Privacy statement campus visitors
Utrecht University (UU) is committed to look after the personal data of everyone who works, studies or visits one of our campuses. The privacy rules from the General Data Protection Regulation (GDPR) are crucially important to us, as this legislation is in line with our objective to provide education and research at the highest level, our ambitions for good employment practices and our guiding principle of sustainability.
In this privacy statement we inform you about the personal data we process, about the purposes for which we do this, about your privacy rights and about other matters that are important to you.
Parking
If you park at Campus Utrecht Science Park (USP), data about your transaction will be processed, including the date and time of entry, exit, and the location where you park. At the barriers we use automatic license plate recognition. You can enter your license plate number at the payment terminal, after which (of course after payment) the barrier opens automatically and you no longer have to enter your ticket. Payments are collected by IP-Parking, an external service provider contracted by the UU.
UU employees can park for free on the USP. In order to activate free parking at the USP, employees must share some data, like your campus card number, with IP-Parking. More information on this topic can be found on Intranet.
Printing
Within the UU buildings you can print in different ways: via a UU device, an online portal linked to your Solis account, and as a visitor to the university library with a guest Solis account. The printing service processes your print order linked to your Solis account; you can choose which printer you print your order with.
If you are not an employee of the UU, there are costs associated with printing. You can increase your print credit as described on the print information page. You can also link certain cards (e.g. OV-chipkaart) to your guest Solis account. When you use this method, no information on the card is shared with the UU, it is only used as a tool to log in quickly.
FSC Security control room
If you are on a UU campus, you can call the FSC Security (UU Facility Service Centre) control room 24/7 in the event of problems or emergencies. The control room will set out the correct action(s) in response, such as calling our UU emergency responders (BHV) or connecting you to an emergency service (such as the fire department, police, or an ambulance). For less urgent matters, the report is forwarded to the relevant team to solve the problem.
The control room has a view of all surveillance cameras on campus.
All reports are registered in our Service Management System, TOPdesk.
CCTV
CCTV takes place in and around the buildings and grounds of the UU. Cameras are used to protect our belongings, people and buildings. If something gets stolen or broken, or somebody is harassed while on our campus, images can be shared with the police.
Detailed information about camera surveillance at the UU can be found in the specific privacy statement.
Parking
If you park at the Campus Utrecht Science Park, IP-Parking processes your license plate number, the date and time of entry and exit, and your parking location (transaction data). If you pay at the payment terminal, these payment details are also processed by IP-Parking. This data is not shared with the UU. Additional data will be processed for employees who have linked their campus card to a parking subscription. More information on this topic can be found on Intranet.
Printing
For the use of printers, the Solis-id is processed for UU staff and students. Guests who want to use a printer can create a guest-Solis account. For this purpose, the UU processes your name, date of birth and e-mail address.
FSC Security control room
The FSC Security control room collects your name, telephone number and the description of the problem or emergency you are calling for. All telephone conversations with the control room are recorded. If you are an employee of the UU, the control room responder may also ask for your Solis-id and UU e-mail address. Depending on the problem or emergency you are calling for, the control room responder may ask for additional information. For example, the control room can ask for your location to send the emergency responders in the right direction.
CCTV
Your image is captured by our CCTV cameras.
The cameras at the barriers of the car parks are used for automatic license plate recognition; they do not store images. Transaction data related to parking is deleted after fourteen days.
TOPdesk notifications are archived after some time. The exact retention period depends on the type of report and the associated follow-up actions. For example, recorded telephone calls at the control room are automatically deleted after six months.
In principle, images from security cameras are stored for a maximum of seven days. If an incident such as a theft or accident has occurred on campus, it may be necessary to keep the images for a longer period of time, for example in order to analyse what exactly happened or to share the images with the police. If this is the case, images will be deleted after the incident has been dealt with.
Parking data such as entry and exit times and account information are stored in IP-Parking’s systems. Employees of IP-Parking only have access to this data when it is necessary to solve technical problems. The UU has a data processing agreement with this party; the servers of IP-Parking are located in the Netherlands.
The control room stores notifications in our Service Management system TOPdesk. Employees of TOPdesk only have access to this data when necessary to solve technical problems. The UU has a data processing agreement with this party; the servers of TOPdesk are located in the Netherlands.
When there is a suspicion that a crime has occurred or if an accident has happened, camera footage, parking transaction data and/or information from the control room can be shared with the emergency services, such as the police, fire brigade, or ambulance.
Security footage is stored on UU servers located in the Netherlands. Within the UU, a small group of people has access to recorded footage and live images. They can view images if an incident or emergency has occurred or if they have to solve a technical problem with the system.
Do you have questions about the way in which your data is processed by the control room or in the context of printing or parking on the campus grounds? Do you want to know what data the UU has collected about you or do you want to view this data or do you want to object to the processing? Then you can submit a request using the Privacy Request Form (uu.nl).
If you think our CCTV cameras have recorded you when you do not want to, you may object. You can also ask to see the footage that includes you. Such requests can be directed to privacy@uu.nl. It is important to indicate as precisely as possible where exactly you were, on what day and at what time, so that we can find your image as quickly as possible. Please note that all footage is automatically deleted after seven days, so we are unable to share footage with you that is more than one week old. If you have sent us a request within seven days, we will ensure that your images are not removed before you have seen them.
The UU makes sure that personal data is treated with confidentiality. The UU takes appropriate technical and organisational measures to ensure that your personal data is properly protected.
Technical measures
In order to optimally protect your personal data against unauthorised access or use, the UU has appropriate security technology in use. We report (attempted) abuse.
Organisational measures
Within the organisation, the UU has taken a large number of measures to ensure that your data is not only technically secured, but that the chance of human error and misuse is also kept to a minimum. For example, access to the physical control room, where all camera images and reports come in, is limited to a small group of employees. Digital access to camera images and notifications is limited to only those employees who actually need the access.
If you have any questions about CCTV cameras in your area, please send them to privacy.fsc@uu.nl.
Based on the above information, do you have any specific questions or comments about this privacy statement? Please feel free to contact us via privacy@uu.nl.
The UU has appointed a Data Protection Officer (DPO). This is an internal advisor and supervisor on the application of the GDPR. When you have questions about the processing of your personal data or when you want to file a complaint, you can contact our DPO via fg@uu.nl.
We would like to point out that you also have the right to file a complaint with the supervisory authority, the Dutch Data Protection Authority. You can find their contact details at www.autoriteitpersoonsgegevens.nl.
Contact details Utrecht University
Heidelberglaan 8
3584 CS Utrecht
Tel. (030) 253 35 50
Privacy statement - version
This privacy statement was last amended on 16 August 2023. From time to time, changes are made to this privacy statement. Please check our website to make sure you are consulting the most recent version.