Ardis Advocaten is a law firm that offers services in employment law and commercial law. The privacy of our clients is of great importance to us.
This policy applies to all clients (current, former and future) of Ardis Advocaten.
1. Who collects your personal information?
The processing of your personal data is carried out by the controller, Ardis Law BVBA. You can direct questions or complaints regarding this policy by post to the following address:
Ardis Law BVBA
You can also contact our DPO, Gert Van Boven, by e-mail, at email@example.com.
2. Which categories of data can be collected?
The following categories of personal data can be collected:
a. Identifying data: name, address, gender, age, national register number.
b. Contact information: phone number, email address, username of Microsoft Teams or Skype.
c. Accounting data: account number, financial information, VAT and company number.
d. Career data: pay slips, employment contracts,
e. Data related to social security: regarding health, family status, marital status.
f. Legal documents: data relating to civil, administrative and criminal proceedings, including convictions and criminal offenses, evidence, images, video and audio recordings.
g. Special categories of personal data: data that may reveal race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data on health or a person's sexual behavior or orientation.
3. Legal professional secrecy
Our lawyers are bound by a legally binding, professional confidentiality. All confidential information that our lawyers receive and discover in the context of their mandate is covered by professional secrecy. Confidential information includes, but is not limited to:
- Identifiable data of the client
- All forms of correspondence between our lawyers and the client or between our lawyers and other lawyers
- All attachments to this correspondence such as drafts, advice, agreements and procedural documents.
- All information about the client or other persons or parties that our lawyers receive or discover, in any way, in the context of legal assistance for the client.
Confidential information covered by confidentially may be disclosed to courts, arbitrators and third parties only insofar as :
- Releasing this information is relevant;
- The release of that information is in the interest of the client;
- The client agrees to the release of that information;
- The release is not prohibited by law.
Our lawyers are bound to discretion in all circumstances and act accordingly at all times.
4. Why do we collect your personal information?
We collect personal data for the following purposes:
- Management of your file
- Our service as a lawyer (including advice, assistance in proceedings and cooperation with other lawyers)
- Accounting and invoicing
- Publicity purposes, such as sending regular legal updates in the field of employment and commercial law, invitations to events and any other news about our office in general, (where you have given your explicit consent).
- Dispute resolution, mediation
- Personnel administration, recruitment and selection
- Knowledge building and management
- Handling of questions, requests and complaints
If Ardis needs to process your data for purposes other than those stated above, we will provide you with the necessary information about this, prior to further processing of your personal data.
5. On what basis are your personal data processed?
The processing of your personal data is necessary for the performance of the legal services and the service agreement between you and Ardis.
This processing is done on the following legal grounds:
a) When you have given your consent, or
b) when the processing of the data is necessary for our services, or
c) when the processing is necessary to comply with a legal obligation, or
d) when the processing is necessary for a task carried out in the public interest,
e) or to protect the vital interests of data subjects.
The special category of personal data as stated in Article 2 g will only be processed with your explicit consent, either if you previously disclosed the data yourself, or if this is necessary to protect your vital interests or is vital for reasons public interest, or is necessary for the performance of obligations and exercise of specific rights in the field of employment law and social security and social protection law or the processing is necessary for the establishment, exercise or defense of legal claims.
6. How long do we keep your personal data?
Your personal data will not be kept for longer than necessary to achieve the purposes described above.
As a general rule, a retention period of 5 years applies. However, depending on specific situations and applicable national legislation, we may keep your data for a longer time. This will in particular be the case if one of the following requires this, namely: (i) necessary longer retention for the completion of the activity or service concerned (ii) the legally required retention period is longer, (iii) a possibility for appeal is not yet expired.
After the aforementioned periods have expired, the personal data will be deleted.
7. Who has access to your personal information?
Ardis employees and lawyers will have access to your personal data.
Ardis can provide your data to external parties if this is necessary for one or more of the purposes included in article 4.
These external parties are:
• external service providers and experts, such as payroll accountants or accounting offices.
• translators and interpreters;
• companies and private individuals
• other law firms;
• law enforcement agencies, government departments, judicial authorities;
• external professional advisers (eg consultants for the company).
The data can be processed by us in a country outside the European Economic Area, if this is necessary for the matter in which we act.
8. How are your data stored?
Your personal data is stored in the following way:
- In the Cloud from Cicero Law pack
- On paper in a physical file
- Microsoft One Drive
- Adobe Cloud service
9. How do we protect your personal information?
We take all possible technical and organizational security measures to prevent access by unauthorized persons, loss, unlawful processing, damage, destruction or misuse of your personal data both online and offline. However, Ardis cannot guarantee that third parties will never gain access to your personal data if they manage to circumvent the security measures that were put in place.
Under no circumstances can Ardis Law be held liable for any direct or indirect damage resulting from incorrect or unlawful use by a third party of the personal data.
We report any breach regarding personal data to the supervisory authority referred to in Article 12 no later than 72 hours after notification.
All violations, their consequences and the corrective measures taken are documented by us.
If the breach is likely to pose a high risk to your rights and freedoms, you will be notified without delay.
11. What are your rights?
a) Right of access: consult your data and / or request a copy thereof
b) Right to correction: have your personal data corrected by us, if you believe it to be incorrect or incomplete;
c) Right to be forgotten: have personal data deleted
d) Right to curtailment: restrict the way we use your data,
e) Withdraw consent (where the processing was based on your consent)
f) Right to portability: to transfer your data to another party (in case of processing based on consent or performance of a contract);
g) Protest: protest against the processing of personal data for which we use vital interests as a legal basis.
12. Exercise your rights
The exercising of these rights will be offered to you free of charge.
You can exercise all these rights by contacting us via the contact details mentioned in article 1. Please enclose a copy of the front of your ID card or passport or other means of identification to allow us to identify you.
Your complaint will be dealt with as soon as possible.
You can submit any complaints about the processing of your data by Ardis Law to:
Data protection authority,