Privacy Statement

Related to the use and processing of personal details 

NIHES takes great care to treat the personal details of any person visiting an NIHES website prudently. Personal details are processed and protected in conformity with the Dutch General Data Protection Regulation (Algemene Verordening Gegevensbescherming). The purpose of this privacy statement is to inform you how we use and process any personal details obtained by NIHES when you visit an NIHES website.


Personal details

NIHES processes the personal details within the meaning of Article 1, section a, of the General Data Protection Regulation. Personal details are defined as any details that could disclose information about an identified or identifiable natural person.

NIHES uses your name, address, telephone number and e-mail address in order to contact you if your personal details are used, or if NIHES has questions about a report you may have made regarding a data leak on the part of NIHES.


Responsible party

NIHES is the responsible party within the meaning of the General Data Protection Regulation. This means that NIHES decides which personal details are processed, as well as the purpose for which and how they are processed. NIHES is responsible for ensuring your personal details are processed correctly and prudently in accordance with provisions of the General Data Protection Regulation.


Purpose of the processing of personal data

NIHES processes personal details in order to undertake its legal and administrative duties, as well as any other tasks essential for it to fulfil its objective. A visitor will be informed how NIHES processes these personal details, and the purpose for which NIHES is using or will use the personal details.


Basis of the processing

NIHES must be able to justify the use of the personal details on the basis of one of the principles laid down in Article 6 of the General Data Protection Regulation. On the grounds of this Article, it is also permissible for these personal details to be processed if the responsible party is required to comply with a legal obligation (Article 6, section 1c of the General Data Protection Regulation).


Protection of personal details

NIHES ensures there are suitable technical and organisational measures in place to prevent the loss or unlawful processing of personal details. This means that (personal) details are encrypted when they are being sent, and that they are sent via a secure connection.


Retention period of personal details

NIHES does not retain personal details for any longer than is necessary for the purposes for which they are being processed (Article 5, section 1c of the General Data Protection Regulation).



As the responsible party, NIHES maintains a register of all the processing activities which fall within NIHES’s sphere of responsibility (Article 30 of the General Data Protection Regulation).


Your privacy rights

You are entitled to access your personal details, and also have the right to request these details are corrected or deleted.

If you wish to know which of your personal details NIHES has processed, you should submit a written request to have access to these details. NIHES will deal with your request within four weeks.

If it appears that your details are incorrect, incomplete or irrelevant, you should submit an additional request to have these details removed or supplemented.


Contact details of the data protection officer or for further information

For further questions about the processing of your personal details: