Third-party privacy statement

The controller of your personal data is the following legal entity:

Order of Flemish Bars

Staatsbladsstraat 8, 1000 Brussels

Ondernemingsnummer: 0267.393.267

The OVB also refers to its bodies, i.e. chairman, members of the board of directors, committees and working groups.

In case you have questions about the processing of your personal data, you can always contact us

• via e-mail: info@advocaat.be
• by phone: +32 3 337 54 70
• by post to the above address, stating "Privacy"

The OVB has appointed a Data Protection Officer or Data Protection Officer pursuant to the GDPR. The Data Protection Officer can be contacted at dpo@ordevanvlaamsebalies.be.

As regards the processing of your personal data in the context of the Digital Platform of Attorney's ("DP-A") applications, e.g. the BJB application, you can find the privacy statements on the DP-A website.

We process your personal data for one or more of the following purposes:

• Contact in the context of advocacy;
• Second-line legal assistance;
• Sponsorship;
• Supplier management;
• Financial management;
• Organisation of training and events;
• Competitions;
• Communications;
• Access control; and
• Dispute management.

Below you can find which personal data we process for each purpose, why we process it, how we obtain it, how long we keep it and with whom we share it.

a) Contact in connection with the representation of the interests of the legal profession

In the case of contacts by/with the OVB for the purpose of representing the interests of the legal profession, we may process your personal identification data (name, address, e-mail address), financial data (bank account number) and information about your membership, affiliation or employment (with one of the Orders of Advocates, the CCBE and/or another organisation).

The processing of these personal data allows us to liaise with European advocacy associations for the lawyer, such as the CCBE, with the Orders of Lawyers and with the Ordre des Barreaux Francophones et Germanophone, as well as to cooperate with the FPS Justice or other governmental bodies and the judiciary/OM (e.g. in the context of Regsol, the Central File of Notices of Seizure, etc.) with a view to representing the interests of the legal profession.

The legal basis for processing these personal data is based on our public interest task (art. 6, §1, (f) GDPR) arising from the Judicial Code (art. 495).

We obtain this personal data directly from you in the context of (ad hoc) contacts.

For purposes of interest representation, we evaluate on a regular basis whether your personal data are still relevant. If they are no longer relevant, your personal data will be deleted.

We only share this personal data with third parties with whom we cooperate for purposes of interest representation. In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

(b) Second-line legal assistance

For more information on the processing of personal data of contact persons at assistance organisations and competent authorities in the context of legal second-line assistance, please refer to our Privacy Statement Legal Second-line Assistance Assistance Assistance Assistance Organisations and Competent Authorities.

(c) Sponsorship

In the context of our sponsorship activities, we may process your personal identification data (name, (business) address, e-mail address, telephone number), identification data issued by the government (VAT number, company number), financial data (bank account number, method of payment, amount of sponsorship) and information about your profession and employment (office, position, place of employment, website).

The processing of this personal data allows us to organise sponsorship activities, including contact with (potential) sponsors, sponsorship administration, etc. This includes sponsorship by our regular sponsors as well as (ad hoc) sponsors of events (e.g. in the context of the OVB Congress).

The legal basis for processing these personal data is based on the conclusion or performance of the agreement (Art. 6, §1, (b) GDPR) and - insofar as the processing goes beyond what is strictly necessary for the conclusion or performance of this agreement, or the agreement is not concluded with you (directly) - the legitimate interest to organise our sponsorship (Art. 6, §1, (f) GDPR).

We obtain this personal data directly from you in the context of the sponsorship when the OVB contacts you or when you offer yourself as a sponsor.

For our sponsorship, we keep your personal data for up to 10 years after the sponsorship ends (plus a 1-year verification period).

We only share this personal data with third parties with whom we cooperate in the context of sponsorship (banks and insurance companies, our accountant, accounting platform provider). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

d) Supplier management

In the context of our supplier management, we may process your personal identification data (name, (business) address, e-mail address), identification data issued by the government (company number, VAT number), financial data (bank account number, method of payment) or any other data that you communicate to us (e.g. information about your profession and job).

The processing of this personal data allows us to organise administration with (potential) suppliers. This includes contracting (including comparing suppliers, requesting offers and conducting pre-contractual negotiations), approval at the general meeting or board of directors, correspondence with our suppliers, managing placed 'orders' and organising our payment (e.g. invoicing).

In case of a private supplier/partner, the legal basis for processing your personal data is based on the performance of the contract (Art. 6, §1, (b) GDPR). In case of a professional supplier/partner, the legal basis for processing personal data is based on our legitimate interest to organise our B2B supplier management (art. 6, §1, (f) GDPR).

We always obtain your personal data directly from you.

For purposes of our supplier management, we keep your personal data for up to 10 years after the termination of the relevant agreement (plus a 1-year verification period).

We only share your personal data with third parties with whom we cooperate in the context of our supplier management (banks and insurance companies, our accountant, accounting programme provider, auditors and external auditor). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

e) Financial management

In the context of our financial management, we may process your personal identification data (name, (business) address, e-mail address, telephone number), identification data issued by the government (company number, VAT number, state registration number), financial data (bank account number) and information about your profession and employment (services rendered).

The processing of this personal data allows us to manage OVB's income and expenditure, such as the management of accounting documents and annual accounts. This is necessary to comply with our accounting obligations.

The legal basis for processing your personal data is based on the legal obligation (art. 6, §1, (c) GDPR), as contained in art. I.1 and III.82 WER and art. III.89 WER and art. III.90 WER and art. 314 WIB and - to the extent that the processing goes beyond what is strictly necessary to comply with these legal obligations - on the legitimate interest to keep our accounts (art. 6, §1, (f) GDPR).

We obtain your personal data directly from you.

For purposes of our financial management, we keep your personal data for up to 10 years after the end of the respective financial year (plus a verification period of 1 year).

We only share your personal data with third parties with whom we cooperate in the context of our financial management (public authorities, auditors and external auditor, accounting platform provider, banks and insurance companies). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

f) Organisation and management of training courses and events

In the context of the organisation and management of training courses and events, we may process - in your capacity as a lecturer, speaker or participant - your personal identification data (name, e-mail address), information about your profession and occupation (position), video and image recordings (e.g. during webinars, seminars or events) and any other data we process in the context of the organisation and management of training courses and events (e.g. results of Lawyers Run).

We process these personal data for the purpose of organising trainings and events, including inviting speakers or lecturers and/or making webinars and videos available via our platforms. The images and videos taken during these trainings, seminars and events additionally allow us to communicate about them via our website and social media.

The legal basis for this processing of your personal data is our public interest task (art. 6, §1, (e) GDPR) arising from the Judicial Code (art. 495) and the performance of the agreement with the speaker or lecturer (art. 6, §1, (b) GDPR). When we take targeted images or videos of you during an event or training and wish to share them on our website and social media (LinkedIn, Facebook, Instagram, Youtube), we will seek your consent to do so (art. 6, §1, (a) GDPR). For larger events, such as the New Year reception or Lawyers Run, this is not possible / not desirable. In such cases, taking and publishing your image and/or video is based on our legitimate interest to communicate about these events (art. 6, §1, (f) GDPR). We will communicate clearly about this prior to and during the event, including how you can object to the taking of photos and videos of you.

We always obtain this personal data directly from you in the context of organising and managing training courses and events.

For purposes of organising training courses and events, we keep your personal data for 10 years counting from the last training course, seminar or event you gave (plus a 1-year verification period).

The Orders of Advocates are co-responsible for the processing of your personal data in the context of professional training and continuing education, with the exception of in-house training and events. If you have any further questions in this regard, you can always contact us using the contact details listed under IDENTITY AND CONTACT DETAILS.

We only share these personal data with (third) parties with whom we collaborate in the context of organising and managing training courses and events (Bar Associations, photographer, video conference tool provider, online video platform provider, mail platform provider, customer feedback platform provider, participants and other partners in the context of a specific training course or event, such as, for example, provider registration tool at Advocatenrun). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

g) Competitions

In the context of your participation in a competition (as a participant or jury member), we may process your personal identification data (name, address, e-mail address, telephone number), information about your profession and job (position) and image recordings. If you win one of our prizes, we may additionally process your financial data (bank account number).

We process these personal data for the purpose of organising competitions (e.g. photo competition), including selecting a winner, awarding a prize, etc. The images or videos taken during the competition allow us to communicate about it via our website and social media.

The legal basis for processing your personal data is based on the conclusion or performance of the agreement to participate in the competition (Art. 6, §1, (b) GDPR) and - to the extent that the processing of your personal data goes beyond what is necessary for the performance of the agreement - the legitimate interest to organise our competitions. For competitions in the context of larger events, such as the New Year's Reception or Lawyers Run, this is not possible / not desirable. In such cases, taking and publishing your image and/or video is based on our legitimate interest to communicate about this contest (art. 6, §1, (f) GDPR). We will communicate clearly about this prior to and during the event, including how you can object to the taking of photos and videos of you.

We obtain this personal data directly from you in the context of your participation in the contest.

For purposes of organising competitions, we keep your personal data for up to 5 years after the end of the competition (plus a 1-year verification period).

We only share this personal data with third parties with whom we cooperate in the context of the specific event (photographer, banks, sponsors). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

h) Communications

In the context of our communications, we may process your personal identification data (name, e-mail address).

The processing of these personal data allows us to send communications by e-mail (e.g. OrdeExpress) and to post them on our website (advocaat.be and ordevanvlaamsebalies.be). These communications include applicable regulations, deontological rules and advice, legislative files and case law, training, operation of the second-line assistance and Salduz, general meetings, but also communications regarding events (outside the context of continuing education) or social updates relevant to the legal profession, including the press release "president on Friday".

The legal basis for processing your personal data is your consent (art. 6, §1, (a) GDPR).

We obtain this personal data directly from you when you subscribe to the OrderExpress.

For purposes of these communications, we will keep your personal data until you unsubscribe, which you can do at any time (for more information, see RIGHTS).

We only share this personal data with third parties with whom we cooperate within the framework of these communications (mail platform provider). In addition, third parties with whom we cooperate for the storage and management of our data also have access to these personal data (IT/cloud providers).

i) Access control

We process your image recording when you ring the doorbell via our intercom at the entrance to the OVB.

The intercom is used to identify you and ensure security in our building.

The legal basis for processing your image recording via our intercom is based on our legitimate interest to identify you and ensure the safety of our employees, lawyers and visitors (art. 6, §1, (f) GDPR).

We obtain this personal data directly from you when you use our intercom at the entrance to the OVB.

These image recordings via the intercom are neither stored nor shared with third party recipients.

j ) Dispute management

For the purpose of managing any disputes with suppliers, partners, public authorities, students and others, we may process your personal identification data (name, address, e-mail address, phone number) and any other information that may be relevant to the management of a (potential) dispute.

The processing of these personal data allows us to defend our legitimate interests in all forms of dispute resolution and to administer them.

The legal basis for processing your personal data is based on our legitimate interest to safeguard our (contractual and extra-contractual, legal and other) rights (Article 6, §1, (f) GDPR).

We obtain this personal data either directly from you or indirectly from third parties.

For purposes of our dispute management, we keep your personal data for up to 5 years after the expiry of the last deadline for appeal (longer if necessary, e.g. to comply with legal obligations) (plus a verification period of 1 year).

We only share this personal data with third parties with whom we cooperate in the context of our dispute management (external legal advisers) and with other parties if necessary (public authorities, court and police services, bailiffs, collection agencies, banks and insurance companies, external auditors and accountants). In addition, third parties with whom we cooperate for the storage and management of our data also have access to this personal data (IT/cloud providers).

We have implemented appropriate technical and organisational measures to ensure the confidentiality of your personal data and to protect your data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

We have appropriate contractual arrangements with the third parties we work with and do not transfer your personal data outside the European Economic Area without ensuring that your data also enjoys an equivalent level of protection there.

You can always contact us to exercise the following rights:

• a request to access or rectify your personal data;
• a request for erasure of your personal data;
• a request to restrict the processing of your personal data;
• to withdraw your consent;
• an objection to the processing of your data; and
• a complaint if you believe that we are not acting in accordance with applicable data protection legislation. You can also file a complaint with the Belgian Data Protection Authority.

You can always contact us for this:

• by e-mail: info@advocaat.be
• by phone: +32 3 337 54 70
• by post to the above address, stating "Privacy"

We respect all rights relating to your personal data to which you are entitled under applicable law.

For those purposes for which the legal basis for processing personal data is a task of public interest or legitimate interest, you may exercise your right to object at any time, stating the reasons pertaining to your specific situation. OVB will cease processing your personal data unless it considers that there are compelling legitimate grounds which outweigh the interests, rights and freedoms you invoke. In any case, you can unsubscribe from receiving our communications (OrdeExpress) at any time via the communication itself or by contacting us.

To correctly follow up and respond to your requests, we process your personal data on the basis of our legal obligations arising from Chapter III in conjunction with Article 5, §2 GDPR (Article 6, §1, (c) GDPR). For identification purposes, we may ask you for a copy of the front of your identity card.

This privacy statement may be amended from time to time, within the limits of applicable data protection regulations. Through the website advocaat.be and ordevanvlaamsablies.be you can always access the most up-to-date version.