Personal data: privacy policy

Preamble

The protection of your personal data is a core concern for Université Grenoble Alpes, which is committed to constantly improving its compliance with Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, the General Data Protection Regulation or ‘GDPR’ and Law No. 78-18 of 6 January 1978 relating to data processing, files and freedoms in its consolidated version (hereinafter, the ‘Data Processing and Freedoms Law’).

Consult the cookies policy

The purpose of this personal data protection policy is to inform people whose data is processed by the Université Grenoble Alpes in a concise, transparent, comprehensible and easily accessible manner about the nature of the processing and their rights concerning their data.

Data controllers

The Université Grenoble Alpes, represented by its President as data controller, determines the purposes and means of the processing of personal data carried out within the University.
Address: Université Grenoble Alpes - 621 avenue centrale 38400 Saint-Martin-d'Hères

What data do we process and why?

We use the data we collect in order to:

• respond to your requests on the legal basis of legitimate interest,
• analyze your browsing on our websites with Matomo on the legal basis of consent,
• provide access to social networks on the legal basis of consent.

Who processes your data? Who accesses your data?

• the recipients of your data are the communication and IT departments and authorized staff of Université Grenoble Alpes,
• our subcontractor, tarte au citron, has access to data concerning the acceptance and refusal of cookies on our sites,
• in accordance with the regulations in force, data may be transmitted to the competent authorities upon request in the event of a search for the perpetrators of offences committed on the internet,

How long will your data be kept?

Personal data is kept for as long as is necessary to achieve the purposes for which it was collected and/or for as long as required by law or regulation.
In this respect, the University complies in particular with the provisions of the instruction ‘DAF DPACI/RES/2005/003 of 22 February 2005 on the sorting and conservation of archives received and produced by services and establishments contributing to national education’.

How is your data secured?

The university has defined technical, legal and organisational measures to protect your data appropriately according to its nature and the extent of the processing.

These measures comply with the Université Grenoble Alpes Information System Security Policy (PSSI), which is in line with that of the French government.

Transfers of your personal data outside the European Union

IPHIG does not transfer any data outside the European Union.

What are your rights and how can you exercise them?

The university processes your personal data as part of their duties and, in accordance with the RGPD, you have the following rights:

• the right to be informed,
• right of access,
• the right to rectification,
• the right to erasure or the right to be forgotten

You can exercise your rights by contacting the shared Data Protection Officer:
Email address: dpogrenet.fr
Postal address: Protection des données - DPO - Direction des Systèmes d'information mutualisés, Domaine universitaire, 31, rue des mathématiques 38400 Saint-Martin-d'Hères.

You also have the right to lodge a complaint with the CNIL:
https://www.cnil.fr/fr/plaintes

Changes to the personal data protection policy

This privacy policy is subject to change in line with legislative and regulatory developments.

Translated with www.DeepL.com/Translator (free version)