Privacy policy

BMI Leisure - Privacy statement (last modified on 17 April 2025)

Welcome, and thank you for your interest in BMI Leisure.

This privacy statement outlines how BMI Leisure processes your Personal Data. By providing your Personal Data, you acknowledge and agree to its use in accor­dance with this privacy statement. For any questions or concerns, please contact us at privacy@​bmileisure.​com.


Article 1 – Defin­i­tions

  • Affil­iated Company”: A company affil­iated with BMI Leisure as defined in Article 11 of the Belgian Company Code.
  • Controller”: As defined by the GDPR (Regulation 2016/679), BMI Leisure is the Controller deter­mining the purpose and means of processing Personal Data.
  • Personal Data”: Any infor­mation relating to an identified or identi­fiable natural person.
  • Processor”: A party that processes Personal Data on behalf of the Controller.
  • BMI Leisure”: Trade name of Business & Marketing Improvement NV, located at Molseweg 160, 2440 Geel, Belgium. VAT BE0562.755.594.
  • Website”: The official website at www​.bmileisure​.com.


Article 2 – Purposes and legal grounds


Client data

We process identity and contact data of clients and their associates to:

  • Execute agree­ments
  • Provide customer service
  • Maintain bookkeeping
  • Conduct direct marketing

Legal grounds: Contractual oblig­ation, legal require­ments, legit­imate interest, and in some cases, consent.


Supplier and subcon­tractor data

We process identity and contact data for similar purposes as with clients.

Legal grounds: Contractual oblig­ation, legal require­ments, and/​or legit­imate interest.


Personnel data

Processed as part of employment, HR, and payroll admin­is­tration.


Other Data (Prospects, Contacts)

Collected via the Website or other channels for commercial purposes, PR, and direct marketing.
Legal grounds:
Legit­imate interest, consent, or contractual necessity.


Specific Purposes

We may also use your data to:

  • Inform you about our products and services
  • Fulfill agree­ments
  • Respond to inquiries or complaints
  • Improve our services and Website
  • Perform direct marketing
  • Conduct profiling to person­alize services (without automated decision-making)


Article 3 – Confi­den­tiality and Security of Personal Data

Your data is processed in accor­dance with GDPR and applicable laws. We implement security measures to prevent unautho­rized access, accidental loss, or unlawful processing. Access is limited to those who require it on a need-to-know” basis.

However, we cannot guarantee data security if shared through unsecured channels outside our systems.


Article 4 – Collection and Retention of Data


How Data is Collected

  • Via the Website
  • Newsletter subscrip­tions
  • Contracts and agree­ments
  • Direct commu­ni­cation (phone, email, etc.)


Retention Periods

  • Client & Supplier Data: Retained for 7 years post-contract, unless legally required otherwise.
  • Personnel Data: Retained for 5 years after employment ends.
  • Other Data: Retained for a maximum of 5 years after last contact.

We strive to only collect data necessary for the purposes outlined in Article 2.


Article 5 – Data Transfers

Outside the EEA

We only transfer data outside the EEA if:

  • Hosted on U.S. servers with adequate safeguards (e.g., Privacy Shield, Standard Contractual Clauses)


Within the EEA

We may share data with:

  • Service providers acting on our behalf (e.g., marketing, IT)
  • Author­ities as required by law

We ensure:

  • All transfers comply with GDPR
  • Data processors are contrac­tually bound to use the data securely and only for specified purposes


Article 6 – Your Rights as a Data Subject

To exercise any of the rights below, email us at privacy@​bmileisure.​com along with a copy of your ID for verifi­cation. We will respond within one (1) month, extendable to three (3) months if necessary.


Your Rights Include:

  • Right of Access: Obtain confir­mation and access to your data.
  • Right to Recti­fi­cation: Correct inaccurate or incom­plete data.
  • Right to Erasure: Delete your data under specific circum­stances (e.g., consent withdrawn, no longer needed).
  • Right to Restrict Processing: Temporarily limit use of your data (e.g., when contesting accuracy).
  • Right to Object: Oppose data processing for direct marketing or based on legit­imate interest.
  • Right to Data Porta­bility: Request your data in a struc­tured, machine-readable format.
  • Right to Withdraw Consent: Withdraw consent at any time (applies only where consent is the legal basis).
  • Right to Complain: File a complaint with the Belgian Data Protection Authority at contact@​apd-​gba.​be or via mail to Drukpersstraat 35, 1000 Brussels.


Article 7 – Third-Party Links

Our Website may contain links to third-party sites. We are not respon­sible for the content or privacy practices of these external sites. Please consult the privacy policies of these sites before submitting your Personal Data.