This policy is intended to inform you about how LUXINNOVATION GIE, Economic Interest Group, registered with the Luxembourg Trade and Companies Register under number C16 (LUXINNOVATION), having its registered office at L-4362 Esch-sur-Alzette, 5 avenue des Hauts Fourneaux, collects and processes personal data pertaining to the visitors (the Visitors) of its website, located at the following URL: (the Website).

What personal data does LUXINNOVATION process and for what purposes?

LUXINNOVATION does not collect personal data other than those Visitors voluntarily provide on the Website (i.e. name, first name, contact details including the email address, function and organisation, texts) (the Personal Data), either when they sign up for newsletters or send a contact request.

Personal Data collected on the Website will be processed by LUXINNOVATION for the following purposes:

  • promote LUXINNOVATION activities (sending of newsletters, magazines and brochures, sending of invitations to events, etc.). If Visitors do not wish to receive marketing emails, they may follow the “unsubscribe” instructions included within each email communication ;
  • communicate with the Visitors and provide them with the information requested ;
  • processing of access, rectification and opposition requests, and other rights with respect to Personal Data;
  • claims and litigation management.

The processing of the Visitors’ Personal Data is necessary for LUXINNOVATION to provide them with the services they requested, as well as to enable LUXINNOVATION to fulfil its public service missions. These purposes constitute the legal basis for the data processing carried out by LUXINNOVATION.

Who are the data recipients?

Visitors’ Personal Data will be processed internally by duly authorised persons, within the limits of their respective attributions.

They may also be communicated to LUXINNOVATION’s institutional partners (employer federations, ministries, public sector bodies, embassies, trade organisations) or non-institutional partners (businesses, training organisations, service providers) particularly for the joint organisation of events (economic missions, conferences, etc.).

How does LUXINNOVATION ensure the security of Personal Data?

Visitors’ Personal Data will be processed by LUXINNOVATION as a data controller, in accordance with the rules set by European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 relating to the protection of natural persons and the processing of personal data (hereafter “GDPR”).

LUXINNOVATION undertakes to implement technical and organisational security measures to ensure the protection of Visitors’ Personal Data against the risks associated with the use of information systems.

LUXINNOVATION follows generally accepted security standards to help protect Visitors’ Personal Data. However, no method of transmission over the Internet, or of electronic storage, is 100% secure. Therefore, LUXINNOVATION cannot guarantee the absolute security of the Personal Data.

Personal Data is kept for a period of three years from their collection by LUXINNOVATION or the last contact from the Visitor.

What are the Visitors’ rights?

In accordance with the current data protection legislation, the Visitor or, as the case may be, his beneficiaries who can prove they have a legitimate interest, are entitled to obtain, free of charge:

  • access to the personal data concerning the Visitor,
  • confirmation that the Visitor Personal Data is or is not being processed,
  • information concerning at least the purposes of the processing, the categories of data to which the processing relates and the recipients or categories of recipients to whom the data are communicated,
  • communication, in an intelligible form, of the data being processed, as well as any available information on the origin of the data.

The Visitor (or, as the case may be, his beneficiaries) also has a right to rectify his/her personal data and a right to object to the collect and processing of such data, on the basis of compelling legitimate grounds.

These rights may be exercised by an email addressed to the following address:
The Visitor is also entitled to request the erasure of all or part of the data or a restriction of the processing, object to the processing or make use of its right to data portability, within the limits provided by the applicable rules. In the event of a breach of the data protection rules, the Visitor may also lodge a complaint before a supervisory authority such as the National Commission for Data Protection (CNPD).