Eco‑responsible  images

Image compression reduces page weight and loading times.

Read more about it

Search in

Internal data protection officers

Table of contents

The Data Protection Advisor (DPA)
The network of data protection officers
The various internal networks


 

The Data Protection Advisor (DPA)

Why does UNIL have a Data Protection Advisor?

According to the law of the canton of Vaud on data protection, when UNIL is the responsible for processing personal data, it must:

  • be able to demonstrate compliance with legal requirements, including when subcontracting,
  • and
  • take all appropriate measures to protect them.

The new Federal Data Protection Act also requires public bodies to have a Data Protection Adviser (DPA). This requirement will almost certainly be transferred to cantonal law.

A support function for the academic community

The Direction of UNIL has entrusted the CPD with the task of ensuring that the conditions are met for the processing activities of personal data;es effectuées par les unités de l’institution rées aux exigences imposés par les lois en matière de Protection des Données.

As a support function for the academic community in all matters relating to data protection, the Data Protection Adviser (DPA) is responsible for:

The Data Protection Adviser (DPA) is responsible for the following tasks

  • Train and raise awareness in the academic community;
  • Advise UNIL staff and units;
  • Ensure the proper application of the law ;
  • Monitor the’effectiveness; of its implementation;
  • Serve as point of contact for all personal rights requests;
  • Serve as receiver for Swiss and foreign data protection authorities;
  • Assist units and employees in conducting their risk analyses (DPIA) ;
  • Coordinate the compilation of the inventory of treatment activities for the institution.

The CPD is surrounded by an internal UNIL network in order to centralise the function and respond as quickly as possible to all needs.

What the CPD cannot do

The CPD is not empowered; à to do the following:

  • To be personally responsible for the compliance of a personal data processing operation (only the data controller may have this responsibility);
  • Validate a decision that involves the processing of personal data. (The DPC only evaluates compliance and the level of risk for the individuals concerned) ;
  • Make a personal data processing operation compliant (Only the data controller is authorised to make its processing operations compliant).

This list is not exhaustive.

When to request the CPD

In the management of a project that involves the processing of personal data, it is easier to find solutions that comply with the law when the project is in its conception phase than when it is complete.

Please consult the CPD as early as possible in the project's progress.

How to request the CPD

The CPD can be contacted by email or telephone during office hours.

Time, contact and access

M’écrire
Mikhaël Salamin
University of Lausanne
DPO DPO
Unicentre – Bureau 318
CH-1015 Lausanne

Contact me
Email : protection-donnees[at]unil.ch 
Téphone : +41 21 692 60 26

Come in person
By appointment only, please contact Unicentre reception.
Unicentre building, interactive map on Planet UNIL

The network of data protection officers

The network of data protection officers builds on an existing support network in the academic community. Whether it's in administration or research, the people closest to you will often be the closest:

  • understand your needs,
  • to respond quickly, and
  • refer you to the DPO when necessary.

The various internal networks

Here are the different networks that the DPO can call on to support you:

  • RSI - University of Lausanne information system respondents
  • Faculty assistant and deputy
  • Researcher and Researcher
  • Research Data Steward