What are the duties I have to meet at the university?
The General Data Protection Regulation (GDPR) entails obligations for the organization and its employees.
On this page the most important duties for the organization and its employees are explained. Including the processing register, agreements with third parties and the privacy statement, for the organization and its employees explained.
Who has what responsibilities within our information?
The Strategy Data Protection describes our organizational structure and responsibilities. A Working Group on Privacy and Security and a Data Protection Officer have been appointed. In addition, Data Representatives have been appointed who can advise and support the employees.
How is the transfer of data outside Tilburg University arranged?
The GDPR obliges us to make proper arrangements with third parties regarding the care of processing personal data and the determination of responsibilities.
When is data processing legitimate?
The most important duty resulting from the GDPR is to guarantee the principle of legitimacy in all data processing.
How long may you keep personal data?
The content of a digital or paper file contains a lot of information about a person. In order to be able to keep proper records and perform its services, Tilburg University must therefore retain certain personal data for a certain period of time. However, this data may not be kept longer than necessary.
What does Tilburg University do about data security?
The CERT team (Computer Emergency Response Team) contributes to good IT security on campus. The aim of CERT is to act in the event of security incidents that disrupt services to such an extent that rapid and adequate action is necessary to reduce damage to computers and/or networks as much as possible and to restore services.
How does Tilburg University deal with data leaks?
Tilburg University is obliged to register data leaks and (in a number of cases) report personal data to the Authority. There is a short legal deadline for this; the notification must take place within 72 hours after the discovery.
How does Tilburg University account for its data processing?
De AVG legt meer verantwoordelijkheid bij organisaties om aan te tonen dat ze aan de privacyregels voldoen. By complying with this accountability, they make an important contribution to the protection of people's fundamental right to privacy.
How does Tilburg University inform about its processing of personal data?
The GDPR requires organizations to be transparent to the data subject about the processing of personal data they carry out. Transparency means that it is clear to the data subject that his or her personal data is collected, used, consulted or otherwise processed, why and by whom.