1 Introduction

Liedekerke Wolters Waelbroeck Kirkpatrick BV/SRL (also referred to as “Liedekerke”, “us”, “we)  respects privacy and is therefore committed to protecting the (personal) data of all its clients. This privacy policy provides an overview of the importance Liedekerke attaches to the protection of privacy and personal data and aims to establish how the firm acts about it and the rights of its clients by explaining what personal data we collect, why and how we use it and who we share it with. It also explains the rights you have in connection with your personal data, including how to contact us or to make a complaint.

The present privacy policy takes place in the context of the European Regulation 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“General Data Protection Regulation” or "GDPR"), as well as the law of 30 July 2018 (M.B 05.09.2018) relating to the protection of natural persons with regard to the processing of personal data.

To the extent that you, as a client, provide us with the personal data of third parties, e.g. employees, self-employed co-workers or other contacts, please provide them with this privacy policy before sharing their personal data with us

2 Definitions

•           Controller: a natural or legal person who (either alone, jointly or together with other persons) determines the purpose(s) “for which” and the manner “in which” any personal data is or will be processed.

•           Data subject: a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

•           DPA: Data Protection Authority

•           DPIA: Data Protection Impact Assessment as defined in the GDPR.

•           DPO: Data Protection Officer as defined in the GDPR and local regulations and is officially registered with the Supervisory Authority (also known as Data Protection Authority, hereinafter: “DPA”).

•           PA: processing agreement as defined in the GDPR.

•           Personal data: any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as name, an identification number, location data, an online identifier or the one or more factors specific to the physical, psychological, genetic, mental, economic, cultural or social identity of that natural person.

•          Personal data breach: breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed.

•           Processing: any operation or a set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

•           Processor: a natural or legal person (other than a collaborator of the controller) who processes personal data on behalf of the controller. Liedekerke has a valid processor agreement for all relations with processors.

•           Special categories of data: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation (art. 9). Data relating to criminal convictions or offences is also sensitive (art. 10).

 

3 Who is responsible for the processing of your personal data?

The entity controlling the processing of your personal data is Liedekerke Wolters Waelbroeck Kirkpatrick BV/SRL. Liedekerke is a Belgian cooperative company with limited liability whose main registered office is located at 1000 Brussels, 3 boulevard de l’Empereur/Keizerslaan. Liedekerke is registered in the Business Register under number 0478.065.191.

For any questions relating to this policy or to exercise your rights regarding your personal data, you may contact us via mail on the above address or via the following email address: privacy@liedekerke.com.

4 Why do we process your personal data?

Liedekerke processes the personal data of its clients, the employees or other self-employed co-workers of its clients or contacts of its clients of which Liedekerke receives the personal data via its clients, for the following purposes:

-       To provide you with our legal services as requested by you, i.e. legal advice, proceedings, arbitration, transactional work, etc.; to exchange information with you and to answer your questions (via mail, e-mail, telephone, etc.) in relation to the provision of our legal services to you, i.e. to ask for, receive and discuss your instructions, to keep you informed about the status of your file, to take the necessary steps towards third parties, authorities and other.

-       To comply with our legal obligations, among others, our obligations under the Anti-Money Laundering legislation,

-       To keep you informed about the latest legal news and insights relevant to your business via our newsletters and invitations to our seminars, to keep our database up to date, to use the information provided by you to better understand you and to improve our mailings and service offering.

-       For invoicing, administrative and other purposes.

5 What is our legal basis for processing your personal data?

If you are a client, the processing by us of your personal data is necessary for the performance of the contract, regarding the provision of Liedekerke’s legal services to you, to which you and Liedekerke are parties.

Liedekerke also processes your personal data to comply with its legal obligations to which Liedekerke is subject, among others the legal obligations imposed by the Anti-Money Laundering legislation.

If you are an employee or self-employed co-worker of our client and our client has indicated you as its contact person, we process your personal data on the basis of our and our client’s legitimate interest to interact in relation to our legal services.

If you are a contact of our client and we have received your personal data from our client, e.g. because you are an expert, a supplier, an accountant or you work together with our client in one way or another, we also process your personal data on the basis of our and our client’s legitimate interest to better organize our legal services to our clients.

We believe that our or our client’s legitimate interest to process the personal data concerned is not overridden by your interests or fundamental rights and freedoms. If you disagree with our point of view and do not want your personal data to be processed for the above purposes, please contact us at privacy@liedekerke.com as you have the right to oppose to such processing free of charge (see below: What are your rights?).

As we have received your personal data to provide you with our legal services, we believe it is also in Liedekerke’s legitimate interest to process your personal data to send you our newsletters and invitations to our seminars. As such, we keep you informed about the latest legal developments as well as all relevant information about Liedekerke itself, e.g. its functioning, new joiners, areas of legal services provision, etc. You can object to the processing of your personal data for this purpose at anytime and free of charge by clicking on ‘unsubscribe’ at the bottom of each newsletter or invitation. In such a case, we will remove you from our mailing list.

6What type of personal data do we collect?

We process the following personal data:

1.         name, surname, job title, company name, company address, legal entity, email address, (mobile) phone and fax,

2.         nationality, ID-card, national number, VAT number, bank account details, business register number

3.         preferred language, specific areas of interests, memberships, industry sectors, etc.,

4.         matter or company related information: matter related information may include personal data of other natural persons. We do not process these personal data in a separate database. These personal data are part of the files processed in Liedekerke’s document management system. Given our professional secrecy obligation as lawyers, Liedekerke is exempted from informing the persons concerned about this processing.

The provision of some of your personal data may be a legal requirement and/or a requirement necessary to enter into a contract with Liedekerke. Not providing them may result in not entering into the contract with Liedekerke, or not enabling Liedekerke to provide its legal services.

This data can be collected as follows:

-       directly from you, such as the information you provided to us when you opted-in for our mailings or asked for our legal advice.

-       from other sources, such as your VAT number.

 

7 Purposes of the processing of personal data

Liedekerke processes personal data only when necessary for the fulfilment of clearly established purposes. 

Personal data shall not be processed by or on behalf of Liedekerke in a way that is incompatible with these purposes.

The main purposes of the processing of personal data of Liedekerke’s clients are:

  •       To ensure performance of our contract with you,

  •        To fulfill some legal obligations such as tax or accounting,

  •        To offer you a tailored advice,

  •        To ensure the daily management of Liedekerke,

  •        To extend you invitations to client events and opportunities.

  •        To carry on marketing activities such as offering you the possibility to subscribe to a newsletter.

8 Who do we share your personal data with?

As a general rule, we do not share your personal data with third parties.

In certain cases, we may do so:

1.       when required by law or by court order,

2.       when in relation to the services we provide, we may have to share your personal data with official authorities, experts, bailiffs, notaries, etc. in Belgium or abroad, if instructed as such  by the client,

3.       when the legal services you ask us to provide are related to any country on the African continent, the Democratic Republic of the Congo (‘DRC’) or the Republic of Rwanda in particular, to our colleagues from our Liedekerke Africa offices established in the DRC or the Republic of Rwanda, if instructed as such by the client,

4.       when useful or necessary for the purpose, to processors that process on our behalf, i.e. to perform certain (processing) activities, e.g. organizing mailing campaigns or events or to IT, hosting and communications service providers.

In such a case we conclude a processing agreement with these parties that have access to your personal data for the performance of their services,

5.       for the purpose of our internal organization, to be able to work with other partners, associates and Liedekerke personnel to provide you with the legal services you ask us to provide.

9 How do we transfer your personal data internationally?

Your personal data may be accessible to our colleagues from Liedekerke's representation desk in the United Kingdom given the fact that our UK colleagues are part of the same IT

infrastructure. They also engage in firm wide marketing initiatives. If at any moment the UK would be considered to no longer ensure an adequate level of protection of personal data, we will provide appropriate safeguards to ensure an adequate level of data protection.

In case the legal services you require from us concern any country on the African continent, the DRC or the Republic of Rwanda in particular, we share your personal data with our colleagues from our Liedekerke Africa offices established in the DRC or the Republic of Rwanda.

As the DRC and the Republic of Rwanda are countries not recognized by the European Commission as ensuring an adequate level of protection of personal data, Liedekerke has implemented appropriate safeguards for the protection of your rights and interests in these countries, by entering into the European Commission’s Model Contract (decision 2004/915/EC), a copy of which can be requested by sending an e-mail to privacy@liedekerke.com.

10 How long do we keep your personal data?

We take the adequate measures to ensure that your personal data are not stored for longer than necessary to realize the above-mentioned purposes or as necessary in the context of a contract or legal obligation.

However, please take into consideration that this period can be longer than the term during which you as a client are in a contractual relationship with fLiedekerke or is associated with the organizatio. For instance, we may retain your personal data to protect ourselves in legal proceedings

(i)     Processing of personal data for the purpose of providing you with our legal services

We process your personal data for as long as necessary for the provision by Liedekerke of the legal services requested by you.

After our contractual relationship is terminated, we will process these personal data for as long as is necessary for tax, accounting or other legal requirements.

(ii)   Processing of your personal data for the purpose of direct marketing

We will process your personal data to keep you informed about any legal news or insights relevant to your business via Liedekerke newsletters or event invitations until you object to the processing of your personal data for this purpose. In such a case, we will immediately remove your personal data from our mailing lists. This removal will not impact Liedekerke’s processing of your personal data for the purpose of providing you legal services.

11 Security and confidentiality

Personal data shall be processed by Liedekerke in such a way as to ensure adequate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, by means of appropriate technical or organizational measures. Employees are required to use personal data securely.

12 What are your rights?

You have a number of rights in relation to the personal data we process on you, including:

The data subject rights explained:

 

a)      Right to information

Data subject always has the opportunity to request his/her personal data (including processing purposes, categories of personal data, estimated retention period) and to be informed about what happens with the data collected from data subject.

b)      Right to access

Data subject has the right to ascertain what type of personal data we hold about you, how we process your personal data, and to a copy of your personal data.

c)      Right to rectification, erasure, restriction and objection

Data subject is entitled to have incorrect personal data corrected or completed.

Under certain circumstances, the data subject has the right to have his/her personal data removed from any files.

Moreover, the data subject has the right to object to or ask for the restriction of the processing of your personal data. However, that in certain cases the processing of the personal data is necessary to comply with legal obligations or to be able to execute contractual obligations. In that case, compliance with those obligations will prevail over the data subject’s right to object or restriction or erasure. Therefore, Liedekerke will evaluate case by case whether or not the request can be complied with.

d)      Right to data portability

Data subject has the right to receive his/her personal data, processed by Liedekerke in a structured, commonly used and machine-readable format and/or to transmit those data to another controller where it is technically feasible.

e)      Right not to be subjected to automated individual decision-making including profiling

Data subject has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects on the data subject or similarly significantly affects the data subject.

To exercise your rights regarding your personal data, you may contact us via the following email address: privacy@liedekerke.com.

We may request that you provide proof of your identity for security reasons and in order to prevent the unauthorised disclosure or misuse of personal data.

Within maximum one month after receipt of the request, Liedekerke will process the respective requests. If Liedekerke has legitimate reasons not to grant the request, it will contact the person in question and motivate its decision.

In case of direct marketing, we will remove your personal data upon your request and free of charge.

 

 

13 Questions and complaints

If you have any questions, remarks or complaints in relation to this policy or how Liedekerke processes your personal data, do not hesitate to send an email to privacy@liedekerke.com.

If, at any time, the data subject is of the opinion that Liedekerke infringes his/her privacy, the data subject has the right to lodge a complaint with:

The Belgian Supervisory Authority: Autorité de protection des données personnelles, Rue de la Presse 35, 1000 Bruxelles, Tel +32 (0)2 274 48 00, Mail contact@apd-gba.be

14 Amendments

Liedekerke reserves the right to amend this policy in order to comply with applicable privacy laws. We may revise this policy at any time by amending this policy. At all times you can find the current version of our privacy policy on our website.

Liedekerke reserves the right to amend this policy in order to comply with applicable privacy laws. We may revise this policy at any time by amending this policy. At all times you can find the current version of our privacy policy on our website.

Subscribe to our newsletter