Skip to content

IMARC

Privacy policy

Privacy Statement – International Master’s in Advanced Research in Criminology (IMARC)

Scroll down

Privacy Statement – International Master’s in Advanced Research in Criminology (IMARC)

General Data Protection Regulation (GDPR)

Erasmus University Rotterdam (EUR) values the protection of your personal data. This privacy statement informs you about how we handle personal data within the International Master’s in Advanced Research in Criminology (IMARC) program, in compliance with the General Data Protection Regulation (GDPR) and the privacy policies of the IMARC partner universities.

Who is responsible for processing your personal data?

Erasmus University Rotterdam (EUR), Erasmus School of Law, Criminology Department is responsible for processing personal data within the IMARC program. As IMARC is a joint program with partner universities, personal data may also be shared with our partners:

  • Ghent University, department of Criminology, Criminal Law & Social Law (Belgium)
  • Middlesex University London, Social Science (United Kingdom)
  • University of Malaga, Faculty of Law/Facultad de Derecho (Spain)

Each institution processes data in accordance with its own privacy policies and national regulations.

EUR is located at Burgemeester Oudlaan 50, 3062 PA Rotterdam.

Are your personal data protected at IMARC?

We value your privacy. So we take security measures to prevent the theft, loss or otherwise unlawful use of your personal data. We protect your data by minimising access rights, using encryption, monitoring use, and applying additional measures to the extent that the current state of the art allows for this.

Whose personal data do we process?

We collects personal data from the following seven categories of data subjects:

  1. Students (including prospective students)
  2. Alumni
  3. Research subjects
  4. Members of staff (including PhD students and job applicants)
  5. External parties (including temporary workers)
  6. Visitors to the website IMARC
  7. All visitors to the EUR campus, EUR buildings and EUR complexes.

What personal data do we process?

Within the IMARC program, we process the following personal data:

  • Identification data: name, date of birth, nationality, gender, student number
  • Contact information: email address, phone number, residential address
  • Images: photographs and videos
  • Academic data: enrollment status, obtained diplomas, study progress and results
  • Research data: if you participate in research projects within IMARC, e.g., questionnaires
  • Financial information: bank details, if applicable for scholarships or payments
  • Digital information: use of online learning platforms, cookies, account logs, and IP addresses

Additional data may be collected for specific research projects, for which you will be separately informed and may be asked for consent.

For what purposes do we process your personal data?

We process your personal data for the following purposes:

  • Managing your enrollment and academic progress within IMARC;
  • Access to online learning environments and study platforms;
  • Evaluation and administration of exams and theses;
  • Management of scholarships and financial transactions;
  • Communication regarding the program, courses, and academic support;
  • Scientific research within the IMARC program;
  • Reporting to funding agencies (e.g., the EU for Erasmus+ funding);
  • Alumni contact and networking activities;
  • Facilities access and management systems, camera surveillance, management of parking facilities (when you are visiting EUR).

On what legal basis do we process your data?

The processing of your personal data is based on:

  • Consent: for specific processing activities, such as participation in research projects or alumni activities;
  • Performance of a contract: your enrollment in IMARC and the execution of the academic program;
  • Legal obligation: compliance with regulations, such as accreditation requirements and reporting obligations to government agencies;
  • Legitimate interest: improving education, scientific research, and administrative processes.

With whom do we share your personal data?

Your personal data may be shared with:

  • IMARC partner universities for academic administration and educational purposes;
  • External funding agencies such as the European Commission (in case of EU funding);
  • Government agencies if legally required;
  • IT service providers for online learning environments and administrative systems;
  • We ensure that appropriate security measures and agreements are in place to protect your data.

Is your data transferred outside the EU/EEA?

As the Middlesex University London is located in the United Kingdom, personal data may be transferred outside the European Economic Area (EEA). We ensure that such transfers comply with GDPR, for example, by implementing Standard Contractual Clauses (SCCs) or other legal safeguards.

How long do we retain your data?

IMARC does not keep your data for longer than is strictly necessary to realise the purposes for which the data were gathered. Among other things, IMARC observes the retention periods provided for in the Dutch Public Records Act (elaborated in the Basic Selection Document for University Education (BSD) for University Education 1985 and in the Selection List for Universities and University Medical Centres 2020Opens external), as well as other legislation, for instance tax and labour legislation. If you choose to exercise any of your rights (see below ‘Your rights and exercising these rights’), this may affect the retention period observed for your personal data.

Data must be stored for EU-audit purposes, until seven years after the closure of the EMJM-project period.

After the retention period expires, data will be deleted or anonymized.

What are your rights?

You have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of your data, where legally permissible
  • Object to processing based on legitimate interest
  • Request data portability to another institution
  • Withdraw consent, where processing is based on consent

Requests can be submitted via [email protected].

How do we protect your data?

We take appropriate technical and organizational measures to protect your personal data against loss, misuse, and unauthorized access, including:

  • Encryption and secure data storage
  • Restricted access based on roles and responsibilities
  • Regular audits and compliance with privacy and security policies

Cookies and clicking behaviour

General visitor data, such as the most commonly requested pages, are recorded on our website. The purpose of collecting this general information on visits to the website is to optimise the design of the website for you. The EUR uses different tools for the optimal functioning of the website and to improve its user-friendliness, and in order to retrieve active feedback from users. Read more about the cookies that the EUR uses here.

Third party privacy policies

The IMARC and EUR websites contains links to other websites that do not belong to the EUR. We cannot accept any responsibility concerning the way in which these parties treat personal data. We therefore advise you to always inform yourself of the privacy policy of these parties or to contact them for a more detailed explanation of their policies relating to the use of personal data.

Contact and complaints

For questions regarding this privacy statement or the processing of your personal data, please contact the Privacy Officer ESL of EUR, e-mail: [email protected].

If you have a complaint about the processing of your personal data, you may contact the Data Protection Officer (DPO) of EUR at [email protected]. You also have the right to file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) via www.autoriteitpersoonsgegevens.nl.

Final note

This privacy statement has been specifically drafted for the IMARC program and may be updated periodically. We encourage you to review this statement regularly for any changes.