Privacy

The NRGD is independent, transparent and focused on cooperation in the performance of its duties. In order to perform its duties to the required standard, the NRGD processes personal data. The secure and attentive handling of such data forms part of the NRGD's efforts to promote quality.

This Privacy Statement explains how the NRGD uses personal data.

The statement consists of various parts:

• What are personal data?
• To what ends does the NRGD process your personal data?
• How do we handle your personal data?
• Under which circumstances do we share your data?
• How can you contact us about your rights?

What are personal data?

'Personal data' means any information relating to a person directly or which can be traced to that person. Examples of personal data include addresses, telephone numbers and email addresses.

Special personal data

Some personal data are more sensitive than others, as they have a greater effect on a person's life. Examples of special personal data include a person's race, religion, health status or citizen service number (BSN). These data are given additional protection under the law.

Criminal personal data

Criminal personal data include a person's criminal record and offending history, as well as suspicions and security measures targeting that person. Although the NRGD operates in a criminal-law context, it does not process criminal personal data for third parties. For the purpose of assessing individual applicants, the NRGD processes case reports written by the applicants concerned during criminal proceedings. Such case reports will be anonymised as much as possible and only be shared with authorised persons within a secure environment. These persons have a duty of confidentiality.

Additional information about personal data can be found on the website of the Dutch Data Protection Authority.

To what ends does the NRGD process your personal data?

The NRGD's ground for processing data has been laid down in the Register of Court Experts in Criminal Cases Decree. Briefly, the NRGD's objective is contributing to the quality of the contribution made by court experts. Among other things, it does so by promoting the use of court experts by gathering and publishing the personal data of these experts insofar as they are relevant for potential clients. Examples:

• Registration procedure
  The NRGD processes data in order to decide on the registration or re-registration of personal data. These personal data include the applicant's name, address, place of residence, telephone number, nationality, date and place of birth, and statutory personal identification numbers such as their BSN. The NRGD also processes the personal data of persons involved in the procedure, such as assessors.
• NRGD newsletter
  The NRGD sends out regular newsletters to keep applicants and chain partners informed about general policy changes. Newsletter recipients can subscribe or unsubscribe on the website.
• Cookies
  Nrgd.nl uses cookies to monitor online behaviour. These analytical cookies help us to understand how visitors use the website. This information helps us to improve the site. More information about our cookies can be found in the NRGD Cookie Statement.

If you have any complaints about the processing of your personal data by the NRGD, please contact the NRGD's Data Protection Officer.

How do we handle your personal data?

The NRGD observes certain principles and takes certain measures for the purpose of processing personal data.

Ground and purpose limitation

The NRGD will only engage in the processing of personal data if there is a legal basis. In addition, it will ensure that those personal data are only processed for the specific purpose for which they have been gathered.

Data minimisation

The NRGD will not use any more personal data than required to complete the previously stated objective. If at all possible, the NRGD will process fewer or no personal data.

Minimisation of privacy invasion

The NRGD will ensure that any invasion of privacy is in line with the objective for which the data are being gathered. As part of this statutory obligation, the NRGD will use only those personal data that involve a minimal invasion of privacy if there are multiple data to choose from in order to complete its objective.

Retention period minimisation

The NRGD will retain your personal data only for as long as is required to complete the objective for which they have been gathered and for no longer than lawfully permitted. For example, we will not remove your personal data for as long as you are able to use the fast-track procedure for submitting a new application after an earlier rejection.

Measures

Reliability, integrity and confidentiality

The NRGD takes certain measures to safeguard the reliable, appropriate and careful handling of personal data.

• Personal data will be handled in confidence, i.e. the NRGD will ensure that the personal data are adequately protected and that they can only be accessed or used by persons with proper authorisation and a duty of confidentiality.
• Personal data will be suitably protected. As a minimum, the NRGD will observe the Dutch central government's regulations and standards for information security.
• It will enter into agreements with external parties that process personal data on the NRGD's behalf, such as assessors, software suppliers and data centres, to ensure that their activities are also in compliance with all statutory and other requirements. Moreover, the NRGD will check whether these external parties meet their obligations under the agreements.

Under which circumstances do we share your data?

Scientific research

The NRGD may carry out or commission scientific research for the purpose of its objective. If there is no legal basis, the NRGD will use anonymised data. In this case, the data can no longer be traced to individuals, so they cannot or can no longer be identified.

As for all other circumstances, the NRGD will not share your data with third parties without your express permission.

How can you contact us about your rights?

You have the right to access your personal data, as well as the right to have them rectified or deleted or to restrict their processing. In principle, we will not process any more data than those that you supplied on the application form. You can submit requests to have your personal data rectified easily through the NRGD website. If you want to access your data, you can make an appointment with the NRGD to do so in person. It is important that you carry valid identification and that you are able to prove your identity when asked as evidence that the data which you want to access or have rectified or deleted are indeed your own. You are not permitted to access the data of others. Alternatively, we will send you an electronic transcript of your data upon request. Your other rights include the right of transfer of your personal data (data portability) and the right to object to their processing.

Data Protection Officer

The NRGD has appointed a Data Protection Officer (DPO). This independent DPO monitors the NRGD's implementation of and compliance with the General Data Protection Regulation (GDPR). The Dutch Data Protection Authority monitors the implementation of privacy legislation. This DPO is your point of contact if you have any questions or comments about the processing of your personal data.

Ms N.M. Mulder
PO Box 12080
3501 AB Utrecht
deskundigenregister@nrgd.nl

Contact

The NRGD unremittingly seeks to improve its services and tailor them as much as possible to your personal requirements. If you have any questions or comments regarding this Privacy Statement, please contact us at deskundigenregister@nrgd.nl.

Needless to say, we will be happy to help should you have any questions or complaints about the processing of your personal data. In the unlikely event that we fail to come to an understanding, you have the right under privacy legislation to submit a complaint to the data protection agency, i.e. the Dutch Data Protection Authority.