Privacy statement

1. Data controller

The Minister of Justice and Security is what we call the data controller for the Dutch Caribbean Police Force (KPCN). The Minister determines for what purpose and by what means, how and what data are processed. The controller must ensure compliance with privacy legislation and regulations. 

The chief of police is in charge of the day-to-day management of the KPCN and is a mandated data controller. Besides the police, there are other organisations, e.g. the Royal Netherlands Marechaussee and the Coast Guard, which are involved in investigation. They have their own data controller.

Processors and processing agreements

The police cannot carry out all data processing. Sometimes we outsource this to another party: the processor. To ensure that this processor complies with privacy legislation and regulations and the policy standards of the police, we conclude a processing agreement.

2. What do the police process personal data for?

The law states that personal data must be processed lawfully. As the police, we have to deal with two Acts: the Personal Data Protection (BES) Act and the Police Data Act (Wpg). Besides these two, there is other legislation that contains provisions about the processing of personal data in special situations.

Police Data Act (Wpg): police duties

The processing of personal data for the performance of our police duties falls under the Wpg. This includes data that we collect for the detection of criminal offences, the maintenance of public order or emergency assistance. Of course, we do all this within the parameters of the law.

Personal Data Protection (BES) Act (Wbp BES): internal business operations

In addition to the performance of police duties, we are also an 'ordinary' business. The Wbp BES is applicable to the processing of data for our internal business operations, e.g. personnel administration, complaints handling, ICT facilities, marketing, and communication.

Then there are other duties covered by the Wbp BES: the granting of permits by the chief of police and the foreigners' duties of the police, and the management of the 9-1-1 emergency switchboard by the chief of police.

3. Aliens Supervision

The Aliens Supervision Department of KPCN processes personal data about and from foreign nationals under the Admission and Deportation (BES) Act. Both of foreign nationals who want to apply for residence and of foreign nationals who are allowed to stay in the Netherlands. 

Personal data are also processed about other persons (data subjects), e.g. family members, interpreters, agents, and employees of government agencies we work with. The personal data are treated confidentially. This concerns personal data that you have provided to us as a foreign national or as a data subject. We also process personal data in the performance of the supervision under the Aliens Employment Act. 

In addition to name, address, and place of residence data (contact information), the Aliens Supervision Department also processes data like: email address, telephone number, nationality, and passport number, place and date of birth, gender, marital status, spoken language, and the personal identification numbers prescribed by law, e.g. the alien number, the Sedula number, and other data from which the identity of the foreign national can be deduced.

Apart from these general personal data, the Aliens Supervision Department also processes special personal data in certain cases if this is necessary for the performance of our duties. This includes data indicating racial or ethnic origin, political opinions, religious or philosophical beliefs, as well as data on health, data on sexual behaviour or sexual orientation, and data on criminal convictions and criminal offences.

4. Security cameras

The police use security cameras to protect their own employees, premises, and properties. These data are covered by the Wbp BES.

Cameras for the police duties

The police use both fixed and mobile cameras. The processing of these data is covered by the Wpg. In certain situations, police employees visibly wear bodycams. This involves recording both video and audio. Bodycams are not always turned on. It is up to the individual employee to decide when to turn them on and this must also be visible. There is therefore no question of surreptitious recording.  

In pursuance of Section 156 of the Public Entity (BES) Act, the municipality can install fixed cameras for the benefit of the maintenance of public order. The Island Governor decides where the cameras are installed, but the footage obtained falls under the Wpg and therefore under the processing control of the chief of police.

5. 911 - emergency switchboard

24 hours a day, seven days a week, the Control Room Unit accepts, processes, and registers all (emergency) calls from citizens for the benefit of the police, Royal Netherlands Marechaussee, ambulance services, fire brigade, and Coast Guard. Based on assessment and prioritisation, adequate assistance is deployed. The Control Room Unit also handles the deployment of emergency vehicles and units, and coordinates and supports communication between services, units and those involved during incidents. The Control Room Unit monitors the readiness and availability of deployable vehicles and units of both the police and the fire brigade. In addition, the Control Room Unit is in charge of the upscaling (calling of officers) and communication during large-scale incidents. 

6. Authorisations and information security

Authorisations

Only employees authorised to do so are granted access to data. They can only view the data they need to do their job. We may grant access to employees of other organisations with investigative duties. They too are only granted access to the data they need to do their job.

Logging

The actions of employees in police systems are logged. We keep track of who performs what action at what time in a particular file. The Police Data Act mandates logging. Whilst the Wbp BES does not mandate logging, it does emphasise accountability and documentation.

Logging data are used:

• for verification of the lawfulness of the data processing;

• for internal controls;

• for the safeguarding of the integrity and security of police data;

• for criminal proceedings.

Information security

The police take appropriate measures - technical and organisational - to protect police or personal data against unauthorised or unlawful processing, against intentional loss, destruction or damage.

7. Retention periods

Police Data Act (Wpg)

The Wpg contains fixed retention periods for personal data. The Wpg also makes a distinction between deletion and destruction of data. When we delete data, they are not gone permanently yet. We place them behind a digital bulkhead, as it were, and in principle they can no longer be accessed. This is only possible if there are urgent reasons for doing so and under conditions.

Destruction is a definitive action. The data can no longer be retrieved.

Section 13 is a separate section in the Wpg and concerns the further processing of data. This means that there is a purpose other than that for which the data were collected. The retention periods for the purpose pursuant to Section 13 Wpg are laid down in a separate protocol.

Retention period logging data for Wpg data
The retention period for logging data is linked to the periodic privacy audits that the police are legally required to conduct. These external audits are carried out every four years, followed by a re-audit, if necessary. A maximum retention period of five years has therefore been established for logging data.

Personal Data Protection (BES) Act (Wbp BES)

The Wbp BES does not specify any specific retention periods. At the police, we retain personal data for as long as is necessary for the purpose for which they were collected, or as required under the Archives Act. Data are not kept for longer than permitted by law. Sometimes other legislation may apply that establishes a specific retention period. 
Retention period logging data for Wbp BES data
Wbp BES data are basically also retained for five years, but logging data from certain (internal business applications) may be retained for a shorter period. This concerns cases where keeping the data is no longer necessary for accountability. Examples include the logging of room reservation systems.

8. Deletion and destruction

The Wpg makes a distinction between deletion and destruction of data. When we delete data, they are not gone permanently yet. They are placed behind a digital bulkhead, as it were, and can no longer be accessed. We can only retrieve the data if it turns out that we need them for a complaints procedure or for accountability reasons.

If a major investigation needs to be conducted, which has a significant impact on the rule of law, then these data may be reprocessed, and thus also be consulted. This is only possible if the public prosecutor so orders.

Destruction is a definitive action. The data can no longer be retrieved.

The Wbp BES does not make a distinction between deletion and destruction and refers only to destruction. We cannot retain data for longer than necessary for the purpose of the processing. After that, we must destroy them. How long we retain data varies from case to case.

9. Sharing of data

In addition to the police, the Wpg is also applicable to the Royal Netherlands Marechaussee, the Rijksrecherche, and the Coast Guard.

The Wpg is also applicable to the processing of personal data by the  extraordinary police officers (Bavpols). They are employed, inter alia, at:

• Tax Office Caribbean Netherlands, Customs Department

• Labour Inspectorate Caribbean Netherlands (AI-CN)

• Public Entity Bonaire (OLB) – at the Supervision and Enforcement Directorate (T&H) compulsory education officers

• Foundation National Parks St. Eustatius (Stenapa)

• Foundation National Parks Bonaire (Stinapa)

• The Saba Conservation Foundation (SCF)

If it is necessary for the duties of these parties then the police make police data available for this purpose. This is not applicable to entities not bound by the Wpg.

Police can only provide data to non-Wpg parties if there is a legal basis for doing so.

Also, for the purpose of alien supervision, the police obtain personal data from the foreign national, from a data subject e.g. interpreter or authorised representative and/or from cooperating (alien chain) partners. 

Data are shared with cooperating partners, the main ones being:

• the Immigration and Naturalisation Service (IND);

• the Repatriation & Departure Service (DT&V); 

• the Labour Inspectorate Caribbean Netherlands (AI-CN).

10. Rights of data subjects

The person to whom the personal or police data are related is called the data subject. The data subject has a number of rights, such as the right to:

• information

• rectification

• data erasure / destruction

• restriction of the data processing

• objection / appeal

Do you want to exercise any of the rights listed above? Then submit a written request to KPCN. Please also include a copy of a valid identification document to verify your identity. 

11. Supervision

11.a. Privacy Officer (PO)

The police have a Privacy Officer (PF). They provide advice but also monitor the application of and compliance with privacy legislation internally.  

11.b. Commission Supervision Personal Data Protection BES

The Commission Supervision Personal Data Protection BES (Cbp BES) is the supervisory authority of the Caribbean Netherlands that oversees the application of privacy legislation. Anyone with complaints about the use of personal or police data by KPCN can contact the Cbp BES.

Commission Supervision Personal Data Protection BES 

Kaya Industria 15E
Tel: 0599 – 7159114

12. The use of personal data on the website of the police

By default, the forms on Politie.nl ask for your name, address, postcode, place of residence, telephone, and email address. All fields are optional, so it is not compulsory to fill in your personal data. An exception has been made for the email address. To provide you with the best possible service, the police want to be able to contact you. For example, to be able to ask you a question and, of course, to be able to reply if you submitted a question yourself.

Your internet provider automatically sends part of your IP address along with the form you send via Politie.nl. If you want to share information with the police anonymously, please contact Tip Line 9310.

For the measurement of web statistics, the police collect anonymous data on the use of this website. Analysis of the data collected makes it possible to improve the website so that visitors can find information they are looking for as easily as possible. In addition, web statistics allow the police to further optimise their services. The data collected are not used for any other purpose or made available to third parties.

It involves the following data: your IP address, the address of your internet service provider, the browser you use (e.g. Chrome, Firefox, Internet Explorer or Safari), the time and duration of your visit, and which pages you visited. It also uses cookies.

13. Privacy and applications

You can apply for vacancies at the police on this website. Do you want to read more about privacy and applications? Then click here.

This privacy statement was published on @@ We can revise this privacy statement. Hence, regularly check this website for the latest version.