Privacy policy

The European General Data Protection Regulation (AVG) – Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC – stipulates that public organizations must appoint a data protection officer.

The case manager was appointed as data protection officer as referred to in the Article 37 of the European Data Protection Regulation 2016/679.

Your privacy is very important to us. We want to process your personal data in a legal, correct and transparent manner. In this privacy statement, we explain what personal data we collect and process from you as a natural person. From now on, we always refer to data about you as a citizen, or as another data subject, such as beneficiary, contact person in a company, etc. In whatever capacity, your rights remain the same and we handle your data with equal care.

We are the data controller of personal data. You must be able to trust us to handle personal data carefully and securely. To ensure this, we have an approved information security policy. This policy is in line with relevant legislation.

‘t Meesterhof is committed to providing efficient and quality services. We are committed to keeping your personal information secure at all times.

We are careful to process your data only if we have a valid legal basis for doing so. In the main, we process personal data only within the scope of a legal task or in the public interest. In a limited number of cases, we do so on the basis of a contractual obligation or to protect the vital interests of a natural person. In all other cases, we will ask for your consent to process your data. This includes:

• The use of cookies on the website
• Processing of visual material: photos and videos
• Use of contact data for newsletters to which you subscribe

We collect personal data in one of the following ways:

• We request your personal data directly from you
• The information users provide during a purchase on the website: name, address, email address and phone number and IP address
• The information users provide while filling out a contact form: name, email address, phone number and IP address

The processing of personal data is done by employees of ‘t Meesterhof. All employees are covered by legal professional secrecy and sign a confidentiality agreement. We make every effort to continuously educate our employees on the importance of privacy and data protection.

The employees use automated systems purchased from third parties. In addition to IT suppliers, we also have contracts in function of personnel management, legal assistance, … These suppliers are processors who handle personal data on our behalf. In order to guarantee privacy, a processing agreement has been concluded with these suppliers. These suppliers are bound by the same legal grounds and security measures as those applicable to us.

We may also disclose your personal data: (i) if we are required to do so by law or other legal process; (ii) to law enforcement or other government authorities in accordance with their legal powers; (iii) when we believe that disclosure is necessary or appropriate to prevent physical harm; or (iv) in connection with an investigation of suspected or actual fraudulent or illegal activity.

We will store and process your data primarily within the European Union. We will also only use IT systems operating within the European Union.

If there is no equivalent alternative within the zone, the Board may use applications that process data in countries outside the European Union, to the extent that these applications provide sufficient guarantees of compliance with the European Regulation, preferably because they are located in so-called safe countries.

We retain personal data and base this on the statutory retention periods.

Personal data is not kept for longer than necessary. After the expiration of these periods, personal data are destroyed according to the procedure described in the information security policy.

We implement appropriate administrative, technical and physical security measures to protect personal data against accidental or unlawful deletion, accidental loss, unauthorized modification, unauthorized disclosure or access, misuse and any other unlawful form of processing of the personal data in our possession. The level of security is determined by a data protection impact assessment.