Privacy Statements
Privacy Statement IT Academy Cursusportal
Version 21-12-22
In this privacy statement we explain what happens to your personal data when you use the So Much You Can Learn program via the IT Academy Course Portal.
Who is responsible for data processing?
Utrecht University, located at Heidelberglaan 8, 3584 CS Utrecht, is responsible for the processing described in this privacy statement.
For what purposes will my personal data be processed?
Your data is processed to enable registration for courses, as well as to be able to follow these courses with ease.
Which personal data are processed?
The following data are processed:
- Your name,
- Your UU-mail address,
- Your SolisID,
- The part of the UU where you work,
- Any registrations you make,
- Reservation details, including dietary requirements where applicable, and
- Any technical data necessary for the registration portal to function.
How long is this personal data stored?
Yourdietary requirements will be deleted immediately after completion of the course. Technical data will be deleted after 1 year. All other data will be deleted as soon as you leave the UU or the IT Academy service is discontinued.
Will my data be shared with third parties?
Your data will be shared with Innophase, the provider of the courses.
Will my data be transferred to third countries?
Your data will not be transferred to countries outside the EEA.
What is the legal basis of this data processing?
The basis used in this processing is the legitimate interest. This basis is elaborated as follows:
The legitimate interest here concerns the interest of the controller to have its employees further developed by offering courses in an accessible manner.
This interest is weighed against the data protection interests of the UU employees who will use this portal. It is also taken into account that this is an opt-in processing, employees use this service and processing at their own discretion. The data to be processed are effective and do not exceed their purpose.
In view of the above facts, it can be concluded that this data processing is balanced and can take place on the basis of legitimate interest.
What rights do I have under the GDPR and how can I exercise them?
As a data subject, you have certain rights. Namely, the right of access, the right to rectification of personal data, the right to erasure, the right to restriction of processing and the right to object. If you want to make use of these rights, you can address your request to Privacy@uu.nl. It is possible that identity documents are requested during this procedure.
When you object, it will be examined on a case-by-case basis whether this objection can or must be met. Utrecht University will cease the processing of personal data unless urgent legitimate grounds are invoked that outweigh your interests, rights and freedoms.
Is there automated decision-making or profiling?
There is no automated decision-making. This means that decisions are never made without human intervention. There is also no question of profiling.
Questions
If you have any questions about this privacy statement, you can ask them to privacy@uu.nl. Do you want to file a complaint? Then you can do so at the data protection officer of Utrecht University, which can be reached at fg@uu.nl. You are also always free to file a complaint with the Dutch Data Protection Authority, the privacy watchdog of the Netherlands.