Home | deutsch  | Legals | Data Protection | Sitemap | bwSync&Share

If you have any questions, please contact your institution's local support team.

Deprovisioning - What happens after the end of use?

Regulation on the handling of data in bwSync&Share after end of use

The procedure for the retrieval of stored data from users after the end of service use is specified within deprovisioning regulation for the bwSync&Share service. This concerns the data in the storage quotas available to employees and students of universities and colleges in Baden-Württemberg and the participating members of the DFN-Verein.

Guests do not have their own storage quota. Folders to which guests are invited fall within the scope of the deprovisioning regulations of the respective owners of folders. The deprovisioning of user data (user account/password/authorizations) of guests is described at the end of this article: Deprovisioning Guests 

Starting situation

A storage quota is made available under the following conditions:

  1. An active user account exists in the local user administration.
  2.  The local user account has the right (entitlement) to use bwSync&Share
  3. The user has registered for the service (on https://bwidm.scc.kit.edu).


The criteria are verified by bwIDM Identity Management.

Within the user administration of bwSync&Share, a separate account is maintained to which the storage quota is assigned. The folders and data of the account as well as the invitations, i. e. granted access rights to the folders, are managed here.


If there is no longer a valid registration the deprovisioning of accounts and data within the bwSync&Share service will be started. A deregistration can be triggered by different actions:

a) The user account is no longer active in the local user administration of the home institution. The deregistration is done automatically.

b) The local user account has lost the right (entitlement) to use bwSync&Share. The deregistration is done automatically.

c) The user has canceled the service himself/herself on the registration page (https://bwidm.scc.kit.edu).

The bwSync&Share user account is deregistered and therefore it is no longer possible to log in to the service. Any discrepancies concerning the local user account must be resolved with the support unit of the home institution. If the user account is reactivated or the Entitlement issued again, the user can log on to the service again. If he/she has unsubscribed from the Service, he/she may do so by registering again.

Two months after deregistration, an information e-mail is sent to the e-mail address of the bwSync&Share user account. The account holders are asked to cancel the deprovisioning, if desired and if possible, by logging in. If necessary, the reason for deregistration can be fixed by the local support unit (see above).

Three months after deregistration, the storage quota and the data it contains is moved to a separate area within the system. All other users invited to the folders and files of the storage quota will continue to see the corresponding folder or file and these users can continue to synchronize and edit the data if they have the permission to do so.
In the shared folders of deprovisioned users, a file named "___Attention_OWNERDISABLED.md" is placed as a flag, informing the users that the bwSync&Share account of the owner of this folder has been deactivated and that the data will be permanently deleted shortly.

Resumption of use

If the reason for the deregistration is withdrawn later than three months, the data must be returned. The folders and data created before deprovisioning are no longer displayed. The feedback is initiated by a ticket in the bwSupport portal of the local support unit (1st level support) and executed by the 2nd level support in bwSync&Share. Access authorisations for other users must be reset once the data has been restored (renewed invitation).

Retrieval of data after deprovisioning

If access to bwSync&Share can no longer be granted (e. g. termination of employment) and if the stored data has not been saved locally in time, it can be transferred to the user. This is possible up to 360 days after deprovisioning.

The data will only be made available to the original owner. The local support unit (1st level support) accepts inquiries and ensures authentication, e. g. by presentation of an identification document, signed e-mail, etc. Via the bwSupport portal, a ticket with the user data and a user's e-mail address goes to the 2nd level support. From there the owner receives a mail with a download link.

Final deletion of data

360 days after deprovisioning both the user account in bwSync&Share and the associated folders and data are irrevocably deleted.


If you have folders in your storage quota that are used by a workgroup, transfer the folder in time to another member of the folder (bwSync&Share Web interface – Manage Members - "Crown" icon "Make Owner"). The new owner must agree to the transfer.

Deprovisioning Guests

Guests store in the Shibboleth user account quota to which they have been invited. The data stored there belongs to the quota holder. The deprovisioning of guest data concerns the corresponding user account with login name (e-mail address), password and access rights to invited folders.

One year after the last login, the stored e-mail address will be contacted and asked to log in again. If this does not happen, the account and access permissions will be deleted one month after notification.

If the mail address is invited again, this is the same as the first creation and registration must be carried out.