Terms of Use

Regulations for Use of IT Facilities

Version as of February 17, 2020

PDF Download

1 Scope of these regulations

1. The following Regulations for Use contain general rules for the use of IT facilities at the MPI for the Physics of Complex Systems (hereinafter referred to as institute or MPI). IT facilities include data processing equipment, communication systems and other facilities for computer-aided data processing, along with the attendant software.
2. These Regulations for Use also cover the use of privately-owned computing equipment officially approved for work purposes, as well as the use of MPI-owned computing equipment outside of the MPI.
3. All users of the IT facilities – irrespective of the nature of their legal relationship with the MPG – must comply with these Regulations for Use.
4. To the extent that legal provisions and/or (central) works agreements lay down compulsory regulations governing rights or obligations for MPG employees that diverge from these Regulations for Use, such legal provisions and works agreements shall take precedence.
5. Legally binding is only the German version of the Regulations for Use of IT Facilities.

2 User authorisation

1. Users have the right to use the IT facilities under the terms of the user authorisation granted to them in writing and in accordance with these Regulations for Use. The private use of the IT facilities is permitted if it is in compliance with these Regulations for Use and with the licensing agreements of the software used.
2. Members of the institute (both employees of the MPG and scholarship holders) will receive authorisation for use of the IT facilities upon application. External users may be granted full or restricted access to the IT facilities of the institute if there is a scientific cooperation between the external user and the institute. In these cases, written permission is required from one of the directors confirming the scientific cooperation. Users shall confirm the receipt of these Regulations for Use.
3. User authorisation may be granted for a limited period of time or restricted to a specific purpose. It can be denied, particularly when the user has violated his/her obligations under these regulations in the past, or if there are reasonable grounds for suspecting that the user will commit a future violation.
4. If a user breaches any of these terms or conditions, his/her user authorisation may be permanently withdrawn or temporarily suspended, or subsequently restricted. The relevant decision will be made by the Managing Director of the Institute. The users affected should be given the opportunity to state their own position prior to the withdrawal of the user authorisation, provided the ultimate purpose is not jeopardized as a result.

3 User Obligations

1. Users shall refrain from any unlawful usage. Moreover, they shall refrain from any user conduct that may be detrimental to the MPG and/or harm the MPG’s interests or its reputation in public.
2. In particular, users are obliged
   1. to comply with the provisions set forth in the Regulations for Use and adhere to the restrictions of the user authorisation;
   2. refrain from any action that is detrimental to the orderly operation of the IT facilities of the MPI;
   3. to treat the IT facilities carefully;
   4. to work solely with the user authentification assigned to them under the terms of the authorisation;
   5. to observe the MPG rules for the use of passwords;
   6. to comply with the statutory/contractual regulations for the protection of third party rights when using software, documentation and other data;
   7. to refrain from any attempts to rectify faults or damages in relation to the IT facilities, but to report the same without delay to the IT department’s staff;
   8. to refrain, without the express consent of the IT department, from interfering with the hardware installed by the IT department and from changing the configuration of operating systems, system files, system-related user files and the network;
   9. to refrain from installing and/or using any hardware or software without the IT department’s express consent;
   10. not to provide MPI-owned hardware and/or software to any third party for use;
   11. to only use electric devices which are in proper condition and approved for operation in Germany, which applies in particular to power supplies and cables;
   12. to return to the MPI, prior to termination of the user authorisation, all data, programmes and documentation which the MPI handed over to the user, or to which the MPI has some other contractual or legal claim in an appropriate form. Unless expressly agreed otherwise, the user shall not be permitted to retain copies of data or programmes following termination of the user authorisation.

It is not permitted to use your own travel adapter in the institute or the guest houses!

4 Rights and obligations of the IT department

1. The IT department of the MPI shall document, in suitable form, the user authorisations granted.
2. Upon termination of the user authorisation, the IT department shall be authorized to deactivate and delete all of the user’s data and programmes provided that such data will be of no further use to the institute.
3. Following termination of the user authorisation, incoming emails shall be forwarded to an email address specified in writing by the user for the period of one year. If the user fails to specify any address, or upon termination of the one year period, incoming emails will be rejected.
4. If so required for trouble shooting, reasons of system administration and security, as well as for the protection of user data, the IT department may temporarily restrict use of its resources or temporarily block individual user identifications. Wherever possible, the users affected are to be notified in advance of any such actions.
5. According to the following rules, the IT department shall be authorized to document and evaluate the individual’s usage of the IT facilities, however only insofar as this is necessary
   1. to ensure orderly system operation or
   2. for resource planning and system administration
   3. to protect the personal data of other users or
   4. to account for expenses or
   5. to detect and eliminate faults
6. Where there are reasonable grounds to suspect that a user is using the IT facilities in breachof the regulations as set forth under 3.1, the IT department may prevent any further use until the legal implications have been sufficiently clarified.
7. Subject to the conditions set out in paragraph 6, the IT department shall also be authorized, with the involvement of the works council, to inspect user files, provided this is required to correct current faults, or to clarify and prevent any form of misuse.
8. The contents of individual users’ emails or internet files may only be inspected, with the involvement of the works council, where there is probable cause to suspect a relevant misuse. The logged data and/or contents will only be evaluated for the purposes of clarifying the suspicion in compliance with the legal options. The individuals affected must be notified of the inspection of their logged data and/or contents as well as of the results ofthe investigations as soon as this is possible without jeopardizing the investigation. The March 2014 version of the “Works Council Email and Internet Regulations” shall apply in these cases.
9. The IT department shall be authorised to adopt regular measures to review the security of user passwords and user data, and to carry out necessary protection measures in order to safeguard IT resources and user data against unauthorized access by third parties. Should user-specific protection measures become necessary, the user is to be notified immediately.
10. The IT department is obliged to safeguard telecommunications and data secrecy in accordance with the relevant legal provisions

5 User liability

1. he liability and indemnity obligations of users who are in the employ of the MPG are subject to the general liability regulations agreed by contract of employment and to the general liability principles under labour law. Paragraphs 2 to 4 below shall apply for users who are not in the employ of the MPG.
2. sers are responsible for all damages and liability arising through improper or unlawful use of the IT facilities or owing to the users’ culpable infringement of their obligations under these Regulations for Use.
3. Users are liable for damages arising from third-party use in connection with the privileges of access and use granted to them if they are accountable for such third-party use.
4. Users shall indemnify the MPG from all claims asserted by third parties arising from the users’ culpable infringement of their obligations under these Regulations for Use.

6 Liability of the MPI

1. The MPI provides no guarantee that the IT facilities will operate faultlessly at all times. Neither a possible loss of data due to system failures, nor the acquisition of confidential data through unauthorized third-party access can be ruled out.
2. The MPI shall assume no responsibility for the accuracy of the programmes it provides. The MPI shall not be liable for the contents, in particular the accuracy, completeness and up-to-datedness, of the information to which it merely provides user access.
3. In all other respects, the MPI shall be liable only for gross negligence or intent.