Privacy Notice
Executive Summary
ACCESS-NRI collects usage data to enable it to report to funding bodies and partners. Reporting of this kind is aggregated and does not identify individuals.
ACCESS-NRI also collects usage data for efficient management of resources, and tracking the use and performance of models and tools it provides to the community. This data is exposed to a small number of people and only aggregated statistics are published publicly.
ACCESS-NRI is hosted by the Australian National University (ANU) and as such abides by the ANU Privacy Policy.
Introduction
ACCESS-NRI is hosted by the Australian National University (ANU) and as such abides by the ANU Privacy Policy.
Why?
The core services and infrastructure we use at ACCESS-NRI (NCI, GitHub, Zenodo) don’t provide the tracking tools we need to demonstrate the value we provide, e.g. NCI can’t provide some data, or doesn’t provide data in a way we can utilise efficiently. GitHub provides some data, but doesn’t save it, the same applies for Zenodo.
What we track:
- ACCESS-Hive Forum stats. For example, but not limited to: number of users, number of posts, support/help requests
- NCI resource usage
- GitHub stats
- Zenodo stats
- Data access via intake catalogues
- Datastore creation via intake utilities
- Model runs via payu
How?
- Scheduled running of reporting tools, parse output and upload to database, e.g. NCI, GitHub, Zenodo
- Run queries against internal forum database to generate statistics
- Embed telemetry in ACCESS-NRI tools and report usage, e.g. data accessed via catalogues, what models ran, experiment ID, performance and resources consumed.
- We collect NCI logins for intake to enable aggregated reporting (see below), ensure partner organisations requirements are prioritised and isolate ACCESS-NRI self-usage.
- We collect NCI user data (usernames, full name, email, projects and paths) when monitoring models running with payu. It is not feasible to anonymise this data as identifying information is embedded in a great deal of the model and PBS logging output.
Who do we report to and why?
- Government and partners: to justify their investment.
- ACCESS-NRI Board: who have oversight to make sure we’re doing what we promised.
- Community: to demonstrate our value and encourage the use and uptake of what we provide.
- Internally: manage resources, both internal and storage/compute provided to community
What do we report
- External to ACCESS-NRI: only aggregated data by institutional affiliation, or broad groupings such as academic/private/overseas. Examples include (but are not limited to): number of posts on forum, number of accesses of ACCESS-NRI supported data, number of times ACCESS-NRI released models are run.
- Internal to ACCESS-NRI: we will generate more granular data insights using Grafana dashboards to allow efficient administration of shared NCI compute and storage resources. This is only viewable by ACCESS-NRI staff, and in some cases Working Group chairs who are responsible for shared Working Group NCI compute and storage resources.
What do we not report?
- No individual level statistics are publicly reported or published.
- No activities at an individual level without consent, e.g. case-studies
Data security
- We do not collect or store sensitive data (as defined in APP).
- Data will be stored in secured databases to industry best standard using the ACCESS-NRI projects on the ARDC Nectar Cloud Service.
- Un-aggregated data will only be used internally by a small number of ACCESS-NRI staff for the purposes of system maintenance, report production, etc. We only transmit aggregated data to external services, never unaggregated data.
- All reports and services will be stored and transmitted securely using encrypted protocols (HTTPS, SSH, etc.).