Grenoble École de Management (GEM) undertakes to process your personal data on the website www.grenoble-em.com in compliance with the Data Protection Act of 6 January 1978 as amended and that the General Data Protection Regulation (EU 2016/679) of 27 April 2016 (GDPR) hereinafter referred to as “The Regulation relating to personal data”.
Controller and Data Protection Officer
The data controller is GEM, Institution of Higher Education Consular, registered in the Register of Commerce and Companies of RCS Grenoble under the number 817389141 whose registered office is at 12 rue Pierre Sémard, 38000 Grenoble.
GEM has also appointed its Data Protection Officer to the French Commission Nationale de l’Informatique et des Libertés (CNIL), its supervisory authority. You can attach it by writing:
- An email at dpo@grenoble-em.com
- A postal mail to Grenoble School of Management, Data Protection Officer, 12 rue Pierre Sémard, 38000 Grenoble.
Processing of personal data and legal bases
The personal data that GEM is subject to the following processing operations:
- Promotion of GEM’s training offer based on the legal basis of consent (Article 6-1-a GDPR: the data subject gives his/her consent to the processing of his/her personal data to receive promotions)
- Promotion of the offer of services to companies and partners based on the legal basis of legitimate interest (Article 6-1-f GDPR: establish partnership relations with companies),
- Management of applications for training provided by GEM based on the legal basis for the performance of a contract or pre-contractual measures (Article 6-1-b GDPR: assessment and eligibility of candidates for GEM training)
- Management of participations in our information meetings or events based on the legal basis of legitimate interest (Article 6-1-f GDPR: allow the persons concerned to attend such meetings or events)
- Sending ad hoc messages or newsletters based on the performance of a task carried out in the public interest (Article 6-1-e GDPR: mission of higher education – dissemination of humanist culture, in particular through the development of the humanities and social sciences, and scientific, technical and industrial culture)
- Animation of the alumni community based on the legal basis of consent (Article 6-1-a GDPR: the data subject gives his/her consent to the processing of his/her personal data to participate in the animation of the GEM alumni network)
Category of personal data collected
The categories of personal data that are collected are based on your use of the features of the GEM website:
For downloading leaflets or attending information meetings:
- identification data: surname and first name
- means of communication: landline, mobile phone, email address
For candidates for GEM training:
Candidates for GEM training benefit from an account to be able to access and complete their application file.
- identification data: surname and first name
- means of communication: landline, mobile phone, email address
- the CV
- previous grades and diplomas
- data relating to means of payment and transactions
- the elements of the application files
- downloading document
For GEM students and graduates
Students and alumni have an account that allows them to access a dedicated space.
- identification data: surname, first name, identity photo
- means of communication: landline, mobile phone, email address
- the career path
- the diplomas of Grenoble School of Management
- visibility on the directory
- participation in juries
- participation in events
- downloading document
For professional users
Companies have an account that allows them to access GEM’s career space.
- identification data: surname, first name, identity photo
- means of communication: landline, mobile phone, email address
- participation in juries
- participations in events
- internship and job offers deposits
- downloading document
For the categories of personal data collected when browsing the site, the information can be found in the article “About cookies”, below.
Telephone numbers may be requested so that our training advisors, program managers, salespeople or event organisers can communicate with you more directly (telephone calls, SMS).
Recipients
The data collected is processed only by persons authorised to do so within the Academic programs department, the Faculty and research department, the Development and External Relations Department.
However, GEM may transfer your personal data to third parties in two situations:
- Comply with its legal obligations;
- Use applications set up by its subcontractors.
GEM has IT facilities to manage the requests it receives, in particular from the applications proposed on www.grenoble-em.com.
Rights of data subjects
In accordance with the Regulation on Personal Data, you can exercise the following rights to your personal data collected by GEM by using the website:
- Right of access to personal data concerning you and subject to processing
- Right to rectification of your personal data that are inaccurate
- Right to erasure of your personal data unless GEM has to comply with legal or regulatory obligations
- Right to portability of your personal data in a structured format
- Right to restriction of the processing of your personal data
- Right to object to the processing of your personal data
For any information on the exercise of your rights on your personal data managed by GEM, you can contact its Data Protection Officer:
By email at dpo@grenoble-em.com or
By letter signed and accompanied by a copy of an identity document to the following address: Grenoble School of Management, Data Protection Officer, 12 Rue Pierre Sémard, 38000 GRENOBLE
A reply will then be sent to you within a maximum of 30 days except in case of complexity in its processing.
In addition, you can exercise your right of complaint with the supervisory authorities, in particular the CNIL on its website: https://www.cnil.fr/fr/agir/saisir-la-cnil.
Shelf life
The data that is entered in the forms is stored in our databases and on our servers in France. They are kept according to secure protocols for a period that varies according to the purpose of the processing or the regulatory or legal provisions.
These durations are indicated for each completed form.
Data Security/Data Transfer
In order to ensure a level of protection of quality personal data, GEM has implemented technical and organisational security measures in accordance with the requirements of the Regulations on Personal Data and Privacy.
Regarding the services we put in place with its service providers, GEM ensures that they provide sufficient guarantees to meet the requirements of the regulations on personal data.
About the cookies implemented on our website
A “cookie” is a small file, usually made up of letters and numbers, sent by the web server to the browser cookie file located on the hard drive of your computer or mobile phone. Learn more about cookies, how they work and how to oppose them.
Some of the cookies set by Grenoble École de Management do not require consent, as they are necessary for the proper functioning of it and facilitate your browsing.
Any other cookie requires your consent as soon as you arrive on the site. A banner informs you of the presence of these cookies and invites you to indicate your choice. They are only deposited if you accept them.
You have the option – at any time – to set all or part of cookies via a preference management tool located at the bottom right of your browser.
The retention period of cookies is 13 months.
Updated 1/16/2024