Privacy Policy & Data Protection

This notice describes why we, at the European Institute of Digital Law (hereinafter referred to as EIDL) gather and use your personal data when:
• you choose to accept the cookies on our website www.eipa.eu;
• you register for our courses and other paid activities;
• you access EIPA’s contractual activities;you register for and attend an EIPA event;
• you download our general or one of our course brochure
• you register for our Monthly newsletter and/or regular course mailings

Article 1 – Definition of Personal Data

When you participate in a EIDL training course, we may ask you to provide personal data. The term "personal data" refers to any information or set of information related to your private or professional life that allows you to be identified (directly or indirectly). In the context of our training programs, this includes the information necessary for your registration (name, surname, date of birth), as well as any other details you choose to provide.

Article 2 – GDPR Compliance

‍The website ensures the collection and processing of personal information in compliance with privacy regulations, including: the French Data Protection Act No. 78-17 of 6 January 1978; the French Law on Confidence in the Digital Economy No. 2004-575 of June 21, 2004; the Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, OJ 1995 L 281/31; and the General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ 2016 L 119/1, which has been applicable across the European Union since May 25, 2018.

The General Data Protection Regulation (GDPR) governs the processing and circulation of personal data, which companies use to offer services and products. It establishes rules concerning the protection of individuals with regard to the processing of personal data and rules on the free movement of such data.

The GDPR aims to enhance both the protection of individuals whose personal data is processed and the accountability of those handling such data. It also seeks to standardize European legal regulations on personal data protection, ensuring a uniform framework across all EU Member States.

Under the GDPR, the User has the right to access, rectify, delete, and object to the processing of their personal data.

Article 3 – Data Controller

The entity responsible for collecting and processing your personal data is EUROPEAN INSTITUTE OF DIGITAL LAW, a simplified joint-stock company registered with the Paris Trade and Companies Register under number 80 477 161, with its registered office at 50 rue Rodier 75009 Paris.

Article 4 – Collection and Processing of Personal Data

Only data that is necessary and relevant to the intended purposes is collected, in accordance with the principle of proportionality, to improve the quality of the products and services we offer.

Your personal data is collected and processed for one or more of the following purposes:
• Managing your participation in a training course and responding to any inquiries regarding your participation and the use of your personal data.
• Complying with our legal and regulatory obligations.

During data collection, we will inform you whether certain data fields are mandatory or optional. We will also specify any potential consequences of failing to provide certain information.

Access to your personal data is strictly limited to employees responsible for implementing the project. Additionally, your data may be disclosed to public authorities exclusively to meet our legal obligations, as well as to legal professionals and judicial officers.

Article 5 – Transfer of Personal Data

Your personal data will not be sold, rented, or exchanged with third parties. If we need to share your personal data with third parties, we will inform you and seek your prior consent. You will be free to accept or refuse.

However, we reserve the right to share fully anonymized and aggregated data with third parties, meaning data that does not allow direct or indirect identification in any way.

Article 6 – Data Retention Period

Personal data is stored and retained for the period necessary to achieve the purposes pursued by the company, which is a duration of three (3) years.

However, data required to establish proof of a right or contract will be retained for the legally prescribed duration in compliance with applicable laws.

Article 7 – Data Security

We take all necessary precautions, as well as appropriate organizational and technical measures, to safeguard the security, integrity, and confidentiality of your personal data. This includes preventing unauthorized access, alteration, damage, or disclosure to unauthorized third parties.

Article 8 – Data Hosting

Your data is stored on the servers of Webflow, located in the United States.

Webflow is certified under the EU–U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework, and the UK Extension to the EU-U.S. Data Privacy Framework. Additionally our DPA contractual clauses as its transfer mechanism to export data from Europe. Webflow’s Data Processing Addendum includes the EU Standard Contractual Clauses, the UK’s International Data Transfer Agreement and includes the contractual requirements placed on processors under the GDPR. Our Data Processing Agreement is available to all customers regardless of their plan selection and incorporated by reference in our Terms of Service by default.

Article 9 – Consent

By choosing to provide your personal data for participation in the project, you expressly consent to its collection and processing in accordance with this charter and applicable laws.

Article 10 – Access to Personal Data

In accordance with French Data Protection Act No. 78-17 of January 6, 1978, and the GDPR, you have the right to access, rectify, or delete your personal data through an online access portal. You may also contact Olivier Fade, the data processing officer:
• Email: o.fade@eidl.eu
• Postal Address: 50 rue Rodier, 75009 Paris

You may also request the restriction of data processing or object to data processing for legitimate reasons.

Article 11 – Data Portability

You have the right to the portability of the personal data you have provided, including data you have actively and knowingly shared while accessing and using our services, as well as data generated by your activities. However, this right does not apply to data collected and processed based on legal obligations other than consent or contract execution.

This right can be exercised free of charge at any time, including when closing your account, to recover and retain your personal data. We will provide your personal data in an open, standardized, and machine-readable format.

Article 12 – Filing a Complaint with
a Supervisory Authority

You are informed of your right to lodge a complaint with a competent supervisory authority, such as the Commission Nationale de l'Informatique et des Libertés (CNIL) in France, in the Member State of your habitual residence, place of work, or where the alleged violation occurred, if you believe that the processing of your personal data under this Charter violates applicable regulations.

This right does not preclude other administrative or judicial remedies. You may also seek judicial or administrative redress if you consider that the processing of your personal data under this Charter violates applicable regulations.

Article 13 – Amendments

We reserve the right, at our sole discretion, to modify this Charter at any time, in whole or in part. Such modifications will take effect upon publication of the updated Charter. Your continued use of the EIDL platform after the modifications take effect constitutes acknowledgment and acceptance of the updated Charter. Otherwise, if you do not agree with the revised Charter, you must cease using the EIDL platform.

Article 14 – Effective Date

This Charter came into effect on January 25, 2025.

Stay updated on the latest European digital regulations and reduce your legal risk

EIDL brochure

Download our brochure

Legal notice General Terms Privacy Cookies