Privacy statement by the Ministry of the Interior and Kingdom Relations
This privacy statement concerns the use of your personal data by the Ministry of the Interior and Kingdom Relations. It applies to all cases in which your data is used by, or at the request of, the Ministry. In addition to this general statement, we have also produced a number of specific privacy statements containing extra information. For example, they explain why your data is used, or how long your data will be kept, or whether we pass on your data to other parties.
The Ministry respects your privacy and treats your personal data with great care. In doing so, we ensure our compliance with legislation on privacy. The most important legislation of this kind is the General Data Protection Regulation (GDPR). But there are also other laws that contain specific rules about the use of your personal data, such as the Elections Act and the Land and Public Registry (Kadaster) Act.
2. What is personal data?
Personal data is information that directly concerns a specific individual or can be traced back to him or her. Examples of personal data include addresses, telephone numbers and email addresses.
3. Why does the Ministry process personal data?
The Ministry of the Interior and Kingdom Relations processes personal data for various purposes. These include the performance of its statutory tasks, such as issuing travel documents and registering energy labels. This general privacy statement applies to all the personal data the Ministry needs for this purpose.
For specific information about the processing of your personal data you should contact the Ministry department or unit you are dealing with. Each unit can explain how they deal with personal data when performing their tasks, why they do so and how they ensure that such data is used properly.
Examples of units that use personal data include the National Office for Identity Data (passports and ID cards) and Logius (DigiD, mijnoverheid.nl).
4. Who is responsible for the use of my data?
At the Ministry of the Interior and Kingdom Relations, the Minister and the State Secretary are ‘data controllers’ within the meaning of the General Data Protection Regulation (GDPR). They decide what, why and how data will be used. They are responsible for ensuring that your personal data is used in accordance with the law. They are accountable to you in this regard.
5. On what basis is the Ministry allowed to use my data?
The Ministry of the Interior and Kingdom Relations may use your personal data in the following situations only:
- if you give your permission for the data to be used;
- if use of the data is necessary in order to prepare or implement an agreement between you and the Ministry, for example if you provide a service to the Ministry;
- if use of the data is necessary in order to meet a statutory requirement. This is the case, for example, if you are appointed to a position at the Ministry;
- if use of the data is necessary to protect a vital interest;
- if use of the data is necessary in order to perform a public task; or
- if use of the data is necessary for a legitimate interest, for example in the case of surveillance cameras that provide building security. Each specific privacy statement indicates the basis on which your personal data is used.
6. How does the Ministry protect my data?
The Ministry complies with the GDPR by taking appropriate technical and organisational measures to secure personal data. Government-wide agreements have been made in this area. For more information about these agreements please click here (in Dutch).
7. How long will my data be kept?
Under the GDPR the Ministry is not allowed to retain your personal data for longer than is necessary to achieve the purpose for which it was collected. Once the retention period has expired your data will be destroyed or rendered anonymous. In some cases, retention periods are laid down by law, while in others the Ministry itself decides the duration of the period in question.
In certain cases, data is eligible to be archived in the public interest, in accordance with the Public Records Act. The data is then ultimately transferred to the National Archives.
The individual retention periods are given in the specific privacy statements.
8. What are my rights?
Under the GDPR you can request:
- access to your data;
- the rectification and erasure of your data;
- that the processing of your data be restricted.
There may be grounds for denying your request. If so, the Ministry will explain why.
In certain cases you also have a right to:
- access your data in digital form;
- object to the processing of your data.
9. Contact us about your rights
You can submit a request under the GDPR (see above) by sending a letter to Postbus 20011, 2500 EA Den Haag, the Netherlands or by filling in this online form.
In principle you should receive a decision on your request within one month. If you disagree with the decision you can lodge an objection and, if applicable, an application for judicial review. Click on this link for more information about objection and review procedures (in Dutch).
10. Who should I contact if I have questions or wish to lodge a complaint?
Click on the link for more information about privacy legislation (in Dutch). You can use this online form to submit questions, comments or suggestions to the Ministry. Alternatively, you can call 1400 or write to Postbus 20011, 2500 EA Den Haag, the Netherlands.
The Ministry of the Interior and Kingdom Relations has a data protection officer. This person ensures internal oversight of privacy legislation. You can contact the data protection officer at firstname.lastname@example.org.
The Data Protection Authority is responsible for external supervision of compliance with privacy legislation. You have the right to lodge a complaint with the DPA about the Ministry of the Interior and Kingdom Relations. You can do so online, or by calling 0900 2001 201.