For best experience please turn on javascript and use a modern browser!
You are using a browser that is no longer supported by Microsoft. Please upgrade your browser. The site may not present itself correctly if you continue browsing.
Extranet Extranet

How does the UvA process personal data?

The UvA processes personal data according to the principles of the GDPR. These principles are:

Lawfulness, fairness and transparency

All processing performed by the UvA is in accordance with the GDPR and in line with the objective to be achieved. The UvA will inform its data subjects of the work methods used in and the objective of the processing. Current information can be found in the privacy statement. Information on your rights with regard to this processing can be found here.

Purpose limitation

The UvA only processes personal data for the objective for which they are collected. Your personal data may be used for a different purpose if the new purpose is related to the original objective of their collection.

Data minimisation

The UvA does not collect more data than required for the objective of its collection. Where possible, the UvA will delete or anonymise data as soon as possible.

Correctness

The UvA safeguards the correctness of personal data and updates these when required. You can check your data by submitting a request for inspection and can subsequently request that the UvA adapts, restricts, deletes or 'forgets' your personal data.

Storage limitation

The UvA and its processors do not store personal data for longer than is required for the processing. Exceptions to this rule are the retention obligation that arises from tax laws, among other things, as well as legislation with regard to archiving and research.

Integrity and confidentiality

By means of fitting technical and organisational measures, personal data are processed in such manner that appropriate security is safeguarded.

Accountability

Personal data are processed under the responsibility of the controller, who must ensure and be able to demonstrate that the processing is in accordance with the GDPR.

Conditions for processing

The UvA only processes personal data if the processing takes place on one or more of the following bases:

  • your permission;
  • a necessity for the performance of an agreement;
  • a legal obligation;
  • the protection of a vital interest;
  • the discharge of a duty of public interest or public authority; or
  • a justified interest of the UvA. 

Though it is a common misunderstanding, this fact means that processing does not always require permission.