Information notices (GDPR)

This page provides the privacy notices related to the use of the LISA platform and the LISA France 2030 newsletter.
Each processing has its own purposes, data controllers, and rules, as described below.

1. Privacy notice - LISA platform

(In accordance with the General Data Protection Regulation – GDPR)

1.1 Who is responsible for the processing?

Your school and IFEA SAS (28 rue Petit, 92110 Clichy-la-Garenne – GDPR contact: dpo@edulisa.org) are joint controllers for the following purposes:

• collection of responses to the FACETS questionnaire,
• calculation of evaluation scores and prioritization of pedagogical action recommendations,
• reuse of pseudonymized data for scientific research and for the evaluation of the LISA program.

For technical operations (hosting, maintenance, support, assistance, training), the school is the controller and IFEA SAS acts as processor.

1.2 What data is collected?

• Teachers and staff: first name, last name, professional email address, questionnaire responses, login identifier, connection data to the platform.
• Students: first name, last name, class, teachers’ responses to the questionnaire (observations on well-being and learning), educational follow-up data.

1.3 Why is your data used?

• Pedagogical support (Consent A): to establish a profile of each student’s strengths and needs, in order to propose adapted pedagogical actions to support academic success and well-being.
• Scientific research (Consent B): to analyze pseudonymized data in order to evaluate and improve the LISA program.
• Technical operation: to ensure secure hosting, assistance, and maintenance of the platform.

1.4 Legal basis of processing

 Explicit consent (Articles 6.1.a and 9.2.a GDPR).

• Withdrawal of Consent A will result in the deactivation of access to pedagogical functionalities.
• Withdrawal of Consent B has no impact on pedagogical access.

1.5 Who can access your data?

• Within the school: relevant teachers, school management, authorized medical-psychosocial staff.
• Technical and scientific partners: MindEd Tech, Association LISA, Learning Planet Institute, and other research institutes validated by the school.
  Data are not transferred outside the European Economic Area.

1.6 How long are your data retained?

• Student data: throughout schooling + 1 year.
• Teacher and staff data: 3 years after last login.
  Pseudonymized research data: up to 5 years after the last publication based on such data.
• Technical logs: rolling 12 months.

1.7 What are your rights?

 You may request at any time:

• access to your data,
• rectification,
• erasure,
• restriction of processing,
• portability of your data,
• withdrawal of your consent.

To exercise your rights, please contact the school’s GDPR representative or the Data Protection Officer (DPO) (contact details available from school management or on the school’s website).

If, after contacting us, you believe your rights are not respected, you may lodge a complaint with the CNIL:.

2. Privacy Policy - LISA France 2030 Newsletter

2.1 Who are we?

The LISA France 2030 newsletter is jointly distributed by:

• IFEA SAS, a private bilingual school (28 rue Petit, 92110 Clichy, France).
• Learning Planet Institute (LPI), a non-profit association governed by the French 1901 law (8 bis rue Charles V, 75004 Paris, France).

IFEA SAS and LPI act as joint data controllers of your personal data, in accordance with Article 26 of the GDPR.

2.2 What data do we collect?

When you subscribe to the newsletter, we collect the following data:

• First name, last name, email address, position (and, where applicable, educational institution).

2.3 Why do we use your data?

Your data is used exclusively to:

• send you the LISA France 2030 newsletter,
• inform you about news and events related to the project,
• foster exchanges and collaboration around the project.

We never share your data with third parties for commercial purposes.

2.4 On what legal basis?

Processing is based on your consent (Article 6.1.a of the GDPR).
You can withdraw your consent at any time by unsubscribing via the link provided in each newsletter.

2.5 How long do we keep your data?

Your data is retained for 2 years after your last interaction with the newsletter, unless you unsubscribe earlier.

2.6 With whom do we share your data?

Your data is stored and processed via Brevo, a GDPR-compliant platform whose servers are located in the European Union.
Access is strictly limited to authorized teams at IFEA SAS and LPI.

2.7 What are your rights?

In accordance with the GDPR, you have the following rights:

• Access to your data,
• Rectification, update, or deletion,
• Restriction of processing,
• Objection,
• Data portability.

You can exercise your rights by writing to:

• IFEA: dpo@ifea.education
• LPI: dpo@learningplanetinstitute.org