Provacy - Personal data protection

A hand holding a key

Provacy - Personal data protection

For simplified compliance

Provacy is a registry tool for personal data processing activities adopted by UPHF.

Data processing published by the Data Protection Officer (DPO) has been subject to a compliance process with regard to the RGPD and the French "Informatique et Libertés" law.

For the sake of transparency, UPHF's data processing register is made public.

Staff, and in some cases students (particularly doctoral students) in charge of implementing data processing must obligatorily demonstrate the compliance of their processing, with the support of the DPO, and the RGPD correspondents appointed by the decree of October 21, 2021 of the President of UPHF and the Director of INSA.

The register tool is available to them to initiate compliance. It consists of demonstrating compliance with the RGPD and the "Informatique et Libertés" law.

A prior registration to this register can be made with the DPO (dpo@uphf.fr). Anyone can also self-register; rights will be assigned according to the applicant's profile. A processing form is to be completed (purpose, categories of data processed, data recipients, data retention period, security implemented, respect for people's rights...).

Provacy enables two different approaches:

  • If you have creation rights, you can list UPHF projects and declare their compliance with current RGPD rules.
    You can also consult the compliance documents for published projects to find information such as details of purposes, data subjects, data, retention periods and recipients or even a general description of technical security measures.
  • If you don't have specific rights, you can still consult the compliance documents for published projects.

News on personal data protection: https://www.cnil.fr/fr/actualite

Proposed workshop: CNIL Mooc: https://www.cnil.fr/fr/le-mooc-de-la-cnil-est-de-retour-dans-une-nouvelle-version-enrichie

USE CASES