Nyenrode Business Universiteit (NBU) attaches great importance to the protection of personal data and the manner in which personal data are processed. Attention is paid to information security and the protection of privacy within all NBU processes and activities. The framework for policy determination has been created on the basis of legal requirements, including the Personal Data Protection Act (Wet bescherming persoonsgegevens), the General Data Protection Regulations, and ICT quality management standards.
NBU processes personal data for legitimate purposes only and on the basis of a lawful principle. The personal data of students, staff, or other data subjects are processed in the least invasive manner and in reasonable proportion to the intended purposes. NBU has organized its ICT operating processes and educational logistics such that the quality of the processing and the security of personal data are continually optimized. Due consideration is given to a proper balance between privacy, functionality, and security.
Personal data may be collected for the following purposes: sending information about the study program, information sessions, publications, etc. Besides educational purposes, data are also processed with a view to rankings and accreditations. In these latter cases, the student’s consent is always requested prior to processing.
Personal data are not provided to third parties unless legislation requires this of NBU and/or there is a processing agreement between NBU and the external party or parties. NBU always strives for consistency in the objective by which the data are obtained and their use in day-to-day educational practice.
This privacy statement was updated on February 21, 2018