L.Inc BV is a law firm. As part of our activities, we process personal data within the meaning of the General Data Protection Regulation (hereinafter: GDPR). Through this document, we wish to inform you about personal data that are processed and the rights you have regarding this processing.
1. Data Controller contact details
The controller of personal data is L.Inc BV. You can reach us at the address below, by email, phone or fax:
Museumstraat 31-33
2000 Antwerp
tel. +32 (0)3 302 47 47
email info@linc.legal
2. Purposes for which personal data is collected
We collect personal data for the following purposes: our activities as lawyers (including assistance concerning proceedings in and out of court and legal advice), personnel administration and management, invoicing and accounting, client and supplier management, publicity purposes (including events and seminars for clients, newsletter and networking activities), security, cooperation with other lawyers and with various service providers, recruitment and selection, knowledge building and management.
3. Legal basis for processing
We only process personal data when the processing thereof is supported by a legal basis, namely: when the data subject has given consent, when processing data is necessary for the provision of our services, when processing is necessary to comply with a legal obligation, when processing is necessary as part of a public interest matter, or to protect the vital interests of the data subject.
The personal data of those who are in a contractual relationship with us (including clients, staff, service providers, etc.) are processed because it is necessary for the performance of this agreement. Communicating personal data may be a necessary condition for entering into a contract. Failure to provide them may prevent or limit the provision of our services.
The personal data of third parties are processed if such processing is necessary for the performance of a public interest matter (assistance of lawyers in and out of court) on the one hand and for the defence of the legitimate interests of our clients on the other. These legitimate interests exist in the performance of our services as a law firm for the client in question.
The personal data of recipients of our newsletter are processed on the basis of the consent given, which can be withdrawn at any time by unsubscribing via the link mentioned at the bottom of the newsletter or by contacting us at info@linc.legal. Subscribing to our newsletter implies consent with the processing of personal data provided to us in the process.
Special categories of personal data (relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual behaviour or sexual orientation) will only be processed if the data subject has given his/her explicit consent, the processing is necessary for the establishment, exercise or substantiation of legal claims, or in one of the other conditions set out in the GDPR.
4. Categories of personal data collected
The following categories of personal data may be collected: name, address (analogue and digital), telecommunications data, accounting data including account number and financial information, gender, age, national registration number, VAT and/or company number, information relating to employment status, social security status and related information, payroll data, data relating to civil, administrative and criminal proceedings, including convictions and criminal offences, health data (for the purpose of legal assistance in and outside proceedings), family status, marital status, images, video and sound recordings.
5. Recipients or categories of recipients of personal data
The categories of recipients of personal data are the following: judicial authorities, government departments, companies and individuals (clients, counterparties and third parties), lawyers, bailiffs, notaries, experts, IT service providers, communication agencies, translators, social secretariat, external prevention service and other service providers of the firm.
As lawyers, we are bound by the professional secrecy provided for in the Criminal Code and prescribed by the deontology when handling personal data.
Data may be processed by us in a country outside the European Economic Area only to the extent it is strictly necessary in the context of providing services as a lawyer in the file to which the data in question relates.
6. Your rights as a data subject in the processing of personal data
You have -subject to our professional secrecy- the right to request information about the personal data we keep about you at any time.
You can amend incorrect data and complete incomplete data.
You have the right to ask us to delete your personal data, except when the processing thereof is necessary for exercising the right to freedom of expression and information, for complying with a legal processing obligation or a public-interest task incumbent on us, or for the establishment, exercise or defence of legal claims.
You have the right to request that we restrict the processing of your personal data in the following cases: if you believe that your personal data are inaccurate, if in your opinion there is no legitimate interest for the processing of your personal data, if we no longer need the data but you need it for the establishment, exercise, or substantiation of a legal claim, and if you object to the processing of your personal data on the grounds that the processing by the controller was improperly based on the necessity for the performance of a task of public interest, or the defence of our legitimate interests or those of a third party.
You may ask for your personal data to be transferred to yourself or a third party. The GDPR provides for some restrictions on this right.
You have the right to object to the processing of your personal data on the grounds that the processing by the data controller was improperly based on the necessity for the performance of an act carried out in the public interest, or the protection of our legitimate interests or those of a third party, and in the case of direct marketing.
You may exercise all these rights by contacting us using the contact details provided in Title 1. We must be able to verify your identity based on your message so that another person cannot exercise your rights. We will deal with your complaint as soon as possible. You can also contact us with questions or comments on your personal data or our privacy policy.
7. Data breach
In the event of a personal data breach, we will notify the supervisory authority mentioned in Title 9 no later than 72 hours after becoming aware of it. The notification will include all data required under the GDPR. All breaches, their consequences and corrective actions taken are documented by us. If the breach is likely to pose a high risk to your rights and freedoms, you will be informed without delay.
8. Retention period
Your personal data will be retained for 10 years from the date of closure of the last file to which the personal data relate, in view of liability periods, retention periods of accounting documents and in the interest of clients. Personal data not related to a file handled by a lawyer will be kept as long as necessary to carry out the activities mentioned in this policy.
9. Supervisory authority
Any complaints can be lodged with the Data Protection Authority, Rue du Printing Press 35, 1000 Brussels, www.privacycommission.be.