Privacy policy | emlyon business school

Users of emlyon business school websites, as well as users of websites and social networks through which emlyon business school communicates are informed that emlyon business school collects and implements, through its websites and, where applicable, social networks and other communication sites of which it is not the owner, processing of personal data which has several purposes.

The following table aims to provide you with information about the purpose pursued (purpose) by a personal data processing carried out by emlyon business school, the legal basis allowing emlyon business school to carry out the processing (Legal Basis), the categories of personal data processed in connection with this processing (Data Categories), and the period during which this data is stored in our systems as part of these data processing activities (Retention Period).

Download the table on the processing of personal data

Who has access to your data?

Each emlyon business school campus is responsible for processing user data concerning it. However, when emlyon business school processes data through social networks or other websites which it does not own, emlyon business school is not responsible for the use of the data made by these social networks or websites. For their information, users may refer to the personal data policy of the website or social network concerned when this is made available to them.

User data is intended for:

  • the services and authorised personnel of the various emlyon business school entities in order to fulfil the purposes set out above.
  • service providers acting in the name and on behalf of emlyon business school.
  • The data of users interested in a course on one of our emlyon business school campuses located outside the European Economic Area (EEA) (for example, in Morocco or China) may be transferred to these campuses acting as data controllers, for the same purposes as those set out above. The data of all users of emlyon business school websites may also be transferred to service providers acting in the name and on behalf of emlyon business school, who may be located in or outside the EEA, including in countries that do not offer the same level of protection for personal data as the EEA, in particular the United States for hosting purposes. Where applicable, data transfers outside the EEA to countries that do not offer the same level of protection are regulated in accordance with the applicable legislation, by the implementation of guarantees such as the conclusion of standard contractual clauses based on those adopted by the European Commission.
  • the emlyon Foundation

Information and rights

The person in charge of this processing is the company Early Makers Group, represented by Prof. Isabelle HUAULT, President of the Board of Directors. The persons whose personal data are the object of a treatment have rights:

  • Right of access to the processed data, in order to be communicated all the personal data collected on the applicant
  • Right to rectify processed data when they are incomplete, inaccurate, ambiguous or outdated
  • Right to erasure of processed data, when the deletion of such data is based on legitimate grounds
  • Right to limit the processing, in order to temporarily suspend the use of certain data
  • Right to object to the processing, when this request is based on legitimate grounds.
  • Right to define directives concerning the fate of personal data after death.

Persons whose personal data are being processed may request to exercise these rights from the Data Protection Officer, who will respond to the request within one month, at the following address: dataprivacy@em-lyon.com.
It is also possible for any person whose personal data is being processed to submit a complaint to the National Commission for Information Technology and Liberties (CNIL), the competent national supervisory authority.