Usage rules ICT resources from UV

University of Valencia logo Logo del portal

  • SiUV

REGULATIONS ON THE USE OF THE INFORMATION AND COMMUNICATION TECHNOLOGY RESOURCES OF THE UNIVERSITY OF VALENCIA 

REGULATIONS ON THE USE OF THE INFORMATION AND COMMUNICATION TECHNOLOGY RESOURCES OF THE UNIVERSITY OF VALENCIA 

  • INTRODUCTION 
  • CHAPTER I. Scope of application and responsible bodies
  • CHAPTER II. Allocation and use of ICT resources
  • CHAPTER III. Suspension of the use of resources
  • CHAPTER IV. Responsibility
  • CHAPTER V. Password policy
  • CHAPTER VI. Use of computer equipment and network infrastructure of the University of Valencia
  • CHAPTER VII. Use of applications for university management
  • CHAPTER VIII. Electronic mail
  • CHAPTER IX. Use of online public discussion resources
  • CHAPTER X. Using web resources under University-owned domains
  • CHAPTER XI. Using web resources and cloud services not owned by the University of Valencia
  • CHAPTER XII. Consultation
  • Final provision    
  • Derogating provision
  • ANNEX. DEFINITIONS


INTRODUCTION
The University of Valencia offers the university community a set of information and communication technology (ICT) resources for the purpose of serving the activities carried out in the university environment, in accordance with the powers assigned to it by law and by its Statutes.
The University of Valencia is a deeply rooted institution with more than five centuries of history but, at the same time, it has made the use of information and communication technologies one of its cross-cutting strategies for the development of its administrative and economic activities, for research and for the transfer of knowledge, culture and teaching. In order to ensure the users’ rights and the proper use of these technologies, the Governing Council of the University of Valencia, at its meeting on 22 October 2002, adopted the Rules for the Personal Use of the Computer and Telematic Resources of the University of Valencia (ACGOV 24/2002).
Continuous technological advances and legislative amendments, particularly those related to electronic administration services, require that these rules are revised in order to reflect such changes and to extend their scope beyond the personal use of resources to include also academic and institutional uses and uses for management and for the dissemination of knowledge and information, so that a clear framework can be established for the university community as a whole. Recognition should also be given to the importance that ICT services outside the University have gained in the last few years. That has been the case of social networks or cloud computing services, which have given rise to new forms of work and communication between the members of the university community: teaching and research staff (PDI), administrative and service staff (PAS) and students. These other services are to be considered ICT resources which must also be regulated when used on behalf of the University of Valencia.
To facilitate the integration and proper use of all these ICT resources that the University of Valencia makes available to the members of the university community, the University shall draw up protocols, guidelines and manuals on specific aspects which can respond to the needs of the users of such resources.

CHAPTER I. Scope of application and responsible bodies

Article 1

  1. These regulations aim to regulate the use of the resources related to information and communication technologies (hereafter ICT) that the University of Valencia offers to the members of the university community for the development of the purposes entrusted to it by Organic Law 6/2001, on Universities, and by other regulations. This set of resources includes (personal or server) computers, mobile devices, operating systems, computer applications and services, and infrastructure and services for communication networks, storage and documentation which belong to or are administered by the University of Valencia, as well as any other media used to store or process protected information owned by the University.
  2. These regulations shall also apply to the use of the ICT resources that the University of Valencia makes available to the university community for purposes other than those established in the previous section.
  3. Likewise, these regulations shall apply to the use of ICT in areas, resources or services outside the University of Valencia when its corporate image is being used or when acting on its behalf.
  4. The obligations and security policies contained herein, and particularly those described in chapters V, VI and VII, lay down minimum standards common to all users. Any ICT resource using those information systems that lie within the scope of the Policy on Information Security in the Use of Electronic Means of the University of Valencia (ACGUV 13/2014) shall compulsorily comply with the Regulations on Information Security in the Use of Electronic Means of the University of Valencia (ACGUV 227/2014).

Article 2
These regulations shall apply to the users of the ICT resources of the University of Valencia. Users of ICT resources are:

  • (a) the members of the university community (PDI, PAS and students),
  • (b) the staff working in the foundations and organisations subordinate to the University of Valencia, provided that they have access to the ICT resources and services of the University of Valencia,
  • (c) the staff working in organisations providing services at the University of Valencia, provided that their services require access to the ICT resources and services of the University of Valencia,
  • (d) any person who, despite not being part of any of the former groups, has been authorised to use the ICT resources of the University of Valencia, either through a collaboration agreement with the University of Valencia or by means of an explicit permit.

Article 3
The body responsible for managing the ICTs at the University is the University of Valencia Information Systems Service, which shall ensure the efficiency and proper functioning of the resources and services that operate in its corporate network or interact with it or in its radio spectrum in any way.


CHAPTER II. Allocation and use of ICT resources


Article 4

  • 1. The University of Valencia’s ICT resources are available for the members of the university community, who can gain access to them through different devices and by various channels.
  • 2. ICT resources are allocated to users depending on: 
    • (a) the availability of resources by the University of Valencia,
    • (b) the characteristics of the relationship of the user with the University of Valencia.

As a result, the range of ICT services and resources that may be provided by the University of Valencia and put at the disposal of users can be modified, or even suspended, subject to the availability of resources and to the changes in the relationship of the user with the institution.


Article 5

  • 1. The University of Valencia must provide users with a user account, consisting of a user ID and a password, which is required to gain access to the ICT resources enabled for the account. The termination of the relationship with the University of Valencia involves the withdrawal of the right to use the ICT resources and services provided by the institution. However, the University must allow some time for users to retrieve their contents before their account is cancelled. Similarly, the University of Valencia reserves the right to extend the users’ period of access to ICT resources after the end of their relationship with the institution, taking account of the availability of resources and the characteristics of the former relationship of the user with the University.
  • 2. The account provided to users by the University of Valencia is personal and non-transferable, and identifies the user uniquely. Its safekeeping is the responsibility of the user. Likewise, the University of Valencia must ensure its inviolability so that only the account holder can access the resources associated to his or her account, except in the cases and with the guarantees established in the legal system.
  • 3. Each user is responsible for any action taken using his or her account.
  • 4. Failure to comply with the duty of custody of the account constitutes a serious breach in the security of ICT resources. The University of Valencia can initiate an administrative procedure to ensure the smooth operation of the services provided and take the necessary corrective and disciplinary measures, including immediate blocking of the user account as a precaution.
  • 5. The University of Valencia accepts no liability for the actions performed by users when any of the conditions set forth in the different paragraphs of this article are found to have been violated.

Article 6

  • 1. While using the ICT resources of the University of Valencia, users must observe the Statutes of the University of Valencia, the legal system and the rights set out in the Spanish Constitution.
  • 2. In no case can the ICT resources be used for any of the following purposes: 
    • (a) Engage in illicit or unlawful activities of any kind and, particularly, disseminate contents of a racist, xenophobic, pornographic or sexist nature, or which justify terrorism, infringe human rights, or are detrimental to the rights to privacy, to honour, to self-image or against the dignity of people.
    • (b) Disseminate content contrary to the principles referred to in the Statutes of the University of Valencia.
    • (c) Disseminate false, incorrect or inaccurate statements or references about the University of Valencia, its faculties and schools, departments and services or about the activities that it carries out.
    • (d) Intentionally congest the network of the University of Valencia or interfere with its operation.
    • (e) Establish mechanisms or systems that allow undue exploitation by third parties of the network resources provided by the University of Valencia, such as reselling or reusing them for private, profit-making or criminal purposes, among others.
    • (f) Damage the University’s physical and logical systems, install or spread computer viruses in the network or perform any other kind of activity that is likely to cause damage to the University of Valencia, its members, suppliers or third parties.
    • (g) Process personal data which are not owned by the University of Valencia.
    • (h) Collect personal data, either directly or through invisible processing, except those data that are strictly related with the specific functions of the University, or process personal data not owned by the University of Valencia in any manner which has not been previously authorised.
    • (i) Publish or disseminate data, documents or files involving third parties or that are subject to rights of privacy or intellectual property or to any other rights or legitimate interests, without the express consent of the individuals concerned and/or of the holder of the rights.
    • (j) Make use of the ICT resources for commercial purposes, except as expressly authorised.
    • (k) Send commercial messages or unsolicited bulk e-mail (SPAM) from the University of Valencia e-mail accounts.
    • (l) Violate the intellectual or industrial property rights of any third party.
  • 4. If the staff responsible at the University of Valencia detects that any of the situations mentioned above is taking or has taken place, he or she must inform the proper office of the vice-rector for ICT resources and the legal authorities, if needed. 
  • 5. Systems can be set up to prevent actions that may be considered contrary to these regulations or to any other rule or protocol in force. These systems can take appropriate preventive measures.
  • 6. Any user from the University of Valencia, be it in-house or third-party members, must protect the confidentiality, in accordance with current legislation, of all the personal data that they may become aware of during the use of the applications or services to which they have access in the development of their activity. This duty of confidentiality extends to any information declared restricted or confidential by virtue of the institution’s regulations.
  • 7. The use of the corporate image, the name or the brand of the University of Valencia must be approved by the chief information officer of the University. The University of Valencia corporate image cannot be used or manipulated for publishing, disseminating or storing contents of a non-institutional nature in any way that could suggest that the University of Valencia is related to or supports such contents. This prohibition extends not only to the University of Valencia ICT resources, but also to any environment allowing this use and, in particular, to Internet resources unrelated to the University owned by third parties.

 

CHAPTER III. Suspension of the use of resources


Article 7

  • 1. The University of Valencia may suspend the use of resources, temporarily or permanently, to users in the following cases: 
    • (a) When activities contrary to the legal system have been carried out.
    • (b) In cases of breach of these regulations or any other regulations approved by the University of Valencia.
    • (c) When there is a legal requirement that demands adopting precautionary measures.
    • (d) When there are issues as regards the availability of resources.
    • (e) When deemed necessary for the maintenance and proper operation of the resources of the University of Valencia.
    • (f) When deemed necessary to ensure the security of resources and systems.
  • 2. The suspension of the use of resources requires a resolution by the proper vice-rector for ICT, pursuant to the corresponding adversarial enquiry demonstrating the offence under these regulations and having heard the person concerned. This suspension may be pronounced directly in those cases in which a firm court decision declares the facts as proven. Those actions taken to ensure the continuity, security and proper operation of the ICT resources which can cause the temporary suspension in their use do not require a resolution.
  • 3. The University of Valencia may resolve the definitive suspension of a user account where it is found that the University of Valencia ICT resources are being used for illicit or unlawful activities of any kind and, particularly, to disseminate contents of a racist, xenophobic, pornographic or sexist nature, or which justify terrorism, infringe human rights, or are detrimental to the rights to privacy, honour and self-image or against the dignity of people. Such illicit actions, where appropriate, must be brought to the attention of the office of the public prosecutor under the terms provided by the legislation in force.

 

CHAPTER IV. Responsibility
 

Article 8

  • 1. Users have to guard and make a proper use of the ICT resources that the University of Valencia puts at their disposal to develop their functions within the institution.
  • 2. Users have an obligation to be aware of and comply with these regulations and with any other rules or protocols that may affect the correct use of ICTs, both within the University of Valencia and within the networks to which it belongs.

Article 9

  • 1. The University of Valencia is subject to civil, criminal and administrative liability as established by the legal system for all intents and purposes, without prejudice to the regulations contained herein.
  • 2. The University of Valencia shall not be held responsible, directly or indirectly: 
    • (a) for the views expressed by the members of the university community, for the statements made by them or by any other person or for the content published using its ICT resources,
    • (b) for the information that users transmit via the University of Valencia’s telecommunication networks, unless such information has been generated or disseminated in the framework of administrative procedures or institutional communications,
    • (c) for the information stored or for the contents linked to by the users of ICT resources, provided that the University has no actual knowledge that this information is illicit or detrimental to the properties or rights of a third party that are liable for compensation. Upon becoming aware, the University of Valencia shall not be responsible either when it duly acts to remove the data or to prevent access.
  • 3. In any event, the University of Valencia is acting in good faith when it offers its ITC resources and shall not be responsible, directly or indirectly, for any claim arising from their quality, reliability or accuracy.

 

CHAPTER V. Password policy
 

Article 10

  • 1. The passwords of user accounts provided by the University of Valencia are personal and non-transferable, and are to be used only by the account holder.
  • 2. Each user is responsible for the safe keeping of his or her password. If the password becomes known incidentally or fraudulently by unauthorized persons, the user must change it, either through the account management service or by contacting immediately the University of Valencia user support service for computer issues.

Article 11
Users must change their account password as frequently as established by the security policy of the University of Valencia. Passwords must be created in accordance with the safety standards published in the corresponding guidelines so that they cannot be easily guessed.


CHAPTER VI. Use of computer equipment and network infrastructure of the University of Valencia


Article 12

  • 1. The computer equipment that the University of Valencia puts at the disposal of its users of ICT resources and services are to be used to perform the activities entrusted to the University of Valencia.
  • 2. Users have to make use of computers in accordance with the policies referred to in these regulations and in any other safety regulations in force at the University of Valencia.
  • 3. For all purposes, computer resources owned by the University of Valencia are installed and set up by the technical staff of the University of Valencia, so users are not allowed to make configuration changes.
  • 4. When a user has been authorised to administer computers that are owned by the University of Valencia, he or she must: 
    • a) Update the security of the computers’ operating system, antivirus and firewall through automatic updates and, in any case, in accordance with the relevant procedures or with the assistance from the University’s user support service (CAU).
    • b) Only install programs that the University of Valencia is licensed to use, in particular those listed in the UV software catalogue (http://software.uv.es). Installing unlicensed software, or running or saving untrusted files is not permitted.
  • 5. The University of Valencia Information Systems Service and the Information Security Committee may give advice, recommendations, instructions or circulars in relation to the security of information. These communications are mandatory if they contain explicit indications to adopt measures aimed at ensuring the security of information systems and ICT resources.

Article 13

  • 1. The storage of files on work computers requires that users take responsibility for backing up files so that data can be restored in case of computer crash. In any case, the University of Valencia makes backups of the data stored on the storage systems located in the university’s centre for data processing, in particular of virtual discs.
  • 2. Users are responsible for personal files stored in the resources provided by the University. The University of Valencia has no responsibility in relation to these.

Article 14

  • 1. Connection of personally-owned computer equipment to the university’s wireless network (eduroam) is allowed, subject to compliance with these regulations and with other relevant regulations.
  • 2. The wired connection of personally-owned computer equipment to the University network must be authorised by the chief information security officer of the University of Valencia.
  • 3. For technical reasons and to ensure security, connections of personally-owned computer equipment to the University network may be restricted or limited.

Article 15

  • 1. At the user’s request, and with his or her consent, the University of Valencia technical staff may access work computers, modify or delete any professional or personal information, provided that this action is needed to ensure the security, availability, integrity and proper functioning of the ICT resources of the University of Valencia.
  • 2. Similarly, whenever a risk to the integrity of the University telecommunications network or to its ICT applications and resources is detected, the University of Valencia technical staff can access work computers, having informed the user of the intervention, and perform the necessary actions to ensure the security, availability, integrity and proper functioning of the ICT resources of the University of Valencia. 

Article 16

  • 1. The University of Valencia Information Systems Service, through its own technical staff or through other service providers, is the only service authorised to physically access, administer and manipulate the communications systems, the wiring, the wireless access points and any other equipment in the University network.
  • 2. For technical reasons and to ensure the proper operation of the University communications network, the University of Valencia technical staff may revert any unauthorised action taken on any element of the network or radio space of the University of Valencia. Any damage caused by this type of action is the responsibility of the unauthorised personnel who carried out such action.
  • 3. The performance of the technical staff of the Information Systems Service is governed by the principles of professionalism, security, secrecy and respect for user rights.

 

CHAPTER VII. Use of applications for university management 
 

Article 17

  • 1. The following are considered applications for university management: 
    • (a) applications aimed at providing support for University staff to exercise their functions,
    • (b) teaching applications.
  • 2. The use of these applications for personal purposes or for purposes other than these is prohibited.
  • 3. The storage of personal data which are not owned or managed by the University of Valencia through the applications provided by it is prohibited.
  • 4. Electronic communications not related with the functions of the University using these applications are prohibited.

Article 18
Users of university management applications have the duty to safeguard the confidentiality of all the information contained therein, in accordance with the legislation in force. This duty also applies after the end of their relationship with the University of Valencia.


Article 19

  • 1. The office of the vice-rector with powers in the corresponding area or, where appropriate, the office of the vice-rector for ICT, must authorise the creation of applications within the framework of ICTs, which have to be designed and used in accordance with the legal system and especially with the regulations on protection of personal data and electronic administration. Also, due account must be taken of applicable standards, protocols and guidelines approved by the University and, in particular, as regards technical configuration, usability, accessibility and visual identity.
  • 2. Using university management applications for purposes other than those referred to in these regulations may result in access to some of these applications being restricted by the relevant office of the vice-rector.

 

CHAPTER VIII. Electronic mail
 

Article 20

  • 1. Electronic mail is personal. Third parties shall not access the contents or the headers of messages without the express consent of the user or the authorisation of the competent authority. Confidentiality also includes the identity of message recipients.
  • 2. Notwithstanding the above, the technical staff may access the usage records of an e-mail account when needed to ensure the security, availability, integrity and proper functioning of the ICT resources.

Article 21

  • 1. Each user is responsible for any action taken using his or her University e-mail account.
  • 2. The main use of the e-mail accounts provided by the University of Valencia must be connected with the purposes of the University set out in its regulations and Statutes. The use of an e-mail account for private purposes is permitted as long as this use is reasonable and does not obstruct its main purpose.
  • 3. Using e-mail accounts for the following purposes is not allowed: 
    • (a) commercial or profit-making purposes,
    • (b) sending SPAM, understood as unsolicited bulk e-mail for purposes other than those of the University of Valencia, as well as any processing of personal data under the terms established herein,
    • (c) participating in the propagation of chain or similar e-mails,
    • (d) sending messages related to illegal or fraudulent activities,
    • (e) any other which is incompatible with the purposes of the University and, in general, any infringement of the purposes contained in these regulations.

Article 22

  • 1. The e-mail addresses of UV staff are public and can be published in directories, which must contain a clear indication of their intended use and an explicit warning that they cannot be used for sending messages with other purposes.
  • 2. An e-mail address can be excluded from the public lists or be replaced by a different one for a justified reason, especially when it is advisable to protect the user’s privacy, to prevent the receipt of messages that include threats or inappropriate language and in any other event in which the interests or rights of the person concerned shall prevail.

Article 23
The University of Valencia may configure the mail system so that it automatically detects actions which may be considered SPAM and block an account pre-emptively. For users who legitimately require sending mass e-mails, the University of Valencia offers specific services for this purpose, such as the use of mailing lists.


Article 24

  • 1. The University of Valencia shall not be responsible for the use that users make of mailboxes or e-mail accounts outside of the University of Valencia domains.
  • 2. Redirecting institutional e-mail accounts is prohibited in all cases when this may affect the administrative or academic management of information under the terms defined by the policy and regulations on information security approved by the Governing Council. In no case shall the University assume responsibility for cases in which users redirect their UV mail to an external e-mail account.

Article 25

  • 1. Institutional mailing lists fall within the competence of the chief communications officer of the University of Valencia, who must authorise their creation and assign a person in charge of their management.
  • 2. Sending e-mails through institutional lists requires authorisation by the University of Valencia and is to be managed by the authorised unit or service. E-mailing must follow the guidelines, manuals, protocols or regulations laid down by the chief communications officer for this purpose.

 

CHAPTER IX. Use of online public discussion resources
 

Article 26
The University of Valencia shall not be responsible, directly or indirectly, for the views expressed by the members of the university community or by any other person, nor for the contents published using its online public discussion resources.


Article 27

 

  • 1. The use of online public discussion resources must take account of the following: 
    • (a) These services must be used to meet the purposes of the University. Their use for illegal, illicit or fraudulent activities is prohibited. Likewise, the use of these services for commercial or profit-making activities is prohibited.
    • (b) Online public discussion resources must be regulated by operational standards and have a moderator or administrator who enforces them. In any case, these standards must respect democratic principles, the right to freedom of speech and the provisions of these regulations.
    • (c) Each discussion resource must have one or more persons in charge of its management. They shall be responsible for the following tasks: 
      • i. Accept service subscription requests or set up the automatic subscription.
      • ii. Delete incorrect or undesired addresses or data which may have been subscribed to the service.
      • iii. Modify service configuration parameters as needed. For example, change it from public to moderated or limit the sending of messages to those who were previously subscribed.
      • iv. In the case of moderated discussion services, review and authorise, where appropriate, the distribution of each message submitted.
      • v. Monitor that the discussion resource does not deviate from the subject for which it was created.
      • vi. Change any of the options with which users have subscribed to these services.
      • vii. Deal with questions, issues, suggestions, etc. from service subscribers as regards its operation.

 

CHAPTER X. Using web resources under University-owned domains
 

Article 28

  • 1. The University of Valencia may facilitate spaces for providing services to the university community for the creation of institutional or personal web resources within the domains owned by the University of Valencia.
  • 2. When requesting a resource of this nature a domain name can be suggested. Even so, both the assignment of the domain name and its level are the responsibility of the chief communications officer of the University, who has to ensure compliance with the legal system in this area and that those domain names that correspond to bodies, functions or powers of the University of Valencia are reserved.
  • 3. The creation of public institutional web resources shall be authorised by the chief information officer of the University, according to the information security policy in force at the University of Valencia. Management of these sites shall be regulated by the policy and the regulations governing information security at the University of Valencia (ACGOV 13/2014 and ACGOV 227/2014), which adapt to the UV context Royal Decree 3/2010, of 8 January, regulating the National Security Framework (ENS) in the Field of Electronic Administration.
  • 4. The University of Valencia is obliged to establish the necessary conditions of confidence and to ensure the citizens’ rights of access to information through electronic means. For this reason, the University of Valencia must establish procedures to clearly differentiate institutional web resources from those provided for personal use.
  • 5. The University of Valencia is acting in good faith when it offers web spaces and cannot guarantee and shall not be responsible, directly or indirectly, for any claim as regards their quality, reliability or accuracy, nor for the contents of the web sites to which web resources redirect.

Article 29

 

  • 1. The use of web resources must comply with the following rules: 
    • (a) The person responsible of the website must be identified and an electronic contact address must be given so that any user can exercise their right of rectification of data.
    • (b) Laws and fundamental rights must be observed at all times and, in particular, the rights to honour, to personal and family privacy and to self-image and the protection of youth and childhood. Also, the values and principles underpinning the University of Valencia as an institution must be respected.
    • (c) Copyrights and intellectual property rights for webpage editing must be observed, in accordance with current legislation. In particular, editing web pages using software or contents that are copyrighted or protected by intellectual property rights requires express permission from the owner. Freely available resources must be marked as such and indicate the authorship.
    • (d) There must be a link to the clauses, legal notices or policies designed by the University.
    • (e) The web pages used within the framework of institutional activities (teaching, research, management, transfer of knowledge, university or institutional management) must comply with the guidelines, manuals, protocols or regulations established in terms of style and visual identity.
  • 2. In addition, the use of web resources for purposes other than the University’s must comply with the following rules: 
    • (a) Personal sites have to be designed in such a way as not to mislead the viewer about its non-institutional nature. The use of logos or images of the University of Valencia or of any other element that can imply that there is an institutional relation or support to the contents of the site requires the express permission of the chief information officer of the University of Valencia. In addition, once authorised, the style and corporate image must adhere to the guidelines, manuals, protocols and regulations applicable to this case.
    • (b) Hosting institutional sites or resources on blogs, personal sites or personal resources is forbidden, except with the express authorization of the chief information officer of the University of Valencia.
    • (c) In no case can personal web resources be used for gathering personal data, either directly or through invisible processing, or for hosting files containing personal data.
    • (d) Personal sites cannot be used for commercial or advertising purposes of third parties. Thus, they must not contain sound, images or links of this nature not even for information purposes.
    • (e) The use of web-based resources for the preparation of practical assignments of students in a course must clearly state this fact by identifying all pages with the phrase "Practical exercise" and including the subject for which it was created, in a way that is not misleading. In any case, this type of use must be justified on the grounds of the competences defined in the course guide and must guarantee the rights of the student and of any other third party involved. In particular, a preliminary report must be requested from the chief information security officer of the University when these assignments require the publication of data, images or recordings, and especially in those cases involving minors or dependent people. 

 

CHAPTER XI. Using web resources and cloud services not owned by the University of Valencia 
 

Article 30

  • 1. The University of Valencia staff must carry out their activities by using exclusively the ICT resources provided by the University. Using external resources to perform their duties requires the express consent of the University of Valencia Information Security Committee.
  • 2. The members of the University of Valencia who, with the relevant authorisation, use external services for carrying out their tasks within the university context are required to read and understand the legal conditions of such services, and must be aware at all times of the commitments and responsibilities of the service provider, which have to conform with the Spanish regulatory system. In any case, they are solely responsible for their use.
  • 3. Unless specifically authorised by the Committee for the Management and Coordination of Information Security of the University, users are not allowed to host confidential or restricted information owned by the University of Valencia on external servers in the cloud not being offered by the institution, in particular when it involves personal data contained in information systems.
  • 4. The use of cloud computing applications is prohibited for processing data that are subject to a confidentiality clause or containing sensitive data, strategic information for the institution, details of third persons or institutions, and any other information that, in accordance with the Organic Law on the Protection of Personal Data, is liable to fall under specific protocols.
  • 5. Users must ensure that no intellectual or industrial property rights are being transferred to the service provider in any manner.
  • 6. The University of Valencia has no control over the services external to the institution. For this reason, it is not responsible for third-party access to information, nor for the incidents, losses or damage that may occur due to the use of these applications.
  • 7. The University of Valencia can claim for damages caused as a result of the use of external cloud computing applications.

Article 31

  • 1. The creation of web pages, profiles on social networks, blogs and other external web resources acting on behalf of the University of Valencia or using its corporate image requires the prior authorisation of the chief information officer of the University of Valencia and is subject to the following obligations: 
    • (a) The presence of the University of Valencia on external web resources shall be governed by the following principles: 
      • i. Public service.
      • ii. Transparency.
      • iii. Quality.
      • iv. Efficiency in communication management.
      • v. Innovation.
      • vi. Social responsibility.
    • (b) The body, service or unit of the University of Valencia wishing to act in the name and on behalf of the University of Valencia on web resources that are external to the University, such as the so-called social networks, must seek authorisation from the chief information officer of the University of Valencia. To this end, they must submit the request available from the University electronic site.
    • (c) Each institutional profile or site has to be managed by one or more individuals, known as the administrators of the institutional account, designated by the body which created the profile. The administrators of institutional accounts have to stick to the guidelines on usage and style in the social networks of the University of Valencia. In any case, the personal profiles of users who administer institutional profiles must be clearly differentiated.
    • (d) In compliance with the principle of transparency, the University of Valencia keeps public records of the institutional profiles created, which must include: URL, body, administrator and contact details.
    • e) If a body, service or unit of the University of Valencia creates its social network page or profile, its official website must include a link to the social network page or profile, in accordance with university guidelines, manuals, protocols and regulations in terms of its visual identity.
    • (f) The social network page or profile must include information about: 
      • i. Body responsible.
      • ii. Purposes of the page or profile.
      • iii. Official website of the body responsible.
      • iv. Privacy policy.

Article 32

When acting on behalf of the University of Valencia individuals must be respectful of:

  • (a) the right to honour, personal and family privacy and self-image of individuals,
  • (b) the right to the protection of personal data of the persons concerned,
  • (c) the right to the intellectual and industrial property of the University of Valencia or of third parties,
  • (d) the manual of visual identity of the University of Valencia as applicable.

Article 33
The use of external cloud web resources and services in the name or on behalf of the University of Valencia, of its bodies, services or units for purposes unrelated to the specific aims of the University is prohibited.


CHAPTER XII. Consultation


Article 34
When the use of ICT resources according to these regulations involves processing personal data for institutional purposes related to the functions of the University of Valencia – including the completion of academic assignments – in a way that may affect the rights of third parties in terms of their image, intellectual property rights and other related rights, or binds the University to legal obligations, a preliminary binding report must be requested from the University's chief information security officer.


Final provision
These regulations shall enter into force on the day following that of their adoption by the Governing Council of the University of Valencia.


Derogating provision
The entry into force of these regulations repeals the Rules for the Personal Use of the Computer and Telematic Resources of the University of Valencia adopted by the Governing Council on 22 October 2002 (ACGOV 24/2002).

ANNEX. DEFINITIONS

  • •    Accessibility: It refers to the degree to which the design of a computer application makes it usable by people independently of their technical, cognitive or physical abilities. 
  • •    Blog: Web site that allows users to publish information and update it regularly. Inserting, managing and maintaining the contents are the responsibility of the author.
  • •    University of Valencia Information Security Committee: It is the Committee that manages and coordinates information security at the University. Its composition and functions are regulated by the Policy on Information Security in the Use of Electronic Means (ACGOV 13/2014), formulated pursuant to Royal Decree 3/2010, of 8 January, regulating the National Security Framework (ENS) in the Field of Electronic Administration.
  • •    Personally-owned computer equipment: Personally-owned computer equipment are those electronic devices not owned by the University of Valencia or its partially-owned entities which can be connected to these institutions’ networks regardless of the way in which they do so.
  • •    Mailing list: List of e-mail addresses that are associated to each other by a common e-mail address. Therefore, when a message is sent to the common address, this is distributed to the rest of associated addresses.
  • •    Social network profile: Set of data or characteristics that identify a person or institution in a social network.
  • •    Online public discussion resources: These include mailing lists, forums, news groups and any similar service.
  • •    ICT resources: Any computer infrastructure, facility, service or application that support the use of information and communication technologies.
  • •    External web resources: Any web resource not owned by the University of Valencia or by its partially-owned entities.
  • •    Web resources: Electronic documents or information which can be accessed through a web browser: web pages, blogs, social networks, etc.
  • •    Cloud resources and services: Technologies that allow the delivery of computer resources or services over the Internet and on-demand. They provide infrastructure, platforms or software, distributed in a flexible manner through hardware virtualization processes, as a dynamic set of shared resources.
  • •    Chief information officer of the University of Valencia: The general secretary of the University, as set out in the Policy on Information Security in the Use of Electronic Means (ACGOV 13/2014), formulated pursuant to Royal Decree 3/2010, of 8 January, regulating the National Security Framework (ENS) in the Field of Electronic Administration.
  • •    Chief information security officer of the University of Valencia: The director of the Information Systems Service of the University, as set out in the Policy on Information Security in the Use of Electronic Means (ACGOV 13/2014), formulated pursuant to Royal Decree 3/2010, of 8 January, regulating the National Security Framework (ENS) in the Field of Electronic Administration.
  • •    Usability: It refers to the degree to which the design of a computer application allows people to learn it and use it successfully. 
 
This website uses proprietary and third-party cookies for technical purposes, traffic analysis and to facilitate insertion of content in social networks on user request. If you continue to browse, we consider that you are accepting its use. For more information please consult ourcookies policy