Privacy Policy
Version of 1st November 2021
Article 1: What does this Privacy Policy cover?
This privacy policy describes how our law firm as identified below (hereinafter referred to as ‘we‘ or ‘our Law Firm’) collects and/or processes your personal data in the course of its mission (hereinafter, the ‘Privacy Policy’).
In the course of its activities practicing the legal profession, the members of the Law Firm and the Law Firm process personal data as defined in Article 4 of Regulation (EU) No. 2016/679, the General Data Protection Regulation (hereinafter, “GDPR”).
Unless explicitly provided oterwise in this Privacy Policy, the Law Firm is considered the data controller within the meaning of the GDPR.
The Law Firm is the SRL moov.law (formerly e2.law), headquartered at 1000 Brussels, Galerie du Roi 27 (VAT: 0704.710.542) (the ” Law Firm“). For additional questions, please contact us at contact@moov.law.
This privacy policy is an information document regarding the protection of personal data, describing how we process your data and the rights you can exercise concerning personal data related to you as a data subject.
It may be modified at any time, especially to comply with any regulatory, jurisprudential, or technological developments. We encourage you to consult it regularly. You can respond to any of the practices described below by contacting us.
For guardianship missions carried out by members of our Law Firm, we refer you to our Privacy Policy for guardianship missions listed on our website: www.moov.law .
Article 2: Why does the Law Firm process personal data, and what is the legal basis for our processing activities?
Throughout the fulfilment of its missions, the Law Firm is required to process the following categories of personal data for the following purposes and legal bases:
| Processing | Purpose of use | Legal basis for processing |
| Management of the defence of our clients’ interests and their requests | We process data in the context of requests (audits, consultation notes, opinions, review of contracts, nogotations) and the defence of the interests of our clients, whether legal entities or individuals. | This processing is necessary: – for the fulfillment of our legal obligations in accordance with the Judicial Code, especially for procedural acts (Article 6.1.c. of the GDPR). – for the performance of the contract that binds us to our clients (Article 6.1.b. of the GDPR). We may also process sensitive data (special categories of personal data) whenever necessary for the establishment, exercise, or defense of legal claims in accordance with the provisions of Article 9(2), f. of the GDPR. |
| Administrative management of our clients’ files | We process personal data in the context of fulfilling the contractual or pre-contractual obligations of the Law Firm towards our clients, whether legal entities or individuals. | This processing is necessary. for the fulfilment of our legal obligations, particularly under the law of September 18, 2017, concerning the prevention of money laundering and the financing of terrorism, and the limitation of the use of cash, as well as the Code of Ethics for lawyers, especially in the fight against money laundering and terrorism (Article 6.1.c. of the GDPR).for the performance of the contract that binds us to our clients (Article 6.1.b. of the GDPR). |
| Management of judicial mandates: | We process data in the context of the judgment appointing us as a legal representative and the legal obligations arising from it. | This processing is necessary for the fulfillment of our legal obligations. We may also process sensitive data (special categories of personal data) whenever necessary for the establishment, exercise, or defense of a legal right, in accordance with the provisions of Article 9(2), f. of the GDPR. Regarding missions as a curator, we refer you to our privacy policy related to curator missions on our website: www.moov.law. |
| Management on behalf of a co-ownership association (A.C.P.) within the framework of a building manager mandate | We process personal data to manage contacts in the context of the building manager’s mission as a subcontractor of the A.C.P., either based on the agreement that binds us to it or based on the Civil Code in its articles 3.83 and following (formerly 577-2 and following). | This processing is necessary: for the fulfillment of our legal obligations, especially under articles 3.83 and following of the Civil Code.for the performance of the contract that binds us to our client (Article 6.1.b. of the GDPR). |
| Management of mediations | We process personal data to ensure the smooth mediation process, including note-taking, report generation, and communication with the parties. | This processing is necessary: for the fulfillment of our legal obligations.for the performance of the contract that binds us to the parties (Article 6.1.b. of the GDPR). We may also be required to process sensitive data (special categories of personal data) whenever necessary for the establishment, exercise, or defense of a legal right, in accordance with the provisions of Article 9(2), f. of the GDPR. |
| Accounting management | We process personal data to establish our billing. | This processing is necessary for the fulfilment of our legal obligations defined by the Economic Law Code and the VAT Code in tax and accounting matters (Article 6.1.c. of the GDPR). |
| Management of pre-contractual relations | e process personal data to respond to requests and/or questions that clients address to us (especially via the contact form on our website), or job offers and resumes or to participate to public tenders. | This processing is necessary for the implementation of pre-contractual measures (Article 6.1.b. of the GDPR) to enable or facilitate a future contractual relationship. |
| Management of our suppliers | We process personal data in the context of our contractual obligations towards the customer | This processing is necessary: for the fulfilment of our legal obligations under the Economic Law Code in tax and accounting matters (Article 6.1.c. of the GDPR).for the performance of the contract that binds us to our client (Article 6.1.b. of the GDPR). |
| Communication management | We process data to communicate information about our activities. Our legitimate interest is to offer and promote our services and/or share informational messages with our customers that align with what they can reasonably expect from us in the context of our existing or future relationship. | This processing is necessary to pursue our legitimate interest, provided that we have balanced this interest with the fundamental interests or freedoms and rights of the client (Article 6.1.f. of the GDPR). Clients can object to this processing at any time by contacting us. To date, we do not have a mailing list or newsletter in place. |
| Management of potential litigation | We may use personal data to defend our interests in court in the event of potential litigation. | This processing is necessary to pursue our legitimate interest, provided that we have balanced this interest with the fundamental interests or freedoms and rights of the client (Article 6.1.f. of the GDPR). We may also be required to process sensitive data (special categories of personal data) whenever necessary for the establishment, exercise, or defence of our rights in court in accordance with the provisions of Article 9(2), f. of the GDPR. |
| Meeting our legal and deontological obligations – primarily in the prevention/fight against money laundering and the financing of terrorism | We are obligated to comply with our legal and ethical obligations, including those specified in (i) the Regulation of the National Bank of Belgium of November 21, 2017, concerning the prevention of money laundering and the financing of terrorism, (ii) the Law of September 18, 2017, concerning the prevention of money laundering and the financing of terrorism, and the limitation of the use of cash (Anti-Money Laundering Law), (iii) our code of ethics, and (iv) any other provisions to which we are subject. | This processing is necessary to comply with our legal and ethical obligations. This may include: (i) verifying the identity of the client, notably through appropriate identification documents as requested in our engagement letters. (ii) transmitting data to government or regulatory authorities to prevent violations of anti-money laundering laws. (iii) transmitting data upon requests from regulatory and law enforcement authorities as part of their anti-money laundering investigations. |
Article 3: What personal data is processed by the Law Firm and where does it come from?
We only collect personal data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed. Depending on the purpose, data is collected differently.
Below is a list of the personal data that we collect about our customers, the reasons why we collect it and how we collect it.
| Processing | Data collected and processed | Collection methods |
| Managing the defence of customers’ interests and requests | Personal identification data (surname, first name, address, telephone number, company number) Electronic identification data (e-mail address) Family details (first and last names of children, parentage, marital status, etc.) Personal characteristics (age, gender, date of birth, nationality, country of origin, mother tongue, language(s) spoken, etc.) Professional characteristics (profession, diploma, career, etc.) Financial details (account number, statement of tax assessment and household composition or any documents attesting to the financial situation) For files relating to criminal matters: data in special categories such as data relating to health, criminal convictions or offences, racial or ethnic origin, political opinions, religious beliefs, trade union membership or sexual orientation. In general, any data required to establish, exercise or defend the legal interests of our customers. | Or directly to the customer. Or with a third party such as : Legal aid officeInsurance companyOpposing partyTechnical adviceJudicial or administrative authorityPublic authority (police, etc.) Either because the customer or a public authority has made them publicly available |
| Administrative management of customer files | Personal identification data (surname, first name, address, telephone number, company number, identity card) Electronic identification data (e-mail address) Photograph (identity card) | Or directly to the customer. Or with a third party such as : Legal aid officeInsurance companyOpposing partyTechnical adviceJudicial or administrative authorityPublic authority (police, etc.) Or because the customer or a public authority has made them publicly available. |
| Management of court orders | Personal identification data (surname, first name, address, telephone number, company number) Electronic identification data (e-mail address) Family details (first and last names of children, parentage, marital status, etc.) Personal characteristics (age, gender, date of birth, nationality, country of origin, mother tongue, language(s) spoken, etc.) Professional characteristics (profession, diploma, career, etc.) Financial details (account number, statement of tax assessment and household composition or any documents attesting to the financial situation) Special categories of data such as data relating to health, criminal convictions or offences, racial or ethnic origin, political opinions, religious beliefs, trade union membership or sexual orientation. In general, any data required to establish, exercise or defend the legal interests of our customers. | Or directly to the customer. Or with a third party such as : Competent judicial or administrative authorityPublic authority (police, etc.)Technical advice Either because the customer or a public authority has made them publicly available For more details on the processing of personal data in the context of our curatorial activities, we refer you to our privacy policy covering our curatorial activities at the following link: www.moov.law |
| Management of the mediation mission | Personal identification data (surname, first name, address, telephone number, company number) Electronic identification data (e-mail address) Family details (first and last names of children, parentage, marital status, etc.) Personal characteristics (age, gender, date of birth, nationality, country of origin, mother tongue, language(s) spoken) Professional characteristics (profession, diploma, career, etc.) Financial details (account number, statement of tax assessment and household composition or any documents attesting to the financial situation) Special categories of data such as data relating to health, criminal convictions or offences, racial or ethnic origin, political opinions, religious beliefs, trade union membership or sexual orientation. In general, any data required to establish, exercise or defend the legal interests of our customers. | Or directly to the customer. Or with a third party such as : Legal aid officeInsurance companyOpposing partyTechnical adviceJudicial or administrative authorityPublic authority (police, etc.) Either because the customer or a public authority has made them publicly available. |
| Accounting management | Personal identification data (surname, first name, address, telephone number, company number) Electronic identification data (e-mail address) Financial details (account number) | Or directly to the customer. Either because the customer or a public authority has made them publicly available. |
| Management of pre-contractual relations | Personal identification data (surname, first name, telephone number) Electronic identification data (e-mail address) Information provided by the customer in order to assess whether we can process their file or request. In addition, in the event of recruitment : Family details (first and last names of children, marital status)Personal details (age, gender, date of birth, your country, mother tongue)Professional characteristics (profession, diploma, career, etc.) | Directly to the customer. |
| Managing our suppliers | Personal identification data (surname, first name, address, telephone number, company number, order number) Financial details (account number) | Or directly to the customer. Either because the customer or a public authority has made them publicly available (Crossroads Bank for Enterprises) |
| Communication management | Personal identification data (surname, first name, address, telephone number) Electronic identification data (e-mail address) | Or directly to the customer. Either because the customer has made them publicly available As a reminder, we do not currently have a mailing list or newsletter in place (no direct marketing). |
| Litigation management | Personal identification data (surname, first name, address, telephone number, company number) Electronic identification data (e-mail address) Professional characteristics (profession, diploma, career, etc.) Financial details (account number, statement of tax assessment and household composition or any documents attesting to the financial situation) Data in special categories such as data concerning health, criminal convictions or offences, racial or ethnic origin, political opinions, religious beliefs, trade union membership or sexual orientation. In general, any data required to establish, exercise or defend the legal interests of our customers. Photographs or images. Any data required to support a legal action and obtained legally. | Or directly to the customer. Either obtained from the insurance company Or because the customer or a public authority has made them publicly available. |
| Meeting our legal and ethical obligations – mainly in the prevention of money laundering and the financing of terrorism | all the data referred to in the legal provisions and code of ethics, but in particular customer identification data, tax data, transaction data, data relating to suspicious transaction reports and data relating to due diligence measures | either directly from the customer or from online databases (Moniteur, Banque Carrefour, DPA, etc.) |
Article 4: With whom is the Law Firm likely to share the personal data it processes?
All data sharing is carried out in compliance with professional secrecy, legal provisions, ethical rules and this Privacy Policy.
The data listed above may be accessed by members of the Law Firm’s team or by any colleague working as an associate or specialist lawyer, or by any technical advisor, to the extent strictly necessary for the performance of the Law firm’s obligations.
In order to defend its interests, in accordance with the mandate given by the client and insofar as necessary, the Law Firm communicates the client’s personal data to the competent judicial or administrative authorities or legal auxiliaries.
The Law Firm may transmit this personal data to opposing parties in order to defend the client’s interests and to the extent necessary.
The Law Firm may be required to transmit personal data to third parties by virtue of the law, decrees or other regulatory provisions from which it cannot evade.
For example, we may share customer data with the President of the Bar Association if certain money laundering risks are identified.
The Law Firm may also share certain data with its co-contractors, qualified as “subcontractors” within the meaning of the RGPD to the extent strictly necessary for the operation of computerised or non-computerised applications or management systems to which the Firm has subscribed.
In all circumstances, we protect customer data by means of confidentiality agreements. The service providers with whom we share customer data are as follows:
| Type of service provider | Location |
| IT solutions providers (e.g. SECIB) | In Europe |
| Mailing solution providers (e.g. B-Post, DHL, etc.) | In Europe |
| IT solutions and infrastructure and systems maintenance providers | In Europe |
| Hosting / Cloud service providers | In Europe |
| Accountants and financial services providers | In Europe |
| Banking / Insurance | In Europe |
| Lawyers – associates – trainee lawyers | In Europe |
| L’Ordre des barreaux francophones et germanophone (Avocats.be) | In Europe |
| Other: …. | In Europe |
For security reasons, the list of subcontractors, their field of activity, the purpose for which the data is processed and, where applicable, the country in which the data is processed and hosted is not available on our site, but will be made available to data subjects on first request.
Article 5 – Our policy on data retention and storage periods
The length of time personal data is kept varies according to the purposes for which it is processed. This period is limited, taking into account any retention obligations imposed by law.
| Processing activity | Duration |
| Managing the defence of customers’ interests and requests | The storage period is 5 to 10 years from the end of the relationship with the firm. |
| Administrative management of our customers’ files | The file is kept for 10 years from the date it is closed. |
| Management of court orders | The retention period is 5 years from the end of the relationship with the firm. For more information on data retention in connection with our curatorship assignments, please refer to our Privacy Policy for our curatorship assignments on our website www.moov.law. |
| Management of the mediation mission | The retention period is 5 years from the end of the relationship with the Law Firm. |
| Accounting management | The retention period is 7 years from the year in which the customer was entered in the accounts. |
| Management of pre-contractual relations. | Data is deleted immediately, with the exception of CVs, which we may keep in our recruitment database for one year. |
| Managing our suppliers | The retention period is 7 years from the year in which the customer was entered in the accounts. |
| Communication management | It will be kept for 2 years from the date of our last contact. |
| Managing the firm’s litigation | The data is deleted 5 years after execution of the judgment or final closure of the dispute. |
| Anti-money laundering obligations | The retention period is 10 years from the end of the business relationship or the completion of the occasional transaction. |
Article 6 – DOES THE LAW FIRM TRANSFER PERSONAL DATA OUTSIDE THE EUROPEAN UNION?
Transfers of data to a country outside the European Union or the European Economic Area will only be authorised if:
➢ The European Commission has issued a decision establishing that this country provides an adequate level of data protection, i.e. equivalent to that required by European legislation. Personal data will be transferred on this basis.
➢ The transfer is covered by an appropriate guarantee granting a level of data protection equivalent to that provided by European legislation, such as the Commission’s standard contractual clauses, a Code of Conduct, certification, binding corporate rules, consent.
In the absence of an adequacy decision or appropriate safeguards, a transfer or a set of transfers of personal data to a third country remains possible if this transfer is necessary for the establishment, exercise or defence of legal claims.
A priori, no data is stored by the Firm outside the European Union. Should any data be transferred outside the EU, the Firm undertakes to take the necessary measures to ensure an adequate level of protection for the data transferred.
Article 7 – RIGHTS OF DATA SUBJECTS WITH REGARD TO THEIR PERSONAL DATA
We pay particular attention to your rights as a data subject. To this end, we invite you to contact our firm’s RGPD contact point at the following e-mail address: contact@moov.law.
Data subjects have the following rights, unless a legal or regulatory provision in force in Belgium (including the RGPD or professional secrecy) precludes it, and except in cases where other interests would take precedence over the data subject’s right to privacy, such as creditor’s rights or being able to administer a client’s file correctly, etc., and insofar as the law is applicable in the case in question:
7.1. Right of access to data
You have the right to be informed of any information concerning you that is processed by the Firm, unless such data must remain confidential in order to protect a legitimate interest that is more important after weighing up the interests involved.
7.2. Right of rectification
The data subject has the right to obtain rectification of any inaccurate personal data recorded concerning him or her, unless there is any doubt as to the accuracy of the corrected data transmitted.
7.3 The right to object to data processing
7.4 The right to restrict the processing of data
7.5 The right to erasure of processed data, unless such data can be erased to protect a greater legitimate interest after weighing up the interests involved;
7.6 The right to portability of processed data ;
7.7 The right to lodge a complaint with the Data Protection Authority :
Data Protection Authority
www.autoriteprotectiondonnees.be/
Rue de la Presse, 35, 1000 Brussels
Tel: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35
E-mail: contact@apd-gba.be
You may exercise your rights by sending an e-mail to the following address: privacy@dp-a.be or by post. The Cabinet will respond to the data subject’s request as soon as possible. It will inform the person concerned of the action taken on the request relating to the protection of personal data, at the latest within one month of receipt of the request. Depending on the difficulty of the request or the number of requests we receive, this deadline may be extended by two months. In this case, the Law Firm will notify you of the extension within one month of receipt of the request.
In all circumstances, in exercising these rights, the Law Firm shall always have regard to the rights and freedoms of other persons and to the public interest and its mission.
We ask our customers and/or any person concerned to attach to their request the documents or information necessary to prove their identity, failing which we may return to them to request proof of their identity, for example a copy of their identity card, with a view to acting on their request.
Lastly, where the request to exercise a right is manifestly unfounded or excessive, in particular because of its repetitive nature, it may be refused or be subject to the payment of reasonable charges which take account of the administrative costs incurred in providing the information, making the communications or taking the measures requested.
Article 8 – Miscellaneous
8.1 Safety
In the performance of their duties, lawyers remain subject to all the ethical obligations of their profession. The firm is therefore subject to important ethical obligations. In addition, the Firm makes every effort to ensure that personal data is optimally protected against any unlawful use. To this end, our Firm has put in place physical, administrative, organisational and technological measures to protect against any data leakage, including loss, destruction, public disclosure, unauthorised access or misuse. However, if the customer or any third party becomes aware of the existence of a data leak or suspects one, we ask them to notify us immediately by contacting us at .
8.2 Person responsible for data protection at our firm
We have appointed a data protection officer within our firm who assists and advises us on our RGPD compliance policy. For any questions relating to the processing of personal data, the contact address is: contact@moov.law.
8.3 Modification of the Privacy Policy
The Firm may correct, amend or add to this Privacy Policy at any time and for any reason. The most up-to-date version can be consulted at all times on the Curateur website www.moov.law. We thank you for consulting this page regularly, in order to keep you informed.
8.4. Use of cookies ?
We only use functional cookies on our www.moov.law website, which do not allow web users to be identified.
Functional cookies help us to improve our site, make browsing easier and analyse our audience.
For more information, please contact us at contact@moov.law.