Decentralized Student Association (hereinafter “Decentralized” “DSLA” or “the Association”, used interchangeably) places the highest importance on the protection and proper processing of your personal data. As an association dedicated to the intersection of technology and law, we recognize and respect your interest in safeguarding your privacy. This policy outlines our approach to internal privacy management.
By becoming a member of DSLA, or by registering for any event or activity organized or facilitated by the Association, you acknowledge and consent to the terms of this Privacy Policy.
The Association adheres to the General Data Protection Regulation (hereinafter “GDPR”) as its guiding standard for data protection compliance.
We hope this document serves as a reminder to all our members and individuals affiliated with the Association of the importance of data protection. Below, you will find a list of your rights as a data subject. All the rights outlined below are provided under Chapter III of the GDPR:
Right to Transparent information, communication and modalities for the exercise of the rights of the data subject
Right to Information to be provided where personal data are collected from the data subject
Information to be provided where personal data have not been obtained from the data subject
Right of access by the data subject
Right to rectification
Right to erasure (‘right to be forgotten’)
Right to restriction of processing
Notification obligation regarding rectification or erasure of personal data or restriction of processing
Right to data portability
Right to object and automated individual decision-making
Right to object
Information Collected and Necessity
DSLA collects and processes personal data from the moment an individual becomes a member, sign-ups to an event, publication or sale of product or services. An individual therefore consents to the processing of their personal data upon signing up to one of the options underlined above.
The table below underlines the types of personal data that can be collected and processed by our association with its appropriate legal basis under the European Union acquis communautaire in privacy legislation.
Types of personal data collected and processedLegal basis for processingPurpose Name and surnameConsent; Performance of a contractIdentification; Record keepingStudent NumberConsent; Legitimate interest of the controllerTo access subsidies provided by the University of Groningen Field of study and the study year ConsentTo compile anonymized statistics on our Members’ fields of study for the purpose of the annual review Phone numberConsent Calling for urgency matter; Communication under our Community groupchatsEmail addressConsent; Performance of a contract Communication with Members, individuals providing for or expecting the provision of services by the AssociationDate of registrationPerformance of a contractDetermination of hours spent as an active member, used to provide a certificate of participation; Record keeping IBANConsent;Performance of contractTo pay individuals who provided services for or in collaboration with the Association Payment confirmation Performance of contractTo confirm the payment of membership fees or attendance fees of other eventsNotes of coursesConsent; Performance of contract To format and sell notes provided by applicants Literary or artistic works Consent; Performance of contactTo format and publish works; Selection of Active/Board members, if submitted during application processCurriculum Vitae Consent; Performance of contract Selection of Active/Board members, if submitted during the application process Dietary choiceConsentOrganization of catering or services of food in events where a consumption is projected
Security of your personal data
Decentralized tries its best to ensure the security of your data. Our Association does not share your data unless it benefits you or the well being of our members. When collaborating with third parties, we make sure your personal data is treated confidentially and in accordance with the GDPR. Our Association does not and will not collaborate with third parties which cannot demonstrate commitments made for the protection of your privacy and personal data.
Compliance with data protection principles
1/Fairness and Transparency: This document is intended to serve as an initial step toward ensuring transparency for our Members and all individuals affiliated with the Association. We are committed to providing clear and accessible information at any time upon request. Our aim is to ensure that you fully understand what you are consenting to and the reasons we process your data whenever you engage with us.
2/Purpose Limitation, Data Minimization and Storage Limitation: The Association collects only the personal data that is strictly necessary for the purposes communicated to you during the sign-up process. We do not process your data for any purposes beyond those explicitly stated. To uphold this principle, your data is retained for a maximum of three academic years, unless you have explicitly consented to a longer retention period.
3/ Accuracy: All personal data processed by the Association is provided directly by you. We do not modify or correct this information unless you submit a request to rectify your own data. This ensures that your personal data remains accurate and up to date.
4/ Integrity and Confidentiality: We make sure any documents containing your personal information remain within the storages of our Association. We make sure to implement measures protecting your personal data from unauthorized access.
For any inquiries, criticisms or to exercise your rights under the GDPR, please contact:
chair@dslagroningen.com or;
secretary@dslagroningen.com
