Privacy statement

THIM University of Applied Sciences attaches great importance to the privacy of its students, course participants, staff and visitors and processes their data with care. In doing so we comply with the requirements of the General Data Protection Regulation (Algemene Verordening Gegevensbescherming or AVG). In this privacy statement, you can read in brief how THIM processes your personal data and what your rights are within the framework of the privacy legislation.

People concerned and THIM as the responsible party

The AVG serves to protect the personal data of private individuals, the stakeholders. In this context, THIM processes personal data of students, course participants, employees, and any other individuals. THIM is a data controller as determined by the AVG and, as such, must ensure compliance with the privacy legislation.

Protection of personal data

THIM must ensure good organisational and technical protection of the personal data that is being processed. Technical protection includes the login procedures for accessing the systems. The organisational protection is reflected in a strict authorisation scheme. Only persons who, as part of their job, should have access to certain data, can access said data.

Data Protection Officer

THIM has appointed a Data Protection Officer (Functionaris Gegevensbescherming or FG) to safeguard the privacy-related rights and obligations of all parties involved and to supervise compliance with the privacy legislation.

Types of personal data

To realise the main objective, which is providing education, THIM may process the following
personal data:

  • Name, address and contact details, date and place of birth, passport photo, bank account number, student number, citizen service number, copy of passport or ID, diploma and transcript of prior education.
  • Study results, study progress data, and other study-related data
  • (Sensitive) personal data required for proper support of students and staff with regard to their health and welfare.
  • Other personal data, which is required on the basis of specific legislation (e.g. Higher Education and Scientific Research Act (WHW), Dutch Tax Act, Dutch Compulsory Identification Act, Verbetering Poortwachter Act, etc.)

THIM does not process more personal data than necessary. Some personal data we are required to process based on a legal obligation. Other data processing is based on, for example, registration as a student.

Purposes

 THIM uses personal data for the following purposes:

  • registration for the educational program or appointment as an employee,
  • processing of study results, study progress and related information,
  • processing of request for (study) information, literature or publications,
  • for implementation and improvement of our services,
  • further information about current developments, activities etc,
  • recruitment and selection of new students and employees,
  • compiling user statistics (with anonymized data),
  • security and improvement of our websites,
  • verification of compliance regarding financial agreements,
  • to ensure optimal performance of staff and students.

Rights of stakeholders

As a student, employee or for example as a guest of THIM, you can be considered a stakeholder. Stakeholders are persons, whose personal data is processed by us. Based on the AVG, you have specific rights.

Access

You have the right to access your data. If you want to access the data that is being processed and managed by THIM, you can send an email to the FG via fg@thim.nl. The FG will further process your request.

Correction

Is your data incorrect? Please report the error to THIM’s administration desk. It is important to keep in mind that we are obliged to use the data as provided by the Dienst Uitvoering Onderwijs (DUO). This data is linked to the registration with your municipality.

Right to be forgotten

If you no longer want us to manage or process your data, you can request removal of the data from our systems by the FG. There are some legal and technological limitations in place. For example, we are obliged to retain certain data for a legally imposed period of time. If there are no restrictions in place, the FG will continue to process your request and grant it.

Data portability

Would you like THIM to provide your data to a third party? Then you can make a request to the FG to transfer your data to that institution.

Complaints and legal instruments

Do you have a complaint about the processing of personal data by THIM? Please report the complaint to the FG. In consultation, we will try to resolve your concerns. Is that unsuccessful? You are free to submit a complaint to the Data Protection Authority (Autoriteit Persoonsgegevens) or to start legal proceedings with the competent court.

Data provision to third parties

THIM makes use of digital systems, for example for student administration. These systems are made available by various service providers. The parties that process personal data on behalf of and for the benefit of THIM can be regarded as data processors.

We sign processing agreements with these data processors, determining which data they’re allowed to process. In addition, agreements are signed with these parties regarding the technical and organisational security of the data provided. Personal data will not be provided to parties, other than these processors, unless we are obliged to do so based on a statutory provision.

Procedure melden datalekken Procedure for reporting data leaks

If you suspect or believe that personal data of students or employees of THIM is accessible to unauthorised persons, please report this immediately to the FG via the following e-mail address: fg@thim.nl.

Cookies

On our websites, we can make use of cookies, which are small files that are stored on your computer by your browser. You can change your browser settings to prevent storage of any cookies during your visit to our websites. In that case, however, you may not be able to use all the functions of our websites.

Hyperlinks

Our websites contain hyperlinks to websites of third parties. THIM is not responsible for the content of those websites and is also not responsible for the privacy policies and use of cookies on those websites. Use of links on our websites is your own responsibility.

Retention periods

For the storage of personal data of (former) students, (former) employees and other stakeholders, THIM complies with the legal retention periods and the periods as published by the Association of Universities of Applied Sciences (Vereniging Hogescholen or VH).

Amendments

THIM may make amendments to this privacy statement. Amendments will be announced via THIM’s newsletters.

Facebook link Instagram link LinkedIn link