During the Profound Project lifetime (up until 26 Feb 2016):
Provider : NCSR “Demokritos”
Client : ProFouND Project

CONDITIONS FOR Access to Data and Data Confidentiality

1. Provider commits to provide to clients a service of hosted web based elearning services on a joint hardware and software platform.

2. The Provider shall take all reasonable precautions to preserve the integrity and prevent any corruption or loss, damage or destruction of the clients’ data and
information.

3. Provider guarantees the confidentiality of data stored on its platforms and is technically and legally responsible for protecting the data on the server. Provider shall prevent unauthorized access to the restricted areas of the Web Based elearning platform and any databases or other sensitive material generated from or used in conjunction with the Web Based elearning platform; and Provider shall notify Client of any known security breaches or holes. Data storage areas are physically secure and accessible only to named staff of the Provider and the Technical Admin personnel.

4. The Provider agrees to comply and have adequate measures in place to ensure that its staff comply at all times with the provisions and obligations contained in the above.

5. Provider commits to avoid the disclosure of any personal data to a third party and shall take all reasonable steps to ensure that all its partners and sub-contractors comply with all the provisions set out above. Approved staff by the Provider are able to view directories and file structure when required for support purposes, but will not open files and read client data.

6. Confidentiality of information is ensured by the strict access rights that are very tightly controlled and managed, but also by the network architecture and tools that are in place (firewall, wrappers, complex authentication solutions, antivirus.). Data being transferred between the client and the approved by the Provider secure servers is at all times compressed, encrypted and transferred using a proprietary transfer protocol for increased resistance to “packet sniffing” (HTTPS).

7. Backup configurations can be set to run periodically, typically on a weekly scheduled basis through the technical team working with the Provider. When a backup configuration is running, only changes to files and databases you have selected for backup on the computer are captured where the client will be able to review the log content of every backup execution to make sure that the backups have taken place successfully.

8. All data on the Clients’ elearning classes is the property of the client. Total confidentiality is guaranteed by the provider and the property management is managed by the Client only. This means:
• The Client is the unique owner of his data;
• The Client is entitled to get his data back at any time;
• During the period that provider provides elearning services client shall not distribute on the Web Based elearning platform any content that contains any viruses, trojan horses, worms, time bombs, cancelbots or other computer programming routines that are intended to damage, detrimentally interfere with, surreptitiously intercept or expropriate any system, data or personal information;
• All personal data acquired by the Provider from the client shall only be used for the purposes of this Agreement and shall not be further processed or disclosed without the consent of the client.