Universiteit Leiden

nl en


Cybersecurity month: GDPR

1 November 2021

Like other institutions, the University has to take good care of your personal data. It may only use data that is required for specified, explicit and legitimate purposes. This is called purpose limitation and is an essential part of the General Data Protection Regulation (GDPR). 

Statement: If the University asks for my personal data, I should first ask why it needs this. 

Correct: The University will and may only ask for your data if this is for a specific purpose. If you receive such a request, always make sure it does come from the University and isn’t a phishing attempt. If the request is from the University, you should still check whether the University is allowed to collect your private data for this purpose. For more information about the GDPR, follow this E-learning or see the webpage Personal data: privacy and the GDPR.

The average E-learning takes just ten minutes, and you could win a fantastic prize at the end of the month!

This website uses cookies.  More information.