Personal data policy

Your personal data may be subject to automated processing in accordance with the European Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data, and the law on the protection of personal data No. 2018-493 of 20 June 2018.

EURECOM is the data controller.

Personal data must be processed lawfully, fairly and transparently.

EURECOM is committed to complying with applicable obligations regarding the processing of your personal data. In order to respect the principle of transparency, here are answers to some of the questions you may have.


What data may we collect?

Why and how do we collect it?

Depending on your relationship with EURECOM, we may need to collect specific information about you.

This data may be necessary for administrative and accounting purposes, for the follow-up of students' education at EURECOM, for the Alumni Association, to execute a contract, or to fulfill our legal obligations or our obligations towards you.


The information we may collect is of various kinds, and some of it may constitute "personal data":

- Civil status, contact information, data relating to your educational or professional background, data required for registration, connection identifiers, or bank details.

For instance, but not limited to, depending on your relationship with EURECOM, we may need to collect your first and last name, telephone number, email address, résumé, social security number, identity card or passport, passport photo, or bank details.

This data is collected when you fill out an online registration form, or when you enter into a contract with EURECOM (employment contract, customer, supplier, etc.).


With whom may we share this data?

We share your personal data with your consent, or when necessary with Third parties:

• With our service providers. We may use contractors to perform technical services, for example. Our service providers must comply with our privacy and data security requirements. They are not authorized to use the personal data they receive from us for any other purpose.

• With banks or payment management institutions, which provide financial services.

• With legal authorities. To comply with our legal obligations, we may share some of your data with legal or regulatory authorities, the Ministry of Higher Education and Research, or the CTI.


What is the legal basis for the processing of your data?

EURECOM only collects, uses and shares your personal data as permitted by law.


We can process your data either:

• Because you have given your consent.

• To execute our contract with you or for pre-contractual measures.

• Because this file is required by law.

• To perform a task in the public interest or under public authority.

• Because it is in our legitimate interest.

• Because processing is necessary to safeguard the vital interests of a person. 


How long do we keep your data?

Your personal data is retained for the time necessary to fulfill the purpose for which it was collected or as required by law.

The length of time we retain data varies depending on several criteria, including:

• EURECOM's business needs

• Contractual requirements

• Legal or regulatory obligations (insurance, tax, human resources, etc.)

• Recommendations from regulatory authorities


Your data may be retained beyond the end of our contractual relationship, for example to defend our legal rights, to provide you with documents that you no longer have in your possession, or to meet our legal obligations.

After this period, your personal data shall be permanently deleted.


How secure is your data?

EURECOM has put in place robust technical measures to ensure the security of our information system and to prevent any loss, alteration or unauthorized disclosure of your personal data.


What are your rights?

In accordance with the laws and regulations relating to the protection of personal data, you have (under certain conditions) the right to:

- Access

- Modify

- Delete: Under specific conditions, you can ask us to delete your personal data.  We may retain some personal data to comply with our legal or regulatory obligations or when we have a legitimate reason to do so (e.g., to execute a contract or prevent legal action).

- Limit

- Transfer

- Object


If you have questions about this policy or wish to exercise your rights, you can contact our Data Protection Officer at rgpd @