Every lawyer within the law firm of VDE LEGAL and every individual working at avenue de la Toison d’Or, 77 in 1060 Brussels (hereinafter, the firm), is committed to protecting your personal data (hereinafter, the data) and undertakes to respect the laws and regulations in force in Belgium relating to personal data protection, including the 2016/679 General Data Protection Regulation (hereinafter, GDPR).

The firm notifies you that your personal data will be used in accordance with this data protection statement, confirming the application of all regulatory and legal provisions in force in Belgium relating to the protection of personal data and to the protection of privacy.

The firm ensures a sufficient technical and organizational security level for your data, in order to protect you from any data breach, including the loss, destruction, public disclosure, unauthorized access or misuse thereof.

If you have discovered or suspect the existence of a data breach, kindly bring this to our attention immediately, for it to be terminated and for any problems concerning this issue be settled without delay.

In this ongoing concern for data protection, the firm remains available for any questions or comments regarding this topic.

This statement is addressed to individuals who come into contact with the firm, namely those individuals who:

  1. browse on our website;
  2. request information relating to the firm’s services;
  3. are customers of the firm (including those under a court order, etc.);
  4. work for the firm’s customers or with their suppliers;
  5. are involved with the files managed by the firm.


The firm collects data processed by different channels, whether directly from yourself, from a judicial or administrative authority, a party involved in legal proceedings (such as the opposition), or an insurance company involved in defending your interests (professional liability, household liability, legal protection, etc.)

Some data can also be validly collected if already disclosed publicly, or if you yourself have made it publicly accessible on public/social media in particular (such as LinkedIn, Facebook, etc.);

As such, the following data categories may be processed:

identification data: first and last name, home address, email address, telephone number, gender, date and place of birth, marital status, nationality, ID photograph, ID card;

medical data: medical history, illness, disability, etc.;

banking data: account number, account statements, tax certificate (notice of assessment) and composition of household, or any document attesting to the financial position;

family data;

data relating to criminal convictions and offences

data relating to the litigation/file (including court or criminal file) entrusted to the firm, which may involve special data categories, depending on the file type.


The firm processes your data, in a lawful, fair and transparent manner, for the following legitimate purposes:

  1. in the context of defending your interests, or those of the individual or body with which you are involved;
  2. in the context of meeting the firm’s pre-contractual or contractual obligations towards you or towards the individual or body with which you are involved;
  3. to prevent and check for any conflict of interest;
  4. for billing purposes;
  5. in the context of a dispute brought against you, to ensure the defence by the firm;
  6. to send you newsletters and any information relating to the firm’s activities;



Depending on the intended purpose, the firm processes your data on the basis of:

  1. legal obligations incumbent on it in the context of its activities:

the law requires it or the processing of certain personal data or authorizes this, among other things, for the firm’s task of defending your interests, or for its accounting obligations, etc.

  1. its pre-contractual or contractual obligations to you;
  2. the legitimate interest of the firm and of those it assists, when it has to retain or disclose your data in order to bring, conduct or support a possible legal action, but also to notify you of its activities and functioning;
  3. your specific consent, in special cases.


1. Any sharing of data occurs within the confines of professional secrecy, ethical rules and this document, confirming the application of and compliance with the legal and regulatory rules in force

  1. The data is accessible to individual members of the practice team, to any colleague acting as a co-worker or specialized attorney or any technical counsel, strictly to the extent necessary for the performance of the firm’s obligations.
  2. The firm may transmit your data to the judicial or administrative authorities, or court officers, in the context of defending your interests, to the extent necessary for this;
  3. The firm may transmit your data to the opposing parties in the context of defending your interests, to the extent necessary for this;
  4. If applicable, the firm may transmit your data to banking or insurance bodies in the context of defending your interests, including “legal defence” insurance, to the extent strictly necessary;
  5. The firm may have to transmit the personal data collected to the authorities or bodies established by any applicable legal or regulatory provisions;
  6. The firm may also share certain information with its contractors, known as “sub-contractors” within the meaning of the legislation, to the extent strictly necessary for the operation of the applications or management systems, whether computerized or not, to which the firm has subscribed. The list of subcontractors, their field of activity, the objective pursued and the country in which the data is processed and stored, if applicable, are available upon request.
  7. The firm may share your data with the Bar having jurisdiction over the Legal Aid Office (BAJ) consulted by you.HOW LONG DOES THE FIRM RETAIN YOUR DATA?

    1. The firm does not keep the data beyond the 10-year period required to meet its legal or contractual obligations (tax requirements, professional liability, Law of 18 September 2017 on the prevention of money laundering and terrorism financing and limiting the use of cash, etc.).

This period begins at the end of the relationship between you and the firm.

It may be extended, if this should prove necessary for the work of the firm and the defence of the customer (medical reserve, etc.).

  1. In case of litigation, the data is retained even beyond the deadlines mentioned above, for legal defence purposes.

In this case, the retention of relevant data may be extended to the extent necessary for litigation management, until the end thereof.

  1. The firm retains the identification data needed to prevent any conflict of interest in connection with its activities.DOES THE FIRM TRANSFER YOUR DATA OUTSIDE THE EUROPEAN UNION?

    Data transfers to countries outside the EU will only be authorized if the European Commission has recognized an adequate protection level, equivalent to that provided by European law, for the country receiving the transfer. Personal data may not be transferred until after this basis and legal reality have been recognized and proven.

In any event, any transfer of your data outside the EU should be covered by an adequate measure granting a protection level equivalent to that provided by European legislation, such as the Commission’s standard clauses or consent.


Under the regulation, unless a legal provision in force in Belgium, including the GDPR, does not allow it, or unless professional secrecy is against it, you have the following rights and possible remedies in relation to the processing of your personal data by the firm:

  • the right of access to your data, at reasonable intervals, including the right to know whether the firm is processing your data;
  • the right to receive a copy of your data being processed, at reasonable intervals, unless this violates the rights and freedoms of others;
  • the right to have a copy of the processed data;
  • the right to correct processed data;
  • the right to object to processed data;
  • the right to limit the processing of processed data;
  • the right to have processed data deleted;
  • the right to processed data portability;
  • the right to lodge a complaint with the relevant national Data Protection Authority.

Data Protection Authority (DPA)

rue de la Presse, 35, 1000 Brussels
tel.: +32 (0)2 274 48 00 fax: +32 (0)2 274 48 35 email:

You can exercise your rights by contacting the firm at the following email address: or, by post, to the firm’s address.


The firm uses “cookies” on its website(s), i.e. a code in the form of a file that can be stored on your computer. During any subsequent visit to the site, these cookies can then be recognized. They help the firm to improve the site, to make navigation easier, to offer targeted advertising or also to analyse its audience.
To learn more about the firm’s cookies policy, you can visit our website, under the “Cookies Policy” tab.
You can then agree to all or some cookies.


The firm may make corrections, additions or changes to this data protection and privacy statement for various reasons, at any time. The most current version can always be viewed on our website.