Privacy statement

By visiting the website www.dlpa.be and possibly filling in your contact details, you consent to and accept the contents of this privacy statement.

1. INTRODUCTION

CVBA DLPA Advocaten, with its registered office at 8500 Kortrijk, Cotton Park, Spinnerijstraat 99/22, and company registration number BE 0439.620.727, attaches great importance to collecting and processing your personal data in a way that is secure, transparent and confidential. In particular, we aim to protect the data of parties including our customers, subcontractors and suppliers against loss, leaks, errors, unauthorised access or unlawful processing etc.

We would like to inform you about how your personal data is collected and processed by means of this privacy statement.

We ask that you read this privacy statement carefully, since it contains essential information about how and for what purposes your personal data is processed.

By transmitting your personal data, you declare explicitly that you are aware of this privacy statement and that you also explicitly consent to it and to the data processing itself.

2. SCOPE

This privacy statement applies to all the services we provide and, in general, to all the activities we undertake.

3. THE CONTROLLER AND ITS OBLIGATIONS

CVBA DLPA Advocaten, with its registered office at 8500 Kortrijk, Cotton Park, Spinnerijstraat 99/22, and company registration number BE 0439.620.727, is the controller responsible for processing your personal data.

When collecting and processing your personal data, we respect the Belgian regulations with respect to the protection of personal data as well as the General Data Protection Regulation (“GDPR”), from the data on which it came into effect, on 25 May 2018.

4. PERSONAL DATA

CVBA DLPA Advocaten processes your personal data because you use our services and/or because you send or have sent this data to us yourself.

Below is a list of the personal data we process (or might process):

• first name and surname;
• gender;
• date of birth;
• place of birth;
• address details;
• telephone number;
• e-mail address;
• IP address;
• other personal data that you actively provide, for example by filling in a contact form on this website, in correspondence and on the telephone;
• location data;
• data about your activity on our website;
• data about your browsing behaviour on various websites (for example because this company belongs to an advertising network);
• bank account number.

CVBA DLPA Advocaten processes (or might process) the following special and/or sensitive personal data belonging to you:

• criminal record, acts or convictions;
• data relating to persons under 16 years of age;
• personal data revealing racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, and the processing of genetic data, biometric data intended for the unique identification of a person or data concerning health, or data concerning someone’s sexual behaviour or sexual orientation.

Our website does not have the intention to collect data about website visitors under the age of 16, unless we have permission from their parents or guardian or we are obliged to do so in fulfilling our legal obligations.

However, we cannot check whether a visitor is under the age of 16. We therefore advise parents to be involved in their children’s online activities in order to prevent the collection of data about children without parental permission.

If you believe that we have collected personal data about a minor without such permission, please contact us at advocaat@dlpa.be.

5. PURPOSES OF THE PROCESSING AND LEGAL BASIS

5.1 Client data

In the context of providing our services and our activities, we collect and process the identity and contact data of our clients, their employees, staff, appointees and other useful contact persons. The goals of this processing are the implementation of the contracts we have with our clients, client management, bookkeeping and direct marketing activities such as sending promotional or commercial information and our newsletters. The legal basis is the implementation of the contract, the fulfilment of legal, regulatory and/or ethical obligations and/or our legitimate interest.

5.2 Supplier and subcontractor data

We collect and process the identity and contact data of our suppliers, their employees, staff, appointees and other useful contact persons. The goals of this processing are the fulfilment of this contract, supplier management, bookkeeping and direct marketing activities such as sending promotional or commercial information. The legal basis is the implementation of the contract, the fulfilment of legal, regulatory and/or ethical obligations and/or our legitimate interest.

5.3 Employee data

We process our employees’ personal data as well as that of potential employees / candidates in the context of staff management and payroll administration. Given its specific nature, this processing is regulated more extensively in a Data Protection Policy for employees.

5.4 Other data

Besides the data of clients, suppliers and employees, we also process the personal data of other parties, such as potential new clients, useful contacts within our sector, networking contacts, expert contacts, bailiffs, solicitors etc. The goals of such processing are in the interests of our activities, direct marketing and public relations. The legal basis is our legitimate interest or, in some cases, the implementation of a contract.

5.5 Special and/or sensitive personal data

Special and/or sensitive personal data is only processed by us for the implementation of a contract or to fulfil a legal, regulatory and/or ethical obligation.

6. DURATION OF PROCESSING

The personal data is stored and processed by us for a period that is necessary, depending on the purposes of this processing and depending on the relationship (contractual or otherwise) that we have with you.

Client data and supplier data will be removed from our system after a period of seven years after the definitive termination of the contract or project, except for the personal data that we are obliged to keep for longer on the basis of specific legislation or in the event of an ongoing dispute for which personal data is still necessary.

7. RIGHTS

In accordance with and under the conditions of the Belgian privacy legislation and the conditions of the General Data Protection Regulation, we inform you that you have the following rights:

Right to access: you have the right to find out free of charge what data we have about you and to check what it is used for.

Right to rectification: you have the right to obtain rectification (correction) of inaccurate personal data concerning you, and the right to have incomplete personal data completed.

Right to erasure or restriction of processing: you have the right to request that we erase your personal data or to limit its processing in the circumstances and under the conditions determined by the General Data Protection Regulation. We can refuse to erase or restrict the processing of any personal data that we require to fulfil a legal obligation, implement a contract or that is in our legitimate interest, for as long as this data is necessary for the purposes for which it was collected.

Right to data portability: you have the right to receive the personal data with which you provided us in a structured, commonly used and machine-readable format. You have the right to transmit this data to another controller for processing.

Right to object: you have the right to object to the processing of your personal data on compelling, legitimate grounds. However please note that you cannot object to the processing of personal data that we require to fulfil a legal obligation, implement a contract or exercise our legitimate interest, for as long as this data is necessary for the purposes for which it was collected.

Right to withdraw consent: if the processing of personal data is based on prior consent, you have the right to withdraw this consent. This personal data will then only be processed if we have another legal basis for doing so.

Automated decision-making, including profiling: we confirm that the processing of personal data does not include any profiling and that you are not subjected to solely automated decision-making.

You can exercise the aforementioned rights by contacting our company, specifically our contact person: Emily Van Damme LL.M., to be contacted at emily.vandamme@dlpa.be.

We make every effort to treat your personal data with care and in a legitimate manner, in accordance with the regulations in force. If you nonetheless believe that your rights have been violated and that your concerns are not addressed by our company, you are free to file a complaint with the Data Protection Authority:

Data Protection Authority

Drukpersstraat 35, 1000 Brussels

+32 (0)2 274 48 00

+32 (0)2 274 48 35

contact(at)apd-gba.be

8. DISCLOSURE TO THIRD PARTIES

Certain personal data that we collect will be passed on to and possibly processed by third-party service providers, including but not limited to our IT supplier, social security offices and government departments (e.g. judicial authorities etc.).

It is possible that one or more of the aforementioned third parties are located outside the European Economic Area (“EER”). However, personal data will only be transmitted to third countries with a suitable level of protection.

The employees, managers and/or representatives of the aforementioned service providers or institutions and the specialised service providers they appoint must respect the confidential nature of your personal data and may only use this data in the context in which it was transmitted.

If necessary, your personal data can be passed on to other third parties. This may be the case, for example, if we were to be entirely or partly reorganised, our activities were to be transferred or if we were to be declared bankrupt. It is also possible that personal data has to be passed on as a result of a court order or in order to comply with a specific legal obligation. In that case, we will make reasonable efforts to inform you in advance of this transmission to other third parties. However, you will acknowledge and understand that this is not always technically or commercially feasible in certain circumstances, and that possible legal restrictions may apply.

Under no circumstances will we sell your personal data or make it available commercially to direct marketing companies or similar service providers, unless we have your prior permission.

9. TECHNICAL AND ORGANISATIONAL MEASURES

We take the necessary technical and organisational measures to process your personal data with an adequate level of security and to protect it against destruction loss, falsification, alteration, unauthorised access or erroneous transmission to third parties, as well as all other unauthorised processing of this data.

Under no circumstances can CVBA DLPA Advocaten be held liable for any direct or indirect damage resulting from wrongful or illegitimate use of the personal data by a third party.

10. ACCESS BY THIRD PARTIES

In order to process your personal data, we grant our employees, staff and appointees access to your personal data. We guarantee that we will enforce a similar level of protection on these employees, staff and appointees, of a similar nature to those in this privacy statement, by means of contractual obligations.

11. ANY FURTHER QUESTIONS?

If you have any further questions or comments with regard to the collection and processing of your personal data after reading this privacy statement, please get in touch with our contact person: Emily Van Damme LL.M., to be contacted at emily.vandamme@dlpa.be.