EFP Terms of Use

1. Purpose

These Terms of Use ("Terms") define the rules and conditions that govern users access to and use (including transmission, processing, and storage of data) of the Services ("EFP Services") of the EuroHPC Federation Platform ("EFP"), as granted by the EuroHPC Joint Undertaking.

The EFP Platform provides a common coordination and access layer intended to facilitate interaction between users, projects, and the computing resources independently operated by each Hosting Entity.

By registering an EFP User Account ("Account") or using any of the EFP Services referred to in these Terms, you (the "User") are agreeing to these Terms. Please read them carefully.

2. Scope

These Terms apply to all Users who access or use the EFP, including authenticated and non-authenticated users where applicable. The use of EFP Services shall be open to Users from the public and private sectors.

The EFP maintains the EFP Services to allow Users to access the EuroHPC JU systems (including quantum accelerators) and execute jobs on the systems, based on the allocated resources made available through the applicable EuroHPC JU processes or other optional processes provided by the relevant Hosting Entities.

These Terms govern only the use of the EFP itself and do not govern the use of computing, storage, or data resources provided by Hosting Entities.

The User can only use any of the EFP Services for the purposes for which they have been granted. The purpose is defined before an Account is opened for the User, based on the EuroHPC JU Access Policy referenced below or other relevant access policies provided by Hosting Entities (e.g. for non-EuroHPC User Projects). Some of the EFP Services are only available to Users whose account is linked to a User Project.

Users are responsible for ensuring that their use of the EFP Services is in compliance with any applicable laws including international law, export restrictions, sanctions and other restrictions, and any applicable regulations and licence terms. The User agrees to adhere to the content of the Export restrictions and sanctions annexed to these Terms.

3. Access policy

Access to EFP Services provided via EFP is in principle available to registered Users from the public and private sectors.

To use some of the EFP Services you must apply for an Account as described on the EFP web pages. EFP reserves the right to reject a User application.

Access to Accounts is controlled by credentials, for example username and passwords.

If available, the email address provided by your organization (e.g. university or company) must be used as your primary contact information. In other case, alternative email providers can be used, but certain federated resources might not be available. EFP maintains a customer register and a customer register information sheet on behalf of the EuroHPC JU, in accordance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and national data protection regulation. The Privacy notice for processing of user data on the EFP Service contains a detailed description.

EFP requires User contact details to notify users about changes to these terms, service interruptions, service information, and other important issues. Users are responsible for keeping their contact details up to date at all times.

4. Acceptable use

The EFP Consortium may modify this Terms by posting a revised version on the EFP. By accessing and/or using the EFP Services, you agree to the latest version of this Terms:

4.1. You shall only use the EFP Services in a manner consistent with the purposes and limitations described in these Terms; you shall show consideration towards other users including by not causing harm to the EFP Services; you have an obligation to collaborate in the resolution of issues arising from your use of the EFP Services.

4.2. You shall only use the EFP Services for lawful purposes and not breach, attempt to breach, nor circumvent legal, administrative or security controls. EFP Services shall not be used:

4.2.1. to threaten, incite, promote, or actively encourage violence, terrorism, or other serious harm;

4.2.2. for any content or activity that promotes child sexual exploitation or abuse;

4.2.3. to violate the security, integrity, or availability of any user, network, computer or communications system, software application, or network or computing device;

4.2.4. to distribute, publish, send, or facilitate the sending of unsolicited mass email or other messages, promotions, advertising, or solicitations (or "spam");

4.2.5. To tamper with or deliberately disrupt system resources or network traffic to the EFP Services.

4.3. You shall respect intellectual property, licences, and confidentiality agreements. You shall not:

4.3.1. Misuse or abuse any EFP or third-party service or property, including intellectual property such as copyright, or act in violation of any licence terms.

4.3.2. Interfere with the use of EFP Services by other users or compromise the privacy or security of other users.

4.4. You shall protect your access credentials (e.g., passwords, private keys or multi-factor tokens), no intentional sharing is permitted. You shall not attempt:

4.4.1. To share your credentials, leave them unprotected for others to see, or neglect any security responsibilities defined in the relevant service description.

4.4.2. To gain unauthorized access to EFP Services, acting to deny others access to EFP Services, or authorizing any third party to access or use the EFP Services on your behalf;

4.4.3. To use the EFP Services to try to gain unauthorized access to any other service, data, account or network by any means.

4.4.4. to breach or circumvent any administrative or security controls.

4.5. You shall keep your registered information correct and up to date.

4.6. You shall promptly report known or suspected security breaches, credential compromise, or misuse to the Security Contact stated below; and report any compromised credentials to the relevant issuing authorities.

4.7. Reliance on the EFP Services shall only be to the extent specified in the EuroHPC Access Policy referenced below or other relevant access policies provided by Hosing Entities (e.g. for non-EuroHPC User Projects).

4.8. Your personal data will be processed in accordance with the Privacy Policy referenced below.

4.9. Your use of the EFP Services may be restricted or suspended, for administrative, operational, or security reasons, without prior notice and without compensation.

4.10. If you violate these rules, you may be liable for the consequences, which may include your account being terminated and a report being made to your home organisation or to law enforcement.

4.11. Users are liable, even after the User Account has been terminated, for damage and costs to EFP:

4.11.1. as a result of violating these Terms.

4.11.2. as a result of violating 3rd party licensing terms.

4.12. You shall comply with restrictive measures and export control measures in place pursuant to Article 215 of the Treaty on the Functioning of the European Union when accessing or authorising the access to the EFP Services.

4.13. You shall acknowledge that information you provide or upload to the EFP Services may be stored outside of the country in which you reside but stays in EU/EEA jurisdiction.

4.14. You shall be responsible for providing the necessary equipment (e.g., internet connection, devices) to access EFP Services. EFP is not liable for any additional costs incurred by users for their connectivity or equipment.

4.15. You shall be responsible for maintaining backup copies of any critical content and data you store within the EFP Services. You should follow best practices for data protection and ensure you are aware of the EFP recovery procedures.

4.16. You shall be responsible for your data transmitted via or possibly stored in the EFP Services, and that it complies with all applicable laws and regulations, data policies, and with the provisions included in these Terms. If the data includes sensitive or confidential information, the User is responsible for making sure that the Service used to handle the data complies with the required security measures, by examining the Service Description documents. The User gives EFP the right to access the data to secure the accessibility, the quality and the security which includes, for example, keeping the information on EFP Services, automated monitoring for intrusion detection, taking backups, copying/moving data, or reproducing faults. At all times, EFP protects the confidentiality of the data as permitted by law. No ownership rights or intellectual property rights of the data are transferred when using the EFP Services, if not otherwise agreed.

4.17. Users are responsible for sharing of their data according to the User Project\'s and their own requirements.

4.18. You shall agree to use the EFP Services in compliance with applicable laws and regulations. Misrepresentation of location or identity to bypass service restrictions is prohibited

5. EFP Access Model

Access to EFP Services:

• Is conditional, not an entitlement

• May depend on authentication method, affiliation, role, or service context

• Does not guarantee access to any Hosting Entity resource

Access to EFP services may be granted to users who:

• Are authenticated through supported identity mechanisms

• Belong to an eligible user category as defined by EuroHPC governance

• Accept these Terms of Use

Authorisation may vary by service and context and may be time limited.

Users may also be required to accept additional terms for using specific EFP service components. Additionally, the Users will be required to accept additional terms and conditions for using the EFP Platform to access a particular Hosting Entity service.

You need a User Project to use some of the EFP Services. Allocation of resources is based on User Projects.

Every User Project has a User who is also the Principal Investigator (PI) of the Project. Project may also have a named co-PI to whom the PI has delegated the same rights as the PI.

• The PI serves as a primary contact person between the project and EFP.

• The PI can add or request EFP to add Users to User Projects and remove them and is responsible for always keeping the list of Project members up to date.

• The PI is responsible for ensuring that the identity of each User added to the User Project is vetted.

A Project is valid for a fixed period of time as communicated in connection with the admission. EFP will notify the members of the User Project before the expiration date of the Project upon which the User's Account may be terminated.

6. Security Monitoring and Data Protection

• The EFP may implement proportionate monitoring and logging for security, operational, and accountability purposes.

• Personal data is processed in accordance with applicable EU data protection‑ law and the EFP Privacy Notice.

• Users acknowledge that federation level incident handling may involve coordination with Hosting Entities, identity providers, or competent authorities.

• EFP may inform other Hosting Entities of any breach to these Terms or the Terms of Use of other Hosting Entities.

Users accessing EFP Services through federated identities (IdPs) acknowledge that their home organization may have control over their account and personal data. The EFP may notify home organizations about the usage and the corresponding personal data associated with such federated accounts, especially in cases of compromised personal data.

The EFP respects user privacy but assumes no liability for any personal data management by third parties associated with federated identities. Users must comply with their home institution IdP's privacy policies and other guidelines.

Upon termination of a user\'s access (whether by the user itself or EFP), access to EFP Services and the associated personal data will be immediately revoked. The EFP will delete or disassociate corresponding data, except where legally required to retain it, stated in the Privacy Notice. Users are advised to maintain regular backups of their user data.

7. Termination of the account

The EFP Account is valid for a fixed period of time, starting from the day when the Account is opened. EFP will notify Users well before the expiration date of the Account.

The right to use EFP Services ends when the original purpose is no longer valid or the User has parted from the User\'s affiliated organization. The PI of the Project makes the decision whether the User can continue the use of EFP Services when affiliated to a new organization. If the User is the PI of the Project, they must contact the party who has made the allocation decision for the Project in order to verify their eligibility.

The User Account and associated data will be handled according to the corresponding service descriptions and their terms of use. EFP will notify the User about their expired Account via the contact information provided by the User before deleting User Content and Account.

The User Account can be terminated or suspended by EFP without notice:

• In the event of any unauthorized use of the EFP Services.

• If EFP has a justified reason to suspect that the EFP Services are > used contrary to these Terms.

• Security incidents or credible security risks

• Misuse of federation services

• Legal or regulatory obligations

Actions may be temporary or permanent and are proportionate to the circumstances. Immediate suspension may occur without prior notice in urgent security situations.

Moreover, Hosting Entities retain full authority over their resources. EFP cannot override Hosting Entities access decisions. Hosting Entities suspensions do not automatically imply federation suspension, and vice versa. However, the EFP may reflect site decisions where required to preserve federation integrity and/or inform other Hosting Entities of any breach to these Terms or the Terms of Use of other Hosting Entities.

You can terminate your User Account by giving notice to the EFP Helpdesk. If no legal requirements are pending, the User Account and associated Content will be deleted (though some information may remain in backups). Please note, this termination is only about the EFP User Account and not about the User Project termination, for which you need to contact either the EuroHPC JU (see EuroHPC User Access Policy in section 12. Related Document and copyright notice) or the relevant Hosting Entities (e.g. for non-EuroHPC User Projects).EFP will retain and use general User information as described in the EFP Privacy Notice.

8. Liability and Disclaimers

The EuroHPC JU and EFP:

• Do not guarantee uninterrupted availability

• Are not responsible for Hosting Entities services or decisions

• Are not liable for damages arising from Hosting Entities resource usage

Use of the EFP Services is at the User's own risk, and EFP is not liable for any loss or injury. This also includes loss or injury caused by possible erroneous results. EFP does not give any warranty or representation as to the availability, error- or interruption-free operation, or suitability for any purposes (general or particular) of the Service. EFP also does not give any warranty that communications to or from the EFP Service is completely secure. EFP expressly disclaims any such express or implied warranties.

However, EFP aims to follow industry best practice service management and security measures.

EFP reserves the right to modify and terminate any EFP Service at any time. EFP may from time to time make changes to any interfaces made available to the EFP Service.

EFP may integrate with or provide access to third-party services and resources as a federated system of systems. The EFP makes no warranties or representations about these third-party services and resources and will not be liable for any issues arising from their use. Users assume all risks associated with their use. Users are responsible for reviewing and agreeing to the terms of service of any third-party services and resources they utilize through the EFP Platform. Third-party terms do not alter this Terms of Use.

9. Policy Enforcement and Modification

These Terms will be enforced by EFP. Any violation of this policy may result in the suspension or termination of user access. EFP reserves the right to audit access logs and user activities to ensure compliance with this Terms.

These Terms may be updated by publishing a revised version via the EFP.

Material changes will be communicated through appropriate channels.

EFP reserves the right to change these Terms from time to time by notifying the User at least two weeks in advance of the amendment becoming effective. If the User continues to use the EFP Services after the stated effective date of the amended Terms, the User is deemed to have accepted the amendment.

9.1. Updates and Changes

Policy Changes: EFP reserves the right to modify these Terms at any time. Users will be notified of significant changes.

Service Updates: EFP may release software updates, including security patches or new features. Users are required to update their software (if needed) to continue using the EFP Services.

Service Modifications: The EFP may decide to modify or discontinue EFP Services or features and functionalities at its discretion. Users may lose access to certain functionalities without prior notice.

10. General

These Terms of Use may be published in several languages. In case of discrepancy the English language version shall prevail.

These Terms are governed by Union law, complemented, where necessary, by the law of Luxembourg.

The courts of Luxembourg will have exclusive jurisdiction to deal with any dispute which may arise out of or in connection with these Terms or the User's use of the EFP Services, unless otherwise has been agreed (in, e.g. an agreement with the User's home organization).

11. Contacts and helpdesk

User experiences issues with the EFP Service, can contact the EFP Helpdesk at: helpdesk@my-eurohpc.eu 

For issues related to the Hosting Entities resources, User's requests will be forwarded to the relevant ticket queues.

Other contacts:

• General enquiries: helpdesk@my-eurohpc.eu

• Security incidents: security@my-eurohpc.eu 

• Privacy matters: helpdesk@my-eurohpc.eu

12. Related Documents and Copyright Notice

• EFP Privacy policy

• EuroHPC JU Access Policy

• Export restrictions and sanctions

The EFP Terms of Use is licensed under CC BY 4.0. The EFP Terms of Use were modified by adding and removing clauses under terms of https://creativecommons.org/licenses/by/4.0/ licence from:

EUROPEAN COMMISSION, DG COMMUNICATIONS NETWORKS, CONTENT AND TECHNOLOGY, European Open Science Cloud - EU Node, EOSC EU Node Acceptable Use Policy Version 2.0. https://open-science-cloud.ec.europa.eu/support/acceptable-use-policy

13. Definitions

EFP Platform Owner / EuroHPC JU The European High Performance Computing Joint Undertaking, 12E rue Guillaume Kroll L-1882 Luxembourg.

EFP Consortium (also the EFP Service Provider) The EFP Consortium consists of the following legal entities:

• CSC IT Center for Science Ltd, Keilaranta 14 02101 Espoo, Finland (Consortium leader)
• GÉANT Vereniging, Hoekenrode 3 1102BR Amsterdam, The Netherlands
• VSB – Technical University of Ostrava, 17. listopadu 2172/15, 708 00 Ostrava-Poruba, Czech Republic
• University of Tartu, Ülikooli 18, 50090 Tartu, Estonia
• Universiteit Gent, Sint-Pietersnieuwstraat 25, 9000 Gent, Belgium
• NORDUnet A/S, Kastruplundgade 22,1, 2770 Kastrup, Denmark

EFP or EFP Platform An enabling infrastructure federation solution consisting of configurations, services and software components owned by EuroHPC JU, developed and managed by the EFP Consortium.

EFP Services Services operated centrally by the EFP, excluding Hosting Entities-level resources.

Hosting Entity Legal entity established in a participating state to the EuroHPC JU that is a Member State with facilities to host and operate a EuroHPC JU supercomputer.

Terms of Use (ToU) These Terms of Use towards the Users, including necessary data processing documentation, drafted jointly by the EuroHPC JU and the EFP Consortium.

User (also End User) A natural person accessing the EFP, such as academic users, users from the public sector, and industrial users.

User Project A logical grouping of Users and allocated resources, where group-membership grants access to the associated resources.