Guidelines for the use of the IT infrastructure at the University of Bayreuth 10 February 2005

Similar documents
Usage Regulations for the Information Processing Systems of the Leibniz Supercomputing Centre of the Bavarian Academy of Sciences and Humanities

1.1. Gomilio is a service provided by Activa System Srls (hereinafter referred to as

Acceptable Use Policy (AUP)

Acceptable Use Policy

Acceptable Use Policy

This Policy applies to all staff and other authorised users in St Therese School.

RMU-IT-SEC-01 Acceptable Use Policy

Data Processing Agreement

USER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.

Faculty of Medicine in Hradec Králové, Charles University in Prague

COMMERCIAL BANK OF DUBAI PSC GENERAL CONDITIONS OF ACCESS AND USE OF COMMERCIAL BANK OF DUBAI FACEBOOK BRANCH

University Policies and Procedures ELECTRONIC MAIL POLICY

UCL Policy on Electronic Mail ( )

Data Processing Agreement

FREQUENTLY ASKED QUESTIONS

Regulations for Compulsory Product Certification

Computer Use and File Sharing Policy

SIX Trade Repository AG

OCTOSHAPE SDK AND CLIENT LICENSE AGREEMENT (SCLA)

Camlink will not examine the content of incoming and outgoing messages that are not addressed to Camlink.

PURPOSE: To establish policies and procedures for the use of University-owned and -operated information technology resources.

INFORMATION TECHNOLOGY DATA MANAGEMENT PROCEDURES AND GOVERNANCE STRUCTURE BALL STATE UNIVERSITY OFFICE OF INFORMATION SECURITY SERVICES

DATA PROTECTION POLICY

Cleveland State University General Policy for University Information and Technology Resources

Communication and Usage of Internet and Policy

AMS Electronic Journals License Agreement

TERMS AND CONDITIONS OF PROVIDING ELECTRONIC SERVICES. 1. General provisions

*Viola Business Fiber Internet**

You are signing up to use the Middlesex Savings Bank Person to Person Service powered by Acculynk that allows you to send funds to another person.

CALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS

Contract on the use of the myaxa client portal by a company

Contributed by Djingov, Gouginski, Kyutchukov & Velichkov

Terms and Conditions For Online-Payments

Data Processing Agreement

PRINCIPLES OF PROTECTION OF PERSONAL DATA (GDPR) WITH EFFICIENCY FROM

Annals of Mathematics Electronic License Agreement

Directive. on the Use of IT Resources at the University of Bern. For internal use. Classification. Released. Document status

ECLIPSE FOUNDATION, INC. INDIVIDUAL COMMITTER AGREEMENT

General Terms and Conditions (GTCs)

Electronic Disclosure and Electronic Statement Agreement and Consent

AT&T Texas Section: 44 Dallas, Texas Sheet: 1 Issued: October 31, 2014 Revision: 1 DEER PARK EMERGENCY NETWORK SERVICE

Brazosport Independent School District Employee/Agent Acceptable Use Agreement For Internet/Network Access and Use

Acceptable Use Policy

DATA PROTECTION POLICY THE HOLST GROUP

Table of Contents. PCI Information Security Policy

Data Processor Agreement

REGULATION BOARD OF EDUCATION FRANKLIN BOROUGH

Draft. Policies of Colorado State University University Policy. Category: Information Technology

Digital Signatures Act 1

BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)

Secure Messaging Mobile App Privacy Policy. Privacy Policy Highlights

Service Specific Terms & Conditions

3. As far as the hosting services of WWW INFOTECH are through leased severs of our data centre partners in US and UK through contracts.

H. R To reduce unsolicited commercial electronic mail and to protect children from sexually oriented advertisements.

POLICY TITLE: Record Retention and Destruction POLICY NO: 277 PAGE 1 of 6

4. Save as expressly set out herein no license is granted in respect of any intellectual property rights vested in F1000 or other third parties.

FERPA & Student Data Communication Systems

INTERNET ACCESS SERVICE AGREEMENT PLEASE READ CAREFULLY

Domain Hosting Terms and Conditions

Privacy Policy. In this data protection declaration, we use, inter alia, the following terms:

The University of British Columbia Board of Governors

DCU Guide to Subject Access Requests. Under Irish Data Protection Legislation

BERKELEY COLLEGE Social Media Policy

Subject: Kier Group plc Data Protection Policy

Breckenridge Financial Supplies Website Use Policy

TERMS AND CONDITIONS FOR THE USE OF THE WEBSITE AND PRIVACY POLICY

Acceptable Use Policy

Violations of any portion of this policy may be subject to disciplinary action up to and including termination of employment.

UTAH VALLEY UNIVERSITY Policies and Procedures

Section I. GENERAL PROVISIONS

These terms and conditions outline the rules and regulations for the use of Duxbury Networking's Website.

General Terms & Conditions (GTC)

English. EAO Media Database User guide.

User may choose to continue or stop using the Service as needed. User continuing

PGTelco Internet TERMS OF SERVICE AND ACCEPTABLE USE POLICIES

GDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10

UWTSD Group Data Protection Policy

Employee Security Awareness Training Program

St Bernard s Primary School Data Protection Policy

Leiden University Regulations on ICT and Internet Use. Version

Birmingham Midshires - Terms and Conditions Mortgage Intermediaries On-line Terms of Use (June 2017)

TERMS & CONDITIONS PLEASE READ THESE TERMS AND CONDITIONS CAREFULLY BEFORE USING THE SITE

GENERAL ORDER PORT WASHINGTON POLICE DEPARTMENT

General Legal Requirements under the Act and Relevant Subsidiary Legislations. Personal data shall only be processed for purpose of the followings:

HF Markets SA (Pty) Ltd Protection of Personal Information Policy

Mailbox Rental Terms and Conditions

Synchrotron Light Source Australia Pty Ltd

Data Protection Policy

Technical Requirements of the GDPR

Internet, , Social Networking, Mobile Device, and Electronic Communication Policy

TERMS AND CONDITIONS OF USE FOR THE WEBSITE This version is valid as from 1 October 2013.

Internet Service Provider Agreement

BISHOP GROSSETESTE UNIVERSITY. Document Administration. This policy applies to staff, students, and relevant data subjects

EMPLOYEE USE OF TECHNOLOGY AGREEMENT

ACCEPTABLE USE ISO INFORMATION SECURITY POLICY. Author: Owner: Organisation: Document No: Version No: 1.0 Date: 10 th January 2010

DATA PROCESSING TERMS

Domain Names & Hosting

VFS GLOBAL PVT LTD PRIVACY DISCLAIMER

Subject: University Information Technology Resource Security Policy: OUTDATED

GOCO.IO, INC TERMS OF SERVICE

Transcription:

IT Guidelines Guidelines for the use of the IT infrastructure at the University of Bayreuth 10 February 2005 In accordance with Article 32 para 3 sentence 1 of the Bavarian Higher Education Act (Bayerisches Hochschulgesetz) the Senate of the University of Bayreuth, in consultation with the Computer Centre Committee, hereby enacts the following Guidelines for the use of the IT infrastructure at the University of Bayreuth (henceforth IT guidelines ). Contents Preamble 1 Scope 2 User group and assigned tasks 3 Formal authorization for use 4 User responsibilities 5 Tasks, rights, and responsibilities of the system adminstrator 6 Liability 7 Consequences of misconduct or illegal use 8 Rights of the Employee Council, data protection, ban on behaviour- or performance-monitoring 9 Additional guidelines 10 Effective date Preamble 1 The University of Bayreuth has a data-processing infrastructure (IT infrastructure) comprising the various information processing units (computers), communications systems (networks), and other IT support facilities. 2 The IT infrastructure is integrated in Germany s scientific network and thus also in the internet worldwide. 3 The guidelines presented here govern the use and operation of the IT infrastructure. 4 These guidelines are based on the legally defined tasks of institutions of higher education and their mandate to ensure academic freedom provides ground rules for orderly use of the IT infrastructure indicate rights to be protected for third-parties (e.g. software licenses, network provider s terms, data protection issues) obligate the user to observe good conduct and make economical use of the resources offered provide information on measures available to the system administrator if the regulations are breached. 1 Scope (1) These guidelines apply to the IT infrastructure operated at the University of Bayreuth, which comprises information processing units (computers) communications systems (networks), and other IT support facilities. (2) These guidelines can be amended by the system administrator through additional regulations according to 3(2), as long as they do not breach terms of the present guidelines.

2 User group and assigned tasks (1) The IT infrastructure referred to in 1 is available to members of the University of Bayreuth to support them in fulfilling their duties in research, teaching, administration, education, continuing education, public relations, presenting the University, as well as other duties mentioned in Article 2 of the Bavarian Higher Education Act. (2) Other persons and institutes can be granted access by the President s Council if they submit an application in writing. applicant: name, address, telephone number, enrolment number (if applicant is a student), and any affiliation with an organizational unit of the University A general statement regarding the purpose of use, such as research, teaching/ education, or administration entries for the University s address book/ directory statement that the user accepts the terms of the present guidelines and consents to the collection and processing of his or her personal data under the terms of 5(4) 3 Formal authorization for use (1) Anyone who would like to use the IT infrastructure under 1 must first be granted a formal authorization for use by the relevant system administrator in accordance with 3(2). (2) The system administrator a) of the central computing systems and of the communications system (university data network) is the Computer Centre and b) of the peripheral computing systems is the relevant organizational unit (faculty, chair, or other sub-unit of the University of Bayreuth). (3) 1 The application for formal authorization for use is to contain the following information: system administrator (organizational unit, e.g. chair or Computer Centre), to whom the application is submitted systems for which authorization is requested if applicable, name and signature of the head of the organizational unit (e.g. chair). 2 The system administrator may only request additional information to the extent that it is required in order to make a decision concerning the application. (4) 1 The relevant system administrator under the terms of 3(2) shall make a decision concerning the application. 2 He may make authorization conditional on knowledge of how to use the computer equipment. (5) Authorization may be refused if a) there is doubt as to whether the user will fulfil his duties b) the capacity of the system for which the application was submitted is insufficient for the planned activities due to current use c) the planned activities are incompatible with 2(1) and 4(1) d) the computer system is patently inappropriate for the planned 2 Annual Report 2013 This is only a courtesy translation.

activities or is reserved for special purposes e) the computer system to be used is connected to a network that is subject to special data protection requirements, and the facts do not seem to justify this request for access f) it is probable that the planned activities will disproportionately interfere with the activities of other authorized users. (6) The authorization for use only applies to activities relating to the type of activity for which the application was submitted. 4 User responsibilities (1) The IT infrastructure as defined in 1 may only be used for the purposes mentioned in 2(1). (2) 1 The user is required to ensure that the available equipment (work stations, CPU capacity, hard drive storage capacity, capacity of electric lines, supplies, and peripheral devices) is used responsibly and economically. 2 The user is required to abstain from causing interference to operations to the extent that this can be foreseen, and to avoid any activities which, to the best of his knowledge, could damage the infrastructure or the work of other users. 3 Damage claims may arise as a result of failure to comply ( 7). (3) 1 The user shall abstain from any improper use of the IT infrastructure. 2 In particular, he shall a) abstain from working under a username for which he is not authorized; the sharing of usernames and passwords is prohibited b) take precautions to ensure that unauthorized third-parties do not gain access to the IT infrastructure; this includes avoiding simple or obvious passwords, changing your password frequently, and logging out. 3 The user bears full responsibility for any activities that are carried out under his username; this also applies if negligence on the part of the user leads to access by the thirdparties. 4 In addition, the user is required c) to observe the regulations for using software (sources, objects) as well as the documentation and any other legal regulations (copyright) d) to inform himself of the terms and conditions based in part on license agreements for the software, documentation, or data, and to observe these regulations e) particularly with regard to software, documentation, and data: to abstain from copying or distributing without express permission, especially for commercial purposes f) to observe the laws and regulations concerning data protection as well as the regulations contained in the terms of use for websites visited. 5 Damage claims may arise as a result of failure to comply ( 7). (4) 1 It goes without saying that illegal use of the IT infrastructure is prohibited. 2 The following activities, which are punishable under the terms of the Criminal Code (StGB) are mentioned explicitly:

a) data spying ( 202a StGB) b) changing, deleting or suppressing data, or rendering data useless ( 303a StGB) c) computer sabotage ( 303b StGB) and computer fraud ( 263a StGB) d) spreading propaganda of unconstitutional organizations ( 86 StGB) or racist ideologies ( 130 StGB) e) spreading certain types of pornography via the internet ( 184 para 3 StGB) f) accessing or possessing documents containing child pornography ( 184 para 5 StGB) g) offenses such as insult or defamation ( 185 ff StGB). 3 The University of Bayreuth reserves the right to take legal action in the form of criminal as well as civil litigation ( 7). (5) 1 The user is prohibited from the following without the prior consent of the relevant system administrator: a) carrying out hardware modifications; b) changing the configuration of the operating systems or network. 2 Rights concerning the installation of software depend on the circumstances of the region and the system and are thus addressed separately. (6) 1 The user is obligated to clear any plan to process personal data with the system administrator. 2 The obligation to observe the regulations set forth in the Data Protection Act (Datenschutzgesetz) remains in 3 The user is not permitted to read messages that were meant for others or to make use of such messages. (7) The user is required to adhere to a) the user guidelines provided by the system administrator b) the user guidelines of other providers when using their computers and networks. 5 Tasks, rights, and responsibilities of the system administrator (1) 1 Each system administrator shall keep a record of user authorization. 2 These documents are to be kept for at least six months following expiration of the authorization period. (2) The system administrator shall publish the contact for user support. (3) 1 The system administrator shall make a moderate contribution to preventing and exposing abuse or violation of these guidelines and especially against copyright, data protection, or criminal law. 2 For this reason, he or she is, in particular, a) authorized to use appropriate tools to monitor the security of the IT infrastructure for which he or she is responsible, in particular, by way of random inspection, in order to protect his or her resources and the user s data from attacks carried out by third parties; b) only authorized on suspicion of a user violating these guidelines or criminal law - in accordance with the four-eyes principle and the record-keeping requirement force. 4 Annual Report 2013 This is only a courtesy translation.

to view that user s computer files or history; c) is authorized, in the case of confirmed suspicion of punishable offenses, to take measures required to secure evidence if necessary. (4) The system administrator is authorized to document and evaluate the activities of the users for which he or she is responsible (e.g. log-in times or information regarding network use) to the extent that this serves the purposes of billing, resource-planning, security, or of tracing mistakes or violations of these regulations or the law. (5) The system administrator shall undertake to treat information confidentially. (6) The system administrator is obligated to adhere to the regulations of other providers when using their computers and networks. (7) The system administrator can temporarily or permanently limit use of the IT resources in order to preserve IT security. (2) The system administrator shall not be held liable for damages of any kind which the user may incur as a result of using the IT infrastructure in the sense of 1 unless other legal proceedings render this necessary. 7 Consequences of misconduct or illegal use (1) 1 If the user breaks the law or violates the terms of these guidelines, especially 4 (User responsibilities), the system administrator can limit or revoke authorization for use. 2 This is irrespective of whether or not material damages were incurred. (2) A user can be permanently banned from the entire IT infrastructure in the sense of 1 in cases of serious or repeated violation. (3) 1 Violations of the law or of the regulations set forth in these guidelines will be considered for criminal prosecution and civil proceedings. 2 Matters that appear relevant shall be forwarded to the legal department, which shall then consider the next steps to be taken. 3 The University of Bayreuth reserves the right to take legal action in the form of criminal as well as civil litigation. 6 Liability (1) 1 The system administrator can guarantee neither that system functions will meet the special needs of the user nor that the system will work flawlessly and without interruption. 2 The system administrator cannot guarantee the integrity (with regard to destruction or manipulation) or confidentiality of saved data. 8 Rights of the Employee Council, data protection, ban on conduct- or performancemonitoring (1) The Employee Council is authorized, with the approval of the University of Bayreuth s Data Protection Representative, to monitor whether the system administrators are adhering to data protection policy. (2) Conduct- or performancemonitoring of employees shall not be carried out by the University of Bayreuth.

9 Additional guidelines (1) Fees may be charged for using certain parts of the IT infrastructure. (2) Additional user guidelines may be added for certain systems if needed. 10 Legal validity 1 These guidelines for the use of IT infrastruture at the University of Bayreuth shall take effect on the day following publication. 2 These guidelines shall replace the Guidelines for the University of Bayreuth s IT systems dated 18.07.1997. Bayreuth, 10 February 2005 Prof. Dr. Dr. h. c. Helmut Ruppert University President These guidelines were approved in the 231 st meeting of the University Senate, held on 21 July 2004. 6 Annual Report 2013 This is only a courtesy translation.

Guidelines for using the World Wide Web (WWW) (1) The University of Bayreuth s website has the following functions: to present the University over the internet to simplify access to the University s information (teaching, research, institutions, courses offered, study environment) to coordinate research and teaching at the University of Bayreuth and exchanges with other universities and research institutions to support education in the field of communications To test and build on the new platform (2) The divisions of the University named in the Grundordnung and the organizational chart of the University shall display the University logo on their webpages (official webpages). (3) A limited number of unofficial webpages may be published by authorized users of the University over the IT infrastructure. Groups affiliated with the University (cf. the organizations listed in the course guide) may also submit an application to publish unofficial webpages. The application shall be submitted in writing under the terms of 3 of the user guidelines. 1 The Governing Board of the University can delegate the decision concerning the application. Such webpages must not display the University logo (unofficial webpages). (4) The legal regulations under 4 as well as copyright law, patent law, licensing law, and data protection policy apply. In addition, the policy of political neutrality and a ban on advertisement also applies. (5) A contact must be given by name on the homepage of any institution, group, or person. (6) The University of Bayreuth reserves the right to monitor the webpages via random sampling. Censorship shall not be carried out. The terms of 7 apply in case of a violation of the law or the terms of these guidelines. In such cases, the University of Bayreuth reserves the right to block public access to the webpages. The Executive Board is to be informed of policy violations in writing. These guidelines were approved in the 182 nd meeting of the University Senate, held on 18 July 1997. 1 In the 231 st meeting of the University Senate, held of 21 July 2004, the user guidelines were replaced by the IT guidelines.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback