# Test RP AARC-G056 privacy policy and description ## Description of the service Test RP uses mod_auth_openidc to validate the AARC-G056 guideline as part of an AARC pilot. ## Processed data ### The following scopes are requested from the OIDC-Provider server - OpenID - Profile - eduperson_entitlement - voperson_id - entitlements ## Purpose for the processing of personal data The service requests information about the user in order to check whether the user subject identifiers are configured correctly. Personal data and log files are collected and used for: - User authentication and authorization at the service - Statistics and development of the service ## Regular disclosure of personal data to third parties Personal data is not regularly disclosed to third parties. ## Data retention In general, personal data is not stored. The user may ask to be removed from the service by interacting with the contact person for the service. Access logs are deleted after 12 months. ## Transfer of personal data outside the EU or EEA Personal data shall not be transferred to any third party outside the EU. ## How to access, rectify and delete the personal data Contact for the service is provided. To rectify the data released by a Home Organisation, contact the Home Organisation's operators. ## Data protection code of conduct Personal data will be protected according to the [Code of Conduct for Service Providers](https://www.geant.org/uri/Pages/dataprotection-code-of-conduct.aspx), a common standard for the research and higher education sector to protect the user's privacy. ## Contact Information KIT/SCC Herrmann-von-Helmholtz-Platz 1 76344 Eggenstein-Leopoldshafen Tel + 49 721 6082 4659 ## KIT Helpdesk [http://www.scc.kit.edu/servicedesk/index.php](http://www.scc.kit.edu/servicedesk/index.php)