Human Resources Department

The University of Lille is responsible for the processing of personal data, in particular in relation to human resources management.
The Data Protection Officer is Jean-Luc Tessier.

This section describes the data held about you by the university, the reasons why it is held and your rights concerning this information.

This processing is compulsory, and you may not object to it unless you wish to withdraw your application for a position at the University of Lille. In order to minimise the amount of data collected, certain pieces of information are marked as optional or necessary for certain categories of employee.

Under the responsibility of the President of the University of Lille, the Human Relations Department (direction des relations humaines; DRH) processes data in the following categories:

• Identity data;
• Contact details;
• User IDs;
• Data relating to your personal life;
• Data relating to training;
• Data relating to your professional life;
• Economic and financial data;
• Information about your criminal record;
• Data of a medical nature or concerning your state of health;
• Data concerning nationality and legal status in France.

In order to comply with certain legal obligations, other information may be required for the administrative and financial management of your file. As these pieces of information are marginal, they are not listed here, but will be explained to you individually at the time they are collected.

The HRD collects this information in a variety of ways. In particular, data is collected when you transfer, pass a competitive examination or via application forms or CVs. Data is kept up to date through forms completed by you at the start of or during employment, through correspondence with you, or through interviews, meetings or other assessments.

In some cases, the organisation collects personal data about you from third parties, such as references provided by former universities, career or pay records and information from criminal record checks authorised by law.

Data is stored mainly in the Harpège database (a business application distributed by AMUE), which is one of the main repositories for the HR Information System, but also in your personnel file held by your HR manager and in other university IT applications.

Data is collected, updated and processed as part of administrative personnel management (professional files, directories, elections, etc.) for:

• payroll management;
• managing personnel files, kept in accordance with legal and regulatory provisions, as well as statutory or contractual provisions governing the individuals in question;
• administrative follow-up of medical visits;
• producing statistical reports or lists of employees to meet administrative management needs (e.g. social report);
• managing internal directories and named organisational charts;
• managing of individual allocations of supplies, equipment;
• managing elections to national, academic and university bodies;
• managing meetings of the university’s bodies;
• managing social and cultural activities, excluding preventive medicine, social services and psychological support;
• managing internal communications via university mailing lists.

It is required for career and mobility management:

• professional evaluation of employees in compliance with the relevant laws and regulations:
• managing in-house professional skills;
• promoting the acquiring of professional experience;
• career or pension simulation;
• managing work-related accidents and illnesses;
• professional mobility management.

It aids the management of employee training:

• monitoring of training requests and completed training periods;
• organising training sessions;
• assessing knowledge and training.

In some cases, the HR department needs to process data to ensure that it meets its legal obligations. Criminal record checks must be carried out systematically for all employees recruited through competitive processes or by contract.

The data may be used to inform you of measures relating to the safety of employees and users on the university’s premises.

Some special categories of personal data, such as information on gender, health or medical conditions, are processed to fulfil legal obligations (such as those concerning people with disabilities and for health and safety purposes). With your consent, this information may also be shared with health and social services to ensure that the organisation can help you through your absence or facilitate your return to work.

Where the HRD processes other special categories of personal data, such as information on gender, age or health, this is done for the purposes of equal opportunities monitoring. The data used by the organisation for these purposes is either anonymised or collected with employees’ express consent, and can be withdrawn at any time. You are entirely free to decide whether or not to provide such data, and there are no consequences for not doing so.

The recipients of the data are: authorised persons in charge of employees management for central departments and member schools/faculties/institutes; employees’ hierarchical superiors; employee representative bodies and union delegates. Under certain conditions, data may be transmitted to a country outside the European Union for the exclusive purpose of international transfers.

Information is transmitted between different university entities for operational reasons:

• to the IT Department to feed the digital identity repository and give you access to all the university’s digital services;
• to the Preventive Medicine Department;
• to the Legal Affairs Department in the event of legal action;
• to the University Affairs Department for the management of university bodies and council elections;
• to the Inter-University Pensions Service (Service Inter-Universitaire des Pensions; SIUP) for setting up retirement files;
• to the Accounting Office and the Financial Affairs Department;
• to the departments responsible for setting up and managing projects requiring proof of expenditure;
• to member schools/faculties/institutes and common services.

Information may be disclosed to external organisations to which the university has obligations such as:

• Regional Public Finance Department (Direction Régionale des Finances Publiques; DRFiP) for salary payments and payslips;
• CROUS to offer the possibility to eat at discounted rates in CROUS-run restaurants; (see if optional or systematic?)
• Hcéres and IGAENR as part of their evaluation campaigns;
• Caisse des Dépôts for Le Fonds pour l’Insertion des personnes handicapées dans la fonction Publique (Fund for the Integration of People with Disabilities into the Civil Service), le Compte individuel de formation (personal training account) and updating the additional retirement account;
• Trade unions;
• The State Pensions Department (service des retraites de l’État) to calculate your pension entitlements.
• MGEN: the list of permanent or trainee civil servants and contract employees newly appointed or assigned to the university.

Data is kept for the duration of the data subject’s period of employment (unless otherwise stipulated by law or regulation). Beyond that, the data may be archived on a separate digital medium with very limited access, in accordance with the rules applicable to public and private archives.

You have the following rights:

• right to be informed;
• right of access;
• right to rectification;
• right to restrict processing;
• right to data portability;
• right to object if your data is used for other purposes for which there is no legal obligation.

If you do not receive a response to your request within a reasonable period of time, you may lodge a complaint with the supervisory authority (CNIL) in accordance with Article 13 of the GDPR.

You can contact the representative for the exercise of these rights by e-mail at dpo[at]univ-lille[point]fr. or by post at:

Délégué à la Protection des Données
Université de Lille
42 rue Paul Duez
59000 LILLE

More information and details of the processing declared on the university’s electronic document management system (GED) in identified mode only.

On behalf of the President of the University of Lille, the Human Resources Department processes personal data for the purpose of managing the working hours of its permanent, contract and administrative employees. This is compulsory processing, with the exception of the function by which employees’ working hours are logged.

This processing is based on the university’s legitimate interest within the meaning of Article 6(1) point f). This processing is referenced in the university’s register under number 201838.

The categories of data collected are as follows:

• employee and validator identification data;
• data relating to the department in which he/she works;
• data concerning the terms and conditions of his/her working hours.

The data is collected to ensure the application of working hours regulations within the university. Its purpose is to allow employees’ attendance and absences to be managed. It is used to record holiday periods and set up time savings accounts (comptes épargne-temps; CET).

Apart from the individuals and departments responsible for carrying out the processing (members of the HR application, collective management and working hours offices and validators), personal data can be accessed by authorised Bodet Software employees.

Data is stored for a maximum of five years.

You may access and rectify your personal data. You may also exercise your right to restrict or object to the processing of your data (See the website cnil.fr for more information on your rights).

To exercise these rights or if you have any questions about the processing of your data under this system, you can contact the representative for the exercise of these rights by e-mail at tempsdetravail[at]univ-lille[point]fr or dpo[at]univ-lille[point]fr.

If you do not receive a response to your request within a reasonable period of time, you may lodge a complaint with the supervisory authority (CNIL) in accordance with Article 13 of the GDPR.