Data Protection Officer

Organisations such as Utrecht University are required to appoint a data protection officer (DPO) since the General Data Protection Regulation (GDPR) came into effect. The DPO's main job is to oversee the application and observance of the GDPR within the organisation.

In order to carry out their duty properly, the DPO can:

  • Gather information on data-processing activities that are carried out within Utrecht University;
  • Analyse these processing activities and assess the observance of the regulation;
  • Inform, advise and make recommendations within Utrecht University.

The Data Protection Officer's position at Utrecht University

The DPO is accommodated as a supervisor in the Internal Audit Department, which is a part of the University Corporate Offices. The DPO is not personally responsible or accountable if the Utrecht University is in violation of the privacy regulation. The DPO primarily has an advising, reviewing and coordinating function.

How can the Data Protection Officer be contacted?

Questions and complaints about privacy can always be submitted to the DPO and the privacy team of Utrecht University via