Black list
A black list is a register of persons with whom an organisation does not want or no longer wants to do business. Such as shoplifters, employees who commit fraud, or guests who cause nuisance. A black list often contains criminal data. A black list is also called a warning system or monitoring system.
On this page
Organisation may choose to:
- use the black list internally only;
- share the black list with other organisations;
- share the black list with other sectors.
The following rule of thumb applies for all these cases: the larger the scope of the black list, the stricter the conditions.
Examples of a black list
A supermarket may compile a black list of customers and refuse these persons entry. In this case, the supermarket only uses the black list itself, and nobody outside this supermarket has access to the list.
The supermarket may also share the black list with other supermarkets, to ensure that they are also warned about shoplifters. In that case, all supermarkets affiliated with the black list have access to that black list.
Other examples of shared black lists are:
- a black list of guests who cause nuisance (hospitality industry);
- a black list of customers and employees who commit fraud (financial institutions).
Shopkeepers' associations, catering establishments and car hire companies, for example, also use black lists.
Quick answers
Can I access my data at an organisation, or have them rectified or removed?
Yes, you can. If an organisation uses your personal data, you have a number of rights. This will ensure that you keep a grip on your personal data. These are the most important privacy rights:
- You have a right of access to your personal data.
- Does it turn out that data of you are incorrect? Or that certain data are missing? Then you can ask for rectification of your data (adjustment or addition).
- In some cases, you can also ask for removal of data.
Do you want to know what other rights you have? Check out Privacy rights under the GDPR.
What can I do if I have a question or complaint about the use of my personal data?
Always submit your questions or complaints to the organisation that uses your personal data first. Do you have a complaint and are you and the organisation unable to work it out together? Then you can lodge a complaint with the Dutch Data Protection Authority (DPA).