Key Benefits:
Minister of Defence,
Vu la Act No. 78-17 of 6 January 1978 modified on computers, files and freedoms;
Vu le Decree No. 2005-850 of 27 July 2005 bearing delegation of signature of members of the Government;
Vu le Decree No. 2005-1309 of 20 October 2005, modified by Decree No. 2007-451 of 25 March 2007, taken for application Act No. 78-17 of 6 January 1978 related to computing, files and freedoms;
Having regard to the receipt of the National Commission on Informatics and Freedoms dated 9 January 2008 bearing the number 1268631,
Stop it!
It is created in the Ministry of Defence, the General Delegation for Arming, an automated processing of personal data called "access management, schedules and restoration" implemented by the Technical Centre for Information Systems and whose purposes are:
― the schedule tracking;
– Access control and management;
– the management of the restoration of personnel and visitors to the establishments of the General Delegation for Arming.
The personal data categories recorded are those relating to:
I. ∙ For the monitoring of working time:
- identity (name of use, first name, sex, date and place of birth, photograph, professional telephone number, registration number)
- in the family situation (marital situation, number of children and year of birth);
- in professional life (employee organization, service or assignment, status, body, class, level, grade, step, administrative position, date of entry into the administration, date of entry to the Ministry of Defence, badge number, schedule plan, various leave);
― at work activity (day work schedule follow-up, time of presence, activity code number, activity characteristics, time spent by activity, overtime, actual overtime forecasts, absences and reasons, absence forecasts, individual periodic balances, management of benefits according to type and working time, flow/credit situation, date and week number).
The retention period of personal data relating to identity, family situation and professional life is not more than 10 years, with the exception of those relating to labour activity, which are retained for one year.
II. ― For access control and management:
1. Staff of the General Delegation for Arms:
- identity (name, maiden name, first name, date and place of birth, nationality, address, photograph);
- in the professional situation (service or assignment, grade or function, step, professional address, professional telephone number, authorization [type and date], presence/absence on site).
2. Business staff:
- identity (name, maiden name, first name, date and place of birth, nationality, address, photograph);
― to professional life (grade or function, index, company name, business address, professional telephone number, regular contact name, contract [number, date of termination or validity], authorization, authorized time ranges).
3. Visitors:
(name, maiden name, first name, civility, nationality, date and place of birth, [optional] status, personal address [optional]);
― to professional life (optional function), organization or partnership, SIRET number, business address, start and finish dates, arrival and departure times);
- the movement of persons (number of the badge or pass, date of creation and period of validity, colour and/or authorized traffic zones, person visited [name, first name, professional telephone number, membership agency, telephone number of the secretariat, name and telephone number of another possible contact], incidents (date, loss, theft or damage of the badge or pass);
- the identification of vehicles (number of the badge or laissez-passer, private or business, mark and type, registration number, holder of the access authorization, number of the access authorization, authorized parking space, date of establishment);
- the warning of visitors (name of use, name, civility, nationality, date and place of birth, organization or partnership, function, conduct to be held).
The personal data thus recorded shall be retained one year after the expiry date of the access authorization, with the exception of the warning that is retained until it is lifted, data relating to the movement of persons who are destroyed upon recovery and incidents that are retained 48 hours.
III. ― For the management of restoration:
- identity (name, first name, photograph);
- in professional life (employee organization, grade, service or assignment, group, step, registration number, telephone number, badge number, compensation index)
- catering (tariff with or without subsidy, passenger defence or defence, dates and hours of cash transfers, consumer summary, account balance).
The personal data thus recorded shall be retained one year after the individual's departure for the identity and professional life data and three months for the subsidy and consumer summary data. Variable information (date and time, account balance) is subject to an instant update at each bank crossing. However, in the event of a dispute, the information may be retained until the dispute is resolved.
The recipients of recorded personal data are, depending on their respective responsibilities and the need to know:
I. - For the monitoring of working time:
- hierarchical authorities;
- administrative and accounting services;
– the services managing the remuneration of the staff.
II. ― For access control and management:
- security services;
- the commander of the institutions concerned;
– the Arming Gendarmerie Brigade.
III. ― For the management of restoration:
- the authorized persons managing the catering service;
– customers of the catering service.
The right of opposition provided forArticle 38 of the Act of 6 January 1978 referred to above cannot be invoked as part of this treatment.
The rights of access and rectification provided for in sections 39 et seq. of the Act of 6 January 1978 referred to above shall be exercised:
- for the monitoring of working time with the human resources service of the institutions that have implemented the treatment;
- for the control and management of access to the security officer of the establishments that have implemented the treatment;
― for the management of restoration to the catering service of the establishments that have implemented the treatment.
The Deputy Director of Quality and Progress Management Information Systems is responsible for the execution of this Order, which will be published in the Official Journal of the French Republic.
Done in Paris, February 6, 2008.
For the Minister and by delegation:
Deputy Director of Information Systems
Quality and Progress Management
to the General Delegation for Arms,
Y. Demay
