Privacy statement
Rijksakademie van beeldende kunsten

This privacy statement contains details on the personal data we collect, why we collect this data and what we do with it. We regard it as important that your data is treated with care and have measures in place to ensure that the personal information you issue to us is treated confidentially. Put briefly, our privacy statement means that:

• we only use your personal data for purposes which have been agreed with you;
• we will not share your personal data with others unless this is essential to the execution of our services or activities (see the ISSUING TO THIRD PARTIES section);
• we will carefully protect your personal data 

This privacy statement applies to the website of the Rijksakademie. The Rijksakademie is not responsible for the privacy policy of other sites and sources referred to on our websites.
 
PURPOSES
We do not collect or use your personal data for purposes other than those described in this privacy statement, unless we have obtained your permission to do so in advance.
 
COMMUNICATION
If you send us an email or other messages, these will be added to our email archive and stored in accordance with the statutory duty to retain. Sometimes we will ask you for personal data that are relevant to a particular situation. This data will enable us to process your questions and respond to your requests.
 
NEWSLETTER
The website contains a link which you can use to subscribe to our Newsletter. In connection with this registration we will only ask you for your first name, surname and email address.
This data is only used to distribute our Newsletter and to inform you about our activities. If you wish to unsubscribe from the Newsletter and/or information about Rijksakademie activities, or if you want us to delete your data, you can indicate this at any time. Please also see the YOUR RIGHTS section.
 
SOCIAL MEDIA
The Rijksakademie can be found on various social media such as Facebook, Twitter and Instagram. If you follow us on social media, we may gain access to some of your profile data. The Rijksakademie also follows social media channels and can, in that way, use your public profile data (location and age) to promote certain messages. If you want to prevent this from happening, please change your privacy settings on social media.

SECURITY
We have taken suitable technical and organisational measures to protect your personal data against loss or any form of unlawful processing. For example, data connections are protected and the Rijksakademie uses access control.
 
DATA LEAKS
In case a data leak is discovered at the Rijksakademie, an assessment will initially be made as to whether this leak implies a major risk for the rights and freedoms of any natural persons (Article 33 of the General Data Protection Regulation - GDPR).  If this is not the case, it will be resolved internally and the correct measures will be taken in accordance with an internal procedure.
If the data leak implies a major risk, this will be reported to the Dutch Data Protection Authority [Autoriteit Persoonsgegevens] within 72 hours.
 
ISSUING TO THIRD PARTIES
The Rijksakademie may use the services of third parties to process your data in accordance with this privacy statement. These third parties will then act as processor for the Rijksakademie and we will ensure that they offer sufficient safeguards with regard to the technical and organisational security measures. Third parties that act as processor on behalf of the Rijksakademie have concluded a processor agreement with the Rijksakademie which includes, among other things, a stipulation that they will only process personal data if instructed to do so by the Rijksakademie.
For the rest the Rijksakademie only issues data to third parties on the basis of your prior permission, or if we are obliged to do so on the grounds of legislation and regulations, if we must do so as a consequence of legal proceedings, and/or if we consider such to be necessary in order to protect our own interests.
 
ISSUING OUTSIDE EUROPE
The Rijksakademie, or third parties engaged by the Rijksakademie, will only store or process your personal data outside the European Economic Area (EEA) if that is in accordance with the applicable regulations for forwarding personal data to countries outside the EEA. These are at all times so-called 'adequate countries'.
 
RETENTION PERIODS
Personal data may not be stored for longer than is necessary. The retention period will be determined depending on the purpose for which the Rijksakademie has collected the data and any statutory obligations to save data.

YOUR RIGHTS
You have the right to ask us to allow you to inspect your personal data and/or improve, supplement, delete or protect them.
A request to inspect and/or amend data can be submitted by telephoning us on +31 20 527 0 300 or by sending an email to communicatie@rijksakademie.nl.
 
Objections against the use of your personal data for direct marketing purposes and/or the (continued) reception of (certain) marketing information can be stated at any time by submitting a written request to this effect to the Rijksakademie:

Rijksakademie
Attn Communicatie
Sarphatistraat 470
1018 GW Amsterdam
The Netherlands
 
You can also submit your request by email to communicatie@rijksakademie.nl.
In that case we will not send you any (additional) marketing information. The emails we send you via email service (such as the Newsletter) also include an option to unsubscribe. If you unsubscribe, you will not receive such messages any more. Your data will be immediately removed from our database.

Furthermore, you have the right to submit a complaint to the Dutch Data Protection Authority.
 
CONTACT
If you have any questions which are not answered in this privacy statement, if you have any suggestions or comments about its contents, or if you have any complaints about the way in which we handle your personal data, please do not hesitate to contact us.
 
You can do so by contacting the Rijksakademie or by telephoning us on +31 20 527 0 300

USE OF COOKIES
For our cookie policy we refer you to our Cookie policy page.