How can we be of service?

Websites created for childcare and education

What is a privacy statement and what should I include in it?

Edwin Janssen
Edwin Janssen
  • Updated

In this article, we explain what a privacy statement is, when you should place a privacy statement on your website, what should be included in a privacy statement, and how to set up a privacy statement on your website.

What is a privacy statement?

In a privacy statement, as a school, you explain what you do with personal data. You specify how you collect, store, secure, and whether you share the data with third parties. You also inform people about how they can make requests to access, modify, or delete their data.

When should I place a privacy statement?

Placing a privacy statement is mandatory on every website that collects personal data. This is stipulated in the Personal Data Protection Act (Wbp). The Dutch Data Protection Authority (AP) supervises compliance with the Wbp and can compel organizations to take measures in case of a violation. The main measure the AP can take is the exercise of administrative coercion. In this case, the AP demands that the offender rectifies the violation within a certain period. The AP can also impose a penalty or issue a fine, for example, when the processing of personal data is not, incorrect, or belatedly reported.

Therefore, a privacy statement is already required if you have a contact form on your website.

What should be included in a privacy statement?

In a privacy statement, you must include at least the following:

    • Identity
      Your school name, including the address details of your school and a contact address for privacy-related questions.
    • Purposes
      The purpose of processing personal data. This can include things like 'registering new students' or 'securing and optimizing the website' (such as recording IP addresses).
    • Use of cookies
      If your site uses cookies (which is almost always the case), you are obliged to explain what cookies are and what you do with them, even if it's just keeping people logged in.
    • Access and correction
      Customers have the right to access their data. They can request correction or deletion of their personal data. However, deletion is only allowed if the data is no longer relevant.
    • Security
      You must explain the technical and organizational measures you have taken to secure personal data against loss or any form of unlawful processing. For example, securing the internet connection with SSL is necessary when placing orders, and passwords on the database itself.

How do I set up a privacy statement on my website?

See here how to add a privacy statement.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request



Please sign in to leave a comment.