Last updated on 21 January 2025

This Privacy Policy governs the processing of your personal data by “bv Sirius Legal Business Law Firm”, a company under Belgian law with enterprise number 0742.701.086, established at Kardinaal Mercierplein 2, 2800 Mechelen (hereinafter referred to as “Sirius Legal”).

Sirius Legal attaches great importance to your privacy and wishes to process your personal data in a legal, fair, and transparent way. We handle your data in full compliance with applicable laws and regulations, including the General Data Protection Regulation (GDPR). This privacy statement explains how Sirius Legal processes personal data about you.

 

1. What is personal data?

Personal data is any information relating to an identified or identifiable natural person. This can include a person’s name and contact details, date of birth, photo, and any other information that is linked or can be linked to a natural person, such as an email address, telephone number (even a work telephone number), or login code.

The processing of personal data refers to any operation or set of operations which is performed on personal data. These processing operations are varied and include, among others, the collection, storage, use, alteration, disclosure of this data, and even destruction.

 

2. What data do we process about you?

We process the following personal data about you in the context of our activities:

 

When you browse our website

Each time you visit our website, we may collect various personal data about you based on cookies and similar technologies, in particular your IP address, browsing behavior, origin, and search terms. We use cookies to maintain and improve our website. For strictly necessary cookies, we rely on the legitimate interest to ensure the security and operation of the website. We also collect anonymous statistics about browsing behavior on our website. The identity of individuals or companies cannot be recognized in this. We always ask for permission to place these analytical cookies. You can find more information about how we use cookies in Article 6.   

When you use our services as a lawyer

If you use our services as a lawyer, we process your personal data, payment and billing information, a copy of your identity card (only if you are a private client), and any other personal data that you voluntarily provide to us in order to handle your case. In some cases, we obtain this information from another party to the proceedings or their counsel, bailiffs, notaries, experts, the court, or other actors in the context of the files we manage for our clients. We use this information to provide our services and to handle payment and billing, with the legal basis being the performance of a contract you have requested or the provision of services you have requested. We are required by law to keep all file data for at least 5 years after the closure of your file. We keep your contact details (surname, first name, email address, and company name) for 10 years after the closure of your file to ensure the continuity of our services to our clients. We are required by law to keep your billing information for 10 years from the calendar year following the invoice date.

 

Processing of special categories of data

In exceptional cases, it is necessary for the handling of your case to also process special categories of data, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or data concerning health, or data concerning your sexual behavior or sexual orientation. Depending on the case, we may also process personal data relating to criminal convictions and offenses or related security measures. We are required by law to keep all file data for at least 5 years after the closure of your file. We keep your contact details (surname, first name, email address, and company name) for 10 years after the closure of your file to ensure the continuity of our services to our clients.   

If you have not used our services yourself

Even if you have not used our services yourself, it is possible that we process your personal data in the context of the services we provide to our clients. In that case, we process all personal data provided to us by your counsel, the counsel of another party to the proceedings, experts, the court, or other actors in the context of the files we manage for our clients. It is also possible that special categories of data are processed in this context. We retain your personal data for as long as necessary for the purposes of the processing. We are required by law to keep all file data for at least 5 years after the closure of the file. We also keep contact details for 10 years after the closure of your file to ensure the continuity of our services.

 

When you contact us

If you contact us, for example by email, telephone, or via the contact form on our website, we process your contact details and the content of your question. We do this for the sole purpose of providing you with an answer to that question and in that sense fulfilling our commitment to you. We do not store your data for longer than 6 months in the back-end of our website and mailbox, unless you become a client.

 

When subscribing to our newsletter

If you give us permission to do so, we process your email address (and possibly your surname, first name, and company if you have filled in these fields) to send you our newsletter and communications. We do this to keep you informed of legal news and interesting events or webinars. You can indicate at any time that you no longer wish to receive our newsletters via the opt-out option in our newsletters or by contacting us directly by email or telephone.   

If you place an order on our website (only available on the Dutch website)

If you place an order on our website, you become a client of Sirius Legal and we process your personal data in the same way as that of other clients. (see also: When you use our services as a lawyer)

 

If you download our free products from our website (only available on the Dutch website)

If you download our free products from our website, we ask for your contact details, including at least your email address. We collect this information solely for the purpose of providing you with the requested documentation in a personalized way by email. We keep your data for a maximum of 6 months. We do not use your email address for advertising purposes unless you have given your explicit consent.

 

If you schedule a meeting through our website

If you schedule a meeting with us, we process your contact details, the content of your question, and all information you voluntarily provide when booking your appointment. Your data will only be used for this booking and for the preparation of the meeting. During the meeting, we use AI to take notes during our conversation. You will be informed about the use of this tool prior to the meeting and you can object to its use at any time. These notes are only shared internally if you become a client. If you do not become a client, we will not keep this information for longer than 6 months. We use this information on the basis of our legitimate interest to ensure a better service to you.

 

If you register for one of our events, webinars and/or training courses

When you register for our events, webinars and/or training courses, we process your contact details. Our webinars are hosted by external video/webinar platforms such as Zoom, Google Meet, Livestorm, Teams, etc. We process this information in order to provide you with a link to participate. This information is kept for 6 months. We do not use this information for advertising purposes unless you have given your explicit consent.

 

If you apply for a job at Sirius Legal

If you apply for a vacancy that we offer, via our website, by email, by telephone, via LinkedIn, or via another job site, we process your personal and application data for the management of the application process. The data we process for this purpose is your surname, first name, CV, cover letter, and other information you have shared with us. When you voluntarily share sensitive information with us, you give your explicit consent to its processing. Your application data will not be kept for longer than 6 months, unless we would like to include you in our recruitment reserve. In that case, we will explicitly ask for your permission.

 

3. Who receives your personal data?

We will of course never pass on your personal data to third parties for commercial reasons.

However, we do share your data with third parties in the context of managing your case. Your data may be passed on to and processed by courts, bailiffs, notaries, other lawyers, government agencies, consultants, software and cloud providers, financial partners, or any other third party who is a party to or plays a role in your case. The current list can be obtained on simple request by email. With each transfer to third parties, we ensure appropriate security measures with regard to your personal data, including by concluding processor agreements where necessary.   

At events, we share your personal data with the partners or co-organizers, who are clearly displayed upon registration.

Sirius Legal also uses external processors to provide specific services for our broad administration, IT, and accounting. An up-to-date list of the external processors with whom personal data is shared is available on request via GDPR@siriuslegal.be.

Sirius Legal will carefully select processors in accordance with applicable data protection legislation. In addition, Sirius Legal ensures that the processing operations are carried out in accordance with the provisions of any written contract and with legal regulations in the field of data processing.

We always try to make maximum use of European suppliers, but if we have to use non-European third parties, we ensure that your data is as secure outside Europe as it is here in Europe. For example, we conclude Standard Contractual Clauses with these partners where necessary and provide additional safeguards.

In rare cases, we may be required to disclose personal data pursuant to a court order or to comply with other mandatory laws or regulations. We will attempt to inform you in advance, unless this is not possible for legal reasons.

 

4. What are your rights with regard to the protection of your personal data?

As a data subject, you have the following rights, provided that the conditions are met as stated in the GDPR:

  • Information about your personal data: You have the right to access your personal data free of charge at any time and to be informed of the use we make of that personal data or to request a copy of it.
  • Rectification and erasure: You also have the right to request the correction or (in some cases) deletion of your data.
  • Restriction of processing: In a number of cases listed in the GDPR, you may also request that the processing of your personal data be restricted.
  • Object to the processing of your personal data: You have the right to object to the processing of your personal data if you have serious and legitimate reasons that outweigh our need to process your data or to withdraw previously given consent. You also always have the right to object to the use of personal data for direct marketing purposes, even without having to give a reason for this.   
  • Data portability: You have the right to request your personal data in digital and readable form and/or to have it transferred to another controller, to a service provider of your choice.

If you wish to exercise any of these rights, please let us know as specifically as possible. When exercising your rights, Sirius Legal must be able to verify your identity to prevent someone else from impersonating you. Therefore, we verify your identity and, in case of doubt, always request a copy of a valid identity document. You can reach us by email at GDPR@siriuslegal.be or by post at the following address: Sirius Legal, Kardinaal Mercierplein 2, 2800 Mechelen or via the forms on our website.

Finally, you have the right to lodge a complaint with the Belgian Data Protection Authority if it appears that we have not responded appropriately to a request based on one of the rights listed above within 30 days:   

GBA / APD
Drukpersstraat 35
1000 Brussels
Tel: +32 (0)2 274 48 00
contact@apd-gba.be

You can also go to the civil court to claim compensation.

 

5. How do we secure your personal data?

We have taken appropriate technical and organizational security measures to guarantee the security of your personal data. For example, our software tools are secured with two-factor authentication, we use a username and password, access restrictions apply, and we apply encryption where possible. We also provide training to our staff on data protection, have internal guidelines on data security, and take appropriate security measures in the form of up-to-date antivirus and firewall protection.  

Under no circumstances can Sirius Legal be held liable for any direct or indirect damage resulting from the incorrect or unlawful use of personal data by a third party.

6. Cookies

Our website uses cookies and similar technologies, albeit in a limited way. This helps us to provide you with a better user experience when you visit our website and also allows us to optimize our website. We only place strictly necessary cookies without your prior consent. For all other cookies, we 1 first ask for your consent via our cookie banner. You can manage your cookie preferences at any time via our website and the “Cookie Preferences” link in our footer. Your consent is valid for 6 months, after which we will ask you about your preferences again.

The cookie list below gives you an overview of the cookies that our website uses.

We provide you with as much information as possible about cookies placed by third parties. If you would like to know more, we refer you to the privacy statements of these parties on their respective websites.

Please note: we have no influence on the content of these statements, nor on the content of the cookies of these third parties.

If you have any further questions or comments about the processing of your personal data, please contact us by email at GDPR@siriuslegal.be, or by post to Kardinaal Mercierplein 2, 2800 Mechelen, or via the forms on our website.