FrançaisEnglishEspañol
Agenda News

direct access

Directory
Digital workspace
Research laboratories
Règlement général sur la protection des données - RGPD - Ordinateur et smartphone

Personal data protection

The General Data Protection Regulation (EU) 2016 of the European Parliament, implemented since May 25, 2018 in each country of the European Union, reinforces the French Data Protection Act of 1978 as amended.

By appointing a délégué à la protection des données personnelles (DPD/DPO), Université Polytechnique Hauts-de-France is committed to establishing a relationship of trust and protecting the privacy of students, staff members, partners... in compliance with this European regulation and law.

Published on 21/06/2022 - Updated on 26/01/2026

Personal law

People affected by personal data processing have rights: to information, access, opposition, modification, deletion, portability, limitation. See the CNIL website for details.

The request to exercise rights must specify the reason for the request and the contact details of the requester, who must provide proof of his or her identity, either on the spot with the department concerned, or by sending proof (photocopy of CMS card, or ID, ...).

Students can contact their pedagogical secretariat or the Pôle Formation et vie étudiants (La Maison de l'Etudiant building)

Staff can contact the Human Resources Department (Froissart building).

Obligations of persons processing personal data

Since the application of the RGPD, the principle of declarative logic for personal data processing has been replaced by a principle of accountability. The data controller represented by the President of the University, must demonstrate compliance through documentation (processing activity entered in the register, subcontracting contract, empowerment procedure, etc.... )

By default and right from the design stage of a personal data processing project, staff in charge of its implementation are required to comply with the principles of personal data protection rules:

  • Purpose principle, data processing must be legal and legitimate.
  • Proportionality and Relevance of data, the data processed must be strictly necessary with regard to the purpose.
  • Data retention period, it must be limited.
  • The security and confidentiality of data must be guaranteed.
  • The rights of individuals must be respected.

The Data Protection Officer's mission is to help and support data processing project managers in their compliance process.

By an order dated October 7, 2021, the President of UPHF and the Director of INSA HdF have designated RGPD correspondents responsible for cooperating with the DPO and contributing more specifically within their structure to supporting project managers in the compliance of their data processing.

The processing register is available at https://uphf.provacy4.eu/

Anyone in charge of implementing a personal data processing operation can initiate an RGPD compliance process by declaring their project on https://uphf.provacy4.eu/submit/

Data Protection Officer

Contact: @email

Find out more about personal data protection

The CNIL has published a new (June 27, 2022) enriched version of its MOOC on data protection

Interested parties can register and follow the Mooc.

SupDPO: Publications from the national association of data protection officers from higher education and research establishments.

Site réalisé par