Add notes on unmaintained group accounts

SRCF · Oct 2, 2023 · a5bff8b · a5bff8b
1 parent c501121
commit a5bff8b
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 9 deletions.
diff --git a/content/reference/common-requests.md b/content/reference/common-requests.md
@@ -53,6 +53,9 @@ unsure how to reach the site's owners.
 
 ## Gain access to an existing group account
 
+[Read more about group admins and unmaintained
+accounts]({{< relref "group-accounts/administrators" >}})
+
 As a prospective admin seeking access to manage a group account, you
 should first contact its existing admins and request access from them.
 See the answer above for how to identify the short name of the account.
@@ -66,9 +69,7 @@ transfer ownership as needed.
 
 Group accounts are considered *unmaintained* if they have no active
 admins remaining. Accounts in this state will display an *Unmaintained
-group website* page if you visit their SRCF-hosted website. You'll need
-to contact the sysadmins in the first instance to recover such an
-account.
+group website* page if you visit their SRCF-hosted website.
 
 ## Grant group admin access to someone else
 

diff --git a/content/reference/group-accounts/administrators.md b/content/reference/group-accounts/administrators.md
@@ -9,14 +9,54 @@ Each group account has a list of *admins*: SRCF users who manage the
 account and its services. This includes access to the account in the
 control panel, permissions to edit files inside
 `/societies/<groupname>`, and receiving administrative email sent to
-`<groupname>-admins@srcf.net`. This list may also be used by an
-account's website to limit page access to current admins.
+`<groupname>-admins@srcf.net`.  It may also be used by an account's
+website to limit page access to current admins.
+
+This list is the canonical definition of who is responsible for a group
+account, and is independent of any committees or roles in a University
+club or society that a group account on the SRCF may happen to
+represent.
+
+## Handover
 
 We recommend that you keep your own handover documentation, covering
 what services and software a group account is using.
 
+It is the responsibility of SRCF group account admins to keep their list
+of admins up-to-date, meaning both the appointment of their successors,
+and the removal of predecessors that should no longer have access.
+
+SRCF system administrators will not process requests from users wishing
+to gain access to a group account, instead directing them to the
+account's current admins to make their request.
+
+## Unmaintained group accounts
+
+In order to maintain continuity of group accounts, we recommend keeping
+at least two admins at all times.
+
 When a group account admin leaves the University without taking steps to
-retain access to their SRCF account, they may be dropped from the list
-of admins. A group with no admins is considered *unmaintained*, at which
-point some services will be suspended. To maintain continuity of group
-accounts, we recommend keeping at least two admins at all times.
+retain access to their SRCF account (which includes emails to their
+membership address bouncing, or otherwise not responding to emails from
+the system administrators), they may be dropped from the list of
+admins, and their account suspended.[^1]
+
+A group with no admins is considered *unmaintained*, at which point some
+services (such as website hosting) will be suspended.  If the group
+account is configured with a role email address, it may be contacted as
+a last resort, to inform the recipients of the situation and for them to
+nominate a stand-in admin and reactivate the site.
+
+The SRCF has the responsibility as a data processor to prevent
+unauthorised access to personal data.  If we're unable to verify the
+handover of an unmaintained group account (for example, if a group
+account has no contactable admins and no role email to fall back to), we
+will not be able to provide access to its contents.  As a user seeking
+access to such an account, generally this means you will have to
+register a new group account and start from scratch.
+
+[^1]: If your account has been suspended for being uncontactable, you
+  can reactivate it from the [Control Panel](https://control.srcf.net).
+  Note that you won't automatically regain access to your group accounts
+  -- please [contact the sysadmins](https://www.srcf.net/contact) to
+  request these.