Specification of Processing Personal Data by hihaho 

Information on the specific categories of Personal Data processed by hihaho as Processor, and a specification of data processing operations by hihaho in the context of services to the Controller are listed in the ‘Synopsis Data Processing’ – version 2023/03.

In general, hihaho privacy policy has been formulated in the document of the same name that can be found on the hihaho website (

From launch (2014), hihaho complies by design and by default to the applicable European laws and regulations in the field of privacy and data protection.

Hihaho privacy policy was screened and adjusted in view of the EU General Data Protection Regulation (GDPR) which is in force from May 25th, 2018. Additional screening was performed during the preparations for ISO27001 certification, November 2022, and subsequently effectuated on a regular basis in hihaho’s Information Security Management System (ISMS).

NRTO Quality Mark 

Actual compliance with the GDPR was checked and confirmed during the audit (Fall 2018) to obtain the NRTO Quality Mark, which was awarded January 2019 and the last time extended following a repeat audit April 2023.

The NRTO (Dutch Council for Training and Education), counts as the authoritative branch organization within the domain of education, and as such serves on behalf of its members as a main discussion partner with the Dutch Government.

Last adjustment: August 18, 2023.

Kloekhorststraat 29
9401 BB Assen, The Netherlands

Secondary office
Galileïlaan 31
6716 BP Ede, The Netherlands

t. +31(0)592 377 285