Version 1.1 / 17.12.2019
1. Subject-matter and scope
2 UZH provides its guests with internet access subject to the following terms:
1 UZH provides its guests who bring along their own wi-fi-capable devices with internet access free of charge at certain locations, to the extent its technical, operational and financial resources permit. However, guests have no right to internet access.
2 UZH may engage third parties as subcontractors at any time for purposes of providing its services.
3 UZH does not warrant any particular quality, functionality or trouble-free operations in respect of the transmission of data.
4 Internet access does not grant the guests access to UZH's internal network.
3. The guests' duties and prohibited actions
2 The guest shall use up-to-date software (particularly an antivirus program) to ensure that the devices he/she uses and the software on them are free of malware so far as technically possible.
3 The guest shall use UZH's guest internet access in a proper and lawful manner.
4 The guest is expressly prohibited from improperly using UZH's guest internet access, permitting it to be used improperly or using it to commit unlawful or criminal acts. The guest is directly responsible for the content he/she enters, distributes or retrieves via UZH's guest internet access. When using the guest internet access, the guest is also prohibited from engaging in any acts that violate applicable law or regulations and/or infringe on the rights of any third party. In particular, the following types of acts are prohibited:
- Uploading, distributing, offering or advertising content or images that are pornographic or racist or promote violence;
- Uploading, distributing, offering or advertising content or images that violate data protection law and/or other laws and/or include fraudulent content, products or services;
- Publishing or making available content that insults or defames any third party;
- Using, providing and/or distributing content, products and/or services that are subject to third- party rights (in particular, trademark rights, copyrights, design rights and patent rights), as well as anticompetitive conduct, in particular providing and/or replicating copyrighted works or other copyright-infringing activities, as well as aiding and abetting the same;
- Sending junk emails or bulk emails (spam);
- Distributing viruses, trojans, spyware and other harmful programs or files (malware);
- Registering his/her own mobile phone number on behalf of third parties;
- Sharing the guest internet access with third parties (e.g. by locally connecting multiple devices).
4. Blocking internet access
2 In case of excessive use by a guest, UZH can limit the bandwidth for that guest or fully exclude him/her from use of guest internet access.
5. The guest's liability
1 The guest is directly liable for all actions he/or she takes regarding the use of the network. The guest uses the internet access at his/her own risk.
2 The guest shall indemnify and hold UZH and its subcontractors harmless against all claims asserted by third parties against UZH for any violation by the guest of applicable law, third-party rights and/or contractual duties. The foregoing also includes the costs of any legal representation that may prove necessary.
3 The guest has a duty to cooperate in investigating the facts of the case.
1 To provide guests with free internet access, UZH collects and stores the following data on the end user when he/she registers to use the network:
- Mobile phone number
- MAC and IP address of the device
- Browser data: Type of browser, operating system and language
- Time of registration
- Time of last login.
2 During the guest's use of the network, UZH also collects and stores the following metadata:
- Host name (name of the device)
- Manufacturer of the device
- Utilized wi-fi access point
- Wireless channel, quality of the wi-fi connection and neighbouring wi-fi access points
- Connection time (how long the connection is active)
- Source IP address and port of the IP connections
- Target IP address and port of the IP connections
- Service used (e.g. SSL, CIFS, YouTube, Dropbox, Google services, etc.)
- IP connection set-up and termination times
- Volume of data transferred via the IP connections.
3 This data is stored and processed for the following purposes:
- Providing the service
- Detecting misuse
- Facilitating identification in case of misuse
- Storage of metadata in accordance with the applicable regulations.
4 The registration and metadata are stored in the systems of the Information Technology of UZH in Switzerland for a period of six months from the end of use.
5 Personal data are only disclosed to third parties (e.g. other government agencies) if this is required by mandatory law (e.g. requests of public authorities, court orders) or for purposes of legal action or prosecution (e.g. in case of misuse). Data are not disclosed to third parties for any other reason.
6 Nevertheless, UZH may engage third parties as subcontractors to further process the collected data for the aforementioned purposes. UZH and the subcontractors shall take the appropriate legal, technical and organisational measures to ensure compliance with the relevant provisions of data protection law.
7 The Department of Data Protection is responsible for inquiries from guests regarding information about the personal data collected or any correction, destruction or blocking of these data. Such inquiries must be sent in writing to the following address:
University of Zurich
Department of Data Protection
1 The guest uses the guest internet access on his/her own responsibility. The guest is solely responsible for the security of his/her device.
2 Registration and login on the guest portal takes place via a data connection adequately encrypted in accordance with the latest technical standards (HTTPS). Post-login data traffic generated between the guest's device and the access point (and the endpoint of the connection, too) will be transmitted in unencrypted form depending on the type of application protocol utilised (HTTP instead of HTTPS for websites, IMAP instead of IMAPS for e-mail reception, etc.). Therefore, data may potentially be viewed by third parties on the pathway between the device and the endpoint of the established connection. The data transmission can only be further secured by utilising special security software (typically through a VPN) that the guest himself/herself must run. UZH cannot guarantee that the use of the guest internet access is secure such that third parties are unable to access data of the guest that the latter has stored on his/her device or transferred when using the guest internet access. The guest is responsible for ensuring such security as he or she deems necessary.
8. Liability and limitation of liability of UZH
1 UZH provides guest internet access solely via wi-fi network. UZH has taken technical and organisational security measures in accordance with the latest technical standards to secure its network against unauthorised use.
2 UZH and its subcontractors disclaim any and all liability unless otherwise prohibited by law.
3 In particular, UZH disclaims any liability for the continuous operation of the guest internet access and for uninterrupted or fault-free functioning of the internet services. Furthermore, UZH assumes no liability for damage to the guest's hardware or software, for any loss of data or other damage attributable to the use of the guest internet access. UZH assumes no liability for the content transmitted via internet services, including but not limited to websites accessed or files downloaded via the internet services. Furthermore, UZH assumes no liability if a third party, without authorisation, becomes aware of, stores or modifies the guest's data transferred via the wi-fi network.
10. Severability clause
11. Jurisdiction and venue
Jurisdiction and venue shall lie with the courts of Zurich, Switzerland.
12. Applicable law
The contractual relationship is governed solely by Swiss law.