Privacy policy

BMI Leisure - Privacy statement (last modified on 01 September 2022)

First of all, we are excited that you are inter­ested in BMI Leisure.

In this privacy statement, we document the way Personal Data is processed by us.

It is possible that we will ask you to share certain Personal Data with us, including but not limited to your first name, last name, e‑mail address (identi­fi­cation data). Concerning certain legal oblig­a­tions, you might have to provide us with additional data for us to comply with said oblig­a­tions.

We only collect Personal Data that is necessary to inform you about our products and services, to execute agree­ments with you, and to contact you.

The legal grounds for the processing of your Personal Data are the execution of an agreement, a legal oblig­ation, our legit­imate interest, and, in some cases, your consent (Article 2).

The processing of your Personal Data is subject to this privacy statement. In case you have questions or remarks, please contact privacy@​bmileisure.​com.

By providing Personal Data you are deemed to have acknowl­edged the use of your Personal Data in accor­dance with this privacy statement.

Article 1 – Defin­i­tions

Affil­iated Company” means a company which BMI Leisure is affil­iated, provided that such company meets the condi­tions for an affil­iated company” as set out in Article 11 of the Belgian Company Code.

Controller” has the meaning as defined in the General Data Protection Regulation 2016/679. BMI Leisure will be qualified as the Controller, which deter­mines the purposes and means of the processing of Personal Data.

Personal Data” has the meaning as defined in the General Data Protection Regulation 2016/679, which is any infor­mation relating to an identified or identi­fiable natural person (also called the data subject”).

Processor” has the meaning as defined in the General Data Protection Regulation 2016/679, which processes Personal Data on behalf of the Controller.

BMI Leisure” is the tradename of Business & Marketing Improvement NV, a company with a regis­tered office situated at 2440 Geel, Molseweg 160, regis­tered in the Belgian Crossroad Bank for Enter­prises with number 0562.755.594.

Website” means the website www​.bmileisure​.com.

Article 2 – Purposes and legal grounds

Client data

In the framework of our services and commercial activ­ities we collect and process identity and contact data of our clients, their personnel, collab­o­rators, associates, and any useful contacts. The purposes of this processing are the execution of the agree­ments with our clients, customer care, bookkeeping, and direct marketing purposes such as the sending of promo­tional or commercial infor­mation. The legal grounds are the execution of an agreement, the fulfillment of legal and regulatory oblig­a­tions, our legit­imate interest, and, in some cases, your consent.

Supplier and subcon­tractor data

We collect and process the identity and contact data of our suppliers and subcon­tractors, their subcon­tractors, their personnel, collab­o­rators, associates, and any useful contacts. The purposes of this processing are the execution of the agreement(s), supplier/​subcontractor care, bookkeeping, and direct marketing purposes such as the sending of promo­tional or commercial infor­mation. The legal grounds are the execution of an agreement, the fulfillment of legal and regulatory oblig­a­tions, and/​or our legit­imate interest (for direct marketing).

Personnel data

We process the Personal Data of our employees in relation to our personnel and our staffing services and our salary admin­is­tration services.

Other data

Besides client, supplier/​subcontractor, and personnel data, we process the Personal Data of other people, such as potential new clients/​prospects, useful contacts within our sector, networking contacts, etc.

These data are collected through our Website or through other channels. The purposes of processing are in the interest of our commercial activity, direct marketing, and public relations. The legal ground is our legit­imate interest and, in some cases, the execution of an agreement or your consent.

More specif­i­cally, we can use the Personal Data we collect from you for the following purposes:

(i) to provide you with infor­mation about our products and services;
(ii) to provide you with our products and services and to execute an agreement(s) with you;
(iii) to inspect and process potential complaints or requests;
(iv) to help us evaluate, correct, or improve our Website and all related products and services of BMI Leisure;
(v) for direct marketing purposes;
(vi) for internal reasons, such as corporate admin­is­tration and archiving purposes.
In the course of providing our services to you, in some cases, we might analyze your infor­mation to build individual profiles.

The aim is to provide you with person­alized services that are relevant and inter­esting for you. The profiling is based on your Personal Data but is not used for automated individual decision making which produces legal effects or has similarly signif­icant effects on you. By using your data to discover your interests, we can offer you an optimal service and experience.

Article 3 – The Confi­den­tiality of your personal data

Every time you as a user submit Personal Data, we shall handle this infor­mation in accor­dance with the stipu­la­tions of this privacy statement and any legal oblig­a­tions applicable to the processing of Personal Data, including the General Data Protection Regulation (GDPR) 2016/679.

We shall establish appro­priate measures and proce­dures to secure and protect the Personal Data we collect via the Website or via electronic corre­spon­dence.

In this way, we undertake to prevent, as far as possible, illegal processing of Personal Data and uninten­tional loss or liqui­dation of your Personal Data. However, despite these precau­tions, we cannot guarantee that your Personal Data is protected when it gets displayed or reported via unsecured means in another way other than via the Website or otherwise commu­ni­cated.

We optimize the security of your Personal Data by limiting the access to your Personal Data to persons on a need-to-know” basis (for example only BMI Leisure employees or associates who need your Personal Data for the purposes as described in Article 2 will have access to the data).

Article 4 – How do we collect your personal data and how long is it kept?

BMI Leisure collects your Personal Data:

(i) when you submit Personal Data via the Website;
(ii) When you subscribe to our newsletter;
(iii) when you enter into an (employment) agreement with us;
(iv) when you call or mail us or corre­spond with us via another way than the Website
We can combine the Personal Data we collect via the Website with infor­mation that you provide us in another way or which third parties deliver to us.

Personal Data will be kept and processed by us for the duration that is required in relation to the purposes of the processing depending on whether we have a contractual relationship with you or not.

Client data and supplier or subcon­tractor data will be removed from our systems after 7 years after the termi­nation of the agreement involved, except for the Personal Data that we have to store for a longer duration based on specific legal oblig­a­tions or in case of pending litigation(s).

Data collected through the Website or through any other channel (other data) will not be kept longer than 5 years after the last useful contact between us and you.

Personnel data will be removed after 5 years after the termi­nation of the employment relation.

We avoid the collection of Personal Data that is not relevant for the purposes as set out in Article 2.

Article 5 – Transfer for personal data

We will not transfer your Personal Data to third parties outside the European Economic Area, except to subcon­tractors or employees who retain the Personal Data on servers in the United States, have under­taken to do so under the Privacy Shield or in accor­dance with the European Commis­sion’s Standard Contract Terms and thereby provide an adequate level of security for the processing of Personal Data.

Furthermore, we will not transfer your Personal Data to third parties inside the European Economic Area without your permission, except:

(i) to Affil­iated Companies;
(ii) when these data are necessary to permit employees, agents, subcon­tractors, suppliers, or commercial partners to provide a service or accom­plish a task in the name of BMI Leisure, including but not limited to providing marketing support, accom­plish market research, or providing user services;
(iii) if it is required or permitted by the applicable law.
Any transfer of Personal Data to one of the third parties mentioned in the list above is in accor­dance with the stipu­la­tions of the General Data Protection Regulation (GDPR) 2016/679.

We ensure that measures are taken to make sure that third parties cannot use your Personal Data for other purposes than the purposes mentioned exhaus­tively in Article 2 and that these third parties have taken the necessary technical and organi­za­tional measures to protect these data.

We will have data processing agree­ments in place with the afore­men­tioned third parties in order to ensure the security of the Personal Data.

We shall take all necessary precau­tionary measures to assure that our employees and associates who have access to Personal Data will process these Personal Data exclu­sively in accor­dance with this privacy statement and the oblig­a­tions under the applicable privacy regula­tions.

Article 6 – Rights of the data subject

By virtue of both Belgian and European legis­lation concerning data protection, you have the rights as mentioned below. If you want to exercise these rights, you have to send us a written request and provide a copy of your ID card to privacy@​bmileisure.​com

We will provide you with infor­mation within one (1) month of receipt of the request on the action that will be taken. We can extend this one-month period to a maximum of three (3) months, in which case you will be informed about the reasons for such delay within one (1) month of the original request.

The right of access to Personal DataYou have the right to instruct us to provide you with any Personal Data we hold about you, providing the rights of other data subjects are not affected.

The right to recti­fi­cation of Personal DataWe kindly ask you to help to make sure that the Personal Data in our records are as accurate and up-to-date as possible. If you believe that the Personal Data submitted to us are incorrect or incom­plete, please notify us as described above. We will correct or adapt your Personal Data as soon as possible.

The right to the erasure of Personal DataIn some circum­stances, you have the right to the erasure of your Personal Data without undue delay. Those circum­stances include:

(i) the unnecessity to hold the Personal Data any longer in relation to the purposes for which they were collected or otherwise processed;
(ii) the withdrawing of the consent to consent-based processing;
(iii) the processing that is for direct marketing purposes; and
(iv) in case the Personal Data has been unlaw­fully processed.
However, there are certain general exclu­sions of the right to erasure. Those general exclu­sions include where processing is necessary:

(i) for exercising the right of freedom of expression and infor­mation;
(ii) for compliance with a legal oblig­ation; or
(iii) for the estab­lishment, exercise, or defense of legal claims.
The right to restrict the processing of Personal DataIn the following circum­stances you have the right to restrict the processing of your Personal Data:

(i) for contesting the accuracy of the Personal Data;
(ii) when the process is unlawful but you don’t want the Personal Data to be erased; or
(iii) when you objected to processing, pending the verifi­cation of that objection.
Where processing has been restricted on this basis, we may continue to store your Personal Data. However, we will only process it with your explicit consent, for the estab­lishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.

The right to objectYou have the right to object to our processing of your Personal Data.

The right to data porta­bil­ityIf you wish to exercise your right to data porta­bility, we will send the Personal Data in a struc­tured, commonly used, and machine-readable format to a controller of your choice.

The right to withdraw consentTo the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. However, the withdrawal will not affect the lawfulness of processing before the withdrawal.

The right to complain to a super­visory author­i­tyYou can file a complaint with the Data Protection Authority (“Gegevens­bescher­mingsautoriteit”) by sending an e‑mail tocontact@​apd-​gba.​be or by sending a written request to the Data Protection Authority with a regis­tered address located at 1000 Brussels, Drukpersstraat 35.

Article 7 – Third-party link

The Website may contain links to websites of third parties which are not controlled by us. Although we will do our utmost to make sure that the links on the Website lead exclu­sively to websites that share the safety and confi­den­tiality standards of BMI Leisure, we are not respon­sible for the protection and confi­den­tiality of data, among Personal Data that you submit on other websites after you have left the Website.

Before submitting Personal Data we recommend that you proceed carefully and consult the privacy statement which applies on the website concerned.