Universiteit Leiden

nl en


Additional personal data required for taxed payments to third parties (IB-47)

3 January 2022

As of 1 January 2022, additional personal data is required for certain types of payment to third parties. Take good note of this when requesting personal data from such parties. 
If the University makes payments to people who are neither employed by the University nor independent contractors, the University has to notify the Tax and Customs Administration (Belastingdienst) of these payments using the IB-47 form. This only applies to people who live in the Netherlands and only if they receive more than €10 per year from the University.

This concerns, for example, test participants, student helpers, guest speakers, third parties who are receiving gifts, or ‘natural persons’ as they are known. But it also concerns self-employed people and lecturers if they are making use of a VAT exemption. 

For these types of payment, the University needs additional personal data from the beneficiary. 

As of 1 January 2022, the following data is required: 

  • Name and address
  • Date of birth 
  • Citizen service number (BSN)
  • IBAN (if this is a bank payment)

This means that from now on date of birth and BSN are also required personal data.

Date of birth and BSN will be added to the required data in the following application processes:    

  • Payment request by bank (without invoice) for payments without invoice to third parties on the Service Portal.
  • Approve payment request (VVV/cash) for requesting VVV vouchers on the Service Portal.
  • Hiring independent contractors  for requesting payments to third parties on the form ‘Work carried out by independent contractors’  and on the self-completed expense form.
  • Claim form to request a bank payment to people who are not employed by the University. 

Given the sensitivity of the data, it is likely that both the Dutch Data Protection Authority and the person concerned will have to be notified of a data breach. This must be done within 72 hours. Any data breaches must always be reported to the ISSC helpdesk so that the data breach procedure can be started.

031 71 527 8888 

This website uses cookies.  More information.