Grid Operations Centre Database Privacy Notice

Grid Operations Centre Database (GOCDB) is a central registry to record information about the topology of the EGI e-Infrastructure. This includes information describing operations and resource centres, the type, network connection endpoint and downtimes of services, and the roles and contact information of users.

The Science and Technology Facilities Council (STFC) provides the GOCDB service on behalf of EGI.eu. This Privacy Notice describes what personal data is collected from you when you use GOCDB, why it is collected and how this data is used.

STFC is part of UK Research and Innovation (UKRI). For more information visit stfc.ukri.org. UKRI and STFC comply with the requirements of the European General Data Protection Regulation with regard to the collection, storage, processing and disclosure of personal information and are committed to upholding the GDPR's core data protection principles. A full notice of UKRI's position with regards to Freedom of Information and the GDPR (EU) (2016/679) can be found at: www.ukri.org/freedom-of-information

What personal data is collected from you and why

1. Each time you access GOCDB the following information is collected -

  • the Distinguished Name (DN) from your personal certificate loaded in your web browser or

  • an identifier received from the EGI CheckIn service.

This data is necessary for security purposes to uniquely identify and authenticate you when creating and subsequently accessing your GOCDB account.

2. You can opt to register the following information to enable creation of a GOCDB account -

  • title, first name, last name, email address and (optional) telephone number.

This data is necessary for account management purposes (e.g. to contact you to inform you of changes to the service or for security purposes), and for the reasons given in the paragraph below.

3. You may optionally request that the following information be associated with your GOCDB account -

  • a GOCDB site and/or other administrative entity (e.g. Project) and

  • one or more GOCDB roles you are authorised to hold (e.g. Site Administrator) at that entity.

This data is necessary to allow other authorised GOCDB users, or automated services acting on their behalf1, to recognise and contact you in a reliable manner.

4. Log records of your access to and actions on GOCDB are retained. These records contain -

  • your unique identifier (as in 1 above) and

  • the network (IP) address from which you access GOCDB and

  • the time and date of access and

  • details of actions you perform.

This data is necessary to ensure that the GOCDB service is reliable and secure, such as for assisting in the analysis of reported problems, contacting you if a problem is identified with your account and responding to security incidents.

Who your personal data is disclosed to

Your personal data will be disclosed only to other authorised users of GOCDB and only for the reasons stated above. All authorised GOCDB users, on registration for a GOCDB account, and at least annually thereafter, have agreed to abide by the conditions of the EGI Policy on the Processing of Personal Data2.

Recipients of your personal data, as defined above, may be located in a country outside of the European Economic Area or in a country without an adequate level of data protection pursuant to Article 45.1 of the GDPR or in an International Organisation. In all cases, the conditions as stated in the paragraph above will apply.

How to access, rectify and delete your personal data and object to its processing

Access the “View Details” page, when logged in to your GOCDB account, to -

  • view or edit the personal data held or

  • delete your account, which will remove your data from the service and terminate its further processing (see also data retention section below).

To rectify details of the unique identifier associated with your account contact, as appropriate, the EGI CheckIn service managers or your certificate’s issuing authority (CA). Please note that changing these details may result in your GOCDB account becoming inaccessible.

For all other issues, contact the GOCDB Service Managers at the address given below.

How long your personal data will be retained

Records of your use of GOCDB, collected for reasons of security (described in 4 above) will be deleted, at latest, 24 months after your last use of the service.

Other personal data can be deleted immediately or on request as described above.

How your personal data is protected

Your personal data is kept safe and protected against unauthorised disclosure according to the requirements of the EGI Policy on the Processing of Personal Data2.

Contact information

If you have any questions about this Privacy Notice, or to raise concerns or report problems with the GOCDB, please in the first instance contact the GOCDB Service Managers at the address below.

Service managers: gocdb-admins@mailman.egi.eu

Additional information -

Data controller: Science and Technology Facilities Council, part of UK Research and Innovation.

Data protection officer: STFCInformationManagement@stfc.ac.uk

Supervisory authority: The UK Information Commissioner’s Office (https://ico.org.uk)

Jurisdiction: United Kingdom of Great Britain and Northern Ireland (GB-UKM)

Further details on how to raise concerns or report problems exercising your rights regarding your personal data can be found here: https://ico.org.uk/for-the-public/raising-concerns

This is Version 1.0 of the GOCDB Privacy Notice; the latest version can be obtained from https://goc.egi.eu/privacy.html.


  1. To enable unattended, automated access to GOCDB, an authorised user may associate with their account one or more non-personal identifiers, such as robot or host certificates. Automated access, including the downloading of personal data, is deemed to be by the associated authorised GOCDB user.

  2. The “EGI Policy on the Processing of Personal Data” is available here: https://documents.egi.eu/public/RetrieveFile?docid=2732&extension=pdf

Return to GOCDB homepage.