Library Services Department

Personal data protection policy for users of the Library Services Department

Concerned about protecting the privacy of its staff and users, the University of Lille complies with the rules for the protection of personal data set out in European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the French Data Protection Act of 6 January 1978, as amended (Loi Informatique et Libertés; LIL). Its Data Protection Officer (DPO) is Jean-Luc Tessier, who can be contacted using this contact form or at the following address: dpo[at]univ-lille[point]fr

The purpose of this policy is to inform you of your rights and of the obligations incumbent on the University of Lille when personal data concerning you as a user of the Library Services Department (SCD) is processed.

It is specified that:

The ‘data controller’ is the University of Lille (42 rue Paul Duez, 59 000 Lille) as it determines the purpose and means by which your data is processed.
‘Processors’ are service providers who process your personal data on behalf of, on the instructions of and under the responsibility of the University of Lille.
‘Data subjects’ are the users of the Library Services Department (SCD) whose personal data is processed.
‘Personal data’ is any data that allows you to be identified directly or indirectly.

Quelles données collectons-nous ?

Depending on the service used, we may collect:

data by which you can be identified (surname, first name, user ID);
data enabling us to contact you (contact details);
data linked to your activity within our libraries (connection data, document search data, reader account history, book requests, room reservations, event participation).

We take care to respect the principle of minimisation and therefore only collect and process personal data that is useful for providing the service in question.

Pourquoi collectons-nous vos données ?

We collect your data as part of a public-interest duty to support study and research activities entrusted to SCDs by Article D. 714-29 of the French EducationCode.

We use your personal data for the following purposes:

Managing the borrowing, return and reservation of documents and equipment;
Managing reservations for places and rooms for group work;
Enabling the reader account to be viewed usingLillocat;
Managing access to and consultation of electronic documentation;
Responding to your various requests as part of the UBIB service;
Managing satisfaction surveys;
Organising cultural and scientific events;
Identifying the scientific output of the university’s members;
Distributing theses in printed form;
Producing usage and evaluation statistics for its services, as well as decision-making tools.

D’où proviennent ces données ?

Identification data (surname, first name, contact details, etc.) are transferred securely from databases managed by the University of Lille, its member institutions or its partners (Centrale Lille, Mine Telecom Nord Europe, etc.).

Other personal data (IP address, application access logs, location of reserved rooms, etc.) is generated as you use the services and applications offered by the SCD.

Quelle durée les conservons-nous ?

Your personal data will be kept in a form that enables you to be identified for as long as is strictly necessary for the purposes of the processing, and in particular:

Data concerned	Storage period of collected data
User identity	1 year maximum after enrolment expiry date
Loan or document request history	4 months from return of document or satisfaction of request
Data on connecting to electronic resources	Anonymised 1 year after the connection date, then stored indefinitely
Data collected by questionnaire as part of the continuous improvement process	Anonymisation as soon as results are returned
Data collected in connection with the organisation of events	2 years after the event

Qui traite et accède à vos données ?

In principle, access to your data is reserved for SCD staff and a limited number of people assigned to the University of Lille’s General Digital Affairs Department.

Data may also be passed on to financial services if penalties are applied in the event that you fail to return borrowed documents.

GIP RENATER and our subcontractors may be recipients of your personal data under the terms of a contractual relationship with the University of Lille.

Depending on the suppliers involved, your data may be transferred outside the European Union.

Quelle sont vos droits, comment pouvez-vous les exercer ?

You have the following rights:

right to be informed;
right of access;
right to rectification;
right to erasure within the limits set by Article 17 of the GDPR.
right to request restriction of processing;
right to data portability within the limits set by Article 20 of the GDPR;
right to object within the limits set by Article 21 of the GDPR.

Questions and requests to exercise rights may be addressed (in this case providing proof of identity) to the Data Protection Officer, who can be contacted:

electronically at dpo@univ-lille.fr;
by post at:

Délégué à la Protection des Données
Université de Lille
42 rue Paul Duez
59000 LILLE

If you do not receive a response to your request within a maximum of one month, you can lodge a complaint with CNIL (Art. 13 GDPR) at the following address:

Cnil – Service des plaintes
3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07
Phone: 33 (0)1 53 73 22 22

Modification de la présente politique

This policy may be modified in the event of changes in legislation, case law, CNIL decisions and recommendations or usage. In this case, the University of Lille will inform the persons concerned by any means (sending an e-mail or information published online, for example).

18 September 2023

Back