Carnegie Foundation Privacy Statement
The Carnegie Foundation processes personal information and other data in accordance with applicable legislation. With effect from 25 May 2018, the General Data Protection Regulation (GDPR) will enter into force. This means that, from this date onwards, the same privacy legislation will apply across the whole of the European Union (EU). The Dutch name for the GDPR is: Algemene verordening gegevensbescherming (AVG).
Your privacy matters a lot to us and we handle your personal data with care. Below, you will find details of exactly what you can expect from us and the rules we apply.
This Privacy Statement applies to the processing of personal information (hereinafter referred to as personal data) provided by visitors, guests, library members, donors, associates and other contacts as well as data obtained through visits to and the use of the websites www.vredespaleis.nl and www.peacepalacelibrary.nl.
2. When is data processed?
Data is processed with regard to almost any activity involving information, including: collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, issuing, forwarding, dissemination, making available and erasure.
The controller responsible for processing data is the Carnegie Foundation (Carnegie-Stichting), Carnegieplein 2, 2517 KJ, The Hague, registered in the trade register of the Haaglanden Chamber of Commerce under number 41149745. The Peace Palace Visitors’ Centre and the webshop are also part of the Carnegie Foundation.
4. What personal data does the Carnegie Foundation process?
- First name and surname
- Address details
- Telephone number
- Date of birth
- Email address
- Details of participation (in events and/or meetings)
- Areas of interest
- IP address
- CV (for research: letter of admission)
- Proof of your university/organization affiliation (for research: letter of admission)
5. Why do we process this personal data?
In providing its services, the Carnegie Foundation records data. For example, this is the case if you register for a newsletter, join the library, become a donor or order something from the webshop, make use of our services (guided tour, rent of accommodation), make your interest known in another way or have some other form of contact with the Carnegie Foundation. We also process personal data in order to optimise the design of the website based on information that we obtain from the use of and visits to our website.
We process personal data for the following specific purposes:
- Statutory obligations
A small portion of the data processing is the result of statutory obligations. This primarily concerns personal data that we need in order to meet our obligations to pay tax.
- Research in the library
Researchers who want to conduct research in the library must provide certain personal data necessary to assess a submitted request from researchers for a (so-called) 'Letter of Admission' from the library.
- Library members
In our member administration system, we record which people and organisations (including the relevant contacts) are members of the library to enable us to contact you in order to offer the best possible service. Examples of this include providing you with information you request, processing the information obtained from you and contacting you about membership.
You can contact us via various channels: telephone, post, email, Twitter, Facebook, LinkedIn or by using the feedback link. We also process personal data in order to make that possible.
You can register for various newsletters, such as the Peace Palace library newsletter. The newsletters contain information about activities, services and other information of interest. If you no longer wish to receive a newsletter, you can unsubscribe in any email.
Your name, address, gender, telephone number and email address are used for contact about and to send products ordered in the webshop.
- Visitor records
Your name, address, gender, telephone number and email address are used for contact about any guided tour you may have booked or an event you wish to attend. Visitor details are also recorded for safety reasons. The safety of all visitors and employees of the institutions housed in the Peace Palace is very important to us. Personal data that can be processed for this purpose includes camera images or vehicle registration details if you have been permitted to drive onto the site by car. There are cameras in various places on the Peace Palace site and in the buildings in order to protect access to the building and Carnegie Foundation property.
If you rent accommodation from us or wish to do so, the Carnegie Foundation collects contact details, such as name or company name, name of contact, address, telephone number, email address.
- Fundraising and donations
If you make a financial contribution to our objectives as a donor or sponsor, the Carnegie Foundation collects contact details, such as name or company name, address, telephone number, email address, job description, areas of interest and bank details. This is done in order to maintain contact with everyone and provide relevant information.
- Improving the Carnegie Foundation website
We also keep records of your personal data to improve our services via the website. This concerns general information about website visits, without identifying the visitors, such as IP addresses, the time that you visit us and the topics you view when clicking on them.
The Carnegie Foundation can anonymise the personal data and then use it at aggregated and anonymised level for research purposes and to optimise its services and activities. The aggregated and anonymised data cannot be traced back to you as an individual.
Basis for processing
As explained above, we process data in order to meet a statutory obligation, to execute an agreement (membership, event, guided tour) and otherwise in the justified interests of the Carnegie Foundation. Finally, we process certain data with your permission.
6. Your personal data and third parties
The Carnegie Foundation never sells your personal data to third parties. However, the Carnegie Foundation does make use of the services of other parties. This happens only after security and privacy screening and after the company concerned has signed an agreement regarding the use and protection of personal data. See point 8 for further information.
7. Your rights
- Information and access: Of course, you can obtain information at no charge about your data that is processed by the Carnegie Foundation.
- Right to rectification: If you believe that we have inaccurate information about you, you can arrange to have your data changed by notifying us about this.
- Right to be forgotten: You are also permitted to ask us to erase your data from our database. However, you must realise that we cannot always comply. For example, if you are or have been a donor, the Tax and Customs Administration requires us to retain agreements for seven years. In addition, if you ask us to stop approaching you with fundraising requests, we need to keep your name in order to be able to exclude you from our future campaigns. Of course, if we cannot honour your request, we will notify you as to the reasons.
- Right to restriction of processing: If you believe that we are processing your personal data unlawfully or improperly, you can also have this processing restricted.
We will handle any of the above requests to consult, adapt, restrict or delete personal data immediately and you will be notified about the action taken in response at the latest within a month of receiving your request.
- Right to object: If you wish to object to the (continued) processing of your personal data, you can contact us. The Carnegie Foundation will handle your objection immediately, at the latest within one month, and will delete any relevant personal data, unless we are obliged to retain it as a result of a statutory obligation. If this is the case, we will notify you of this.
- Right to data portability: If you wish, you can obtain your personal data from us in a machine-readable format, for example if you would like to transfer it to another organisation. To do this, please contact us.
In addition, you can also withdraw your permission, for example to receive emailings.
If you have any complaints about the way in which the Carnegie Foundation processes your personal data or handles your requests, you can contact our privacy officer. If this still does not resolve the issue, you can always make use of your right to submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).
8. How does the Carnegie Foundation protect your personal data?
- The Carnegie Foundation has taken appropriate technical and organisational measures to protect your personal data. This protects your personal data against unauthorised or unlawful processing as well as deliberate loss, destruction or damage.
The Carnegie Foundation websites include a number of links to other organisations’ websites. The Carnegie Foundation is not responsible for the way in which these parties process personal data. For this, you can read the privacy statement of the organisation concerned.
9. Retention periods
We retain your data insofar as this is necessary to achieve the purposes for which we are processing your data and for no longer than is permitted by law. The ultimate retention period depends on the type of personal data. Immediately after the end of the retention period, the Carnegie Foundation will erase and/or anonymise the personal data unless obliged by law to retain certain personal data for longer.
What is a cookie?
With the help of cookies, the Carnegie Foundation can ensure, for example, that you do not repeatedly receive or have to enter the same information when you visit our website. This makes using our website easier for you. Thanks to cookies, we can also see how the website is being used and where we can still make improvements. The cookie statement explains which cookies the Carnegie Foundation uses to make its online services possible.
Types of cookies
The cookies used by the Carnegie Foundation can be divided into different types:
1. Necessary cookies and cookies for requested services
Some cookies are essential to ensure our website works effectively or in order to provide you with a service you have requested, such as an automatic log-in or the automatic completion of your details. This also applies when you make use of 'remembering’ your shopping cart contents in the webshop so that, the next time you visit, the website remembers what you placed in your cart.
2. Optimisation cookies
One of the reasons we use these cookies is to collect information. This information shows us which pages are visited the most, which pages are effective and which result in error messages. We use this information to optimise user convenience on the website and the Carnegie Foundation does not track individual visitors.
The Carnegie Foundation website uses Google Analytics, a third party. Google Analytics is a Google service for collecting statistics and data from a website and providing a detailed summary of it. Using Google Analytics, we can view data about visitors’ behaviour, how many there are, where they come from and which pages are visited. This enables us to respond more effectively to users’ needs. The information collected by Google Analytics is used only to provide the Carnegie Foundation with information about the use of the websites and is not shared with third parties.
3. Social media cookies
If you are logged on to your social media websites (Facebook, Google, etc.) and have given permission on the Carnegie Foundation websites for this category of cookie, you can make use of additional features. This includes sharing information simply by using Facebook Like, Google+, Twitter, etc. For details of the cookies used by social media parties and any data they may collect using them, we refer you to the statements these parties provide about this on their own websites. Please note that these statements may change regularly. The Carnegie Foundation has no influence on this.
Last update: 31 October 2023