Pri­va­cy Poli­cy

First of all, we are exci­ted that you are inter­es­ted in BMI Lei­sure.

In this pri­va­cy sta­te­ment, we docu­ment the way Per­so­nal Data is pro­ces­sed by us.

It is pos­sible that we will ask you to share cer­tain Per­so­nal Data with us, inclu­ding but not limi­ted to your first name, last name, e‑mail address (iden­ti­fi­ca­tion data). Concer­ning cer­tain legal obli­ga­tions, you might have to pro­vide us with addi­tio­nal data for us to com­ply with said obli­ga­tions.

We only col­lect Per­so­nal Data that is neces­sa­ry to inform you about our pro­ducts and ser­vices, to exe­cute agree­ments with you, and to contact you.

The legal grounds for the pro­ces­sing of your Per­so­nal Data are the exe­cu­tion of an agree­ment, a legal obli­ga­tion, our legi­ti­mate inter­est, and, in some cases, your consent (Article 2).

The pro­ces­sing of your Per­so­nal Data is sub­ject to this pri­va­cy sta­te­ment. In case you have ques­tions or remarks, please contact privacy@​bmileisure.​com.

By pro­vi­ding Per­so­nal Data you are dee­med to have ack­now­led­ged the use of your Per­so­nal Data in accor­dance with this pri­va­cy sta­te­ment.

Article 1 – Defi­ni­tions

Affi­lia­ted Com­pa­ny” means a com­pa­ny which BMI Lei­sure is affi­lia­ted, pro­vi­ded that such com­pa­ny meets the condi­tions for an affi­lia­ted com­pa­ny” as set out in Article 11 of the Bel­gian Com­pa­ny Code.

Control­ler” has the mea­ning as defi­ned in the Gene­ral Data Pro­tec­tion Regu­la­tion 2016/679. BMI Lei­sure will be qua­li­fied as the Control­ler, which deter­mines the pur­poses and means of the pro­ces­sing of Per­so­nal Data.

Per­so­nal Data” has the mea­ning as defi­ned in the Gene­ral Data Pro­tec­tion Regu­la­tion 2016/679, which is any infor­ma­tion rela­ting to an iden­ti­fied or iden­ti­fiable natu­ral per­son (also cal­led the data sub­ject”).

Pro­ces­sor” has the mea­ning as defi­ned in the Gene­ral Data Pro­tec­tion Regu­la­tion 2016/679, which pro­cesses Per­so­nal Data on behalf of the Control­ler.

BMI Lei­sure” is the tra­de­name of Busi­ness & Mar­ke­ting Impro­ve­ment NV, a com­pa­ny with a regis­te­red office situa­ted at 2440 Geel, Mol­se­weg 160, regis­te­red in the Bel­gian Cross­road Bank for Enter­prises with num­ber 0562.755.594.

Web­site” means the web­site www​.bmi​lei​sure​.com.

Article 2 – Pur­poses and legal grounds

Client data

In the fra­me­work of our ser­vices and com­mer­cial acti­vi­ties we col­lect and pro­cess iden­ti­ty and contact data of our clients, their per­son­nel, col­la­bo­ra­tors, asso­ciates, and any use­ful contacts. The pur­poses of this pro­ces­sing are the exe­cu­tion of the agree­ments with our clients, cus­to­mer care, book­kee­ping, and direct mar­ke­ting pur­poses such as the sen­ding of pro­mo­tio­nal or com­mer­cial infor­ma­tion. The legal grounds are the exe­cu­tion of an agree­ment, the ful­fillment of legal and regu­la­to­ry obli­ga­tions, our legi­ti­mate inter­est, and, in some cases, your consent.

Sup­plier and sub­con­trac­tor data

We col­lect and pro­cess the iden­ti­ty and contact data of our sup­pliers and sub­con­trac­tors, their sub­con­trac­tors, their per­son­nel, col­la­bo­ra­tors, asso­ciates, and any use­ful contacts. The pur­poses of this pro­ces­sing are the exe­cu­tion of the agreement(s), supplier/​subcontractor care, book­kee­ping, and direct mar­ke­ting pur­poses such as the sen­ding of pro­mo­tio­nal or com­mer­cial infor­ma­tion. The legal grounds are the exe­cu­tion of an agree­ment, the ful­fillment of legal and regu­la­to­ry obli­ga­tions, and/​or our legi­ti­mate inter­est (for direct mar­ke­ting).

Per­son­nel data

We pro­cess the Per­so­nal Data of our employees in rela­tion to our per­son­nel and our staf­fing ser­vices and our sala­ry admi­nis­tra­tion ser­vices.

Other data

Besides client, supplier/​subcontractor, and per­son­nel data, we pro­cess the Per­so­nal Data of other people, such as poten­tial new clients/​prospects, use­ful contacts within our sec­tor, net­wor­king contacts, etc.

These data are col­lec­ted through our Web­site or through other chan­nels. The pur­poses of pro­ces­sing are in the inter­est of our com­mer­cial acti­vi­ty, direct mar­ke­ting, and public rela­tions. The legal ground is our legi­ti­mate inter­est and, in some cases, the exe­cu­tion of an agree­ment or your consent.

More spe­ci­fi­cal­ly, we can use the Per­so­nal Data we col­lect from you for the fol­lo­wing pur­poses:

(i) to pro­vide you with infor­ma­tion about our pro­ducts and ser­vices;
(ii) to pro­vide you with our pro­ducts and ser­vices and to exe­cute an agreement(s) with you;
(iii) to ins­pect and pro­cess poten­tial com­plaints or requests;
(iv) to help us eva­luate, cor­rect, or improve our Web­site and all rela­ted pro­ducts and ser­vices of BMI Lei­sure;
(v) for direct mar­ke­ting pur­poses;
(vi) for inter­nal rea­sons, such as cor­po­rate admi­nis­tra­tion and archi­ving pur­poses.
In the course of pro­vi­ding our ser­vices to you, in some cases, we might ana­lyze your infor­ma­tion to build indi­vi­dual pro­files.

The aim is to pro­vide you with per­so­na­li­zed ser­vices that are rele­vant and inter­es­ting for you. The pro­fi­ling is based on your Per­so­nal Data but is not used for auto­ma­ted indi­vi­dual deci­sion making which pro­duces legal effects or has simi­lar­ly signi­fi­cant effects on you. By using your data to dis­co­ver your inter­ests, we can offer you an opti­mal ser­vice and expe­rience.

Article 3 – The Confi­den­tia­li­ty of your per­so­nal data

Eve­ry time you as a user sub­mit Per­so­nal Data, we shall handle this infor­ma­tion in accor­dance with the sti­pu­la­tions of this pri­va­cy sta­te­ment and any legal obli­ga­tions appli­cable to the pro­ces­sing of Per­so­nal Data, inclu­ding the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR) 2016/679.

We shall esta­blish appro­priate mea­sures and pro­ce­dures to secure and pro­tect the Per­so­nal Data we col­lect via the Web­site or via elec­tro­nic cor­res­pon­dence.

In this way, we under­take to prevent, as far as pos­sible, ille­gal pro­ces­sing of Per­so­nal Data and unin­ten­tio­nal loss or liqui­da­tion of your Per­so­nal Data. Howe­ver, des­pite these pre­cau­tions, we can­not gua­ran­tee that your Per­so­nal Data is pro­tec­ted when it gets dis­played or repor­ted via unse­cu­red means in ano­ther way other than via the Web­site or other­wise com­mu­ni­ca­ted.

We opti­mize the secu­ri­ty of your Per­so­nal Data by limi­ting the access to your Per­so­nal Data to per­sons on a need-to-know” basis (for example only BMI Lei­sure employees or asso­ciates who need your Per­so­nal Data for the pur­poses as des­cri­bed in Article 2 will have access to the data).

Article 4 – How do we col­lect your per­so­nal data and how long is it kept?

BMI Lei­sure col­lects your Per­so­nal Data:

(i) when you sub­mit Per­so­nal Data via the Web­site;
(ii) When you sub­scribe to our news­let­ter;
(iii) when you enter into an (employ­ment) agree­ment with us;
(iv) when you call or mail us or cor­res­pond with us via ano­ther way than the Web­site
We can com­bine the Per­so­nal Data we col­lect via the Web­site with infor­ma­tion that you pro­vide us in ano­ther way or which third par­ties deli­ver to us.

Per­so­nal Data will be kept and pro­ces­sed by us for the dura­tion that is requi­red in rela­tion to the pur­poses of the pro­ces­sing depen­ding on whe­ther we have a contrac­tual rela­tion­ship with you or not.

Client data and sup­plier or sub­con­trac­tor data will be remo­ved from our sys­tems after 7 years after the ter­mi­na­tion of the agree­ment invol­ved, except for the Per­so­nal Data that we have to store for a lon­ger dura­tion based on spe­ci­fic legal obli­ga­tions or in case of pen­ding litigation(s).

Data col­lec­ted through the Web­site or through any other chan­nel (other data) will not be kept lon­ger than 5 years after the last use­ful contact bet­ween us and you.

Per­son­nel data will be remo­ved after 5 years after the ter­mi­na­tion of the employ­ment rela­tion.

We avoid the col­lec­tion of Per­so­nal Data that is not rele­vant for the pur­poses as set out in Article 2.

Article 5 – Trans­fer for per­so­nal data

We will not trans­fer your Per­so­nal Data to third par­ties out­side the Euro­pean Eco­no­mic Area, except to sub­con­trac­tors or employees who retain the Per­so­nal Data on ser­vers in the Uni­ted States, have under­ta­ken to do so under the Pri­va­cy Shield or in accor­dance with the Euro­pean Com­mis­sion’s Stan­dard Contract Terms and the­re­by pro­vide an ade­quate level of secu­ri­ty for the pro­ces­sing of Per­so­nal Data.

Fur­ther­more, we will not trans­fer your Per­so­nal Data to third par­ties inside the Euro­pean Eco­no­mic Area without your per­mis­sion, except:

(i) to Affi­lia­ted Com­pa­nies;
(ii) when these data are neces­sa­ry to per­mit employees, agents, sub­con­trac­tors, sup­pliers, or com­mer­cial part­ners to pro­vide a ser­vice or accom­plish a task in the name of BMI Lei­sure, inclu­ding but not limi­ted to pro­vi­ding mar­ke­ting sup­port, accom­plish mar­ket research, or pro­vi­ding user ser­vices;
(iii) if it is requi­red or per­mit­ted by the appli­cable law.
Any trans­fer of Per­so­nal Data to one of the third par­ties men­tio­ned in the list above is in accor­dance with the sti­pu­la­tions of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR) 2016/679.

We ensure that mea­sures are taken to make sure that third par­ties can­not use your Per­so­nal Data for other pur­poses than the pur­poses men­tio­ned exhaus­ti­ve­ly in Article 2 and that these third par­ties have taken the neces­sa­ry tech­ni­cal and orga­ni­za­tio­nal mea­sures to pro­tect these data.

We will have data pro­ces­sing agree­ments in place with the afo­re­men­tio­ned third par­ties in order to ensure the secu­ri­ty of the Per­so­nal Data.

We shall take all neces­sa­ry pre­cau­tio­na­ry mea­sures to assure that our employees and asso­ciates who have access to Per­so­nal Data will pro­cess these Per­so­nal Data exclu­si­ve­ly in accor­dance with this pri­va­cy sta­te­ment and the obli­ga­tions under the appli­cable pri­va­cy regu­la­tions.

Article 6 – Rights of the data sub­ject

By vir­tue of both Bel­gian and Euro­pean legis­la­tion concer­ning data pro­tec­tion, you have the rights as men­tio­ned below. If you want to exer­cise these rights, you have to send us a writ­ten request and pro­vide a copy of your ID card to privacy@​bmileisure.​com.

We will pro­vide you with infor­ma­tion within one (1) month of receipt of the request on the action that will be taken. We can extend this one-month per­iod to a maxi­mum of three (3) months, in which case you will be infor­med about the rea­sons for such delay within one (1) month of the ori­gi­nal request.

The right of access to Per­so­nal DataYou have the right to ins­truct us to pro­vide you with any Per­so­nal Data we hold about you, pro­vi­ding the rights of other data sub­jects are not affec­ted.

The right to rec­ti­fi­ca­tion of Per­so­nal DataWe kind­ly ask you to help to make sure that the Per­so­nal Data in our records are as accu­rate and up-to-date as pos­sible. If you believe that the Per­so­nal Data sub­mit­ted to us are incor­rect or incom­plete, please noti­fy us as des­cri­bed above. We will cor­rect or adapt your Per­so­nal Data as soon as pos­sible.

The right to the era­sure of Per­so­nal DataIn some cir­cum­stances, you have the right to the era­sure of your Per­so­nal Data without undue delay. Those cir­cum­stances include:

(i) the unne­ces­si­ty to hold the Per­so­nal Data any lon­ger in rela­tion to the pur­poses for which they were col­lec­ted or other­wise pro­ces­sed;
(ii) the with­dra­wing of the consent to consent-based pro­ces­sing;
(iii) the pro­ces­sing that is for direct mar­ke­ting pur­poses; and
(iv) in case the Per­so­nal Data has been unlaw­ful­ly pro­ces­sed.
Howe­ver, there are cer­tain gene­ral exclu­sions of the right to era­sure. Those gene­ral exclu­sions include where pro­ces­sing is neces­sa­ry:

(i) for exer­ci­sing the right of free­dom of expres­sion and infor­ma­tion;
(ii) for com­pliance with a legal obli­ga­tion; or
(iii) for the esta­blish­ment, exer­cise, or defense of legal claims.
The right to res­trict the pro­ces­sing of Per­so­nal DataIn the fol­lo­wing cir­cum­stances you have the right to res­trict the pro­ces­sing of your Per­so­nal Data:

(i) for contes­ting the accu­ra­cy of the Per­so­nal Data;
(ii) when the pro­cess is unlaw­ful but you don’t want the Per­so­nal Data to be era­sed; or
(iii) when you objec­ted to pro­ces­sing, pen­ding the veri­fi­ca­tion of that objec­tion.
Where pro­ces­sing has been res­tric­ted on this basis, we may conti­nue to store your Per­so­nal Data. Howe­ver, we will only pro­cess it with your expli­cit consent, for the esta­blish­ment, exer­cise, or defense of legal claims, for the pro­tec­tion of the rights of ano­ther natu­ral or legal per­son, or for rea­sons of impor­tant public inter­est.

The right to objec­tYou have the right to object to our pro­ces­sing of your Per­so­nal Data.

The right to data por­ta­bi­li­tyIf you wish to exer­cise your right to data por­ta­bi­li­ty, we will send the Per­so­nal Data in a struc­tu­red, com­mon­ly used, and machine-rea­dable for­mat to a control­ler of your choice.

The right to with­draw consent­To the extent that the legal basis for our pro­ces­sing of your Per­so­nal Data is consent, you have the right to with­draw that consent at any time. Howe­ver, the with­dra­wal will not affect the law­ful­ness of pro­ces­sing before the with­dra­wal.

The right to com­plain to a super­vi­so­ry autho­ri­tyYou can file a com­plaint with the Data Pro­tec­tion Autho­ri­ty (“Gege­vens­bes­cher­ming­sau­to­ri­teit”) by sen­ding an e‑mail to contact@​apd-​gba.​be or by sen­ding a writ­ten request to the Data Pro­tec­tion Autho­ri­ty with a regis­te­red address loca­ted at 1000 Brus­sels, Druk­perss­traat 35.

Article 7 – Third-par­ty link

The Web­site may contain links to web­sites of third par­ties which are not control­led by us. Although we will do our utmost to make sure that the links on the Web­site lead exclu­si­ve­ly to web­sites that share the safe­ty and confi­den­tia­li­ty stan­dards of BMI Lei­sure, we are not res­pon­sible for the pro­tec­tion and confi­den­tia­li­ty of data, among Per­so­nal Data that you sub­mit on other web­sites after you have left the Web­site.

Before sub­mit­ting Per­so­nal Data we recom­mend that you pro­ceed care­ful­ly and consult the pri­va­cy sta­te­ment which applies on the web­site concer­ned.