Privacy statement

This page tells you about what TNO does with personal data, how TNO protects personal data and how you can exercise the rights you have under privacy legislation.

What are personal data?

Personal data means any information that is traceable to you as a person. Your name, your home address or email address are examples of personal data. On the website of the Dutch Data Protection Authority (the Dutch DPA)  you will find more information about personal data and privacy legislation.

Why does TNO use your personal data?

Whenever you wish to receive information from TNO, we need your details so that we can send the information. TNO also saves the data you provide when you request, for example, a folder or an annual report. In addition, TNO processes your personal data so that it can send the online newsletter and digital press releases. In such cases, TNO uses your personal data based on your consent.

Your personal data may also be used when you participate in research conducted by TNO. TNO carries out research within the scope of the TNO Act. TNO is allowed to use personal data when conducting research. When special personal data such as health data are required for this purpose, TNO always explicitly asks for your consent.

TNO also registers your personal data when you visit one of TNO's locations. You must always identify yourself with a valid ID. For some TNO locations, strict safety regulations apply because these locations hold classified information. When visiting these locations, the data on your ID is registered by TNO. Your personal data will also be stored for a longer period of time.  

How long does TNO keep your personal data?

TNO does not keep your personal data any longer than is necessary for the purpose for which it is being held. If you have signed up to receive information from TNO and you later sign off, TNO deletes your personal data.

When TNO completes a study that involves use of your data because you were a participant, your data are deleted once they are no longer needed for archiving purposes. By this we mean that for an extended period it needs to be possible to substantiate the results of the study by referring to the underlying data. In this situation, TNO will protect the personal data by giving them a pseudonym or rendering them anonymous, if possible. Data that have been given a pseudonym can no longer be traced directly to you as a participant. Data that have been rendered anonymous can never be traced to you.

How does TNO secure your personal data?

TNO attaches great importance to ensuring that personal data provided by you are handled and kept secure with the greatest possible care. In order to optimally protect your personal data against loss, theft, unauthorised access or misuse, TNO takes the correct technical and organisational measures to keep your personal data secure, which includes the use of the latest security technology. In terms of organisation, TNO has arranged for research data to be accessible exclusively by employees involved in the research in question.

Does TNO give personal data to other organisations?

TNO adheres to the principle that it does not share your personal data with others. The data will not be sold. However, there are exceptions whereby TNO is required to give personal data to others. These are always exceptional circumstances, such as legal proceedings or crime prevention.

What are your privacy rights?

Under the prevailing privacy legislation you have various rights you can exercise to keep control of the personal data an organisation collects about you and uses. For example, you are entitled to access the personal data that TNO has about you. This right of access is intended to enable you to check whether the data are correct and to make any rectifications as necessary. You can also check whether TNO has used the data lawfully. As well as the right of access, you have the right to object against the use of your data by TNO

If you wish to exercise your privacy rights, you can send an email to You can also send a letter to:

attn. Corporate Legal department
Postbus 96800
2509 JE Den Haag
The Netherlands

To ensure that your request is processed, you must include the following information in your email or letter:

  • your name and address;
  • the date and your signature;
  • a description of your request in which you state your relationship to TNO.

If there is any doubt as to your identity, TNO can request that you send additional information.

Your request will always be processed but this does not necessarily mean that your request can be granted. This is because the prevailing privacy legislation recognises exceptional situations in which your privacy rights are not valid. This may be the case, for example, where personal data are used to conduct research.

You will receive a reply to your request within a month. If your request cannot be processed within a month, you will be notified accordingly. TNO is required to process your request within three months at the latest.

TNO's response addressing the matter of your request is a decision governed by the General Administration Act. If you disagree with the decision because TNO has denied your request partially or in full, you can lodge an objection and subsequently apply to the administrative law courts.

Incidents (data breach)

In spite of our precautionary measures designed to give personal data the best possible protection, it remains possible that an incident may occur in which personal data are involved. An incident of this type is called a data breach. If you believe that a data breach is occurring at TNO, always get in touch with the Data Protection Officer at TNO. The best way to do this is by email via You can also get in touch by telephone via the general number 088-866 0000. You will be put through to the Data Protection Officer.

The following information should be supplied when reporting a data breach:

  • your name and contact details;
  • the nature of the incident;
  • which personal data are involved;
  • which systems are involved in the incident; and
  • when and how you discovered the incident.


TNO's websites use cookies. A cookie is a file that is sent to your computer (or other type of device) and records information about your visit to or TNOTIME. TNO's websites use cookies to help them work properly, for example by remembering your preferences or remembering that you have already filled in a survey. In addition TNO uses cookies to collect statistics about the use of its websites, such as visitor numbers, popular pages and searches. TNO uses this information to improve its websites. To do this, TNO uses Google Analytics. TNO has set the settings of Google Analytics on its websites to be privacy friendly, in accordance with the Manual for Setting Google Analytics to be Privacy Friendly (Handleiding privacyvriendelijk instellen van Google Analytics) published by the Dutch Data Protection Authority. Accordingly, TNO has:

  • concluded a data processing agreement with Google;
  • masked the last eight characters of the IP address;
  • switched off 'share data';
  • ensured that no use is made of other Google services in combination with Google Analytics' own cookies.

Questions and complaints

If you have any questions about this privacy statement, exercising your rights or TNO's activities in the field of personal data, you can get in touch online with the Data Protection Officer at TNO via You can also send a letter to:

attn. Data Protection Officer
Postbus 96800
2509 JE Den Haag

If you have a complaint about how TNO handles personal data, we would like to hear from you. You can also report your complaint to the Data Protection Officer at TNO. In addition, you are always entitled to submit a complaint to the Dutch Data Protection Authority.


This privacy statement may be changed at any time by TNO without prior announcement. Changes come into effect as soon as they are published on this website.



Stay up to date with our latest news, activities and vacancies

We use anonymous cookies to enhance the use of our site. Our privacy statement has been updated to reflect the new EU privacy policy.