Last Updated: 23 January 2020
Who is the Centre for Innovation?
The Centre for Innovation (“Centre”; “we”; “our”) is a part of Leiden University (“University”) in the Netherlands. The Centre aims to prepare the university for the digital future by exploring the juncture of education, technology and society.
Core Values of the Centre
At the Centre we strive to put people first in innovation. Therefore, we aim to ensure that our data policy ensures the highest level of respect for data subjects and their data. We acknowledge that personal data is an integral part of a person’s identity and therefore treat all such data with the highest level of integrity and confidentiality. The Centre legally complies with the General Data Protection Regulation (GDPR) of the European Union (EU), but also aspires to uphold the principles of data responsibility.
Data Collection and Processing
In keeping with the principle of data minimisation, the Centre aims to collect as little personal data as possible and only that data which is necessary for us to carry out our work. The information we collect is outlined in the policy below.
The Centre only collects the data which it finds absolutely necessary to complete the specified task. The tasks for which data is collected can be found in this policy or in the relevant project documentation. Should the Centre wish to use personal data for a task other than the one that was specified when the data was originally collected, it will only do so in a responsible and lawful manner.
Cookies – When visiting our website, cookie data is collected. These cookies enable an understanding of how users interact with and behave within each of these websites. Although cookie data is collected, the information is not actively processed or used by the Centre at this time.
Website interaction – The Centre makes use of Google Analytics on our website in order to obtain information about country level location, audience type, referral, device used acquisition and behaviours.
Mail subscription – The personal data collected for our mailing lists is collected via an online form, available on our website as well as physically at events. This data is used to send updates.
Sharing – Any personal data collected and processed by the Centre will only be used for the purposes for which it was obtained and will not be shared or sold to any third parties. Furthermore, this data will not undergo further processing, unless consent has been obtained.
Receiving Third-Party Data – The Centre aims to reduce the amount of personal or sensitive data that is received from third parties. We do not accept personal or sensitive data unless necessary and, should we receive such data, we aim to delete it as soon as reasonably possible. We also aim to ensure that any data received by the Centre is collected and received lawfully and responsibly.
When storing data that the Centre has collected or received, we aim to ensure that the necessary technical and organisational measures are taken to guarantee the appropriate level of protection is maintained throughout the retention period and in the process of deletion. It must be noted that the Centre aims to only store personal data that it deems absolutely necessary to carry out its work.
Anonymisation – The Centre does not store personal data unless necessary to complete a task. When receiving data from other platforms or parties, the Centre only accepts anonymised data and should we receive Personal data we anonymise it immediately and remove all unnecessary data.
Sharing – Any personal data held by the Centre will only be used for the purposes for which it was obtained and will not be shared or sold to any third parties. Furthermore, this data will not undergo further processing unless permission has been given. If necessary, further processing will be done in a responsible and lawful manner.
Retention – The standard retention period for any data stored by the Centre is 3 months after the end of the purpose for which the data was collected is completed or has ended. This period may differ according to the specifications in project documents or other legal requirements.
Requesting your data – To request a copy of your data, please send an email to the Data Protection Officer of the Centre. He/she will then provide you with a copy of your data that is controlled by the Centre, but will not be able to provide the data controlled by Leiden University. You may also request to have your personal data updated. If you would like to request or update your data stored by the University, please contact Leiden University’s Data Protection Officers.
Deletion – You may request your data controlled by the Centre be deleted at any point by contacting the Data Protection Officer of the Centre. Your data will then be deleted within a reasonable timeframe.
Third Party Services
GSuite for Education
Data Protection Officer
Centre for Innovation
Joanna van der Merwe
Phone: +31 (0) 70 800 9341 / +31 6 18969388
Ricardo Catalan and Astrid Gravenbeek