Privacy Statement

Carnegie Foundation Privacy Statement

 

The Carnegie Foundation processes personal data and other information in accordance with applicable legislation. As of May 25, 2018, the General Data Protection Regulation (GDPR) applies. This means that from that date, the same privacy legislation is in force throughout the European Union (EU). The GDPR is also known by its Dutch name: Algemene Verordening Gegevensbescherming (AVG).

We highly value your privacy and handle your personal data with care. Below you will find exactly what you can expect from us and the rules we adhere to.

1. Applicability

This Privacy Statement applies to the processing of personal information (hereinafter: personal data) provided by visitors (including researchers and library members), as well as data obtained from visiting and using the website www.peacepalacelibrary.nl.

2. What constitutes processing?

Almost every action, such as collecting, recording, organizing, structuring, storing, updating, modifying, retrieving, consulting, using, providing, transmitting, distributing, making available, and deleting, constitutes processing within the meaning of personal data processing.

3. Controller

The controller for data processing is the Carnegie Foundation, Carnegieplein 2, 2517 KJ The Hague, registered with the Chamber of Commerce for Haaglanden under number 41149745. The Peace Palace Library is part of the Carnegie Foundation.

For questions, please contact our privacy officer via privacy@peacepalace.org.

4. What personal data does the Carnegie Foundation process?

  • First and last name
  • Job title
  • Email address
  • Areas of interest
  • IP address
  • CV (for research application)
  • Proof of university or employer membership (for research application)

Optionally, you may have provided:

  • Address details
  • Phone number
  • Date of birth
  • Gender

5. Why do we process this personal data?

As part of our services and access security, the Carnegie Foundation records data. This is the case, for example, when you sign up for the library's newsletter, become a member of the library, or otherwise express your interest or have contact with the library of the Carnegie Foundation. We also process personal data to optimize the layout of the website based on insights we gain from the use and visits to our website.

We process personal data for the following specific purposes:

  • Legal obligations
    A small portion of the processing is legally required. This mainly concerns personal data necessary to comply with our tax obligations.
  • Library members
    In our membership administration, we keep track of which individuals and organizations (including relevant contact persons) are members of the library so that we can reach you in order to serve you as best as possible. This includes providing the information you requested or handling the information you provided, conducting internal anonymized analysis of data regarding consulted publications to improve our offerings, and contacting you about your membership.
  • Research in the library
    Researchers who wish to conduct research in the library must provide certain personal data necessary to assess a submitted request for a so-called ‘Letter of Admission’ from the Library.
  • Service provision
    You can contact us through various channels, such as telephone, mail, email, X (formerly known as Twitter), Facebook, Instagram, LinkedIn, or via the feedback link. To make this possible, we also process personal data.
  • Newsletters
    You can subscribe to the newsletter of the Peace Palace Library. The newsletter contains information about activities, services, and other interesting topics. If you no longer wish to receive the newsletter, you can unsubscribe via a link in each email.
  • Visitor registration
    Visitor registration is also carried out to ensure safety on the premises. The safety of all visitors and employees of the institutions housed in the Peace Palace is our responsibility and is of great importance to everyone on the premises. Personal data that may be processed for this purpose include, for example, camera footage or license plate data if you are permitted to enter the premises by car. On the grounds of the Peace Palace and inside the buildings, cameras are installed in various locations as a means of securing access to the building and protecting the property of the Carnegie Foundation.
  • Improving website services of the Carnegie Foundation Library
    To improve our services via the website, we also collect personal data. This concerns general visitor data, without identifying the visitors, such as IP addresses, the time you visit us, and the topics you view through your click behavior.
  • The Carnegie Foundation may anonymize personal data and subsequently use it at an aggregated and anonymized level for research purposes and to optimize its service offerings and operations. The aggregated and anonymized data cannot be traced back to you as an individual.

Legal bases for processing

As explained above, we process data to fulfill a legal obligation, to execute an agreement (membership), and to pursue a legitimate interest of the Carnegie Foundation. Finally, we process certain data with your consent (newsletter).

6. Your personal data and third parties

The Carnegie Foundation never sells your personal data to third parties. However, the Carnegie Foundation does make use of the services of other parties. This happens only after security and privacy screening and after the company concerned has signed an agreement regarding the use and protection of personal data. See point 8 for further information.

7. Your rights

The GDPR gives you certain rights. We do our utmost to meet this requirement. To exercise your rights, you can contact our privacy officer via privacy@peacepalace.org. You can also use this email address if you have questions about the way in which the Carnegie Foundation handles your data or any other questions or comments about this privacy policy. 

  • Information and access: Of course, you can obtain information at no charge about your data that is processed by the Carnegie Foundation.
  • Right to rectification: If you believe that we have inaccurate information about you, you can arrange to have your data changed by notifying us about this.
  • Right to be forgotten: You are also permitted to ask us to erase your data from our database. However, you must realize that we cannot always comply. For example, if you are or have been a donor, the Tax and Customs Administration requires us to retain agreements for seven years. In addition, if you ask us to stop approaching you with fundraising requests, we need to keep your name in order to be able to exclude you from our future campaigns. Of course, if we cannot honor your request, we will notify you as to the reasons.
  • Right to restriction of processing: If you believe that we are processing your personal data unlawfully or improperly, you can also have this processing restricted.

We will handle any of the above requests to consult, adapt, restrict or delete personal data immediately and you will be notified about the action taken in response at the latest within a month of receiving your request.

  • Right to object: If you wish to object to the (continued) processing of your personal data, you can contact us. The Carnegie Foundation will handle your objection immediately, at the latest within one month, and will delete any relevant personal data, unless we are obliged to retain it as a result of a statutory obligation. If this is the case, we will notify you of this.
  • Right to data portability: If you wish, you can obtain your personal data from us in a machine-readable format, for example if you would like to transfer it to another organization. To do this, please contact us.

In addition, you can also withdraw your permission, for example to receive emailings.

If you have any complaints about the way in which the Carnegie Foundation processes your personal data or handles your requests, you can contact our privacy officer. If this still does not resolve the issue, you can always make use of your right to submit a complaint to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

8. How does the Carnegie Foundation protect your personal data?

  • The Carnegie Foundation has taken appropriate technical and organisational measures to protect your personal data. This protects your personal data against unauthorised or unlawful processing as well as deliberate loss, destruction or damage.
  • In providing our services, we enlist third parties to process personal data. If these third parties process personal data in providing their services, they do this in the capacity of what is known as processor for the Carnegie Foundation. The service provider concerned receives only the necessary data from us and is obliged to protect your personal data. An SSL certificate has been installed on all webforms. In addition, the data is stored in a secured database. We enter into agreements with all our processors that oblige the processor to observe all of the obligations in the GDPR and in this privacy policy.

The Carnegie Foundation websites include a number of links to other organisations’ websites. The Carnegie Foundation is not responsible for the way in which these parties process personal data. For this, you can read the privacy statement of the organisation concerned.

9. Retention periods

We retain your data only as long as necessary to achieve the purposes for which we process your data and no longer than is legally permitted. The final retention period varies depending on the type of personal data. Immediately after the expiration of the Carnegie Foundation’s retention period, the Carnegie Foundation will delete and/or anonymize the personal data, unless the law requires certain personal data to be retained for a longer period.


We apply the following retention periods:
•    Data automatically recorded in log files regarding consultations of our digital collections and files will be deleted no later than 1 year after collection.
•    Directly identifiable data, such as your name or address, will be retained for a maximum of 2 years after your membership has ended.
•    Correspondence via email will be retained for a maximum of 1 year.
•    CVs (researchers): 4 weeks after the end of the research period and up to 1 year with consent.
 

10. Cookies

In offering its services, the Carnegie Foundation uses cookies. A cookie is a small, simple file containing data that is stored on the hard drive of your computer or is in your browser session.

The Cookie statement below provides you with all you need to know about the use of cookies by the Carnegie Foundation

11. Changes

We reserve the right to amend this privacy statement. Please check regularly for updates.

Last updated: July 24, 2025

 

Cookie statement

In offering its services, the Carnegie Foundation uses cookies.

What is a cookie?

Cookies are small, simple text files that your computer receives when you visit one of our websites. Cookies are used on practically all websites. The use of cookies is important for the service provided by the Carnegie Foundation via the website and we would therefore like to inform you as fully as possible about our use of cookies.

With the help of cookies, the Carnegie Foundation can ensure, for example, that you do not repeatedly receive or have to enter the same information when you visit our website. This makes using our website easier for you. Thanks to cookies, we can also see how the website is being used and where we can still make improvements. The cookie statement explains which cookies the Carnegie Foundation uses to make its online services possible.

Types of cookies

The cookies used by the Carnegie Foundation can be divided into different types:

1. Necessary cookies and cookies for requested services

Some cookies are essential to ensure our website works effectively or in order to provide you with a service you have requested, such as an automatic log-in or the automatic completion of your details. This also applies when you make use of 'remembering’ your shopping cart contents in the webshop so that, the next time you visit, the website remembers what you placed in your cart.

2. Optimisation cookies

One of the reasons we use these cookies is to collect information. This information shows us which pages are visited the most, which pages are effective and which result in error messages. We use this information to optimise user convenience on the website and the Carnegie Foundation does not track individual visitors.

The Carnegie Foundation website uses Google Analytics, a third party. Google Analytics is a Google service for collecting statistics and data from a website and providing a detailed summary of it. Using Google Analytics, we can view data about visitors’ behavior, how many there are, where they come from and which pages are visited. This enables us to respond more effectively to users’ needs. The information collected by Google Analytics is used only to provide the Carnegie Foundation with information about the use of the websites and is not shared with third parties.

3. Social media cookies

If you are logged on to your social media websites (Facebook, Google, etc.) and have given permission on the Carnegie Foundation websites for this category of cookie, you can make use of additional features. This includes sharing information simply by using Facebook Like, Google+, X (formerly known as Twitter), etc. For details of the cookies used by social media parties and any data they may collect using them, we refer you to the statements these parties provide about this on their own websites. Please note that these statements may change regularly. The Carnegie Foundation has no influence on this.

How can you refuse cookies?

You are always entitled to refuse cookies. To do this, you can adjust the settings on your web browser (for example, Internet Explorer, Google Chrome or Mozilla Firefox) to refuse all cookies or only specific cookies (for this, consult your web browser guide). If you refuse cookies, it is possible that you will not be able to use certain services on the website properly or they may not be available to you.

Last update: 31 October 2023