Contribute to the DSpace Development Fund

The newly established DSpace Development Fund supports the development of new features prioritized by DSpace Governance. For a list of planned features see the fund wiki page.

Introduction

Overview of areas where DSpace stores and processes personal data

EPerson

Personal Data Stored as EPerson

  • First Name (Only visible to Administrative users. Used to identify individuals to add to system groups)
  • Last Name (Only visible to Administrative users. Used to identify individuals to add to system groups)
  • Telephone (Optional, only visible to Administrators. Not used by system)
  • E-Mail (Only visible to Administrative users. Used as username to login)
  • Preferred Language (optional)
  • Date of last activity (automatically set)

During self registration only the E-Mail is validated. Anything else can be "nonsense". The user can edit his profile but not change the e-mail address nor delete his record.

The user can subscribe to collections in order to be notified of new submissions. This is manageable by the user himself.

The user may belong to groups. This is not manageable by the user, but a configurable option exists to show the groups the user belongs to in the user profile.

The user may have submitted items, this is kept as information in the item table and as dc.description.provenance (name, e-mail address) as metadata to the submission.  The "dc.description.provenance" field is only visible to Administrative Users by default.

The user may be part of the workflow chain, the responsibilites are only temporarily stored, but if the user is part of the approval this is kept as dc.description.provenance in the metadata of the item.

The admin may assume user login.

Session Management - The use of cookies

Authority Control

DSpace Logging

DSpace logs the full IP address and the logged in user's e-mail address.During authentication the e-mail address is logged along with the Session ID, thus even if taking out the e-mail address in the general logging, it is still traceable through the Session ID.

Feedback, if the user is logged in the e-mail address, reference point, client and session are sent.

In case of errors the User and IP are part of the error email sent.

Solr Statistics

  • access
  • workflow
  • search

See DS-4440 and resulting PR. Scheduled to be included in release 6.4.

Google Analytics

Metadata - Personal data reflected in DSpace items

Author, contributor, creator and other person metadata fields

  • First Name
  • Last Name
  • (ORCID ID when the ORCID integration is used)

In the special case where the DSpace versioning feature is used, name, first name and email address of EPerson creating a particular version can be exposed on item pages. 

As metadata the dc.description.provenance holds the name and e-mail address of the EPerson submitting and/or approving an item.

Unable to locate Jira server for this macro. It may be due to Application Link configuration.


  • No labels

All content on the LYRASIS Wiki is licensed under the CC BY (Attribution) license, unless otherwise noted.