Privacy Policy

Last update: 25.11.2025

What is the purpose of this policy?

Vygon, the operator of the campus.vygon.com website, attaches great importance to the protection and confidentiality of your personal data. This privacy policy reflects our commitment to complying with applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).

It aims to provide you with clear information on how and why we process your data in connection with the training services offered on the Campus website.

Who is this policy for?

This policy applies to you, regardless of your place of residence, if you are a user (learner, trainer, administrator) or visitor to the campus.vygon.com website.

Why do we process your data?

As part of the Campus platform, we process your personal data for the following purposes:

  • Creation and management of your user account (access to the platform, management of rights, training monitoring)
  • Educational monitoring and issuance of certificates (training history, results, progress)
  • Management of communications (invitations, notifications, reminders, satisfaction surveys)
  • Improvement of the platform (usage statistics, feedback)
  • Management of requests for assistance or exercise of rights
  • Cookie management (see our dedicated cookie policy)

Your data is collected directly from you when you register or use the platform. It is never sold to third parties. However, it may be shared with distributors of Vygon products, who are considered re . These recipients are subject to strict contractual confidentiality and security obligations.

What data do we process and for how long?

We have summarized the categories of personal data that we collect and their respective duration of retention.

If you wish to obtain further details on the durations of storage applicable to your data, you can contact us at the address: gdpr@vygon.com.

  • Professional identification data (e.g. last name, first name, position, company, etc.) and contact data (e.g. email address and business phone number, etc.) kept for the entire duration of the provision of the service, plus the legal statute of limitations, which is generally 5 years.
  • Email address in the context of our commercial prospecting campaigns by email kept for a maximum of 3 years from the last contact we had with you.
  • Phone number in the context of our telemarketing campaigns kept for a maximum period of 3 years from the last contact we had with you.
  • Email address to receive our newsletter kept until the end of your subscription to the newsletter.
  • Statistical data relating to the viewing of our videos which is anonymized and stored indefinitely.
  • Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.
  • Cookies which are generally kept for a maximum of 13 months. For more details on how we use your cookies, you can consult our Cookie Policy, which can be accessed at any time on our website.

Once the retention periods described above have expired, the deletion of your personal data is irreversible and we will no longer be able to provide it to you after this period. At most, we may only retain anonymous data for statistical purposes.

Please also note that in the event of litigation, we are required to retain all of your data for the duration of the processing of the case even after the expiration of the retention periods described above.

What data do we process and for how long?

Data categoryExamplesRetention period
Identification dataLast name, first name, email address, company, job titleAccount usage period + 3 years (statute of limitations)
Connection dataLogs, IP address, login history1 year
Educational datacourses taken, results, certificatesAccount usage period + 3 years
Communication dataemails, messages, surveys3 years from last contact
Cookiessee cookie policy13 months maximum

At the end of these periods, your data is irreversibly deleted or anonymized, unless there is a legal obligation or dispute.

What are your rights?

You may exercise the following rights at any time:

  • Access your data and obtain a copy
  • Rectification of inaccurate or incomplete data
  • Deletion (“right to be forgotten”) of your non-essential data
  • Restriction of processing in the event of a dispute
  • Portability of your data (in a structured format)
  • Objection to processing on legitimate grounds
  • Withdrawal of consent (for optional communications)
  • Post-mortem instructions regarding the fate of your data

To exercise your rights, contact us at: gdpr@vygon.com. Proof of identity may be requested.

Who can access your data?

Your data is strictly accessible to:

  • Authorized Vygon teams (training, IT, support)
  • Our IT service providers (hosting, maintenance), who are under contract and monitored for GDPR compliance
  • Vygon product distributors

Is your data transferred outside the European Union?

Some of our service providers may be located outside the EU. In this case, we ensure that appropriate safeguards (Standard Contractual Clauses, additional measures) are in place. For more information, please contact us at gdpr@vygon.com.

How do we protect your data?

We implement all necessary technical and organizational measures to ensure the security of your data (access control, encryption, backups, audits, staff training).

Who should you contact if you have any questions?

Our Data Protection Officer (DPO) is available to assist you: gdpr@vygon.com

For any complaints, you can also contact the CNIL (French Data Protection Authority) at 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07

Can this policy change?

We may modify it at any time to adapt it to legal or functional changes. You will be informed of any substantial changes.