Privacy statement by the Ministry of General Affairs
The Ministry of General Affairs is the government ministry headed by the Prime Minister. It coordinates general government policy and communications, and also provides public information regarding the Royal House. This means that the Ministry processes personal data as part of its broad range of tasks. The Prime Minister (who is also the Minister of General Affairs) is responsible for the organisation’s use of personal data.
This privacy statement explains how the Ministry of General Affairs deals with personal data.
Processing personal data
The Ministry of General Affairs is committed to protecting personal data and takes the utmost care to ensure that all data is handled securely. The processing of personal data has a valid legal basis that stems in part from the performance of public-law tasks by or on behalf of government ministers, compliance with statutory requirements and the implementation of agreements.
The Prime Minister is the ‘data controller’ referred to in the General Data Protection Regulation (GDPR) when it comes to the processing of personal data by the services and agencies that fall under the authority of the Ministry of General Affairs: the Public Information and Communications Service and the Scientific Council for Government Policy.
The Prime Minister has tasked the Ministry organisation with the performance of the controller’s tasks.
Personal data is processed only when necessary. Data is processed only for the specific purpose for which it was collected. The Ministry never processes more personal data than is necessary. If possible the Ministry processes less data or none at all.
Personal data is processed in accordance with the applicable legislation, including the GDPR, the GDPR implementing act, and any other applicable legislation, such as the Public Records Act 1995, the Government Information (Public Access) Act and the Intelligence and Security Services Act.
The performance of its tasks may require the Ministry of General Affairs to share personal data with another organisation. This may be another government ministry, a municipality or a sector-specific organisation. This is always done in accordance with a valid legal basis. In addition, the Ministry makes agreements and takes measures to ensure a reliable, fair and careful data-sharing process. The same applies to the sharing of data with other countries. Personal data is never shared with third parties for commercial purposes.
Information about data processing
The Ministry of General Affairs is transparent about, and keeps individuals informed about, the processing of their personal data. In certain cases, the Ministry does not in principle inform the person concerned about the processing of their data – for example, if you provided the data to the Ministry yourself; if you already know what personal data of yours the Ministry possesses; or if the size of the group concerned is so large that it would cost an unreasonable amount of time and resources to contact everyone individually.
Protecting personal data
The Ministry of General Affairs ensures that the data in its possession is protected appropriately, in accordance with the legal requirements and guidelines applicable to central government.
Retention period for personal data
The Ministry retains personal data for no longer than is necessary for the purpose concerned or is required under the Public Records Act 1995 or other statutory provisions. Personal data is destroyed as soon as it is no longer required.
If the Ministry of General Affairs processes your personal data, you have a number of rights. You can ask the Ministry for access to your processed data or request that your data be rectified, erased, restricted or moved. You can also object to the processing of your personal data. You can submit your request or objection via the form on our website.
Data protection officer
The Ministry of General Affairs has two data protection officers. They are responsible for internal oversight within the Ministry and for checking that the Ministry exercises due care when dealing with personal data.
The Ministry’s data protection officer is Mr Chris Reijmers, and the deputy data protection officer is Ms Caroline Rutten-Stichter. You can contact either officer at fg@minAZ.nl with general questions about the processing of personal data.
If you have any questions about this privacy statement or you wish to lodge a complaint, please contact the Ministry at avg@minAZ.nl. You can also lodge a complaint with the national supervisory body, the Data Protection Authority (in Dutch).