privacy policy

Choose language
Service name


Service description

SCARR is a flexible secure remote vulnerability scanning service for GARR APMs, it provides detailed information about identified issues in user network assets, also suggesting remediation.

DPO and contacts

Consortium GARR, info @


IT, Italy

Handled personal data

For authenticated users, the following data is transmitted from the user's membership organization:

ePPN (required) to access the service,

mail (required) to receive notifications from the system,

surname (required) of the end user logged into the system

givenName (required) of the end user logged into the system,

Personal data management scope

The personal data of authenticated users is used to determine the read and write permission of each page. For those who have permission to write, personal data is used to identify users (who made changes and to which pages). The email field is used to notify users about progresses of their scan jobs.

Third-parties to whom data can be communicated

Log data will not be released to third parties, except to comply with legal obligations.

How to verify, correct and delete your personal data

To rectify the data released by your organization, contact your organization's IT support. For more information, contact idem-help

Data retention

Personal data is deleted at user request.

Data Protection Code of Conduct

Your personal data will be protected in accordance with the Service Provider Code of Conduct,a common standard for the research and education sector to protect your privacy.