ROA Privacy Statement

Research Centre for Education and the Labour Market

The Research Centre for Education and the Labour Market (ROA) is part of the Maastricht University (UM) School of Business and Economics.

Privacy policy

ROA places great importance on having a sound privacy policy and takes its responsibilities relating to the processing of personal data seriously. ROA processes such data in accordance with the General Data Protection Regulation (GDPR) and the ensuing privacy rules. Because ROA is legally part of UM, the privacy guidelines of the university as a whole, as set out in documents such as the Research Data Management Code of Conduct and the Policy on the Processing of Personal Data, also apply to ROA. In addition, new employees appointed at ROA sign a confidentiality agreement and an academic integrity statement.

Purpose and legal basis

ROA processes personal data only for purposes that are in line with the ROA mission (see Personal data are only used in predefined studies and always in accordance with one of the legal bases identified in the GDPR, specifically consent, legitimate interests or contractual performance.


Research performed at ROA draws on data from different sources.

External data sources: Many datasets used at ROA have been made available by third parties. The data in question have usually already been anonymised before being sent to ROA; if not, a user agreement is drawn up with the data provider. ROA complies at all times with any requirements set by the provider with respect to the purpose for which the data are used, access rights and data security.

Internal data sources: ROA also collects its own data by means of large-scale surveys. These data are collected either by ROA staff or by third parties on ROA’s behalf.

If ROA itself collects the data, the personal data are always stored separately from the research/survey data. Research files do not contain data (such as names and email or postal addresses) which can be traced directly to individual people. These personal data are stored separately from the research files, are accessible only by ROA data analysts and are only stored for as long as is strictly necessary for the project.

When data collection is outsourced, it is always to specialised, certified agencies. For each project, ROA enters into a data-processing contract with these external agencies. Some studies make use of address files supplied by third parties, in which case ROA enters into a separate data-processing contract with the provider of the data.

Data delivery to third parties

Data files cannot be traced to individual people or companies and are only made available to third parties in anonymised form for the purposes of academic research. If the personal data have been pseudonymised, ROA enters into a data-processing contract with the receiving party.


For questions or more information about ROA’s privacy policy, please send an email to stating ‘name of the study by ROA (SBE)’ or a URL ‘with the name ROA (SBE)’.