The WODC applies a number of principles when processing personal data and takes measures to ensure it handles data in a reliable, fair and careful manner.
Data protection officer
The Ministry of Justice and Security has appointed a data protection officer. An independent appointee, the data protection officer checks whether the Ministry, including the WODC, applies and complies with the rules laid down in the General Data Protection Regulation (GDPR). The Dutch Data Protection Authority is responsible for supervising the application of privacy legislation.
Purpose and legal basis
The WODC processes personal data only if it has a legal basis for doing so. We ensure that personal data is processed only for the specific purpose for which it was collected.
The least amount of data possible
The WODC never processes more personal data than is strictly necessary. If possible, we process less data or none at all. Personal data are anonymised or pseudonymised whenever possible.
Minimising infringement of privacy
The WODC ensures that any infringement of privacy is not disproportionate to the purpose for which the data was collected. If we have a choice of different types of personal data we could process for a given purpose, we always opt for the data that constitutes the most minimal infringement of privacy.
The WODC keeps your personal data:
- only for as long as is necessary to achieve the purpose for which it was collected;
- only for the length of time required by the Public Records Act; and
- never longer than is permitted under the law.
Reliability, integrity and confidentiality
The WODC employs a range of measures to ensure that your personal data is dealt with in a reliable, fair and careful manner.
- All personal data is treated in confidence. This means your data can be processed only by persons with both the proper authority and a duty of confidentiality.
- Personal data is protected effectively. At a minimum we observe the rules and standards on information security laid down by central government.