INSEEC U group Privacy Policy

“Organisation et Développement” (O&D), in conjunction with all its subsidiaries and more widely all the Schools and entities which make up the INSEEC U group, undertakes to protect your personal data and your private life. Personal data is that information which can identify, either directly or indirectly, a specific individual (name, identity card number, social security number, telephone number, photograph, date of birth, town/city of residence, etc.).

I - Purpose

The purpose of the present Privacy Policy is to describe the type of personal data which we, that is to say “Organisation et Développement” (O&D) with all its subsidiaries and more widely all the Schools and entities which make up the INSEEC U group, collect, or obtain data, the way we use them, share them and protect them, the way we use cookies and similar tracking technology as well as your rights and options.

II – Types of data collected

1) Personal data you provide yourself

The personal data we collect are:

The type of personal data which we are likely to ask you for may include, but need not be limited to:

We may ask you to provide additional personal data, for example in the case of online surveys aiming to better understand your needs. In this event, you will be informed at the time the information is collected.

2) Personal data collected automatically

In addition to the personal data you provide, our websites automatically collect the domain names for all visitors, and we also use third party web analytics service providers who may collect information such as your IP address, the type of device you use, the device ID and other technical information by using cookies or other similar tracking technology. In some countries, including those in the European Economic Area, certain information may be considered as personal data, in accordance with applicable laws relating to data protection.

Collecting personal data enables us to know more about the type of visitors who use our sites, where they come from and which content on our site which they are interested in. We use this information for our own internal statistical and analytical purposes and to improve the quality and relevance of our sites for visitors. Some of this information may be collected by using cookies or other, similar tracking technology. For further information, please consult our policy relating to cookies available on the internet sites in question.

3) Personal data obtained from third parties

Occasionally, we may obtain personal data about you from third party sources, but only when these third parties have been authorized to, or are obliged to divulge your personal data. The information we may receive from third parties includes your contact details, possibly professional data, information on your academic background and results etc.

III – Purposes of data collection

We only use the personal data we collect from you for the purposes stipulated in the present Privacy Policy, or for a compatible purpose or for a purpose stated when your personal data is collected.

In particular, we use your data to:

We may also use your personal data in an aggregated form which makes identifying individuals impossible, in order to assess and improve our offer of courses and services.

IV - Legal basis for processing personal data

In the European Economic Area, our legal basis for collecting and using personal data as described above will depend on the personal data concerned and the specific purpose for which we collect and request them. The legal basis relevant to the processing of your data is stated in the information provided when your personal data are collected.

However, we only collect your personal data when:

In particular cases, we may be required by law to collect personal data from you or need your personal data in order to protect your interests or those of a third party.

For any questions relating to the legal basis upon which we collect and use your personal data, please contact us using the contact information given in article XI “Contact”.

V – Procedure for processing your personal data

1) Recipients of personal data

On the basis of what has been stated above, we are likely to divulge your personal data to the following recipients:

2) Your rights

In compliance with the European General Data Protection Regulation n°2016/679 (“GDPR”), you have the right:

To exercise your rights please contact:
INSEEC U – Service du DPO – Immeuble Greenelle - 43 quai de Grenelle - 75015 PARIS.

We will take your request into consideration in compliance with the laws and regulations in force regarding the protection of personal data. To ensure the protection of your private life and the security of your data, we are likely to check your identity before allowing you access to any personal data concerning you which we hold.

Should you consider that our processing of your personal data in any way infringes the laws and regulations in force or your rights and freedom, you have the right to lodge a complaint with your local personal data protection authority.

VI – Security of personal data

In view of the fact that it is not currently possible for prevention of disclosure of personal data on the Internet to be absolutely secure, we cannot guarantee total control over the risks linked to the operation of the Internet and their consequences for your personal data, these data are provided at your own risk.

Nonetheless, we attach great importance to the protection of your personal data and your private life. We have therefore set up technical and organizational measures (physical, logical and human security measures) in order to protect your personal data against accidental, illegal or unauthorized destruction, loss, modification, access, disclosure and use.

VII - Retention of personal data

1) Legal basis

We keep your personal data as long as legitimately necessary for the purpose for which it was collected, for example to provide you with a service, to allow you to access and follow a course or to comply with legal, tax or accounting obligations.

When we no longer have any legitimate business requirement to process your personal data, we delete them, or the data is anonymized, or, if this is not possible, notably because your data is stocked in backup archive storage, we store your personal data in a secure way.

2) Archiving period

We are committed to respecting the archiving periods for personal data given in the table below:

* CNIL : French National Commission for Data Protection and Liberties

Documents and data relating to business relations with the client

Data relating to sales prospecting:
Processing for information and communication other than prospecting:
Data relating to student management:
Contracts and guarantees signed with a student or learner:
Contracts and guarantees made electronically with a consumer (for a sum superior or equal to 120 €):
Client invoices:

Documents relating to the rights and freedom of the people concerned

Identity documents for applications relating to the right to access or rectify data for the person concerned:
Identity documents for applications relating to the right of opposition for the person concerned:

Data relating to Digital Work Areas

Connection data on the digital work area

VIII - Hyperlinks

Our internet sites and our educational web-platforms may include links to the internet sites of third party companies. We are not liable for the content or the Privacy Policy and practices of these internet sites.

IX - International Transfers of Personal Data

Your personal data may be transferred to and processed in a country other than that where your School is located. These countries may have data protection laws which differ from the laws in this country and which may, in certain cases, not provide such good protection.

However, we have taken appropriate precautions to require that your personal data remains protected in compliance with the present Privacy Policy. When we transfer your personal data to another country we rely upon:

You can obtain further details by applying to:
INSEEC U – Service du DPO – Immeuble Greenelle - 43 quai de Grenelle - 75015 PARIS

X – Updating

We may update the present Privacy Policy to comply with legislative, regulatory, technical or business changes. When we update our Privacy Policy we take the appropriate measures to inform you, depending on the importance and extent of the changes made. We inform you of any significant change in the Privacy Policy if and when it is required by the legislative and regulatory texts in force.

You can find the date on which the present Privacy Policy was last updated by checking the date given at the top of the present Privacy Policy.

XI - Contact

For any questions concerning the Privacy Policy, you can contact us at the following address:
INSEEC U – Service du DPO – Immeuble Greenelle - 43 quai de Grenelle - 75015 PARIS