Storage Terms & Conditions

Service Level Agreement

This Service Level Agreement (SLA) between UIS and the user (Customer) of UIS Storage Services (Services) sets forth the service level terms and conditions and is an integral part of the Agreement. This SLA defines the terms of the Customer’s responsibility with respect to the Services that UIS provides and the Customer’s remedies in the event that UIS fails to meet these Service Commitments.

The SLA set forth herein represents UIS’ sole obligations and the Customer’s sole remedy in the event of failure to meet such Service Commitments. This SLA does not apply to the availability of Third Party Services (TPS) which are subject to the TPS Agreements. The SLA is binding only on the Customer and UIS and does not apply to any Third Parties, including Customer’s End Users.

Definitions

Agreement - The Customer’s use of and access to Storage Services is governed by the Terms of Use (TOU), Service Level Agreement, Privacy Agreement, and any other documents referenced herein (collectively, the Agreement).

Business Hours - means (local UK time), Monday-Friday 9:00 a.m. to 5:00 p.m. and notwithstanding the foregoing, does not include times during Service Maintenance.

Service Maintenance - means maintenance of the Service including software. Service Maintenance includes (but is not limited to) hardware upgrades, software upgrades and consistency checking.

Data Retention

UIS retains copies of system log files for at least seven (7) days for the purposes of system monitoring and analysis.

Service Availability

UIS’ goal is to provide Service Availability twenty-four hours per day, seven days per week (referred to as “24x7 Availability”) EXCEPT during times of Service Maintenance as set forth in the Section ‘Service Maintenance’ herein. However, the parties recognize that 24x7 Availability is only a GOAL, and UIS cannot represent or guarantee that this goal will be achieved.

Service Availability Level Goals

UIS shall use reasonable efforts to achieve the target Service Availability Goal of 99% uptime excluding Service Maintenance (“Service Commitment”). Notwithstanding the foregoing, the Customer recognizes that the Internet is comprised of many autonomous systems that are beyond the control of UIS.

It is understood that UIS is unable to remedy problems using the services arising from issues with infrastructure not managed by UIS, such as failures of networks external to the University or hardware problems with the Customer’s own equipment and such instances shall not be considered any failure of service availability.

Response Time to Issues for UIS Storage Services

In the event of service issues, the Customer may report problems to the UIS Service desk . The UIS Service desk will respond and commence investigation within one working day.

Note that these guidelines specify the time at which investigation of the problem will begin, not the length of time within which such a problem will be resolved.

Service Maintenance

The parties agree that UIS shall provide Service Maintenance, which may cause errors within the period of the maintenance. UIS shall notify the Customer by announcing the maintenance using UIS news channel prior to performing any Service Maintenance which UIS predicts will cause a Severity One Error outside of standard Service Maintenance Times.

The Service Availability goals exclude any time required for implementing Customer-requested changes that may due to their nature require temporary loss of availability.

UIS shall attempt to schedule Service Maintenance during the times as specified below. However, the parties agree that it may be necessary for UIS to perform Service Maintenance during times other than business hours , and UIS reserves the right to perform Service Maintenance during times other than those specified as ‘business hours’ should the need arise, e.g. in order to perform a pre-emptive action to safeguard the integrity of the data stored or in the event of serious hardware or environmental issues.

Where possible, maintenance activities involving a level of disruption to service will be scheduled on:

Tuesdays, 10:00-18:00 (local UK time).

Please note that this does not mean that there will be disruption at this time every week, merely that if potentially disruptive maintenance is necessary we will do our best to ensure it takes place during this period, in which case there will be advance notification.

Establishing a predictable time slot for planned maintenance has the advantage that users may be confident that ‘dangerous’ changes will not intentionally be undertaken at other times.

Disclaimer of Actions Caused by and/or Under the Control of Third Parties.

UIS DOES NOT AND CANNOT CONTROL THE FLOW OF DATA TO OR FROM UIS STORAGE SERVICES ON LOCAL NETWORKS AND OTHER PORTIONS OF THE INTERNET. SUCH FLOW DEPENDS IN LARGE PART ON THE PERFORMANCE OF INTERNET SERVICES PROVIDED OR CONTROLLED BY LOCAL INSTITUTIONS OR THIRD PARTIES. ALTHOUGH UIS WILL USE COMMERCIALLY REASONABLE EFFORTS TO TAKE ACTIONS IT DEEMS APPROPRIATE TO REMEDY AND AVOID SUCH EVENTS, UIS CANNOT GUARANTEE THAT SUCH EVENTS WILL NOT OCCUR. ACCORDINGLY, UIS DISCLAIMS ANY AND ALL LIABILITY RESULTING FROM OR RELATED TO SUCH EVENTS.

Exceptional Maintenance and Unplanned Disruptions

It may happen that despite best efforts, it becomes necessary to reduce or withdraw service at short notice and/or outside the planned maintenance time slot. This may happen e.g. for environmental reasons, such as air conditioning or power failure, or in an emergency where immediate shutdown is required to save equipment or data.

It is hoped that these situations will arise rarely, and obviously in such cases service will be restored as rapidly as possible.

Limitations

UIS cannot assume responsibility and shall not be liable for any impacts on Service Availability due to:

  1. any requests for non-standard environment or Customer machine access;

  2. any downtime caused by Customer actions. UIS will make reasonable efforts to ensure that Service changes do not affect customers.

UIS reserves the right to change this SLA at any time, and without notice.

SLA Violations

All SLA claims should be communicated to the UIS Storage services by email to customer support within seven (7) days of the incident. The notice must include all relevant information, including service name, full description of the incident, and any logs (if applicable).

Support Policy

Primary incident-reporting is done via our Customer Ticketing System. Through this system you have access to all tickets on your account, both open and completed, both current information and historical. We prioritize tickets by severity, so for example issues where a service is completely unavailable will be processed before tickets where a service is slow, and those before general questions about our service or general advice covering the software offered inside UIS storage services.

Internally, our support team consists of Tiers, in which some groups respond more swiftly and handle more common questions and problems, and other groups handle issues which take more time or effort or expertise to solve. We also have a Developer Operations group which have daily responsibilities outside of support, but are “on call” to assist in especially difficult cases or simply to handle overload from support. These groups, the processes we use therein, the people therein, etc., change over time as we grow and as we learn how to better serve our customers, and therefore they are not documented here.

The goal of the Support Team is to provide specific support around the features and functionality of the UIS storage services. While our support staff may offer help where they can in order to alleviate client issues, we do not guarantee support for issues relating to connecting client systems owned by the Customer. We will, however, do our best to help any Customer with their issues to the best of our abilities.

Security guidance

1. Context

This guidance is for the UIS research storage services and helps you understand what data can be stored within these services, and what classifications of data the UIS research storage services can hold on the basis of the current University Guidance on Data Security Classification. Similar guidance may apply to other devices you use to store this data and appropriate protections may be necessary on those devices. You should seek out and become familiar with such guidance. It is assumed here that you are already familiar with that guidance. We have also taken into account the current UK Government Classification system in order to provide additional information and assurance for you to ascertain what data will be appropriate for storage within these Services. Both sets of Classification and Guidance are being provided because of the broad usefulness of the current UK Government Guidelines, which are in use throughout the UK public sector and which have established and considered application in the use of Public Cloud Services. It is important to note, in all levels of security classification, the principal factor in good data management is the ‘Need to Know’ principle (Information is only shared to people who need to know the information).

2. University Data Security Classifications & Guidelines

The University Guidance defines the following classifications.

Level 0: Unclassified or public information

Unclassified or public information is the largest class containing the majority of information.

Level 1: Cambridge Only

This covers information that is only available to students and staff within the Cambridge domain. It includes memoranda, minutes of meetings (not otherwise marked), and site-licensed software.

Level 2: Confidential information

This covers certain minutes of meetings, general personal information, financial information, or other information designated as confidential but which may be dealt with by any staff with delegated responsibility from the recipient (i.e. it is not, in a strict sense, information ‘for your eyes only’).

Level 3: Personal and strictly confidential information

This covers documents that contain highly sensitive information or personal details that are for the eyes of the recipient only where delegated authority is not appropriate.

Application to UIS Research Storage Services

The UIS research storage services includes Terms and Conditions that are compliant with UK/EU Data Protection Law and the University Statutes and Ordinances. The data centres are located in the UK and are owned by the University of Cambridge. If you require data to be held in UK/EU for compliance, the UIS research storage services can be used. The Services offered are integrated with authentication processes entirely within the control of the University of Cambridge. Staff should note that specific contractual obligations applying to aspects of their work may supersede this guidance and those obligations should be treated as exceptions. Staff should ensure they are aware of any contractual obligations and treat those as having precedence; if in doubt, staff should seek guidance from local Data Protection Officers. Hence the current policy on the use of research storage services is: subject only to the exclusions below, data under Data Classification Levels 0, 1 and 2 above CAN be stored in research storage services.

Data excluded from the above includes:

  • Data classified as Level 3 above

  • Patient Identifiable Data (including other identifiable data which is subject to the Clinical School’s mandatory data security policy which can be found at http://www.medschl.cam.ac.uk/research/information-governance/)

  • Data that is subject to a specific contractual agreement that specifies a particular storage method (that is not research storage services).

Storage license expiry

We will send the first license expiry reminder 60 days before the license expiry date.

If the storage licence expires and is not extended (for example, due to lack of funding), the data will become inaccesible unless further access is requested (for example, to copy off to another system).

After a grace period of 30 days data will be moved to the cold storage (tape system) and access will no longer be possible.

In order to recover access to your data you will need to contact our support team and pay cold storage charges calculated from the licence expiry date.

We reserve the right to delete any data associated with the expired licence if there is no attempt to recover the data within 6 months of the expiry date.

If your licence expires and you no longer wish to have your data stored by our service please let us know as soon as possible and we will delete the data.

Privacy policy

General

Research Computing Services are specific research-oriented IT services provided by the University and as such are covered by the University IT Facilities and Services Privacy Notice. The basis for the use of personal data is consent, explicitly given at the time of user account application and implicitly upon each connection to Research Computing Services as per the banner warning if present.

This local policy document explains in more detail what information is held about individual people (Research Computing Service account holders) by Research Computing Service systems, how it is gathered and how it is used. Details of the data held or logged are given below. This information is used to support user access to the resources of the Research Computing Service systems, to enable communication with you about the status of the system and your use of it as required, for system administration and bug tracking, for the detection of improper use, and for producing usage statistics for management and planning purposes.

Access to these logs and to user-specific data is restricted to appropriate staff or contractors of the Research Computing Service, and in the specific case of DiRAC and Tier2 users, to the appropriate staff at EPCC responsible for resource allocation and user administration of DiRAC and Tier2 service through the SAFE system. Please note that SAFE is not part of the University of Cambridge and all DiRAC and Tier2 users should refer to the EPCC Privacy Statement.

These logs are currently held indefinitely subject to the availability of storage space, but might not be recovered as a result of an accidental or deliberate removal action.

Summary statistics are extracted from this data. Some of these may be made publicly available, but those that are do not include the identity of individuals. DiRAC and Tier2 users (only) should note that their individual job records are uploaded to SAFE nightly.

Relevant subsets of this data may be passed to computer security teams (e.g. Cambridge CERT) as part of investigations of specific incidents of computer misuse involving Research Computing Service systems.

In the event that suspicious activity is detected on the CUDN, data held as described in the University IT Facilities and Services Privacy Notice may be passed to Research Computing Service management for investigation.

Data pertaining to particular projects may also on occasion be passed to the appropriate people (e.g. Principal Investigators or nominated deputies) responsible for direction and management of those projects. Otherwise the information is not passed to any third party except where required by law.

Data is stored on disk storage systems and may be backed up to tape at some frequency depending on the filesystem. These backups are made to enable reinstatement of the data, e.g. in the event of failure of a system component, or accidental deletion. Details of backup and other policies applicable per filesystem are available on the filesystem page. User data, log data and backups are at all times physically held in secure University premises, or transferred over the CUDN using strong SSH-based encryption.

Any user of the Research Computing Service systems who approaches the Service Desk or any staff within the Research Computing Service for help with a problem, implicitly grants permission to the Research Computing Service staff to investigate that problem by looking at data held on the system and files in their home directories or other personal or group storage areas.

Data collected

Accounting and other user-dependent system data

The Research Computing Service management servers hold details of user accounts, thereby enabling a user to log in and use the resources of the Research Computing Service systems.

The following data are collected via either the account application process or service usage and held and maintained for each user:

  • Name

  • User identifier (account name)

  • Institution affiliation

  • Status

  • Project affiliation

  • Email address

  • Contact telephone number

  • User administration history

  • Login history (session begin/end times and originating IP address)

  • Resource consumption (in the form of job records accumulated by the job scheduler)

  • Use of licensed applications (in the course of ensuring license term compliance).

These data are held on the Research Computing Service management systems from the time the user’s account is created, whether or not the user ever makes use of the Research Computing Service systems.

Service specific data remain stored subject to storage capacity until purged as obsolete; basic user information (names, system identifiers and institutional affiliations) regarding University of Cambridge users is duplicated from central user administration records, see the University IT Facilities and Services Privacy Notice. Names, system identifiers and affiliations pertaining to external users are stored indefinitely in order that historical usage of research computing systems can be properly attributed.

Other data held

Research data held in home directories or other personal or group storage areas is stored, as required for the fulfillment of Research Computing Service services. This data is stored until purged by the user, or by the Research Computing Service to enforce advertised policy, or automatically as obsolete in the case of tape re-use.

In addition applications, including but not limited to login shells, may record command history in files contained in the user’s home directory. Such files will survive until purged by the user, or by the Research Computing Service to enforce advertised policy, or automatically as obsolete in the case of tape re-use.

From time to time we may gather publication data from external journal or preprint listings in order to assess research outputs facilitated by research computing services.