Introduction
DMP EOSC CZ is a service designed to create and manage data management plans (DMPs) through interactive questionnaires, templates, and automated document generation. It provides recommendations, FAIR metric indicators, and dynamically displayed questions based on previous answers (the “Service”).
The Service is deployed on the e-INFRA CZ infrastructure, and its administrative and technical management is provided by the Czech Technical University in Prague through the email address support@dmp.eosc.cz (the “service administrator”). The service administrator provides user support and performs platform configuration, updates, and technical maintenance.
Users of the Service are persons who meet the access conditions for the e-INFRA CZ infrastructure.
A description of the Service and the user manual are available on the Service website https://dmp.eosc.cz/ (the “Service website”).
User roles and responsibilities
| Role | Description | Responsibility |
|---|---|---|
| Data steward | Creates and maintains methodologies, DMP templates, and questionnaires. |
|
| User (“Researcher”) | Completes the questionnaire and receives a generated DMP. |
|
User Obligations
The user must not
- disrupt the operation of the Service or the e-INFRA CZ e-infrastructure, or place an excessive load on them;
- bypass administrative or security measures for accessing the Service;
- provide or enable access to the Service to unauthorized persons;
- use the Service in any other way that exposes the service administrator, the e-INFRA CZ e-infrastructure, or other users to security risks.
Responsibility for content
The user is fully responsible for ensuring that all content uploaded to the Service interface complies with the laws of the Czech Republic and the European Union. In particular, the user undertakes not to upload or enter:
- content for which the user does not have ownership rights, a licence, or another legal title authorizing its storage and processing within the Service;
- content whose possession or sharing is contrary to law, including materials infringing copyright, classified information without appropriate safeguards, or personal data processed contrary to the GDPR.
The service administrator does not actively monitor content uploaded by users. However, in the event of reasonable suspicion that the above rules have been violated, or on the basis of a request from a public authority, the service administrator reserves the right to restrict access to the relevant file or delete it without compensation. The user will be informed of such action.
Administrative Security Measures
In the area of administrative security measures, the user must in particular:
- log in to the Service using identity federation (OpenID);
- protect access to their accounts using a strong password that meets current standards;
- keep their access credentials secure against unauthorized access and misuse.
The user must notify the service administrator without undue delay of:
- the display of invalid data or data that does not belong to the user, together with all known information about the data issue;
- discovery of a Service error;
- misuse of the infrastructure;
- any other event that may indicate a security incident.
Termination of Service
- Both the user and the service administrator are entitled to terminate the provision of the Service without giving a reason. The notice period is 1 month and begins on the first day of the month following delivery of the notice.
- The service administrator reserves the right to immediately suspend or block access to an account in the event of a demonstrable breach of these operating terms, such as uploading illegal content or endangering the security of the Service.
- When the Service is terminated, the account will be deactivated. The user will no longer be able to log in, but their earlier records, edits in DMPs, and uploaded files will remain preserved for DMP purposes and to maintain the history of changes in projects. The user’s name will remain displayed next to the changes they made, unless agreed otherwise, so that an audit trail of the origin of DMP data is preserved.
- Complete and irreversible deletion of a user account and all associated metadata occurs only in the exceptional cases listed below.
Exceptional cases for complete deletion
- at the user’s explicit request in accordance with the GDPR, provided that deletion is not prevented by a statutory archiving obligation or a legitimate interest in the integrity of the DMP;
- in the event of long-term account inactivity exceeding 2 years, if the account is empty and is not linked to any active project.
Processing of Personal Data
As controller, the service administrator undertakes to process personal data when providing the Service solely in accordance with the General Data Protection Regulation (GDPR). The user agrees that the service administrator may involve additional processors, in particular partners within the NRP consortium; those relationships are governed by the NRP consortium agreement. Unless stated otherwise, the controller processes personal data within the scope below as necessary to provide the Service.
| Personal data categories | Data subject categories | Method, purpose, and duration of processing |
|---|---|---|
| Data steward | Personal data is processed for the purpose of configuring the Service, managing access to the Service web interface, and administering DMPs. Personal data is collected for the period during which the Service is used, or for the duration of a legitimate interest in the integrity of DMPs. |
| User | Personal data is processed for the purpose of managing access to the Service web interface and administering DMPs. Personal data is collected for the period during which the Service is used, or for the duration of a legitimate interest in the integrity of DMPs. |
| Contributor | Personal data is processed for the purpose of recording project contributors within a DMP. Personal data is processed for the duration of a legitimate interest in the integrity of DMPs. |
Warranties and Liability
To the maximum extent permitted by law, the service administrator disclaims all liability for any direct, indirect, incidental, consequential, or special damages arising from the use of, or inability to use, the Service or data provided by the Service. This includes in particular loss of data, lost profit, or business interruption.
The Service is provided on a “best effort” basis. The service administrator does not guarantee any specific level of availability, performance, or functionality of the Service. The service administrator reserves the right to change, suspend, or terminate the Service or any part of it at any time without prior notice. The user acknowledges that outages, delays, or other Service limitations may occur and agrees that the service administrator will not be liable for any loss or damage resulting from such events.
Final Provisions
The service administrator declares that the equipment used to operate the Service, including data storage, is located in the Czech Republic.
The service administrator is entitled to amend these terms unilaterally. A new version will always be announced to the user in the Service web interface at least 30 days before it takes effect. If the user does not agree with the new version of the terms, the user must stop using the Service and notify the service administrator no later than the effective date of the new version of the Service terms. By using the Service after the new version of the terms takes effect, the user expresses consent to that new version.