2. Collection of Information
NeSI processes (uses) personal data for a number of reasons. This includes for providing expertise and capability in computational and data intensive research, hosting and providing access to repository data, employing our staff, using this website and organising conferences.
High Performance Computing and Analytics services
We collect and process personal information about our users through registration and project request forms. This may include:
legal name along with (optionally) your preferred name,
date of birth,
nationality or nationalities,
employer or tertiary institution,
a contact telephone number
an email address issued by employer or tertiary institution (primary email address), along with (optionally) a preferred contact email address,
if a student, course of study and main academic supervisor or course coordinator.
projects, team memberships & allocations
grants & publications
support tickets & survey responses
We also gather certain information and store it in log files when you interact with our services. This information may include job history, file/directory ownership, as well as IP addresses, browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, and system configuration information.
3. Storage and Security of Information
NeSI maintains robust information security management processes and confidentiality protocols to help ensure that it is protected against misuse, loss and unauthorised access, use, modification or disclosure. These include:
firewalls and modern encryption standards
use of 2 Factor Authentication
access to the personal information limited to those NeSI staff members who have a legitimate business requirement to use it
access is monitored and auditable
Information is backed up regularly, and backups are encrypted and held in secure storage facilities
A national or overseas third-party provider may be used to manage and store the personal and other information collected, and NeSI will ensure that any such provider has sufficient security measures in place to protect Personal Information.
NeSI will promptly notify customers if we become aware of a data breach that affects them, take all reasonable efforts to ascertain the nature, causes and effects of the incident, and share the results of those investigations. NeSI Science Engagement Manager or Business Operations Manager must be contacted in the event of a privacy breach.
4. Use of Information
NeSI may use Personal Information for the following purposes:
To provide services, including provisioning projects
To maintain services and improve, including user experience & capacity planning
To create and provide new services
For communication purposes, including news and service messages
For administering the NeSI Access Policy
To meet our obligations under the NeSI Crown Funding Agreement, NeSI Collaboration and Service Agreements and licensing/contractual compliance.
To implement and maintain security
To carry out maintenance and fault investigation of the network
To manage data stored on NeSI infrastructure
We may publish the names of project owners and project team members along with their respective institutions in connection with particular projects through case studies. This is only done with the permission of those involved.
5. Access to Information
Users have the right to request a copy of any Personal Information about them held by NeSI. Such requests or any questions about Personal Information may be directed initially to NeSI Support (firstname.lastname@example.org).
Requests will be responded to within three working days We will endeavour to respond to any such request within three working days and access will be provided free of charge. In limited circumstances, access to Personal Information may be declined in accordance with privacy laws.
6. Correction of Information
NeSI will endeavour to ensure that all personal information is accurate, complete and up-to-date whenever it is used. Users must assist with this by informing of any details change or errors or discrepancies in information held. If any Personal Information held is not accurate, or is incomplete or out-of-date, users may also update through the MyNeSI portal or request that records be amended.
7. Deletion of Information
NeSI will delete Personal Information on request, provided that, notwithstanding such request, this information may be retained for as long as the requestor maintains an account for NeSI Services, or as needed to provide NeSI services and manage assets, to comply with legal obligations, or resolve disputes.
8. Disclosure of Information
NeSI takes all reasonable precautions to ensure that any third party contractor or service provider who may access Personal Information on its behalf keeps this personal information secure and processes it lawfully and in accordance with our instructions. Personal Information will only be disclosed for the purposes for which users supplied it, or for directly related purposes that would be reasonably expected, or if the Privacy Act 2020 allows its disclose, or if the user agrees.
Version 1.0 – 2021-03-31