File a Report


In which Cases?

If you are not satisfied with the response to your Data Subject Right Request, or if you wish to report other instances of non-compliant processing, including a data breach, you may file a report with the Data Protection Office (DPO).

You can do this even if the (potential) misprocessing or data breach do not concern directly your personal data.

Submitting a Report

Below you find a link to a form allowing you to submit your report.
If it concerns your data subject right request, don't forget to indicate the reference number of this request.

Handling of your Report

The ODP will evaluate your report, carry out any necessary investigations and, where it deems appropriate, recommend remedial action at the attention of the services concerned.

Data Breaches will be subject to a specific handling, involving CERN's computer security team, following CERN's Data Breach Response procedure.

In case of a reported misprocessing, depending on the circumstances, the ODP will forward your report to the services concerned so that they are able to provide explanations. The ODP will assess the compliance of the processing and, if necessary, recommend corrective measures to the services.

If you are afraid of possible disadvantages, the ODP can communicate the case to the serviced without disclosing your identity, and act as a middle-man between you and the service for confidentiality reasons. This is obviously not possible if the purpose of your report involves your own personal data.

CERN's legal framework does not prescribe a delay to handle reports, however the ODP will do its best to do this as swiftly as possible.

You, and if applicable the services concerned, will be informed about the outcome of the evaluation by the ODP.
And in case the personal data concerned is your own, the ODP will advise you also of your right to lodge a formal complaint


Do you need advice concerning data protection at CERN?

⇒ Submit your question by opening a ticket in CERN's Service Portal

Office of Data Privacy
Data Privacy Adviser