Who does this privacy statement refer to?
This statement is applicable to alumni. We define alumni as all those who have graduated from Vrije Universiteit Amsterdam.
How do we handle personal information?
Vrije Universiteit (VU) Amsterdam respects the personal information of alumni. Personal information is processed and secured with the General Data Protection Regulation (GDPR). This privacy statement will inform you on the use and processing of personal information collected by VU Amsterdam.
What personal information is processed by VU Amsterdam?
VU Amsterdam processes personal information in the meaning of article 1, sub a, GDPR. Personal information means all data which can inform about an identifiable, natural person. The following personal information is processed: name, gender, address, email, phone number, date of birth, student number and VUnetID.
Who is responsible for processing data?
In the meaning of the GDPR, VU Amsterdam is responsible for all data processing. This means VU Amsterdam decides which personal information is processed, for what purpose and in what way. VU Amsterdam is responsible for the careful and proper processing of your personal information.
To what purpose processes VU Amsterdam the personal information?
- Maintain contact with our alumni.
- Offer relevant services pertaining to the alumni’s career and continuing professional development within their field.
- Continuing the sharing of knowledge and networks after graduation and inform about relevant news and background information about VU Amsterdam.
- Evaluating curricula, programmes, career prospects and evaluating the current curricula and the current programmes.
- Recognising alumni and safeguarding internal data quality to that end. This means we request more information than just an email in order to be sure that our information and benefits only reach our alumni and because we want to prevent wrongful processing of this information.
What is the legal basis for the processing of personal information?
VU Amsterdam must justify the use of your personal information by being conform with the legal basis from article 6 of the GDPR. According to this article VU Amsterdam is allowed to process your personal information on the basis of consent (art. 6, part 1, sub a GDPR) or legitimate interest (art. 6, part 1, sub F GDPR).
How is the processing and storage of this data secured?
VU Amsterdam guarantees fitting technical and organisational measures in order to prevent the loss of personal information or unlawful processing. This means that (personal) information is encrypted during transfer and that the transfer of (personal) information occurs on a secure connection.
How long does VU Amsterdam save your personal information?
In accordance with the purposes (art 5, part 1, sub c GDPR) and the long lasting relationship with alumni we save their personal information for a period of 60 years.
This period comes from article 24R of the ‘wet op het Onderwijstoezicht’. This law states that in order to maintain and correctly process our alumni degrees, the degree information can be saved up to 60 years after the degree has been issued.
If you no longer wish to maintain contact or if an alumni has died we will delete all contact and complementary information outside of the information the law requires us to save (anonymous: on behalf of the archive).
Do you keep track of the processing activities in a register?
As the responsible party, VU Amsterdam keeps a register of the processing activities which fall under the responsibility of VU Amsterdam (art 30 GDPR).
Your privacy rights
You have the right to access your personal information and the right to request correction or removal of your personal information. You can do this request by starting a written procedure. VU Amsterdam processes your request within 8 weeks. You can send your written request to the CRM office of VU Amsterdam (email@example.com).
Contact information for more information and the data protection officer
For questions concerning the processing of your personal information you can contact the data protection officer (firstname.lastname@example.org).