Home
Legal
Privacy policy

Privacy policy

Website Privacy

Introduction

The American School of Paris (ASP) respects the privacy of every individual who visits this website. We have created this statement to demonstrate our commitment to your privacy. This policy outlines the information that the American School of Paris may collect about you from your visit to our website and how that information will be handled. The school reserves the right to alter this policy at any time by posting a new privacy policy at this location.

The new ASP Data Protection Policy, that takes into account the GDPR can be read in below.

Definition

The www.asparis.org is defined as publicly accessible and password/login protected pages hosted under the domain asparis.org. ASP is not responsible for the privacy practices of external sites linked from or referenced by asparis.org. This policy applies solely to information collected by this website.

Personal Data

ASP will not collect any personally identifiable information about you, such as name, address, telephone number, or e-mail address ("personal data") through this site unless you have provided it voluntarily. If you do not want your personal data collected, do not submit it. When you do provide personal data, that information may be used in the following ways, unless stated otherwise:

  • to fulfill a request you have made
  • to update your school maintained record
  • to contact you

The school will not sell, rent, or market personal data about you to third parties.

Additional Information Collected Automatically

In some cases, this website may automatically (i.e., not via registration) collect information about you that is not personally identifiable. Examples of this type of information include the type of Internet browser you are using, the type of computer operating system you are using, the IP address of your computer, and the domain name of the website from which you linked to this site. This information is used solely to provide the school with overall statistics on website usage, and to evaluate generalized user demographics to help us make our site more useful to visitors.

Online Profile Updates

If you complete a profile update form and share your personally identifiable information, this data will be used only to fulfill your request, provide you with further information about our school or to contact you when necessary. For Alumni Finder, please refer to our Alumni webpage for specific information about privacy settings for this feature.

You may always opt-out of receiving future mailings. Although you cannot remove yourself from our database, you can prevent unwanted communication.

Information Placed Automatically on Your Computer - Cookies

When you view this website, some information may be stored on your computer. This information will be in the form of a "cookie" or similar file and will allow the website to tailor the experience to your interests and preferences. With most Internet browsers, cookies can be blocked or erased after visiting a website. Some aspects of this website may not function properly if your browser is set to block cookies.

Use of Text and Images

If you would like to publish information that you find on our website, please send your request to communications@asparis.fr. Downloading any photos of students or community members from our website is not authorized. Where text or images are posted on our site with the permission of the original copyright holder, a copyright statement appears at the bottom of the page. Information about using our logo and image is available in the Media Gallery.

Security

ASP takes every precaution to protect users' information. When users submit sensitive information via this website, it is encrypted and remains secure during all stages of transmission. The School complies with all French legislation requiring safeguards on specific types of information.

ASP Data Protection Policy

Introduction

The American School of Paris (ASP) requires certain personal data – including some that is sensitive – about its past and present employees, students, parents, legal guardians, alumni, and other community members, in order to function well as an international school, and as an employer in France.

This policy is intended to ensure that ASP protects all personal data in accordance with the EU General Data Protection Regulation (EU–GDPR), and other related legislation. It applies to data regardless of the way it is collected, used, recorded and shared, and irrespective of whether it is held in paper files or electronically.

This policy applies to all employees, trustees, volunteers, and others working on behalf of ASP (‘members of ASP’s working community’). All members of ASP’s working community involved with the collection, processing and disclosure of personal data should be aware of their duties and responsibilities and adhere to these guidelines.

Personal Data

Individuals at the American School of Paris may have access to a wide range of personal and sensitive data regarding other individuals, depending on their role in the School.

Personal data means any information about, or that may be used to identify, a living person. ASP recognizes that any such data belongs to that individual (‘data subject’), and NOT to ASP or any other person or organization with whom we may share it. The data subject must be provided with complete information concerning the use of their data, and have ultimate control over its use.

Personal data includes, but is not limited to:

  • information about members of the school community, such as their name, address, email address, phone numbers, health records and disciplinary records;
  • curricular or academic data such as attendance records, grades, comments on progress and achievement, reports and recommendations;
  • professional records such as employment history, taxation and social insurance records, confidential employee files and references;
  • data held as photographs, video clips (including CCTV footage) or as sound recordings;
  • any expression of opinion about an individual kept in a school file or system, or any indication of the school’s or someone else’s intentions towards an individual;
  • any other information that might be disclosed by parents, or by other individuals or agencies working with families or employees.

Under the EU-GDPR, special categories of personal data (‘sensitive data’) require additional protection: information that concerns or reveals a person’s political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, state of health, and sex life or sexual orientation. Data concerning children under the age of 15 is also subject to special protections.

Data Protection Principles

The EU–GDPR establishes six principles to which ASP is held accountable whenever it handles personal data. Personal data shall be:

  1. processed lawfully, fairly and in a transparent manner in relation to the data subject;
  2. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  3. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
  4. accurate and, where necessary, kept up to date;
  5. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed;
  6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.

The ASP Board of Trustees is ultimately responsible for ensuring that the necessary systems, policies and procedures are in place to ensure that all personal data is appropriately protected, and that all employee, trustees, volunteers, and others working on behalf of the American School of Paris who process or use personal data follow these principles at all times. To that end, ASP has developed this Data Protection Policy.

This policy does not form part of any employee’s contract, although it forms part of the policies accepted as a condition of employment and may be amended at any time. Any breach of this policy by employees may result in disciplinary action.

Security

In order to protect personal data from loss, theft and unauthorized access or disclosure, ASP will deploy necessary physical and technological security systems.

These systems and backup systems will be fully documented, regularly tested, and periodically audited.

All individuals who use technology provided by ASP will be required to comply fully with the respective protocols and procedures.

Policy Review

This policy will be reviewed as it is deemed appropriate, but no less frequently than annually by the Board of Trustees or a nominated representative.

Data Privacy Notice: Advancement at ASP

The Advancement Office works to engage ASP’s worldwide community of alumni, current and past parents, current and former faculty and staff, and friends; nurture relationships with and among the school’s constituents; secure charitable gifts for the school; and support the school’s mission to inspire and prepare every student to achieve personal and academic excellence. This notice outlines how the Advancement Office collects and uses data in its efforts to advance the school.

What personal data do we collect?
  • The Advancement Office collects and holds the following constituent data:
  • Names, contact details, and contact preferences;
  • Engagement with the school, including events attended and volunteer service;
  • Details of ASP education, including participation in school activities;
  • Relationship to other ASP community members;
  • Further and higher education, as well as employment and professional activities;
  • Current interests and activities, which may include selected media coverage;
  • Information on financial assets that is publicly available; and
  • Philanthropy and volunteering, including gifts and service to ASP.
How do we collect data?

The Advancement Office collects data provided through the school’s admissions process, event registrations, conversations with ASP staff and volunteers, and change-of-address and donation forms. In keeping with common practice among independent schools, we also update records with data collected from publicly available sources.

How do we use data?

In order to advance ASP’s mission, the Advancement Office uses the data it holds for:

  • School communications, including e-newsletters from the Head of School and Academic Directors, the ASPect magazine, and other correspondence promoting the school;
  • Alumni activities and programs, including event invitations, reunions, e-newsletters, alumni profiles, and networking;
  • Fundraising, including gift receipting and stewardship, mail and email appeals, segmentation and analysis, and volunteering assignments;
  • Volunteer recruitment and programs, including the Parent Faculty Association (PFA).
With whom do we share data?

In accordance with ASP protocols, the Advancement Office does not share personal data with third parties, other than those that process data on behalf of the school for specified, legitimate educational or operational purposes aligned with the ASP mission.

The Advancement Office may share data with school constituents who are working on behalf of the school to assist in volunteer programs, alumni activities, and fundraising efforts. For example, PFA liaisons and alumni class agents are provided with enough data to conduct their work. All volunteers sign a privacy agreement detailing the purposes for which the data can be used and the security measures that must be in place.

For more information

If you have questions about the Advancement Office’s use of data, please contact advancement@asparis.fr

Data Privacy Notice: Registration Pack

The American School of Paris (ASP) respects your data privacy rights and is committed to full compliance with the EU General Data Protection Regulation (GDPR). You have the right to be informed about how ASP uses the personal data we hold about you and your child(ren).

We collect, use, and hold only the personal data that is necessary for our specified, legitimate purposes as a school; ensuring that the data is accurate and up-to-date and kept for no longer than is necessary; that it is processed lawfully, fairly, and transparently, and is handled with appropriate protective security.

We only share personal data with third parties when it is necessary for specified, legitimate educational or operational purposes, aligned with the ASP mission. From May 25, 2018, we will only use external service providers that are fully GDPR compliant and will provide up-to-date information regarding their compliance, for your reference.

We require the personal data requested on the forms in this registration pack to ensure that the intent of the ASP mission is realized through the provision of:

  • Sufficient classes, teachers, instructional resources, and programs for the next school year;
  • Appropriate transportation and health services; and
  • Efficient systems for invoicing, campus access control, and communication.
  • This data will be kept in accordance with ASP’s data retention policy and EU and French law, and then all copies of your data, electronic and paper, will be securely destroyed.

If at any time you wish to access, verify, or amend this data, or have any questions about its use, please contact: admissions@asparis.fr.

If you have concerns about ASP’s handling of your personal data, or wish to exercise any of your data subject rights under the GDPR, please contact: dpoversight@asparis.fr. You will receive a response as soon as possible, and in accordance with the GDPR.

ASP is accountable to the Commission nationale de l'informatique et des libertés (CNIL) as the supervisory authority for data protection in France. If needed, you can seek their assistance at: https://www.cnil.fr/fr/agir