UM General Privacy Statement

Protecting your privacy is important to Maastricht University (UM) and UM therefore treats your data with care. UM is the controller of your personal data. This privacy statement explains how UM handles personal data.

Your personal data may be collected and processed for a specific purpose. If this specific purpose is not expressly specified in this privacy statement, you will be informed in advance about this specific purpose in a separate privacy statement.


Lawful basis for the processing of personal data by UM

Whenever UM processes your personal data, it does so with a lawful basis for processing. A lawful basis for processing is the grounds for processing personal data.

UM primarily processes your personal data to perform its public tasks in the field of the provision of academic education and research. However, UM may also process your personal data:

  • to perform a contract with you;
  • to comply with a statutory obligation;
  • to protect your vital interests or the vital interests of a third party;
  • to serve the legitimate interests of UM or a third party;
  • with your consent.

Further processing

The basic principle is that UM uses personal data for the purpose for which the data was collected. In some cases, UM uses the personal data collected for other purposes too. These purposes must always be compatible with the original purpose of processing. Before further processing takes place, UM therefore carefully considers whether the new purpose is compatible with the original purpose of processing.

According to the General Data Protection Regulation (GDPR), further processing of personal data for historical, statistical or scientific purposes is compatible with the original purpose of processing.

Changes to this privacy statement

This privacy statement will be revised from time to time to ensure that it remains up to date. In the event of major changes, you will be notified.