Privacy statement city of Leuven

We process your personal data with respect for your privacy. Therefore we always treat personal information confidentially and according to the European General Data Protection Regulation ('AVG' or 'GDPR').

How do my personal data end up at the city?

Personal data is data with which you can identify someone.
There are two types:

  • General data
    Name, address, telephone number, address, IP address, national register number ...
  • Sensitive data
    Information about sexual orientation, ethnic origin, religion, political affiliation ... This data requires extra security.

If you use services or products from the city, we often need personal data from you. You give it to us, for example, via a form on our website or by phone. Sometimes we get that information from other governments (for example, to use data from the national register).

What is my personal information used for?

We use your personal data only for the purpose for which we received it.

  • Did you give us your name and address to receive a brochure? Then the city only uses your data to provide you with that brochure and not to send other material.
  • Did we get permission to retrieve your data from the national register? Then we use that data only for the purpose for which we were authorized.

If we also want to use your data for something else, we will first ask your permission. You can withdraw that permission at any time.

I want to withdraw my permission (only Dutch form)

Will my details be passed on to others?

We will not pass your details on to others unless this is necessary for the provision of services or that is required by law.

We have an agreement with organizations that process your data on behalf of the city, for example with the company that makes our website. This way we ensure that they also handle your data securely and confidentially. The city remains responsible for the processing of your personal data.

We also use other platforms for our services, such as Twitter, Facebook, Mailchimp and Google Analytics. The city has no influence on the way in which these external platforms handle your personal data. Your data may end up outside the EU. Read the privacy statement of those platforms.

How long will my personal data be kept?

We do not keep your data longer than necessary for the purpose for which we received it. Personal data is then destroyed.

What are my rights?

You have the right to have access, correct and delete your personal data. You can also request a copy, limit the processing of your data and them transmitted to another controller.

Make your application online. You will receive a reply as soon as possible, at the latest 30 days after we have received your application and proof of identity.

View, modify, delete, restrict or transfer my personal data (only Dutch form)

Which cookies does the city use?

The city uses cookies to analyze and improve its websites. You can find more information about the cookies we place on the website itself.

Read more about the cookies

Can the city use my photo?

  • Did we take a portrait photo of you? Then we first ask permission to use it. You can withdraw your permission (only Dutch form) at any time.
  • We may use photos of public persons (eg politicians), a crowd or in public places for neutral messages without permission.

How does the city deal with newsletters?

We only use your e-mail address to send the newsletter you subscribed to. You can always unsubscribe with a link in the newsletter or online. We will delete your data immediately.

We send our digital newsletters via Mailchimp, an external platform. Read the conditions.

How does the city deal with social media?

Are you reporting a problem or are you asking us a question on social media? Then we only use your personal data to help you further.

In competitions we only use your personal data to contact you if you win. The conditions of each competition can be found in the competition rules. After the competition we will delete your data.

What are images of cameras used for?

  • For safety reasons, cameras are installed in some places. We received permission from the Privacy Commission for this. We only view the recordings after an incident and do not keep them for longer than 4 weeks, unless the police ask them to keep them for longer.
  • For the Smart Sporting Cities project, there are cameras in Park De Bruul and on the Philips site. They measure sports and exercise behaviour. The images are not saved, but analyzed, processed and deleted automatically and in real time on the camera itself. Only specific counting data such as the number of people, type of activities, etc. are saved.

What about changes to our privacy policy?

We regularly review our policy on personal data against the law. That is why we may adjust our privacy statement in the future. The changes are valid from the moment they are published on this website.

How can I report a data breach?

There is a data breach as personal data:

  • Have been stolen or lost (eg USB stick lost in the train).
  • Have not been processed correctly (eg saved without the knowledge or consent of the person concerned).
  • Watched or edited by people who are not allowed.
  • Stored longer than necessary or agreed, without the consent of the person concerned

Do you think there is a data breach in the city? Report us (only Dutch form).

How can I submit a complaint?

Do you have a complaint about the processing of your personal data? Report it to us (only Dutch form).

You can also submit a complaint to the Vlaamse Toezichtcommissie (VTC).


Your personal data is processed by:
Stad Leuven
Professor Van Overstraetenplein 1
3000 Leuven

For any questions, remarks or complaints with respect to your privacy, you can contact us:

Verwerkingsverantwoordelijke GDPR

Professor Van Overstraetenplein 1
3000 Leuven

Je kan je vraag ook stellen aan de functionaris voor gegevensbescherming (DPO) van de stad. Die werkt voor ons via Interleuven, een intergemeentelijke samenwerking waarvan wij één van de vennoten zijn.

Functionaris voor Gegevensbescherming (Data Protection Officer)

Something wrong or unclear on this page? Let us know.