For what purposes are your personal data processed?

emlyon business school may process the personal data of the emlyon community in order to manage the database of Library subscribers.

User data may also be processed for the purpose of managing the lending of materials by the Library.

The Library also manages reminders and suspensions of access to resources in case of non-return of loaned materials.

Contact requests are also handled via the chat window and contact form on the Library's website.

What is the basis for this data processing?

emlyon business school bases this data processing on the execution of the contract between the School and its community, in order to provide users with the Library's services.

 

Who are the people concerned by this data processing?

The persons concerned by this data processing are the various users of the Library

• - Students
• - Alumni
• - Members of the support and academic staff
• - Stakeholders and external parties.
•  

What data is required for this processing?

For the purpose of managing Library users, the following data is collected indirectly (extracted from a database) to create user accounts.

• - First and last name
• - Institutional, professional, or personal email
• - Date of birth
• - Telephone number
• - Town
• - Mailing address
• - Program for students, status (professor, temporary employee, support function) for other users.

Additional optional information can be provided by the user in the "Profile" area of their account on the Library website.

When borrowing materials, the User scans his/her Library card, which records the date of the loan and the type of materials borrowed.

More specifically, for the loan of computer equipment, a signed charter must also be returned, containing the following information

• - Full name
• - Signature
• - Date

The chat window available on the Library's website is not automated and does not collect any personal data, except those voluntarily submitted by the user.

When requesting contact via the dedicated form or the chat window, the following information is processed:

• - Full name
• - E-mail address
• - Information transmitted by the user in the body of his message.

Who has access to your data?

Within emlyon business school, only the staff of the departments concerned have access to the data processed:

• - Library: management of equipment loans, responses to requests for information through the various channels
• - Digital management: management of the database of library registrants.

No personal data is transmitted to service providers who provide emlyon with journals, databases or other services.

However, some service providers may require an individual to log in and provide personal information. In this case, users should consult the provider's privacy policy for more information.

Finally, user data may be processed by emlyon business school's international campuses.

How long will your data be stored?

User accounts for loans/returns are deleted two years after the end of the subscription period recorded at the time the account was created.

A loan history is kept for five months after the equipment is returned.

Signed charters for the loan of computer equipment are destroyed upon return of the equipment.

Information and rights

The person in charge of this processing is the company Early Makers Group, represented by Prof. Isabelle HUAULT, President of the Board of Directors.

The persons whose personal data are the object of a treatment have rights:

• - Right of access to the processed data, in order to be communicated all the personal data collected on the applicant
• - Right to rectify processed data when they are incomplete, inaccurate, ambiguous or outdated
• - Right to erasure of processed data, when the deletion of such data is based on legitimate grounds
• - Right to limit the processing, in order to temporarily suspend the use of certain data
• - Right to object to the processing, when this request is based on legitimate grounds.

Persons whose personal data are being processed may request to exercise these rights from the Data Protection Officer, who will respond to the request within one month, at the following address: dataprivacy@em-lyon.com. 

It is also possible for any person whose personal data is being processed to submit a complaint to the National Commission for Information Technology and Liberties (CNIL), the competent national supervisory authority.