Privacy statement

In this privacy statement, we explain how the municipality of Tytsjerksteradiel handles your personal data. We cannot do this separately for every specific case, because your personal data can be processed in many ways within the municipality.

For example, we process your personal data when we draw up a WOZ valuation report, but also when you submit a letter of objection. We process your personal data when you apply for a driving licence, but also when you get married or enter into a registered partnership in our municipality. We process your personal data when you apply for a permit and when you rent something from us. We process your personal data when you have a waste container from us or receive benefits from us. These are just a few examples. There are many more examples that could be mentioned.

Because this privacy statement would be endlessly long if we were to mention every example, this statement generally addresses the handling of personal data within the municipality of Tytsjerksteradiel. If you specifically want to know how we handle your personal data in your case, you can always ask us this question via FGTD@t-diel.nl. We will then give you a customized answer.

The General Data Protection Regulation (GDPR) has been in force since May 25, 2018. This law forms the basis for dealing with privacy within our municipality. In addition, the Implementing Act of the General Data Protection Regulation (UAVG) and the Police Data Act (Wpg) provide frameworks. Because we as a municipality also process police data, we must meet the requirements of the Wpg for that data. This includes, for example, an audit obligation.

As required by this legislation, technical and organizational measures are taken within the municipality of Tytsjerksteradiel to guarantee privacy. In the context of data minimization, we only process personal data if we need it to perform one of the municipal government tasks. The performance of municipal government tasks is often described in legislation other than the GDPR and UAVG. This legislation, such as the Youth Act, the Participation Act, the Environmental Management Act, or the General Administrative Law Act, also contains rules on how to handle personal data. In this situation, data protection law applies as a general framework, but the specific interpretation is determined by the specific legislation.

Personal data that we process

The municipality works with personal data of residents, employees and (chain) partners. Personal data is data that provides information about a person, such as name, address, email address or telephone number. This is considered general personal data. In some cases, we also process special personal data, such as data about your health or ethnic origin. We only do this if there is a legal basis for it. The forms on our website, the contact form and applications with DigiD contain the personal data that we process from you. For example, we process name and address details and a citizen service number for waste collection charges. This is also the case when applying for a permit or submitting a letter of objection. When providing benefits, we need more information, including income details. Special personal data, such as health data, is processed, for example, when assessing a request for facilities.

Register of processing activities

The municipality of Tytsjerksteradiel maintains a register of processing activities. This is an overview of all processing of personal data within the municipality. This register describes which personal data are processed in which situation, what the basis is for this, what legal framework applies, and, for example, with whom the personal data are shared. The register of processing activities is used by the municipality to test the practice against the regulations in the field of privacy.

Reason for processing personal data

Personal data is processed when using our services. These services are often municipal government tasks, which means that a basis can be found in certain legislation. When you apply for a driver's license, we process personal data, but that is allowed because it is regulated in the Traffic Law. When we organize elections, we process personal data, but that is also allowed because it is regulated in the Election Law. When you get married or enter into a partnership with us, we process that, because this is regulated in the Personal Records Database Act. When we draw up a WOZ valuation report, we process personal data, but that is allowed because it is described in the WOZ Act. Every government task that we have been assigned as a municipality has a legal framework. This legal framework is in many cases the basis for processing.

Retention period

The municipality of Tytsjerksteradiel will not retain collected personal data longer than strictly necessary, or legally required, to achieve the purposes for which the data were collected. In many cases, the Archives Act and the selection lists determine how long something may be kept.

Sharing with third parties

The municipality of Tytsjerksteradiel will only provide your personal data to third parties if there is a legal basis and this is necessary. For example, when you apply for benefits, your data will also be shared with the UWV (Employee Insurance Agency). When you apply for a facility, your data will also be shared with the supplier of the facility.

We enter into a data processing agreement with organizations that process your data on our behalf to ensure the same level of security and confidentiality of your data. We remain responsible for these processing operations.

Information security

Measures have been taken based on the Information Security Policy to ensure the protection of personal data. Information security and privacy are interconnected. The technical measures mentioned in the General Data Protection Regulation are the rules related to information security. The Government Information Security Baseline (BIO) describes how municipalities should handle information security and what requirements it must meet. Within the municipality of Tytsjerksteradiel, information security and privacy issues are addressed jointly because there is overlap. This way, the technical measures can be addressed and implemented according to legislation and guidelines. This is also why the municipality of Tytsjerksteradiel has an integrated information security and privacy policy.

Rights of data subjects

As a data subject whose personal data is processed, you have various rights. You are allowed to:

  • request access to which personal data we have recorded about you;
  • ask us to change, correct or supplement the personal data if they are incorrect or incomplete;
  • ask us to limit the processing, delete data or object to the recording of the data;
  • withdraw your consent if we have recorded your data on the basis of consent;
  • ask us to make available a file with your data in a digital file by submitting a request for 'data portability' if we have recorded your data based on your consent or the execution of an agreement;
  • file a complaint with the Data Protection Officer of the municipality of Tytsjerksteradiel or with the Dutch Data Protection Authority.

You can easily submit a request for inspection using the online form. If you do not have DigiD or do not want to use it, you can download the form, print it out and hand it in at the counter of the town hall after completion. You must show a valid proof of identity (passport or identity card) so that your identity can be established.

More information about these rights can be found on the website of the Dutch Data Protection Authority. To exercise rights other than the right of access, please contact us via FGTD@t-diel.nl or 14 0511.

DigiDFill in the online form

Decision on your request

Within one month of receipt, we will assess whether the request is justified. If the municipality intends to grant your request and the request is complex or extensive, the municipality may extend the processing of your request by two months.
A decision on your request is a decision based on the General Administrative Law Act. You can therefore submit a notice of objection against this. It is also possible to submit a complaint to the Dutch Data Protection Authority (AP).

Use of cameras

Our employees, buildings, and grounds may be secured using video cameras. The images are not stored longer than necessary. Images may be stored for an extended period if there is an incident that we must report, such as damage, theft, or threats to employees.

Cookies

You can visit the municipality's website anonymously, unless you fill in personal data. We do want to get an idea of the number of visitors to our site and which pages are visited. We do this because we can improve our services with this information. Only the number of visits are registered and not the identity of the visitors. Your data therefore remains anonymous.

A cookie is a small text file that is temporarily placed on your hard drive by a web server. With the help of a cookie, our website can recognize you when you visit our website again, and the website can be specially set up for you. So, a cookie helps you save time. A cookie cannot spread viruses.

You can refuse cookies in your browser settings. However, please note that the operation and use of some parts of the website may be slower or impossible. You can find more information about cookies via the help function of your browser (often found in the 'options' menu).

The municipality uses cookies for visitor analysis via Siteimprove and Google Analytics. Cookies are also used to optimize the accessibility of the website. For example, a functional cookie is placed when the website is read aloud using Readspeaker.

If you submit an application or pass on changes via a digital form on the municipality's website, you must identify yourself using your DigiD, eHerkenning, and eIDAS. After identification, this data is used for the application or change you submitted, so that we can be sure that we are helping the right person. DigiD is not used for submitting a report or asking a question via a digital form.

Privacy statement changes

This privacy statement may be changed without prior notice. Changes take effect from the moment they are published. We advise you to consult the privacy statement regularly so that you are aware of these changes. The privacy statement was last modified in May 2023. 

Contact details

If you have any questions about this privacy statement from the municipality, you can preferably make this known to the Data Protection Officer (FG). The FG can be reached by e-mail via FGTD@t-diel.nl or by telephone on 14 0511.

Complaints

We are happy to help you if you have complaints about the processing of your personal data. If, despite this, you cannot resolve the issue with us, you also have the right to submit a complaint to the Privacy Supervisor under the privacy legislation. This is the Dutch Data Protection Authority (AP). On the AP website you will find the contact information and more information about privacy legislation.