Privacy Statement Erasmus Universiteit Rotterdam (EUR)

Related to the use and processing of personal details 

EUR takes great care to treat the personal details of any person visiting an EUR website prudently. Personal details are processed and protected in conformity with the Dutch General Data Protection Regulation (Algemene Verordening Gegevensbescherming). The purpose of this privacy statement is to inform you how we use and process any personal details obtained by EUR when you visit an EUR website. 

Personal details

EUR processes the personal details within the meaning of Article 1, section a, of the General Data Protection Regulation. Personal details are defined as any details that could disclose information about an identified or identifiable natural person.

EUR uses your name, address, telephone number and e-mail address in order to contact you if your personal details are used, or if EUR has questions about a report you may have made regarding a data leak on the part of EUR.

Responsible party

EUR is the responsible party within the meaning of the General Data Protection Regulation. This means that EUR decides which personal details are processed, as well as the purpose for which and how they are processed. EUR is responsible for ensuring your personal details are processed correctly and prudently in accordance with provisions of the General Data Protection Regulation.

Purpose of the processing of personal data

EUR processes personal details in order to undertake its legal and administrative duties, as well as any other tasks essential for it to fulfil its objective. A visitor will be informed how EUR processes these personal details, and the purpose for which EUR is using or will use the personal details. 

Basis of the processing

EUR must be able to justify the use of the personal details on the basis of one of the principles laid down in Article 6 of the General Data Protection Regulation. On the grounds of this Article, it is also permissible for these personal details to be processed if the responsible party is required to comply with a legal obligation (Article 6, section 1c of the General Data Protection Regulation).

Protection of personal details

EUR ensures there are suitable technical and organisational measures in place to prevent the loss or unlawful processing of personal details. This means that (personal) details are encrypted when they are being sent, and that they are sent via a secure connection.

Retention period of personal details

EUR does not retain personal details for any longer than is necessary for the purposes for which they are being processed (Article 5, section 1c of the General Data Protection Regulation).


As the responsible party, EUR maintains a register of all the processing activities which fall within EUR’s sphere of responsibility (Article 30 of the General Data Protection Regulation).

Your privacy rights

You are entitled to access your personal details, and also have the right to request these details are corrected or deleted.

If you wish to know which of your personal details EUR has processed, you should submit a written request to have access to these details. EUR will deal with your request within four weeks.

If it appears that your details are incorrect, incomplete or irrelevant, you should submit an additional request to have these details removed or supplemented.

Click here to request viewing or viewing the data.

Contact details of the data protection officer or for further information

For further questions about the processing of your personal details: 

EUR has a Data Protection Officer (FG), who can be contacted via the same e-mail address.