Internet access for guests at the University of Zurich – Terms of use

1. Subject-matter and scope

¹ These terms of use of the University Zurich (hereinafter "UZH") govern the rights and duties in connection with guest access of the internet at UZH.

² UZH provides its guests with internet access subject to the following terms:

2. Access

¹ UZH provides its guests who bring along their own wi-fi-capable devices with internet access free of charge at certain locations, to the extent its technical, operational and financial resources permit. However, guests have no right to internet access.

² UZH may engage third parties as subcontractors at any time for purposes of providing its services.

³ UZH does not warrant any particular quality, functionality or trouble-free operations in respect of the transmission of data.

⁴ Internet access does not grant the guests access to UZH's internal network.

3. The guests' duties and prohibited actions

¹ Prior to using guest internet access, the user must register and accept these terms of use. In order to use the guest internet access, the guest must register his/her device. A guest may register multiple devices for use on the network. The system requires the guest to enter his/her mobile telephone number. The MAC address of the device utilized is automatically assigned to the mobile telephone number provided. Registration must always be renewed after six months. UZH reserves the right to require individual or all guests to re-register at any time.

² The guest shall use up-to-date software (particularly an antivirus program) to ensure that the devices he/she uses and the software on them are free of malware so far as technically possible.

³ The guest shall use UZH's guest internet access in a proper and lawful manner.

⁴ The guest is expressly prohibited from improperly using UZH's guest internet access, permitting it to be used improperly or using it to commit unlawful or criminal acts. The guest is directly responsible for the content he/she enters, distributes or retrieves via UZH's guest internet access. When using the guest internet access, the guest is also prohibited from engaging in any acts that violate applicable law or regulations and/or infringe on the rights of any third party. In particular, the following types of acts are prohibited:

• Uploading, distributing, offering or advertising content or images that are pornographic or racist or promote violence;
• Uploading, distributing, offering or advertising content or images that violate data protection law and/or other laws and/or include fraudulent content, products or services;
• Publishing or making available content that insults or defames any third party;
• Using, providing and/or distributing content, products and/or services that are subject to third- party rights (in particular, trademark rights, copyrights, design rights and patent rights), as well as anticompetitive conduct, in particular providing and/or replicating copyrighted works or other copyright-infringing activities, as well as aiding and abetting the same;
• Sending junk emails or bulk emails (spam);
• Distributing viruses, trojans, spyware and other harmful programs or files (malware);
• Registering his/her own mobile phone number on behalf of third parties;
• Sharing the guest internet access with third parties (e.g. by locally connecting multiple devices).

4. Blocking internet access

¹ UZH has the right to block access to the network at any time, either temporarily or permanently, if there is evidence that a Guest has violated or may violate these Terms of Use and/or applicable law or regulations.

^{2 In case of excessive use by a guest, UZH can limit the bandwidth for that guest or fully exclude him/her from use of guest internet access.}

5. The guest's liability

¹ The guest is directly liable for all actions he/or she takes regarding the use of the network. The guest uses the internet access at his/her own risk.

² The guest shall indemnify and hold UZH and its subcontractors harmless against all claims asserted by third parties against UZH for any violation by the guest of applicable law, third-party rights and/or contractual duties. The foregoing also includes the costs of any legal representation that may prove necessary.

³ The guest has a duty to cooperate in investigating the facts of the case.

6. Privacy policy

¹ To provide guests with free internet access, UZH collects and stores the following data on the end user when he/she registers to use the network:

• Mobile phone number
• MAC and IP address of the device
• Browser data: Type of browser, operating system and language
• Time of registration
• Time of last login.

² During the guest's use of the network, UZH also collects and stores the following metadata:

• Host name (name of the device)
• Manufacturer of the device
• Utilized wi-fi access point
• Wireless channel, quality of the wi-fi connection and neighbouring wi-fi access points
• Connection time (how long the connection is active)
• Source IP address and port of the IP connections
• Target IP address and port of the IP connections
• Service used (e.g. SSL, CIFS, YouTube, Dropbox, Google services, etc.)
• IP connection set-up and termination times
• Volume of data transferred via the IP connections.

³ This data is stored and processed for the following purposes:

• Providing the service
• Troubleshooting
• Detecting misuse
• Facilitating identification in case of misuse
• Storage of metadata in accordance with the applicable regulations.

⁴ The registration and metadata are stored in the systems of the Information Technology of UZH in Switzerland for a period of six months from the end of use.

⁵ Personal data are only disclosed to third parties (e.g. other government agencies) if this is required by mandatory law (e.g. requests of public authorities, court orders) or for purposes of legal action or prosecution (e.g. in case of misuse). Data are not disclosed to third parties for any other reason.

⁶ Nevertheless, UZH may engage third parties as subcontractors to further process the collected data for the aforementioned purposes. UZH and the subcontractors shall take the appropriate legal, technical and organisational measures to ensure compliance with the relevant provisions of data protection law.

⁷ The Department of Data Protection is responsible for inquiries from guests regarding information about the personal data collected or any correction, destruction or blocking of these data. Such inquiries must be sent in writing to the following address:

University of Zurich
Department of Data Protection
Hirschengraben 56
CH-8001 Zurich

7. Security

¹ The guest uses the guest internet access on his/her own responsibility. The guest is solely responsible for the security of his/her device.

² Registration and login on the guest portal takes place via a data connection adequately encrypted in accordance with the latest technical standards (HTTPS). Post-login data traffic generated between the guest's device and the access point (and the endpoint of the connection, too) will be transmitted in unencrypted form depending on the type of application protocol utilised (HTTP instead of HTTPS for websites, IMAP instead of IMAPS for e-mail reception, etc.). Therefore, data may potentially be viewed by third parties on the pathway between the device and the endpoint of the established connection. The data transmission can only be further secured by utilising special security software (typically through a VPN) that the guest himself/herself must run. UZH cannot guarantee that the use of the guest internet access is secure such that third parties are unable to access data of the guest that the latter has stored on his/her device or transferred when using the guest internet access. The guest is responsible for ensuring such security as he or she deems necessary.

8. Liability and limitation of liability of UZH

¹ UZH provides guest internet access solely via wi-fi network. UZH has taken technical and organisational security measures in accordance with the latest technical standards to secure its network against unauthorised use.

² UZH and its subcontractors disclaim any and all liability unless otherwise prohibited by law.

³ In particular, UZH disclaims any liability for the continuous operation of the guest internet access and for uninterrupted or fault-free functioning of the internet services. Furthermore, UZH assumes no liability for damage to the guest's hardware or software, for any loss of data or other damage attributable to the use of the guest internet access. UZH assumes no liability for the content transmitted via internet services, including but not limited to websites accessed or files downloaded via the internet services. Furthermore, UZH assumes no liability if a third party, without authorisation, becomes aware of, stores or modifies the guest's data transferred via the wi-fi network.

9. Amendment of the terms of use

The current version of the terms of use, as amended from time to time and downloadable by guests upon registration, shall apply. If the terms of use are updated, the guest shall be logged out of all registered devices automatically. To continue using the guest internet access, the guest must re- register and accept the new terms of use. UZH reserves the right to amend the terms of use at any time.

10. Severability clause

If any individual provisions of these terms of use should prove invalid or unlawful, this shall not affect the validity of the remaining provisions hereof. In such case, the relevant term shall be deemed replaced by a valid term that, from a commercial perspective, is as nearly equivalent as possible to the replaced term. In case of ambiguities or mistranslations, the terms of use in German shall prevail in all cases.

11. Jurisdiction and venue

Jurisdiction and venue shall lie with the courts of Zurich, Switzerland.

12. Applicable law

The contractual relationship is governed solely by Swiss law.