Who is the data controller?
The Centre for Information security and Privacy protection (CIP) is the ‘data controller’, as referred to in the General Data Protection Regulation (GDPR). This means that CIP determines the purposes and means of processing personal data. CIP has the responsibility to process your personal data in compliance with the GDPR.
What is personal data?
Personal data is information that directly relates to or can be traced back to an individual. For example, a name, identification number or location.
For what purpose do we process your personal data?
CIP is a networking organisation, aimed at public-private collaboration in the areas of information security and privacy protection. To enable collaboration and the sharing of knowledge, we register personal data of the in CIP-network members. We use the data to:
- invite members for conferences, meetings and workshops
- inform members about new developments, like new CIP-products
- to grant Permanent Education-points, CIP uses the data to confirm that you actually attended a Webinar or meeting
- to contact you after you filled in our contact form
What personal data do we use?
We register the following data:
- First and last name
- Phone number
- E-mail address
- Membership of sub communities within the CIP network and your interest in various subjects
We register the following data when you contact us using the contact form:
- First and last name
- E-mail address
What lawful basis do we use to process your personal data?
The lawful bases for processing are set out in Article 6 of the GDPR. At least one of these must apply whenever you process personal data. CIP uses consent and Legitimate interest as a lawful basis. The legitimate interest is the public-private collaboration in the areas of information security and privacy protection. To enable collaboration and the sharing of knowledge, we process personal data of the in CIP-network members.
If we process your personal data because you have consented, you will always have the right to withdraw your consent. If you withdraw your consent, then we will stop processing your data unless there is another lawful basis to process your data.
With whom do we share your personal data?
CIP does not share your personal data with third parties unless you have given express permission.
How long do we keep your personal data?
CIP does not store your personal data for longer than is necessary to achieve the purpose of the processing.
How do we protect your personal data?
CIP ensures that the data in its possession is protected appropriately, in accordance with the applicable legal requirements and guidelines. We also process in compliance with the BIO.
What are your rights?
If CIP processes your personal data, you have a number of rights:
- The right to access your personal data
- The right to rectify your personal data
- The right to erase your personal data
- The right to revoke your earlier given consent to process your personal data
- The right to object to the processing of your personal data
If you want to invoke one or multiple of these rights, you can contact us via the contact form.
Does CIP use profiling and automated decision-making?
CIP does not use profiling or automated decision-making.
Do you wish to contact us?
If you have questions, suggestions or complaints about this privacy statement or the processing of your personal data, then you can contact us using the contact form.
CIP has a data protection officer. A data protection officer ensures that an organisation processes personal data in compliance with the applicable data protection rules. A data protection officer is independent. Contact the data protection officer (in Dutch).
In case our reaction to your complaint was not satisfactory, you can contact the national supervisory body the Data Protection Authority.
Cookies on CIP-overheid.nl