve months.

Data Protection Code of Conduct

Personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect the user's privacy.