Please enter your email address with which you are logged in and we will send you a password recovery link.
We will use and store the e-mail address to register on our website for the purpose of using the 1KA username and we will carefully protect it according to the regulations.
To activate your new password, please enter the data provided in e-mail you received.
If you still have problems finding our confirmation e-mail, you can contact us by e-mail email@example.com.
You won't be able to login into this webpage until you confirm your registration through e-mail!
1KA is an application that requires a server to operate. When installing 1KA on PCs (1KA offline), 1KA uses one of the free servers (UWAMP), which is a well-known and very well-documented application. The 1KA installation is also well tested on this server, but problems may arise solely from additional security configurations that the user may have. This should then be addressed further (maybe in collaboration with the 1KA Help Centre). If users have some very advanced or specific security configurations and requirements, instead of UWAMP, we recommend installing a classic 1KA, where the user must, of course, take care of the entire server layout and configuration.
1KA installations installed on the servers of the University of Ljubljana are properly taken care of. More information on technical and other measures for survey editors is available here https://www.1ka.si/d/en/gdpr. Advanced users can optionally sign a more or less customized data processing agreement (DPA) if they wish. The DPA is available in the 'My Surveys' directory, where all users have the 'GDPR' tab available, with a PDF version (LINK)
Of course, for your own installations, any additional server adjustments must be made by the user.
The 1KA application allows complete traceability of all interventions in the 1KA application itself (e.g. who and when viewed the data, who and when modified it in the questionnaire or in the data, etc.). All of its installations also track the traceability of server-side interventions using the Linux Audit Daemon system installed on the server. It is configured to record, inter alia:
Log data is securely and encrypted additively transmitted to a secondary server in another location (VPN, rSync via SSH) - deleting server files or their contents is not transmitted to another server.
The log files on the primary server are deleted daily, and on the secondary server, they are packaged daily in encrypted archives and kept for 30 days for security purposes.
In its own installations, traceability is the responsibility of the installer. In principle (and more theoretically, but practically this is very difficult), log-based changes can be made to track all changes and interventions in a specific 1KA survey, even if it was deleted in 1KA. However, a special "audit daemon" for server interventions is not installed on off-line 1KA and should be edited by the user if desired. You should know that the entire off-line installation of 1KA is only temporary, since after the survey is completed the data is exported and therefore it is the responsibility of the user to remove the entire installation afterward, thus removing all traces. The above applies to server-level audit trail (access to MySQL database, access to the server, etc.), depending on the server or the computer on which the application is located and not from the application itself. This must be provided by the user of his own installation or offline 1KA.
The audit trail at the application level itself (questionnaire changes, viewing and changing answers) is part of the application and works the same with offline versions.
Personal Data Controller - Registered users of the application who create and perform the online survey. As users process data on their own behalf, they are the controllers of personal data.
Organization - an FSD organization that acts as a contractor in relation to its managers. This allows managers to use 1ka and store information on servers.
Respondent - Individuals who solve a survey prepared and produced by a personal data controller.
In his user profile, each manager has access to data from solved surveys that he has created through his profile. This information may also be accessed by any other registered user to whom the operator grants the rights. The user accounts are stored permanently on a server in Slovenia, along with the controller’s surveys. The organization acts as a contracted processor and does not use data collected through 1KA for its own purposes. For controllers, the organization stores data on third-party servers and provides them with a tool for conducting surveys.
Data from application 1KA is stored on the server of the contracted processor of the organization (Akson Ltd.) in Slovenia.
Akson d.o.o. has hardware that stores data subject of 1KA, installed in data centers of Post of Slovenia, which this company markets under the PosITa brand. The 1KA user agrees that the 1KA service may contract with the hosting subcontractors and other subcontractors that support the functionality of the 1KA service. The relevant contract (between 1KA and the sub-processor) and the associated GDPR attachment may be annexed to the 1KA user at the explicit request.
Daily backups of system events (log-ins) are saved. Log data is securely and encrypted additively transmitted to a secondary server in another location (VPN, rSync via SSH) - deleting server files or their contents is not transmitted to another server.
The log files on the primary server are deleted daily, and on the secondary server, they are packaged daily in encrypted archives and kept for 30 days for security purposes. Monthly backups are stored at the DRC location for 6 months.
Within the backup system, the system administrator opens the file to locate the appropriate respondent whose personal data is deleted. The file is modified and packed back to the archive as requested. Care must be taken not to damage the integrity of the backup. In the case of an individual's request for the deletion of personal or survey data, in principle, the deletion shall be carried out only in the primary source. A log is kept for backups for any subsequent procedures into backups. It records who and when interfered with the backup. Backup deletions are, in principle, only possible if a specific backup is restored. The responsible person in charge of a particular survey must, therefore, re-erase the restored backup copy.