The Privacy Statement applies to all TU Delft activities (including those via the website). We have included the most relevant information on each topic.
TU Delft takes the utmost care with personal data and in doing so acts within the law, including the General Data Protection Regulation (GDPR).
Data controller and responsibility
Under the GDPR, TU Delft is defined as the data controller. TU Delft considers it to be of essential importance that the personal data of its students, researchers, staff and visitors is processed and secured with the utmost possible care. TU Delft aims to be open about the way in which it processes your data. That is why this is explained below. In all cases, TU Delft aims to meet the requirements and obligations of the GDPR.
For what purposes does TU Delft process your personal data?
The personal data collected by TU Delft is used for operational purposes and to enable it to carry out its statutory tasks and responsibilities for education and research properly.
The most important processes for which TU Delft Users personal data are:
TU Delft records all processes in which personal data is processed in a register of processing activities.
Whose personal data does TU Delft collect?
In the processes listed above, TU Delft collects data from the following categories of parties:
What personal data does TU Delft collect?
Different personal data is collected in each process, the most frequent being the following:
TU Delft collects personal and other data directly from the individual involved, but it can also receive personal data via third parties insofar as this is in accordance with the law.
How does TU Delft ensure that personal data is handled confidentially?
TU Delft handles personal data confidentially. TU Delft takes appropriate technical and organisational measures to ensure that personal data is protected. TU Delft will only share personal data in accordance with this Privacy Statement and only with third parties if this is authorised and is done with care.
Providing and withdrawing permission
TU Delft offers some activities that require your explicit permission. This may, for example, include using your e-mail address to send a newsletter, promotional e-mails or your study characteristics for conducting research. Your data will be used only if you have given explicit permission for this. In this regard, you will always be notified of the purposes for which your data will be used, which data is involved and to whom it will be provided. If you give TU Delft permission to use personal data, you are also entitled to withdraw this permission at a later stage. Withdrawal cannot apply retrospectively. The requirement for permission does not apply if you are sent newsletters or e-mails within the context of your degree programme or appointment.
Sharing of data with third parties
Third parties may provide certain services, on behalf of TU Delft, in executing an agreement. TU Delft makes agreements with these data processors in order to guarantee confidential and careful handling of personal data. These agreements are laid down contractually in data processor agreements.
Personal data being processed as research data within a research project may be shared with research partners within that project. The processing of this personal data is done in accordance with the provisions of the GDPR related to the processing of research data.
Your personal data will not be sold to third parties. TU Delft can share your (personal) data with third parties if, for example, you yourself have given permission for this or if it is necessary to implement an agreement.
TU Delft provides personal data to enforcement authorities or organisations combating fraud if this is necessary in order to meet a statutory obligation.
The categories of third parties with which TU Delft shares data are:
Passing on your data outside the EU
In some cases, TU Delft provides personal data to countries outside the EU. This happens in the following situations: for communication with international students who intend to study at TU Delft, TU Delft students studying abroad and within the context of scientific research.
How long is data retained?
TU Delft retains your personal data in accordance with the GDPR. The data is retained in accordance with the statutory retention period and for no longer than is strictly necessary in order to achieve the purposes for which the data was collected.
How can you consult, correct or delete your data?
You can submit a request to TU Delft to consult or correct your data, clearly indicating that you are making the request on the grounds of the GDPR. You can also ask to have your data deleted, insofar as TU Delft is still able to meet its statutory obligations, such as the statutory retention periods. You must bear in mind that you may need to provide a copy of your proof of identity in order to verify your identity.
It is easy to create a secure copy of your proof of identity using the government’s ‘Kopie Id’ app that you can download from the appstore.
You are also entitled to submit a complaint about the use of your data to the Dutch Data Protection Authority.
TU Delft applies appropriate security technology in order to provide optimum protection for your personal data against unauthorised access or use. TU Delft reports any abuse or attempted abuse. In addition, TU Delft takes technical and organisational measures in order to secure personal data against unauthorised access.
General information on visits to our website is recorded, such as the most requested pages. This general information on website visits is intended to optimise the design of the website. TU Delft uses various tools to enable the website to function as effectively as possible, improve user convenience and obtain active feedback from users.
The TU Delft website includes links to other websites that are not part of TU Delft. TU Delft has no responsibility for the way in which these parties deal with personal data and therefore advises you to inform yourself of these parties’ privacy policies or to contact them for a more detailed explanation of their policy on the use of personal data.
If, after reading this information, you have specific questions or comments about TU Delft’s privacy statement, please do not hesitate to contact us. You can e-mail email@example.com to do this. The TU Delft Data Protection Officer can also be contacted at this e-mail address.