Effective from September 2023 onwards
If our service is provided to you by an organisation with which you are affiliated, your use of the service is governed primarily by the policies of that organisation and, in addition, by the respective agreements between Switch and the organisation. The following terms of use for end users are only relevant to you if you obtain Switch edu-ID directly from Switch.
The Switch edu-ID service provides end users with a personal digital identity (edu-ID) that enables access to Switch edu-ID Federation services in Switzerland, and via the Inter-Federation, with other international identity federations. The use of Switch edu-ID is open to all natural persons who are interested in creating an edu-ID account to access Switch edu-ID Federation services.
These Terms of Use for Switch edu-ID (hereinafter: "Terms of Use") apply, unless otherwise stated, to all end users, regardless of whether they belong to an organisation or not, as soon as an edu-ID account is created.
These terms of use do not regulate the use of the services that can be accessed via Switch edu-ID. It is up to the respective service operators to determine the terms under which the end users can use their services.
To use Switch edu-ID, an edu-ID account is required. At least the following data must be provided:
The edu-ID account only can be created by the end users themselves.
If end users already have a digital identity from an organisation that operates a self-managed identity provider (IdP), the edu-ID account can also be derived from this digital identity. This creates a link to the account of the corresponding organisation and the existing attributes are automatically transferred to the edu-ID account.
The edu-ID account may also be linked to one or more digital identities of an organisation and/or to additional identifiers after it has been established. Such linking may be necessary if the edu-ID is used to access certain services that require the identifiers of the linked accounts.
As long as end users have an active affiliation with an organisation, Switch, as the organisation's contractor, is not authorised to delete the edu-ID account. The edu-ID account of all other end users can be deleted at any time via eduid-support@switch.ch.
Deletion of the edu-ID account results in the loss of the rights to use the edu-ID account and the associated functionalities. When the edu-ID account is deleted, all personal data will be deleted. The deleted edu-ID account cannot be restored.
The deletion of the edu-ID account does not automatically lead to the deletion of the data that the service operators process when using the services. Deletion of this data must be requested from the service operators.
Switch endeavours to offer the Switch edu-ID service as uninterruptedly as possible. However, continuous availability or trouble-free operation are not guaranteed to end users.
End users may not create more than one edu-ID account.
End users undertake to cooperate in preventing and cleaning up edu-ID account duplicates. In particular, they must comply with Switch's directives in this regard or respond to Switch's enquiries within a reasonable period of time. In the event that duplicates of edu-ID accounts are created or discovered unintentionally, Switch must be notified via eduid-support@switch.ch.
End users are responsible for ensuring that the personal data they provide (e.g. name, e-mail address, postal address) is correct. They undertake to keep the edu-ID account data up to date. Switch sends regular reminders to the end users (e.g. by e-mail).
End users can check their attributes via eduid.ch, keep them up-to-date, extend and verify them if necessary.
The attributes of the base identity are declared by the end users. Attributes of affiliations are under control of the organisations.
Furthermore, it may happen that attributes of higher quality levels are required for access to certain services. Such attributes are checked in advance in a corresponding process (verification) and stored (e.g. a verified mobile phone number can be stored). Verifications can be carried out by the end users themselves, Switch or an organisation. The quality levels can be seen in the edu-ID account at eduid.ch.
End users undertake to protect their edu-ID account carefully and securely from access by third parties and in particular to keep the means of authentication (e.g. user name, password and other authentication factors) safe. The means of authentication may not be passed on or made accessible to third parties. If misuse of the edu-ID account by third parties is suspected, end users are obliged to inform Switch immediately via eduid-support@switch.ch and to set a new password or Passkey.
End users undertake to comply with the legal system when using the edu-ID account or Switch edu-ID. They bear sole responsibility for all activities emanating from their edu-ID account. The use of the edu-ID account or the Switch edu-ID service for illegal and/or abusive purposes is prohibited.
Switch reserves the right to block edu-ID accounts of end users if they violate the edu-ID terms of use. Switch reserves the right to take further measures.
Duplicates of edu-ID accounts may be merged and/or deleted. This may result in loss of data and restricted access to services. End users will be contacted in advance.
If the edu-ID account of end users has affiliations with one or more organisations of the Switch edu-ID Federation, this organisation or these organisations are responsible for data processing in connection with the edu-ID.
If an edu-ID account is created without affiliation to an organisation or if the affiliation subsequently ceases, Switch is responsible for data processing.
Switch may engage service providers to provide services within the scope of Switch edu-ID.
Personal data of end users is primarily processed to provide the Switch edu-ID service and to detect, analyse, eliminate or prevent ICT security incidents and problems.
In addition, personal data of end users will also be processed, where permitted and deemed appropriate, for the following purposes:
The following categories of personal data may be processed as part of the service:
The personal data processed by Switch originates either directly from the end users or from an organisation with which end users have an affiliation.
Switch may pass on personal data to the following categories of recipients:
These recipients are partly domestic, but can be in any country in the world. Not all of these countries have data protection that is adequate from a Swiss perspective. In such a case, we ensure adequate protection through sufficient contractual guarantees, e.g. through contractual clauses issued or recognised by the competent authorities ("standard contractual clauses"), if the transfer in the individual case is not necessary on the basis of consent, for the performance of the contract, for the establishment, exercise or enforcement of legal claims, for overriding public interests or for your protection.
Services accessed with the edu-ID can also in principle be offered from anywhere in the world. Each time a service is accessed, the service operator can request certain attributes from an IdP of the Switch edu-ID federation. In any case, the consent of the end user is required at least for the first access to a service, so that the attributes are released to the service operator by the IdP.
Your personal attributes such as name, email address or date of birth may be used and shared by service operators exclusively for the following purposes:
Service operators are independent data controllers within the meaning of data protection laws.
Switch shall take all reasonable measures to ensure data security at all times in accordance with the recognised state of the art. In particular, Switch shall take appropriate technical and organisational measures to guarantee the integrity, availability and confidentiality of the information and undertakes to review, evaluate and, if necessary, adapt these measures.
Switch shall be liable to end users without affiliation for direct damage caused by grossly negligent or intentional breach of contract, unless Switch proves that it is not at fault. Liability for slight and medium negligence, also with regard to the activities of auxiliary persons, as well as for indirect damage, consequential damage, savings not made and loss of profit or loss of data is excluded to the extent permitted by law.
Switch is not contractually liable to end users with affiliation to one or more organisations.
Any non-contractual liability of Switch is excluded to the extent permitted by law.
End users may be held liable for any damage caused by the unauthorised use of Switch edu-ID and the edu-ID account with Switch or third parties.
Switch reserves the right to modify or adapt its service and these edu-ID Terms of Use at any time. The end users will be informed of any changes in an appropriate manner, e.g. by e-mail or a note when logging in.
Swiss law is exclusively applicable to the exclusion of private international law and the Vienna Convention on Contracts for the International Sale of Goods.
The exclusive place of jurisdiction is Zurich. Mandatory places of jurisdiction remain reserved.