Personal data protection
INSEE undertakes to ensure that the processing of personal data it carries out for statistical purposes complies with the Ouvrir dans un nouvel ongletGeneral Data Protection Regulation (GDPR) and the Ouvrir dans un nouvel ongletData Protection Act.
Data protection policy
Each processing operation limits the collection of personal data to what is strictly necessary (data minimisation) and is accompanied by information on:
- the objectives of the data collection (purposes);
- the legal basis for processing;
- the mandatory or optional nature of data collection and the recapitulation of the categories of data processed;
- the source of the data;
- the categories of persons concerned;
- the recipients of the data;
- the duration of data conservation;
- security measures (general description);
- the possible existence of data transfers outside the European Union or automated decision-making;
- Ouvrir dans un nouvel ongletData protection rights and how to exercise them with INSEE.
The personal data that INSEE collects or holds for statistical processing are subject
to strict rules and measures guaranteeing their security and confidentiality.
All persons having access to the collected data are bound by statistical confidentiality. Like all public servants, INSEE employees are also subject to the legislative and regulatory rules on professional secrecy and the obligation of confidentiality, which apply to the files and information they become aware of in their work.
How to exercise your rights
Data on companies
The right to non-disclosure of data from the directory of companies and establishments for which Insee is responsible (Sirene) is available to natural person who request it in accordance with Article 21 of the General Data Protection Regulation. This right is also available to legal entities, but only in certain very specific cases (joint ownership, joint ventures, armaments companies, associations of elected representatives).
Persons wishing to exercise their rights regarding the release or non-dissemination of their company's data should refer to the links below:
- Individual entrepreneurs (natural persons) who wish to be included in the Sirene public dissemination lists to make their company's information accessible from the Internet must follow the procedure indicated by clicking here;
- Individual entrepreneurs (natural persons) who no longer wish to be included in the Sirene public dissemination lists should follow the procedure indicated by clicking here;
- Persons wishing to exercise their rights in the case of a ceased individual enterprise (ceased natural person) or a legal entity eligible for non-public dissemination of the register (joint ownership, joint venture, armaments companies, associations of elected representatives) must use the form accessible from the page Request further information on the Sirene directory.
Data on deceased persons
Relatives of deceased persons may object to the dissemination by third parties of data on deaths made available by Insee on its site or that of the Ouvrir dans un nouvel ongletOpen Platform of French public data, on the grounds of directives defined by these deceased persons during their lifetime. To facilitate the application of their rights Ouvrir dans un nouvel ongletunder Article 85-I of the French Data Protection Act, relatives of deceased persons may request that the death(s) concerned be registered Ouvrir dans un nouvel ongletin the file of objections to dissemination, by sending an e-mail to firstname.lastname@example.org.
For any other information or to exercise Ouvrir dans un nouvel ongletyour rights regarding the processing of personal data by Insee, you may contact (with a copy of your identity card if you wish to exercise your rights):
either directly Insee by e-mail at the following address:
or its Data Protection Officer (DPO)by e-mail at the following address:
NOTE: the right to erasure does not apply to processing operations in the public interest, nor does the right to object to statistical processing operations in the public interest (Articles 17(3)(b) and 21(6) of the Ouvrir dans un nouvel ongletGeneral Data Protection Regulation).