Privacy statement

Last updated December 2025*

Who is responsible for the processing of your personal data?

The Management Foundation Support Postinfectious Diseases, of which the Q-support and C-support Foundations are part, located at Goudsbloemvallei 1, 5237 MH 's-Hertogenbosch, is responsible for the processing of your personal data as mentioned in this privacy statement.

Why do we process your personal data?

We process your personal data to provide you with the best possible support and advice regarding your personal situation. We also process your data for analysis and research purposes. These analyses and research allow us to optimize patient support. In some cases, we need your data for purposes such as handling complaints or to inform you about our services.

Your personal data will only be processed if you have given permission. We will inform you about this when you register.

What data do we process?

Personal data is information that reveals something about a person. For example, someone's name, address, or phone number. It also includes information such as an email address, date of birth, or details about someone's health, religion, or financial situation. Special personal data is data that is extra sensitive and therefore deserves extra protection under the GDPR. This includes, for example, information about your medical situation. When you register with us, we process the following data:

Personal data that we process:

• Name;
• Address;
• Date of birth;
• Sex;
• (Mobile) telephone number;
• E-mail address;
• Any test result for Q fever or COVID-19 test;
• Any COVID-19 vaccinations;
• GP contact details;
• Referral from your GP.

If you have had a conversation with one of our employees, data on the following topics may also be processed:

• Financial situation;
• Social functioning/your social network;
• What assistance questions do you have?
• Mental well-being;
• Physical health;
• Limitations and diagnosis;
• Medical reports;
• Working conditions.

How long do we retain your personal data?

We retain your data during the aftercare process based on consent. If you withdraw that consent or request the deletion of your data, we will delete it. However, this does mean we can no longer support or advise you. You can always re-register and give your consent again. Your file will be retained by us for 10 years after the aftercare process has been completed.

Is data shared with third parties?

To provide you with the best possible support, we use systems and software programs to process and store your data as securely as possible. We have data processing agreements in place with companies that process personal data on our behalf, containing clear agreements regarding the protection and security of this data. This ensures a reliable level of security and confidentiality. We remain responsible for the processing of personal data by these parties at all times.

We share your data only when necessary to support you, for our business operations, or when we are legally obligated to do so. You can find the full list of party categories on page 5 of the full privacy statementYou can read who has access to your file and how your data is secured on page 6 of the full privacy statement.

What cookies or similar technology do we use?

Our website uses cookies. These are small files placed on your computer, tablet, or smartphone. They contain information about your visit to the website, such as your language preference. Functional cookies ensure that the site works better for you. If you give permission, we also place analytical, performance, and advertising cookies to improve our website and show you relevant information. You can disable cookies yourself through your internet browser settings. You can also delete previously stored cookies there.

Your rights: how can you view, change or delete your data?

Under the General Data Protection Regulation (GDPR), you have several rights regarding your personal data. These rights ensure that you have control over your own data. You can find your rights on page 6 of the full privacy statement.

Do you want to exercise your rights?

You can send a request to info@c-support.nu of info@q-support.nuWe will respond to your request as quickly as possible, but certainly within four weeks. To ensure that such a request has been made by you, you must include a copy of your ID with the request. To protect your privacy, you must redact the MRZ (Machine Readable Zone, the strip with numbers at the bottom of the passport), passport number, and Citizen Service Number (BSN) in this copy. You can also use the app for this. Copy ID.

What can you do if you feel your privacy is not being properly protected?

We do our best to handle your personal data securely and carefully. However, you may still feel that your privacy is not sufficiently protected.

For example:

• Your information has been shared with others without permission;
• You have requested access or correction, but nothing has been done about it;
• You do not feel taken seriously with a privacy complaint.

We have a Data Protection Officer (DPO). This officer independently monitors the use of personal data. For questions or comments about your personal data in general, you can contact the DPO via: dataprotection@q-support.nu of dataprotection@c-support.nu.

You can also file a complaint with the Dutch Data Protection Authority (AP). This is the official supervisory authority in the Netherlands that monitors whether organizations comply with privacy law. The AP will assess whether your complaint is justified and may ask us for an explanation or to take action.

 

 

*In this updated version, we've outlined even more clearly what data we process about you, how we process it, and what your rights are. We've also clarified who within our organization has access to your file and the conditions under which this happens. We've made this change to provide additional transparency and give you better insight into how we protect your data.