Privacy Statement

Nyenrode Business Universiteit attaches great importance to the protection of personal data and the manner in which personal data are processed. Attention is paid to information security and the protection of privacy within all Nyenrode Business Universiteit processes and activities. The framework for policy determination has been created on the basis of legal requirements, including the General Data Protection Regulation and ICT quality management standards.

General principle

Nyenrode Business Universiteit processes personal data for legitimate purposes only and on the basis of a legal basis. The personal data of students, staff, or other data subjects are processed in the least invasive manner and in reasonable proportion to the intended purposes. Nyenrode Business Universiteit has organized its ICT operating processes and educational logistics such that the quality of the processing and the security of personal data are continually optimized. Due consideration is given to a proper balance between privacy, functionality, and security.

On this page, Nyenrode Business Universiteit describes how it handles personal data of visitors to its website (www.nyenrode.nl). For more information on the protection of privacy in other data processing by Nyenrode Business Universiteit, see, among others, the privacy policy for students and participants.

The Executive Board (CvB) of Universiteit Nyenrode B.V. (Nyenrode Business Universiteit) is responsible for the data processing described in this privacy statement. This means that the CvB decides which personal data will be processed, for what purpose and in what way. Nyenrode Business Universiteit is responsible for the careful and proper processing of your personal data.

Nyenrode Business Universiteit is established at straatweg 25, 3621 BG in Breukelen. Our postal address is PO Box 130, 3620 AC in Breukelen. For questions, please send an email to dataprotectionofficer@nyenrode.nl.

Personal data

Nyenrode Business Universiteit processes the following categories of personal data, depending on how you use the websites and associated applications and forms:

name: first name(s), initials, middle name(s), last name, title;
contact information: address, zip code, city, country, phone number, email address;
gender, date of birth, country and place of birth;
language preference;
LinkedIn URL;
financial data: bank account number/IBAN, credit card number, VAT number;
education level, work experience, employer, job title;
motivation letter, grade list and curriculum vitae;
dietary requirements; and
digital data: login data, passwords, log data, web pages visited, IP address, MAC address, cookie content, referrer URL, click and surfing behavior and device data.

Purposes and legal basis

Personal data may be collected and processed for the purpose of our services, in the context of education and research. We also have to comply with legal obligations for which we process your personal data. Personal data collected through the Nyenrode Business Universiteit website are processed for the following purposes:

enrollment in educational programs;
informing you about Nyenrode Business Universiteit’s courses and activities;
sending newsletters, brochures or other electronic messages;
support in orientation of study choice;
study guidance;
administration of registration and collection of (tuition) fees;
gathering management information for the purpose of education and information services and rankings and accreditations;
compiling user statistics;
securing and improving the website;
improving service delivery;
internal control and corporate security; and
implementing or applying laws and regulations.

Nyenrode Business Universiteit processes data on the following legal bases:

You have given your consent to the processing of your personal data. In that case, you have the right to withdraw your consent at any time;
The processing is necessary for the performance or conclusion of a contract to which you are a party;
The processing is necessary for compliance with a legal obligation to which Nyenrode Business Universiteit is subject; and
The processing is necessary for the purposes of fulfilling a legitimate interest.

Third parties

Personal data will not be shared with third parties, except when legislation requires Nyenrode Business Universiteit to do so and/or when there is a processing agreement between Nyenrode Business Universiteit and the external party/parties. At all times Nyenrode Business Universiteit strives for consistency in the purpose for which the data were obtained and their use in daily educational practice.

The Nyenrode Business Universiteit website contains links to other (external) websites. Nyenrode Business Universiteit is not responsible for the privacy policies on such websites. We encourage our users to familiarize themselves with the privacy policy of any website that collects personally identifiable information. This privacy statement relates only to data collected on this website.

When you give consent, Nyenrode Business Universiteit and third parties, including social media networks and/or ad networks, may place cookies on your computer, phone or tablet. These networks can thus see your internet behaviour and use it for their own purposes. See the "Cookies" section for more information about this.

International transfer of personal data

Nyenrode Business Universiteit tries to process your data only within the European Union by storing your data on servers in the European Union as much as possible. Sometimes this is not possible, for example if (sub-)processors are located outside the European Union. In such situations, we provide appropriate safeguards that offer an adequate level of protection for your rights and freedoms as a data subject in accordance with the GDPR. We do this, for example, by concluding standard contractual clauses approved by the European Commission, or by only transferring your personal data to third parties that guarantee an adequate level of protection according to the European Commission.

Security of personal data

Nyenrode Business Universiteit takes appropriate technical and organizational measures to protect your personal data against loss and any form of unlawful processing.

Retention periods

Nyenrode Business Universiteit does not retain personal data longer than necessary for the purposes for which the personal data is processed. Some personal data must be retained for a specific period of time by virtue of a legal obligation.

Cookies

Nyenrode Business Universiteit uses cookies and similar techniques to measure information from its website visitors about the equipment and software used as well as information about the stay on the website. This information is not traceable to the identity of the user. Nyenrode Business Universiteit uses cookies to facilitate navigation on this website.

A cookie is a small text file that is stored on your device when visiting websites. Cookies can be accessed through your web server or your device. Nyenrode Business Universiteit places cookies on your device as the operator of the website. These cookies are called "first party" cookies. Some cookies may also be placed on your device by other parties, such as our advertisers or parties that place cookies to display certain content on our websites (for example, videos). These cookies are called 'third party' cookies.

The following functional, analytical and tracking cookies or similar techniques may be used on the website:

Name	Provider	Purpose and description	Retention period
_clck	Microsoft Clarity	Analytics. This cookie is installed by Microsoft Clarity to store information of how visitors use a website and help in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from and the pages visited in an anonymous form.	1 year
_clsk	Microsoft Clarity	Analytics. This cookie is installed by Microsoft Clarity to store information of how visitors use a website and help in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from and the pages visited in an anonymous form.	1 day
_fbp	Facebook	Tracking. This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.	3 months
_ga	Google	Analytics. This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.	2 years
_ga_HJN7CJEE	Google	Analytics. Used to distinguish users by Google Analytics – third-party analytics cookies: google analytics for statistical purposes.	2 years
_dc_gtm_UA-89549-1	Google	Analytics. Google Tag Manager cookie for controlling the loading of a Google Analytics script tag.	Session
_gcl_au	Google	Tracking. To store and track conversions.	3 months
_gid	Google	Analytics. This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session and campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.	1 years
_uetmsclkid	Microsoft Bing	Tracking. The anonymous data from this cookie come together in a central ad server. With the information, ads can be personalized and targeted (e.g. your last viewed product).	3 months
_uetsid	Microsoft Bing	Tracking. The anonymous data from this cookie comes together in a central ad server. With the information, ads can be personalized and targeted (e.g. your last viewed product).	Session
_uetvid	Microsoft Bing	Tracking. The anonymous data from this cookie comes together in a central ad server. With the information, ads can be personalized and targeted (e.g. your last viewed product).	1 month
cookie-consent-status	Nyenrode	Functional. Give / refuse consent.	Indefinite
NyenrodeLanguage	Nyenrode	Functional. Language settings.	1 year
NyenrodePrograms	Nyenrode	Functional. Used for comparison tool on website.	1 day
sf_abtests	Sitefinity	Tracking. Once you start an A/B test, this cookie stores the IDs of the page variations, already visited by contacts.	Indefinite
sf_site	Sitefinity	Functional. In multisite environment, remembers the ID of the current site.	1 year
sf_timezoneoffset	Sitefinity	FUnctional. Stores the value of the UTC time zone offset for the particular user, that is, the timezone difference between UTC and the user's local time, in minutes. This cookie is stored only for logged in users.	1 year
sf_data-intell-subject	Sitefinity	Tracking. To report tracking data for one and the same person across different sessions consistently.	1 year
sf-prslu	Sitefinity	Tracking. Saves the landing URL.	1 year
sf-prs-ss	Sitefinity	Tracking. Holds the time of first page visit.	1 year
sf-prs-vu	Sitefinity	Tracking. Saves the visited URLs that are part of personalization segments.	1 year
sf-tracking-consent	Sitefinity	Functional. Saves the tracking consent choice, made by visitors.	Indefinite

This privacy and cookie statement does not apply to the use of cookies by third parties. We cannot guarantee that these third parties will handle your (personal) data in a reliable or safe manner and are therefore not responsible for this. For more information about how these third parties handle your (personal) data, please refer to the privacy policies of these third parties.

We use cookies and/or similar technologies from LinkedIn on our website so that we can show ads on LinkedIn. We also show videos on our website that are embedded from YouTube. When you view these videos, YouTube may place cookies and/or similar technologies and thereby process your personal data. YouTube is part of Google. We also place scripts on our website from Google and Getsitecontrol for personalizing the website. Any processing of personal data by LinkedIn, Google or Getsitecontrol is based on your consent. Nyenrode Business Universiteit has no control over how these parties process your personal data. For more information about the cookies that are used and the possible (personal) data that are collected with them, please refer to the information on the relevant website: LinkedIn | Google | Getsitecontrol. Please note that this information can be updated regularly.

In your browser you can adjust settings to allow the storage of cookies only when you consent to it. For more information on this, please consult the manual of your web browser. Please note that many websites do not work optimally when cookies are disabled. You can also choose to delete cookies manually. For more information on this, please consult the manual of your web browser.

Your rights

As a data subject, you have a number of rights that you can exercise in connection with our processing of your personal data:

Right of information about the personal data we process from you;
Right of access to your processed personal data;
Right to rectification of your personal data;
Right to erasure of your personal data;
Right to restrict the processing of your personal data;
Right to data transfer of your personal data to an organization designated by you in a structured, common and machine-readable form;
Right to object to the processing of your personal data, and
Right to withdraw your consent to the processing of your personal data.

To exercise your rights, you can reach us at the contact details listed below. Please note that in some cases your rights are not absolute and Nyenrode Business Universiteit may not be obliged to comply with your request. Nyenrode Business Universiteit will inform you of this. You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) about the way in which Nyenrode Business Universiteit processes your personal data.

Contact

Your questions about how your personal data is processed can be directed to dataprotectionofficer@nyenrode.nl. We will be happy to assist you further.

This privacy statement was updated on September 2, 2021