Privacy and cookies
Privacy-sensitive data, or personal data, is processed via the website, the app and the tenant portal. Stichting DUWO assigns great importance to the careful handling of personal data. Personal data is therefore carefully processed and secured by us.
Our data processing complies with the requirements set by the General Data Protection Regulation (GDPR). That means, among other things, that we:
- clearly state the purposes for which we process personal data. We do this via this privacy and cookie statement;
- limit our collection of personal data to only the personal data necessary for legitimate purposes;
- first ask you for explicit permission to process your personal data in cases where permission is required;
- take appropriate security measures to protect your personal data and also require this of parties that process personal data on our behalf;
- respect your right to access your personal data for inspection, correction or removal at your request.
Stichting DUWO is responsible for data processing. In this privacy and cookie statement, we explain which personal data we collect and for what purpose it is used. We advise you to read this carefully.
This privacy statement was last modified on 14 juli 2020.
Use of personal data
By using our services you leave certain information with us. That may be personal data. We only keep and use the personal data that is entered by you directly or of which it is clear that it is provided to us to be processed. To enable the rental of accommodation, the payment thereof, and the use of the tenant portal, we collect your:
· Full name;
· Citizen service number (BSN);
· Copy of ID card;
· Phone number;
· E-mail address;
· Date of birth;
· Payment details;
· School registration information, including student number;
· Information about your parents;
· Information from a third party that pays the rent for you;
· Correspondence with DUWO;
· Log data of your key use;
· Meter readings;
· User name for the portal.
This data will also be linked to unique codes to enable communication with the system. We do not publish your information. The names of roommates are only visible in the case of an internal move.
We collect and process this data if you have concluded a (rental) agreement with us, or want to conclude one, you have given us permission to use the personal data, if we have a legitimate interest (for example to detect or prevent fraud and nuisance), or are legally obliged to do so.
We take pictures on business events, such as openings of a new building. This photo can be placed with an article on our website. The photos will not be used further unless explicit permission has been requested. If you do not want your photo to appear on the website, let the photographer know about it and contact us via our contact page.
Contact form and newsletter
We produce a newsletter to inform interested parties about our services. Your e-mail address will only be added to the list of subscribers with your explicit permission. Every newsletter contains a link allowing you to unsubscribe.
If you fill out a contact form on the website, or send us an e-mail, the data you send us will be kept for as long as necessary to answer or process the form or the e-mail, depending on their nature or content.
Disclosure to third parties
Your data is not shared with third parties, except for third parties that are required to deliver the services you have requested. This includes, for example, maintenance services, IT service providers, and municipalities.
Security and storage
We take all security measures necessary to limit the abuse of and unauthorised access to personal data.
We keep your data for as long as we need it. For example, for the duration of your rental agreement, but also for some time afterwards because the law obliges us to do so.
The Housing Act states that we must keep the personal information and contract information of our tenants for 2 years after termination of the lease. Pursuant to the Tax Act, we keep financial data for up to 7 years after termination of the lease. All your stored data is automatically deleted from all our systems after the legal retention periods.
Third party websites
This statement does not apply to the websites of third parties that are connected to this website through links. We cannot guarantee that these third parties will handle your personal data in a reliable or secure manner. We advise you to read the privacy statement of these websites before using them. We also share data with educational institutions within the context of campus control and the allocation and rental of rooms to international students.
The American company Google places cookies via our website as part of the Analytics and Maps services. We use these services to obtain reports on how visitors use our website and to display our location on a map. Google may disclose information to third parties if Google is legally obliged to do so, or if third parties process the information on behalf of Google. We have no influence on the use of the data by Google and/or third parties. We have not allowed Google to use the obtained Analytics information for other Google services, Google IP addresses are masked, and we have concluded a processing agreement with Google. Read Google's privacy statement (which can change regularly) to find out what they do with the (personal) data that they process through these cookies. The information that Google collects is anonymised to the greatest extent possible.
Social media buttons
Our website contains buttons to promote (‘like’) or share ('tweet') web pages on social media such as Facebook, Twitter and LinkedIn. These buttons use pieces of code originating from the network. Cookies are installed using this code. We have no influence over this. Please read Facebook’s, Twitter's and LinkedIn's privacy statements (which may change periodically) to find out what they do with the (personal) data that is collected via these cookies.
The data they collect is anonymized to the greatest possible extent. The data is transferred and stored on Twitter, Facebook and LinkedIn servers in the United States. LinkedIn, Twitter and Facebook state that they adhere to the Privacy Shield principles and are affiliated with the Privacy Shield programme of the US Department of Commerce. This means that there is an adequate level of protection for the processing of any personal data.
Use of permanent cookies
With the help of a permanent cookie, we can recognise you when you visit our website again. The website can therefore be specially tailored to your preferences. If you have given permission for the placing of cookies, we can also remember this by means of a cookie. Thanks to this, you do not have to reselect your preferences, saving you time and making the use of our website more pleasant. You can delete permanent cookies via the settings of your browser.
Use of session cookies
With the help of a session cookie, we can see which parts of the website you have viewed during this visit. We can adapt our service as much as possible to the browsing behaviour of our visitors. These cookies are automatically deleted when you close your web browser.
Switching cookies on and off and deleting them
More information about switching cookies on and off and deleting cookies can be found in the instructions and/or by using the help function of your browser.
Changes to this privacy and cookie statement
We reserve the right to make changes to this statement. It is advisable to consult this statement regularly so that you are aware of these changes.