Newsletter Sign-up

Privacy statement: NEWAVE – newsletter sign-up

Date: 3 February 2020

The NEWAVE Network finds privacy important. In this privacy statement, we describe how we deal with your personal data and how your privacy is safeguarded.

Who is responsible for the processing of my personal data?

Stichting VU (Vrije Universiteit Amsterdam) is responsible for the data processing that is described in this privacy statement. We have the statutory obligation of ensuring that your personal data are processed in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

What (categories of) personal data will be processed?

We will process the following personal data:

  • E-mail address

For which purposes are my personal data processed, and on the basis of which legal grounds?

The personal data will only be used for the following purposes:

  • Sending you the newsletter of NEWAVE.
  • Internal control and business security;
  • The implementation or application of legislation.

We process your personal data on the basis of the following legal grounds:

  • You have given consent to the processing of your personal data. In that case you have the right to withdraw your consent at any time by contacting us via the contact details below.

Who has access to my personal data?

The personal data will only be accessed by employees of Stichting VU who by reason of their function have a role in the processing of your personal data for the abovementioned purposes and for whom it is necessary that they have access to the personal data.

Will my personal data be shared with third parties?

We may share your personal data with third parties, such as the suppliers of IT systems that we use for the processing of your personal data.

If we share your personal data with third parties that process your personal data on our instructions, we enter into a data processing agreement with them in order to ensure that your personal data are processed carefully, securely and in accordance with the GDPR. We continue to be the data controller in respect of this processing.

It is possible that we share your personal data with other parties, such as public bodies, if this is for example necessary in order to comply with a legal obligation or a court order.

Will my personal data be transferred to countries outside of the European Economic Area?

No, your personal data will not be transferred to countries outside of the European Economic Area (EEA). The EEA consists of all EU countries plus Norway, Liechtenstein and Iceland. No additional requirements apply to the transfer of personal data between these countries on the basis of the GDPR.

For how long will my personal data be retained?

Unless a specific retention period is prescribed by law, we will retain your personal data for as long as this is necessary in order to accomplish the abovementioned purposes. Via the contact details below you can request more information about how long we retain your personal data.

How will my personal data be secured?

We take appropriate technical and organizational measures to protect your personal data against loss and any form of unlawful processing.

Who can I contact with questions about the processing of my personal data?

You can ask questions about how we process your personal data via info@nextwatergovernance.net or +31 20 59 82952.

How can I exercise my privacy rights?

On the basis of the GDPR you have the right – under certain conditions – to access your personal data that we process, to correct your personal data if it contains factual inaccuracies, to delete your personal data, to limit the processing of your personal data, to portability of your personal data and to object to the processing of your personal data.

If you wish to exercise any of these privacy rights, you can contact the Data Protection Officer of VU Amsterdam via:

   Data Protection Officer
   De Boelelaan 1105
   1081 HV AMSTERDAM
   functionarisgegevensbescherming@vu.nl

To be able to deal with your request, you will be asked to provide proof of identity. In this way it will be verified that the request has been made by the right person. If you are not satisfied with the way in which we deal with your personal data, you have the right to submit a complaint with a supervisory authority.