Data Processing Activity (DPA) Register
This table inspired by the EC's Factsheet
Bioinformatics Groupcontact@usegalaxy.eu
Department of Computer Science
Albert-Ludwigs-University Freiburg
Georges-Köhler-Allee 106
79110 Freiburg
Germany
| Types The types of personal data | Categories The categories of data subjects concerned | Purpose The purpose of data processing | Recipients The categories of recipients | The storage periods | Security The technical and organisational security measures to protect the personal data | Sent out of EU Whether personal data is transferred to recipients outside the EU |
|---|---|---|---|---|---|---|
| Email address of UseGalaxy.eu users | End users | Contacting end users in case of privacy breaches or changes to privacy policies | Administrators of the UseGalaxy.eu service | Until user requests deletion | PostgreSQL DB with highly restricted and audited access | false |
| Chosen name provided by UseGalaxy.eu users | End users | Referring to users per their preference in the user interface. Additionally used to refer to user when they choose to share their workflows or data publicly. | Administrators of the UseGalaxy.eu service, made public only when the user requests to publish a history/workflow/etc publicly. | Until user requests deletion | PostgreSQL DB with highly restricted and audited access | false |
| API Key to third-party storage providers | End users | Connect Galaxy to a third-party storage provider specified by the user. This lets the user interact with this provider through the Galaxy interface. | Administrators of the UseGalaxy.eu service and the respective third-party providers using their API. | Until user requests deletion | PostgreSQL DB with highly restricted and audited access. Data in the database is stored in encrypted form. The transfer to the third-party provider is secured by TLS (Transport Layer Security). | true |
| IP address, browser and operating system information (depends on your browser-configuration) | End users | Deliver content from third-party providers, such as images, hypertext and applications. | Amazon Web Services, Inc. (AWS), 410 Terry Ave N, Seattle, WA 98109, USA, Cloudflare, Inc., 101 Townsend St., San Francisco, California, 94107, USA, GitHub, Inc., 88 Colin P Kelly Jr St, San Francisco, CA 94107, USA, Volentio JSD Limited (JSDelivr), Suite 2a1, Northside House, Mount Pleasant, Barnet, England, EN4 9EB, United Kingdom, Functional Software Inc. (Sentry), 45 Fremont St, 8th Floor, San Francisco, CA 94105, USA, StackPath LLC (JQuery CDN), 2021 McKinney Ave, Suite 1100, Dallas, TX 75201, USA, mastodon.science, represented by Nabil-Fareed Alikhan. | Managed by the respective third-party provider. | Managed by the respective third-party provider. | true |
| Data from third-party identity providers (OIDC), this can include Name, Identification numbers (as provided by identity providers like a home institution, or identifiers from third parties like ORCID), E-mail address, affiliation, country, IP address, function in the third-party institution | End users | Simplify login by allowing users to use a third party identity provider. | Until user requests deletion | PostgreSQL DB with highly restricted and audited access | false |