Privacy
The COA wants you to understand the way in which personal data is used. If you have applied for asylum in the Netherlands and you are (or have been) a resident of one of the COA reception centers, this privacy statement applies to you.
The GDPR
Central Agency for the Reception of Asylum Seekers (COA). The COA adheres to the General Data Protection Regulation (GDPR). The COA collects and processes data in order to provide reception and guidance to asylum seekers.
Important concepts explained
The concept of 'personal data' concerns all information about a person ('the data subject'). This includes your name, address, date of birth, nationality and telephone number. But also hobbies and your bank account number.
'Processing' or 'using' personal data consists of all actions that the COA can perform with your personal data. Consider, for example, writing down, storing, changing, forwarding and erasing data.
This privacy statement explains how COA handles (the protection of) your personal data.
Privacy statement for residents
1. Which of my personal data does the COA process?
The COA processes the following types of personal data about you:
- Legal identification number (such as your alien registration number);
- Identification data (such as your name, date of birth and gender);
- Contact details (such as your telephone number and email address);
- Address details (such as your residence address and address of the reception center);
- Document data (such as document type and document number);
- Personal characteristics (such as your profession, family relationships and hobbies);
- Financial data (such as your bank account number, income details and your own funds);
- Communication data (such as interview reports and notes);
- Legal/procedural data (such as data relating to your asylum procedure).
- Portrait photos
In addition, the COA may process special personal data about you. This is data that shows the following:
- Race or which population group you belong to;
- Faith or religion.
And possible processing of:
- Personal characteristics (e.g. fingerprint) to determine identity;
- Data about your health;
- Data from criminal law.
2. From whom does the COA receive my personal data?
The COA receives your personal data directly from you or your lawyer. We also receive them from other government departments and (social) organizations that are involved in your asylum procedure, your reception and guidance, or your care.
Below are possible government departments and (social) organizations from which the COA receives your data.
Departments of the Ministry of Justice and Security
- Repatriation and Departure Service (DT&V)
- Immigration and Naturalization Service (IND)
- Police and its components such as the Aliens Police, Identification and Human Trafficking Department (AVIM)
- The Custodial Institutions Agency (DJI) and its Transport and Support Service (DV&O)
Other collaboration partners
- Royal Military Police (KMar)
- Health Care for Asylum Seekers (GZA)
- Stichting Nidos, the independent (family) guardianship institution in the Netherlands
3. Why does the COA process my personal data?
The COA processes your personal data to provide reception and guidance during your asylum procedure in the Netherlands (our main goal). That goal is still very broad and can be split into several (matching) goals. Our main goals are:
- Providing reception and guidance. The reception consists of shelter, benefits in kind and providing access to basic resources such as health care in one of our COA centers.
- Providing you with guidance at a COA center, including by:
- supporting you in preparing for a future in the Netherlands or abroad;
- helping you take care of yourself at the reception center and for the future;
- guidance in the fields of education, housing, emancipation, integration and participation or return; - Carrying out residential management (ensuring safe living), for example by visiting and checking rooms, writing down and storing signals of human trafficking & and smuggling and writing down and storing incidents (horrible events).
- Supporting you on your way to adulthood if you are an unaccompanied minor foreign national (hereinafter: 'UMFN'.
- Terminating your reception, including by:
- supporting your path to a municipality;
- mediating for housing to a municipality;
- supervising your independent or forced return to the country of origin or Dublin country. - Ensuring a safe and livable location. Not only for you but also for other residents and/or COA employees. For example, by recognizing, writing down and saving reports about aggression, violence and other incidents.
- Acting in the event of an emergency, such as an accident or an illness that requires acute care for you.
- Carrying out various general studies in order to continuously improve the reception and guidance of the COA.
4. On what basis does the COA process my personal data?
The COA may only process your personal data if there is a 'legal basis' for this. This basis follows from the GDPR. For the reasons mentioned above (question 3), the COA checks whether the use of your data is necessary to:
- comply with what the law requires of the COA
- protect the vital interests of you or another person
- carry out a task of general value or a task that concerns public authority by the COA.
Or you have given the COA consent to use your data for a special reason.
In most cases, the COA uses your data to provide good reception and guidance. This task is imposed on the COA by law. Without your data, it is not possible for us to carry out this task properly and completely.5. When does the COA pass on my personal data to others?
The COA may share your personal data with others. Of course, the COA only does this if there is a good reason for it. For example, because this is necessary for your reception and guidance.
In some cases, the COA is by law obliged to process certain personal data and provide it to third parties, such as the police in connection with a criminal investigation or the Dutch Data Protection Authority (AP).
The COA only shares the necessary data; and only with those people who need the data to perform their work. Just like the COA, other parties must handle your personal data with care. We make clear agreements about this.
Read below with which organizations the COA can share your data.Departments of the Ministry of Justice and Security
- Repatriation and Departure Service (DT&V)
- Immigration and Naturalization Service (IND)
- Police and its components such as the Aliens Police, Identification and Human Trafficking Department (AVIM)
- The Custodial Institutions Agency (DJI) and its Transport and Support Service (DV&O)
Care partners
- Health Care for Asylum Seekers (GZA), via Arts en Zorg
- MediFirst
- Medical Care Scheme for Asylum Seekers (RMA), via health care insurer DSW
- Municipal or Community Health Service and Medical Assistance Organization in the Region (GGD and GHOR)
Other collaboration partners
- Royal Military Police (KMar)
- International Organization for Migration (IOM);
- Stichting Nidos (the independent (family) guardianship institution in the Netherlands)
- Dutch Council for Refugees (VWN)
- Veilig Thuis (the hotline for domestic violence and child abuse)
- Expertise Center for Human Trafficking and Human Smuggling (EMM)
- Statistics Netherlands (CBS)
- Education Executive Agency (DUO)
- National Institute for Public Health and the Environment (RIVM)
- Red Cross
- Takecare BnB (host family)
- Xonar.
Other categories of collaboration partners
- Municipalities
- Banks
- Carriers such as taxi and coach companies
- Educational institutions such as daycare centers and schools
- State inspectorates, emergency services, supervisors or judicial authorities for the execution of a legal duty or in the event of an emergency
- Lawyers for the resident to represent his interests
- Lawyers, accountants and auditors to represent the COA's interests
- Insurers in the context of liability insurance for asylum seekers
- Interpretation services
- Security services such as Trigion
- Collaboration partners with a focus on children in shelters or unaccompanied young people (UMFN). Your personal data will remain within the European Union as long as the COA is responsible for your data.
If the COA has to send your data to a country or organization outside the EU, this is always done securely.
6. How long does the COA retain my personal data?
The COA does not retain your data longer than necessary to achieve its goals. The COA retains your data in your 'resident file'. There are rules about how long your data may be kept there. The COA may retain the information in this file for up to 20 years after the file has been closed. The COA may retain all information about your finances for up to 7 years after the file has been closed.
7. How does the COA protect my personal data?
The COA ensures your data is safe and not misused. The COA protects your data in accordance with the rules that the government has drawn up for this purpose. In addition, all COA employees and volunteers must keep your data confidential.
8. What are my rights?
You have various rights under the GDPR. You sometimes have the right to:
- view your personal data that COA uses about you;
- change your data (or have it changed);
- have it erased;
- object to the use of your personal data;
- ensure your data is used less;
- get your data digitally.
If you wish to exercise any of your rights, please contact the COA using the details below (see paragraph 9).
The COA will process your application as quickly as possible, but in any case within one month. If answering your request takes more time, you will hear this within one month. The COA always tries to help you as much as possible with your application, but that is not always possible or allowed. There may be good reasons to reject your application. For example, the COA may be obliged by law to retain your data.
In addition to the rights mentioned above, you can file a complaint with the Dutch Data Protection Authority (hereinafter: 'AP'). The AP checks whether organizations comply with privacy legislation in the Netherlands. Do you have a complaint? It is best to contact the COA first before contacting the AP. We always do our best to resolve your complaint according to your wishes. The contact details of the AP can be found on the website www.autoriteitpersoonsgegevens.nl.
Please note that the COA must check your identity for questions or applications. This is done to prevent the COA from sharing your personal data with the wrong party or incorrectly adjusting your data.
All decisions made by the COA in carrying out the reception task are made by COA employees and never by automatic systems.
9. Who can I contact with questions, requests or complaints about the use of my data by the COA?
You may have questions, requests or complaints about the use of your data by the COA. Then you can contact the COA information line. This can be done by email or by post. The COA tries to respond as quickly as possible, but in any case within one month. In exceptional cases, this may take a maximum of three months.
Email address:
info@coa.nlCorrespondence address:
Centraal Orgaan opvang asielzoekers
Postbus 30203
2500 GE Den HaagThe COA also has a Data Protection Officer ('FG'). This officer works at the Ministry of Security and Justice and has the important task of monitoring the COA's compliance with the GDPR.
Contact details of the FG:
fg@minjenv.nl Attn. COA
This privacy statement was adopted by the board on August 27, 2019.