The Laboratoire national de santé (LNS) is committed to meeting the needs of patients and ensuring that their privacy is protected.
In this respect and in accordance with the European Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, also known as the General Data Protection Regulation (GDPR)) and the law of 1 August 2018, the LNS, as data controller, has drafted a data protection policy that applies to both its analytical laboratory activities and its website.
In order to ensure compliance with these regulations and your privacy, the LNS has appointed a Data Protection Officer (DPO) whom you can contact at the following address: dpo@lns.etat.lu
The LNS is a public institution under the supervision of the Ministry of Health. Its head office is located at 1, rue Louis Rech, L-3555 Dudelange.
The purpose of the LNS is :
The LNS needs to collect your personal data for the following activities:
The following data is collected:
This personal data may be collected directly from you during your appointment at the LNS, for example.
It may also be collected indirectly through partners or clients (hospitals, doctors, private laboratories, etc.) who need to use the LNS’ expertise. In this case, a secure transmission of your data is ensured.
Your personal data will be subject to computer processing which may be based on Article 6 1. e) of the GDPR. Indeed, the LNS is entrusted with a mission of public interest by the Ministry of Health. The processing of your data may also be based on a legal obligation (art. 6 1.c)) or justified by a legitimate interest (art. 6 1.f)) and even on your consent (art. 6 1.a)).
The processing of health data by the LNS is carried out:
The LNS only processes personal data that are strictly necessary for the purposes of carrying out the services requested in relation to your care and administrative processing and its other legal obligations such as reporting infectious diseases to the Director of Health, reporting to the Caisse national de santé (CNS), etc.
The LNS is the recipient of your data.
In order to carry out its missions, the LNS may transfer your personal data to its partners and/or subcontractors, in particular in the context of
The list of LNS subcontractors (List of third parties_20211105) is available upon request to the DPO.
LNS partners include, but are not limited to, physicians, private and public health care and medical institutions, laboratories, and the public administration.
Your personal data may be transferred outside the European Economic Area (EEA) provided that security and confidentiality guarantees are equivalent to those practised in the EEA are put in place.
Personal data collected by LNS directly or indirectly is kept for at least ten (10) years on the LNS’ active database.
At the end of this period, your data is archived in an archive database with limited access rights until the expiry of the common law period, i.e., thirty (30) years (art. 2262 of the Civil Code).
You have the right to request access to your personal data and to obtain a copy of it and, in the event that your personal data is incomplete or incorrect, to have it rectified. You also have the right to limit the processing of your personal data, the right to object to their use, the right to obtain their portability as well as the right to obtain their deletion, under the conditions and within the limits provided for by the General Data Protection Regulation.
You may request to exercise the rights listed above by submitting a written and signed request, with proof of your identity, to the LNS DPO at the following address:
Laboratoire national de santé
Att. Data Protection Officer
1, rue Louis Rech
L-3555 Dudelange
Or by e-mail to the following address: dpo@lns.etat.lu.
Your request will be dealt with within a suitable time.
Finally, you can lodge a complaint with the National Commission for Data Protection (“CNPD”) if you feel that your rights have not been respected: https://cnpd.public.lu/fr.html.
When you browse the LNS website, the LNS may collect and use some of your personal data in its capacity as data controller.
The personal data collected via the LNS website allows us to:
We collect your personal data when you browse this website (via cookies) and when you use the services offered on this website (e.g., contact request).
When you fill in a contact form or respond to an advertisement on our website according to your profile. This may include the following data:
Some data is collected automatically as a result of your visit to the site, through the use of cookies.
Several types of cookies are used by the LNS website:
Social networks may collect data relating to your browsing on our site and associate it with data about you that they hold.
We invite you to consult the privacy protection policies of these networks in order to learn about the purposes of use, particularly advertising, of the browsing information they may collect thanks to these application buttons.
Some of your personal data may be shared with some of our service providers, who work with LNS in particular to
We undertake to share this data only with these service providers.
We endeavour to keep your personal data for no longer than is necessary for the purposes set out here or as required by applicable law.
Data collected by cookies is retained for a maximum of two (2) years.
Non-cookie data is retained from the time of collection for the time strictly necessary for processing and is then deleted.
The processing of your data collected on our site is based on legal grounds:
In accordance with the regulations, you have the right to access, rectify, object to, delete and port your data collected via this website.
To exercise your rights, contact the LNS Data Protection Officer (DPO) at the following e-mail address: dpo@lns.etat.lu or at the following postal address:
Laboratoire national de santé
Attn. Data Protection Officer
1 rue Louis Rech
L-3555 Dudelange
If you feel that your rights are not being respected, you may also make a complaint to the National Commission for Data Protection (“CNPD”), https://cnpd.public.lu/fr.html.