Regulations governing the use of the Max Planck Computing and Data Facility
§ 1 Sphere of validity
These regulations govern the use of the information processing infrastructure of the Max Planck Computing and Data Facility (MPCDF), comprising the data processing and storage equipment, communications systems, and other facilities for computer-aided information processing which MPCDF is in charge of.
§ 2 Organisation of MPCDF
(1) MPCDF is run as central facility for all institutes according § 13, Sec. 2h of the statutes of the Max Planck Society.
(2) Particulars of organisation and the bodies of MPCDF are stipulated in Statut für die "Max Planck Computing and Data Facility" MPCDF in der Max-Planck-Gesellschaft.
§ 3 Duties of MPCDF
(1) The duties of MPCDF according to §1, Sec. 1 of the statute are primarily as follows:
- Application development, development of algorithms and optimization for high performance computing in close collaboration with scientists from the MPIs,
- Concepts, development and implementation of storage managment solutions for large data projects in close collaboration with scientists from the MPIs,
- Operation including regular renovation of a modern HPC system,
- Operation of larger compute systems for MPIs.
- Operation of an adequate storage infrastructure including long-term storage.
(2) Furthermore MPCDF is responsible for the duties defined in the Leistungskatalog for the IPP.
(3) In addition, MPCDF provides other institutes in the Munich area with internet access.
This entails the following duties in particular:
- Provision and maintenance of faultless operation of the communications network,
- Coordination of expansion and serving of the communications network,
- Administration of the address and name spaces,
- Provision of network services and central network servers.
(4) In order to ensure proper operation of the information and communications network and the data processing and storage systems assigned to MPCDF, the head of MPCDF can issue further regulations governing the use of the services and the infrastructure of MPCDF.
§ 4 Entitlement and permission to use
(1) Permission to use DP facilities and services of MPCDF can be granted to:
- Personnel of MPG including IPP,
- Personnel of other public research institutions and universities funded solely by the state, insofar as they are demonstrably obliged to use services and infrastucture of MPCDF for research projects conducted jointly with other Max-Planck-Institutes and the entitlement to use is applied for at MPCDF according to § 4, Sec. 3.
(2) Permission is granted solely for scientific purposes in research, teaching, training, and execution of other duties of MPG.
Commercial use of MPCDF services is not permitted.
(3) Permission to use facilities and services of MPCDF is granted by issue of a personal permit after approval by the respectively responsible director of the application in writing or electronically through MPCDF.
The directors of every institution or division using MPCDF can appoint one or more representative as authorised signatory to MPCDF who can apply for or approve applications for accounts for their respective institute or division electronically.
These regulations governing use do not entitle individual personnel to an individual right to a permit.
(4) Applications, submitted on a form (online-form) issued by MPCDF, should give the following particulars:
- Name, address, telephone number, and signature of the applicant and his/her status as employee, guest, or PhD student,
- User's nationality,
- Description of purpose of use or of objective planned,
- Declaration by user not to store or process any person-related or person-relatable data,
- Recognition of these regulations and corporate regulations according to § 3, Sec. 4 as basis governing use,
- Confirmation of the institute/division head that funding for the project concerned is available,
- The users consent to process his/her person-related data, or taking note, if the account is considered to be necessary to fulfil a contract (Art. 6 Sec. 1 EU-GDPR)
- Notification of the user of the possibilities of documenting his/her user habits and of access to his/her user files in accordance with these regulations (see § 9).
Further particulars may only be requested insofar as they are necessary for approving the permit application or are required by legal regulations.
(5) Permits are restricted to the project applied for and can be of limited duration. It is also allocated to an individual person. Permits for groups of persons are not issued.
(6) In order to ensure proper and faultless operation, permits can also be subject to limitation of the computing time and other use-related conditions and terms.
(7) By virtue of regulations of the export authorities of the United States of America or other legal regulations, nationals or organisations of certain countries use of DP facilities or services of MPCDF may be denied.
(8) Permits can be partly or wholly denied, rescinded, or subsequently restricted, particularly when
- no proper application is submitted or the particulars in the application are not or no longer correct,
- the conditions for proper use of DP facilities are not or no longer present,
- the entitled person is barred from use in accordance with §8,
- the project planned by the user is not compatible with the duties of MPCDF and the purposes stated in §4, Sec. 2,
- the DP resources available are unsuitable for the use applied for or are reserved for special purposes,
- the use applied for is likely to be unduly detrimental to other justified projects.
(9) Entitlement expires when
- this is requested by the user or institute representative, or
- the user leaves the institute; this must be immediately notified to MPCDF by the institute representative, or
- the duration stipulated has expired, or
- permission has been withdrawn, or
- the user withdraws the valid declaration of consent.
§ 5 Collection and Deletion of Data
(1) Beside the personal data collected according to § 4, Sec. 4 for the user administration, usage data is collected on the high performance computing and archiving systems for accounting purposes and stored in accordance with legal regulations on an accounting server.
(2) To assure the proper operation of all MPCDF systems the usual operating system log-files are stored, containing typically user IDs, IP-addresses and timestamps. All log-data is used only internally according to § 9, Sec. 6. The deletion of personal data occurs in a timely manner.
(3) For troubleshooting the MPCDF provides a trouble ticket system. All information provided in a trouble ticket will not be deleted, since it is used as knowledge database for the analysis and solution of similar issues.
(4) Generally it is assumed that all data stored on the resources of the MPCDF belong to the institutes paying for the storage according to § 12 and contain no private data.
(5) The user has to take care - well in time before the regular ending of the usage authorization - to transfer data to the institute.
(6) Upon expiry of the usage authorization e-mails for the user will no longer be accepted. Furthermore, the account will be locked, not deleting account data or permissions. This avoids misuse of closed user IDs, and allows returning users to revive their old account. The user can request a deletion of the account data. In this case, it will no longer be possible to revive the account.
(7) After the regular end of the usage authorization, the data remaining in the home-directories after the transfer to the institute will be stored for 6 months, to allow for a delayed transfer of the data by the user or the institute. After 6 months the emails will be deleted. Any other user data can be deleted in accordance with system requirements or on request.
§ 6 Benutzerausschuss (User Committee)
(1) According to § 3, Sec. 4 c) of the Statut für die "Max Planck Computing and Data Facility" MPCDF in der Max-Planck-Gesellschaft the Beirat of MPCDF has defined a User Committee.
(2) The Beirat nominates in agreement with the institutions using facilities of MPCDF the members of the User Committee and appoints the Chairman of the User Committee in general for a duration of 3 years. The IPP is represented by three members.
(3) The User Committee gives advice to the Beirat and MPCDF and covers the interests of the users of MPCDF.
§ 7 Rights and obligations of users
(1) Entitled persons (users) have the right to use facilities, DP and storage equipment, and information and communications systems of MPCDF under the terms of the permit and in accordance with these regulations governing use and with the regulations according to § 3, Sec. 4.
Any use deviating therefrom shall require a separate permit.
(2) Users are required
- to comply with the provisions of the regulations governing use and adhere to the restrictions of the permit, particularly to observe the purposes of use according to § 4, Sec. 2;
- to avoid everything detrimental to proper operation of DP facilities of MPCDF;
- to treat all DP equipment, information and communications systems, and other facilities of MPCDF with care and consideration;
- to work solely with the user identifications assigned to them under the terms of the permit;
- to ensure that no other persons acquire knowledge of user passwords, and to make provisions so that unauthorised persons are denied access to DP resources of MPCDF; this includes exclusion from access by means of a secret and suitable, i.e. not readily guessed, password that should be regularly changed;
- neither to divulge nor to use third parties user identifications and passwords;
- not to acquire unauthorised access to information of other users and not to divulge, use themselves, or change acquired information of other users without their consent;
- to comply with legal stipulations, particularly copyright, when using software, documentation, and other data, and to observe the licensing conditions under which software, documentation, and data of MPCDF are provided, as well as to use licensed software solely for research and teaching work.
- neither to copy nor to divulge to third parties software, documentation, and data provided by MPCDF, insofar as this is not explicitly allowed, nor to use them for purposes other than those approved;
- not to interfere in MPCDF's written consent and not to change the configurations of the operating system, system files, system-relevant user files, and network;
- not to operate without MPCDF's written consent any computer on the network which is not administered by MPCDF or the persons specifically authorised by the institutes. If a computer is connected to the network, connections to other networks may only be established through the network connection administered by MPCDF. Other connections, e.g. by modem, are prohibited.
- to provide at the request of MPCDF in justified individual cases - particularly in the event of justified suspicion of misuse and for elimination faults - with information on programs and methods for control purposes, and to allow inspection of programs;
- to avoid unnecessary network use; insofar as the MPCDF provides proxy servers for certain services, these must be used;
- to be economical with working materials;
- not to process any person-related data on MPCDF systems, to observe data protection provisions, and where applicable, to comply with existing corporate agreements.
(3) Special attention is drawn to the following criminal offences:
- Pilfering of data (§ 202a StGB).
- Changing of data (§ 303b StGB)
- Computer fraud (§ 263a StGB).
- Dissemination of pornographic depictions (§ 184 StGB), particularly retrieval and possession of paedophilic depictions (§ 184 Abs. 5 StGB).
- Dissemination of propaganda material of unconstitutional organisations (§ 86 StGB); racial incitement (§ 130 StGB).
- Personal offences such as insult or libel (§§ 185 ff StGB).
- Criminal violations of copyright, e.g. duplicating software in violation of copyright (§§ 106 ff. UrhG).
§ 8 Disqualification from use
(1) Users can be temporarily or permanently restricted in the use of DP facilities and services or disqualified from using them if they
- culpably infringe these regulations governing use, particularly the obligation stipulated in § 7 (improper conduct), or
- misuse DP facilities and services of MPCDF for criminal acts, or
- cause disadvantage to MPCDF or its backers through otherwise unlawful user conduct.
(2) Action in accordance with Sec. 1 is not to be taken until after unsuccessful admonishment. The person concerned should be given the opportunity to respond. He/she can request the Chairman of the Users' Committee to arbitrate. In any case, he/she should be given the opportunity to secure his/her (legally conforming) data.
(3) Temporary restrictions of use, which are decided by the MPCDF Head, should be rescinded as soon as proper use appears to be ensured again.
(4) Permanent restriction of use or complete disqualification of a user from further use will only be contemplated in the event of serious or repeated infringements in the sense of Sec. 1 where proper conduct is no longer to be expected in the future either. Decisions on permanent disqualification are taken by the Beirat upon application from the MPCDF Head.
MPCDF in such cases will immediately report to the directorates of the institutes associated with the user.
Possible claims of MPCDF arising from the agreement on use remain unprejudiced.
§ 9 Rights and obligations of MPCDF
(1) MPCDF maintains a user file on permits issued which lists user and mail identifications as well as the names, addresses, and telephone numbers of entitled users. This file will be used for system administration and fault elimination only.
(2) Insofar as this is necessary for fault elimination, system administration and expansions or for reasons of system security and for protection of user data, MPCDF can temporarily restrict use of its resources or temporarily block individual user identifications. Wherever possible, users concerned are to be notified in advance.
(3) Insofar as there are actual grounds for believing that a user is holding unlawful contents ready for use on servers of MPCDF, the latter can prevent further use until the legal situation has been sufficiently clarified.
(4) MPCDF is entitled to check the security of system/user passwords and user data by regular manual or automated measures and to implement necessary safeguards, e.g. changing readily guessed passwords, in order to protect DP resources and user data from unauthorised access by third parties. In the event of necessary changes of user passwords, access rights to user files, and other use-related safeguards, the user is to be immediately notified accordingly.
(5) MPCDF is entitled, for the sole purpose of data security, to make copies of user files (backup).
A mechanism is provided that entitles users to exempt individual files or data trees from backup.
(6) MPCDF is entitled in accordance with the following provisions to document and evaluate utilisation of DP systems by individual users, but only insofar as this is necessary for
- ensuring proper system operation,
- resource planning and system administration,
- protecting person-related data of other users,
- accounting purposes,
- detecting and eliminating faults, and
- investigating and preventing unlawful or improper use.
For the rest § 31 BDSG takes effect.
(7) In accordance with Sec. 8 MPCDF is also entitled to inspection of user files in compliance with data protection law, insofar as this is necessary for eliminating faults present or for detecting and preventing misuse where there are actual grounds for believing this to be the case.
Inspection of messages and e-mail boxes is only permissible, however, insofar as this is essential for eliminating faults present in the mail service.
In any case, inspection should be documented and the user concerned notified immediately after such intervention.
(8) In accordance with Sec. 8 connection and use data of communications (particularly mail use) can also be documented. However, only the immediate circumstances of telecommunications - but not the non-public communications contents - be perused, processed, and used.
Connection and use data on online activities in the internet and other teleservices provided by MPCDF for use or to which MPCDF provides access for use should be deleted as soon as possible, at the latest right after termination of the particular use, insofar as accounting data are not involved.
(9) In accordance with legal provisions MPCDF is committed to maintaining telecommunications and data secrecy.
§ 10 Liability of user
(1) The liability and exoneration obligations of users in the employ of MPG are subject to the liability regulations agreed by contract of employment and to the general principles of liability according to labour law. Users not in the employ of MPG are covered by Secs. 2 to 4 below.
(2) The user is liable for all disadvantages arising for MPCDF through improper or unlawful use of DP resources and entitlement to use, or resulting from the fact that the user culpably neglects his/her obligations as stipulated in these regulations for use.
(3) The user is also liable for damage arising from third-party use in connection with the privileges of access and use accorded to him/her if he/she approves such third-party use, particularly in the event of divulging his/her user identification and password to third parties. In this case, MPCDF can charge the user an adequate compensation.
(4) The user shall exonerate MPCDF from all claims if any such are made on MPCDF by third parties because of the user's improper or unlawful conduct to obtain damages, or restraining orders, or for any other purpose. MPCDF will explain the dispute to the user insofar as third parties take legal action against MPCDF.
§ 11 Liability of MPCDF
(1) MPCDF provides no guarantee that DP facilities, networks, and services operate without fault and at all times without interruption. Possible data losses due to technical defects and divulging of confidential data through unauthorised access by third parties cannot be ruled out.
(2) MPCDF accepts no responsibility for the correctness of the programs provided. MPCDF is not liable either for the content, particularly the correctness, completeness, and topicality of information, to which it merely provides access for use.
(3) Furthermore, MPCDF is only liable in the event of intent or gross negligence of its personnel, unless culpable infringement of major cardinal obligations is committed. In such cases MPCDF's liability is restricted to typical damage foreseeable on settlement of the agreement on use, insofar as deliberate or grossly negligent conduct is not involved.
§12 Fees and Accounting Procedures
(1) By virtue of the application for use the user institution declares its willingness to meet all costs incurred through utilisation of MPCDF's service under the terms of the permit since all users are permitted only on explicit approval by the respective responsible director.
(2) The costs for use of the DP facilities and services of MPCDF will be calculated from the running costs in accordance with utilisation of the whole centre or parts thereof. Running costs include expenditure for personnel, working materials, energy, insurance, equipment rental, servicing fees, and infrastructure and miscellaneous costs.
(3) Costs directly accountable, e.g. for the operation of compute or storage systems according to §3, Sec. 1 d) and e) are cleared directly with respective institutes.
(4) The provisional separation of costs determined and proposed by MPCDF for the accounting of the different categories (high performance computing, storing of data, etc.) is checked and decided on by the Beirat on a yearly basis.
(5) The actual costs for the use of the DP facilities and services of MPCDF are determined yearly based on the annual running costs and the entire annual utilisation of MPCDF's services according to the distribution key defined in Sec. 4 and authorized by the Beirat and accounted the respective institutes by the general administration of MPG.