Privacy

General Privacy Statement

This privacy statement covers the following topics:

• What constitutes personal data?
• What does ‘processing’ mean?
• For what purpose does DTENV process your personal data?
• Which personal data does DTENV process?
• How does DTENV obtain your personal data?
• With whom does DTENV share your personal data?
• Does DTENV share your personal data with other countries?
• How long does DTENV retain your personal data?
• Archiving of personal data in the public interest
• How does DTENV secure your personal data?
• How does DTENV handle automated decision-making and profiling?
• What privacy rights do you have, and how can you exercise them?
• Questions or complaints
• When was this privacy statement last amended?

What constitutes personal data?

Personal data means any information relating to an identified or identifiable natural person. This may be information that directly relates to you, or that may be traced back to you.

What does ‘processing’ mean?

Processing means any operation performed by DTENV with respect to personal data. Examples include collecting, recording, storing, retrieving, consulting, using, transmitting, erasing and destroying.

Purpose of processing

The purpose for which DTENV processes data – namely, return assistance to foreign nationals departing the Netherlands – is set out in the Aliens Act and the Aliens Circular. Repatriation assistance is a statutory task entrusted to the DTENV.

Which personal data does DTENV process?

DTENV implements the return policy in the Netherlands on behalf of the Dutch government. If you do not have the right to remain in the Netherlands, we supervise your departure. To do this, we process personal data about you, your family members, interpreters, your authorised representatives, DTENV staff involved, and staff of other organisations engaged in your return.

We process ordinary personal data, for example:

• Name (and aliases)
• Home address
• Email address
• Telephone number
• Gender
• Marital status
• Nationality
• Date and place of birth
• Languages spoken
• Identification numbers (such as passport number and alien number)

We may also process special categories of personal data and criminal records

where strictly necessary for the lawful performance of our statutory duties. These may include data concerning:

• Racial or ethnic origin
• Political opinions
• Religious or philosophical beliefs
• Trade union membership
• Genetic and biometric data
• Health data
• Sexual behaviour or orientation

Under the General Data Protection Regulation (GDPR), such processing is prohibited unless a statutory exception applies. DTENV is permitted to process special categories of personal data on the grounds of an overriding public interest where necessary to fulfil its statutory duty to supervise departures. This is regulated by the Aliens Act and the Aliens Decree.

Sources of personal data

DTENV may obtain your personal data in the following ways:

• From you directly, or from others such as your relatives or authorised representatives (e.g. during interviews about your departure).
• From government agencies responsible for implementing the Aliens Act, such as the Immigration and Naturalisation Service (IND) or the Royal Netherlands Marechaussee (KMar).
• From civil society organisations (e.g. VluchtelingenWerk Nederland, Stichting Nidos) where you have given consent for such organisations to share data with us.

Sharing your data

DTENV may be authorised, or in some cases obliged, under the Aliens Act to share personal data with other government agencies so they can carry out their statutory duties. All data sharing requests are reviewed to ensure necessity, proportionality and relevance.

Personal data may be shared with, among others:

• Immigration and Naturalisation Service (IND)
• Central Agency for the Reception of Asylum Seekers (COA)
• Royal Netherlands Marechaussee (KMar)
• National Police (AVIM: Aliens Police, Identification and Human Trafficking Division)
• Child Protection Board, NIDOS
• International Organisation for Migration (IOM)
• Dutch Council for Refugees (VWN)
• Dutch Custodial Institutions Agency (DJI)
• Frontex and other EU institutions
• Dutch embassies, consulates and the Ministry of Foreign Affairs
• Municipalities and the Association of Netherlands Municipalities (VNG)
• Health and return medical contractors (Medzorg, DMG)
• Airlines, consular authorities, embassies of third countries, etc.

Data sharing with other countries

• Within the European Economic Area (EEA): GDPR applies equally to all EEA Member States, ensuring the same level of protection as in the Netherlands.
• Outside the EEA: Personal data may only be transferred if additional safeguards apply, such as an adequacy decision by the European Commission or other appropriate safeguards. Where neither applies, DTENV may still transfer data strictly where required by compelling reasons of public interest (e.g. to obtain a travel document).

Importantly, DTENV does not share information about asylum grounds or the reasons for your stay in the Netherlands in such cases.

Retention of personal data

DTENV retains your data no longer than necessary for its purpose. Your immigration file will be kept for 15 years after completion of your departure procedure, after which it is deleted and destroyed.

Access to your file is restricted progressively:

• Access rights are reduced within 30 days after closure of your procedure.
• After 30 days, access is only granted where strictly necessary.

Biometric data retention:

• If your application for a provisional residence permit is rejected: 5 years.
• If you previously held lawful residence: 5 years after you have demonstrably left the Netherlands.
• In case of an entry ban or declaration of undesirability: 5 years after expiry of that ban/declaration.

Security measures

DTENV applies appropriate technical and organisational security measures, based on the Baseline Information Security for Government (BIO). Policies are reviewed annually.

Examples:

• Organisational: access only for authorised staff, confidentiality obligations, staff training.
• Technical: encryption of digital data, firewalls against unauthorised access.

Automated decision-making

DTENV does not apply automated decision-making or profiling. All decisions are taken by natural persons.

Your privacy rights under the GDPR

You have the following rights:

• Right of access – to know what personal data DTENV holds about you.
• Right to erasure (‘right to be forgotten’) – where data are no longer necessary or unlawfully processed.
• Right to rectification – to correct inaccurate or outdated data.
• Right to restriction of processing – to temporarily limit use of your data.
• Right to object – to processing on grounds relating to your particular situation.

Requests can be submitted free of charge to:

Privacy Officer, DTENV
Email: avg@dtv.minvenj.nl
Post: Repatriation and Departure Service,
FAO Privacy Officer, PO Box 164,
2501 CD The Hague, The Netherlands.

If a request is submitted on your behalf, written authorisation signed and dated by you is required.

DTENV will respond within four weeks of receipt of your request.

Questions and complaints

The Ministry of Justice and Security has appointed a Data Protection Officer (DPO), who acts independently.

For questions or complaints about DTENV’s handling of your personal data:

Data Protection Officer
Email: fg@minjenv.nl
Post: Ministry of Justice and Security,
FAO Data Protection Officer,
PO Box 20301,
2500 EH The Hague, The Netherlands.

If you are not satisfied with the response, you may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at: www.autoriteitpersoonsgegevens.nl.

Last amendment

This privacy statement may be amended where necessary due to new developments.
Last updated: 28 June 2024.