Data protection policy
Information systems are now essential for managing the data of the students, teachers, researchers and staff at the heart of our activities. These increasingly complex and open systems can create risks to individuals' rights and freedoms.
Principles
The School commits to the following principles to protect personal data:
Involvement: strengthening and maintaining data protection over the long term is everyone's responsibility
The Presidency, Departments and Services, DERs and Laboratories are all aware of the issues at stake and work regularly with the Data Protection Officer (DPO). IT users are trained on these issues and the “best practices” for data protection. This proactive protection approach extends to the School's partners and ecosystem.
Transparent communication
Each data processing operation is supported by comprehensive and precise information, covering purposes, categories of data processed, recipients, retention period, security, etc. Beyond this duty to inform, the School is committed to dpo [at] ens-paris-saclay.fr (answering all your questions about data protection), facilitating your control and the exercise of your rights, and respecting your consent when required.
Continuous compliance
The School applies a continuous improvement cycle to its compliance with the General Data Protection Regulation (GDPR), documenting data processing operations, compliance gaps, actions, and progress.
"Permanent" compliance
The School applies a continuous improvement cycle to its compliance with the General Data Protection Regulation (GDPR), documenting data processing operations, compliance gaps, actions, and progress.
In compliance with the GDPR, CNIL guidelines, and other applicable texts, if you wish to exercise your rights, obtain further information on this Policy, or report any difficulties, please feel free to dpo [at] ens-paris-saclay.fr (contact the Data Protection Officer).