/Docs/G/Org-JLINC-SISA/Form/0.md
Source views: Source JSON(ish) on GitHub (VSCode) Doc views: Document (&k=Def.r00t): Visual Print Technical: OpenParameters Xray
TERMS AND DEFINITIONS
- Authority for Processing: An underlying assumption in the JLINC suite of protocols and software is that the Data Custodian will not process any data from the Rights Holder without some form of authority, such as consent, received from the Rights Holder directly or derived from a contractual, regulatory, or legal obligation that is binding on the Data Custodian.
- Data Custodian: This is the entity that is processing data as received from and/or as directed by the Rights Holder.
- Data Processing: The Rights Holder and the Data Custodian shall jointly determine the scope, purposes, and manner by which Personal Data may be collected, used, disclosed, retained, or disposed of by the Data Controller Custodian or any subsequent Data Processor Custodian. Where not otherwise required by regulation, the determination of allowable data processing will be asserted by the Rights Holder through the JLINC_protocol and this SISA. This may be referred to as ‘processing’ or ‘processed’ in the body of the document below.
- JLINC_protocol: The technical specification for implementing permissioned data as set out in the API documentation for JLINC.
- JLINC software: The suite of protocols, software and web services that implement the JLINC Protocol.
- Personal Data: Information about a natural person. At implementation of the JLINC software Personal Data shall be deemed to be that information about people that is protected by the privacy legislation that applies to the Data Controller Custodian. In the absence of such legislation, the General Data Protection Regulation shall be deemed to be the applicable legislation for the definition of Personal Data.
- Privacy Legislation: At implementation of the JLINC software this shall be the privacy legislation that applies to the Data Controller in the jurisdiction where the Data Controller collects the Personal Data. In the absence of such legislation, the General Data Protection Regulation shall be deemed to be the applicable legislation.
- Rights Holder: This is the entity that supplies data and/or permissions to the Data Custodian to enable the Data Custodian to process that data.
- Standard Information Sharing Agreement: This document is a Standard Information Sharing Agreement that sets out in prose what how permissioned is implemented by the JLINC suite of protocols, software and web services.