Help?

Introduction

Brussels Expo (hereinafter referred to as « we » or « us ») aims at encouraging and developping a centre for meetings and exchanges with a view to promoting economic, commercial, industrial, scientific, cultural and leisure activities, in particular through the territory and the various buildings granted to us by the City of Brussels. To this end, we develop all useful or necessary activities, in particular all services relating, directly or indirectly, to the organisation of fairs, congresses, symposia, exhibitions, concerts, festivals and other events. This includes processing the personal data of natural persons involved in our relations with other companies.

We treat the personal data of all these people with the utmost respect for their rights and freedoms.

The purpose of this policy is to inform you about the way in which we collect, process and store this data in the context of our relationship with the company for which or with which you work. We also want you to be aware of your rights in this respect. We therefore invite you to read this policy carefully.

If you have any questions about the content of our policy or to exercise any of your rights concerning your personal data, please contact us at privacy@brussels-expo.com.

Purpose of this policy

This policy applies to our business-to-business (BtoB) activity and more specifically to personal data collected in this context. This activity covers three specific situations:

  • (Pre)contractual relationship: the entity for which or with which you work collaborates with us or is our partner;
  • Accreditation: you must be accredited to access our sites and an application must be made to us to this effect;
  • BtoB marketing: you receive advertising about our activities in your capacity as a contact person/representative of a partner company.

What is the legal framework in this area?

The current legal framework for the protection of personal data consists of the provisions of the Law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data and those of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27/04/2016 commonly known as the « General Data Protection Regulation » (hereinafter « GDPR« ).

In accordance with this legal framework, you will find below information on the processing operations we carry out as part of our activities.

What are our personal data protection principles?

We attach great importance to the personal data of the people concerned and to their privacy. Trust in our relationships is paramount. We process personal data lawfully, transparently, fairly and with accountability. We make every effort to adopt appropriate organisational and technical measures to protect data. Finally, we endeavour to collect as little data as possible about you in order to fulfil our purposes.

What concepts will help you understand this policy?

  • Data subject: any natural person who can be identified or identifiable. This is the person whose personal data we process and collect. In this case, it is you.
  • Personal data: any information relating to a data subject. This definition is broad, since data is considered personal if it can be used to identify a natural person directly (surname, first name, photo, etc.) or indirectly (e-mail address, customer number, employee number, etc.). When we refer to « data » in this policy, we mean personal data.
  • Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means. Here again, the definition is broad. Any manipulation of personal data constitutes processing: collection, consultation, storage, transmission, modification, deletion, etc.
  • Data controller: in this case, this is the legal entity that determines the purposes and means of the processing of your personal data and decides why your data is collected and processed. It is also the person who will be held responsible for compliance with current data protection standards. In this case, this is us, Brussels Expo (see point 6).
  • Processor: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. The processor does not decide why a processing operation is carried out, but carries it out on behalf of the controller.

Who is responsible for processing your personal data?

Personal data is processed by the ASBL Parc des Expositions de Bruxelles, abbreviated « Brussels Expo », (« we » or « us ») which has its registered office at B-1020 Brussels, Place de Belgique 1, registered with the Crossroads Bank for Entreprises under number 406.655.573.

What data do we collect and how?

The data we collect and process is that which you voluntarily provide to us or to one of our processors.

We collect your personal data as part of our business-to-business activity in one of the following ways:

By communicating personal data to us by one of these means or by any other means, you undertake to provide us with true and correct information about yourself.

Depending on the case, the data we collect may include the following:

  • contact details (surname, first name, business e-mail address, telephone number, date of birth, place of birth, national register number or NISS number, number plate);
  • the name of the company you work for or represent and your position within it;
  • handwritten signature ;
  • your questions/comments/communications ;
  • your questions, any complaints you may have and any information you send us if we communicate with you, particularly by e-mail;
  • the personal information you choose to give us in order to improve your experience, particularly in the context of satisfaction surveys or voluntary customer feedback.

Why do we process your data?

The personal data you provide to Brussels Expo may be processed for the purposes listed below:

    • a) Managing the (pre-)contractual relationship and all that it entails

We process your data in the context of pre-contractual and contractual relationships, including, but not limited to:

  • respond to your requests for pre-contractual measures formulated for the company for which or with which you work or which you represent (e.g.: request for information or offers);
  • carry out contracts concluded with the company you work for or with;
  • communicate within the framework of requests for pre-contractual measures and contracts concluded, in particular because you are a contact person of the entity that collaborates with us or is our partner.
    • b) Managing accreditation applications

We process your data in connection with accreditation applications made via the dedicated platform or outside this platform.

To this end, we process your personal data to create a file on the said platform and issue an access badge or a Carpass.

    • c) Promoting our services

The processing of your data enables us to communicate with the company you work for or with, in order to inform it about any new services, send out our newsletters, promotions and offers.

We also promote our activities to enable our partners to attend and take advantage of events organised on our sites, in particular with a view to strengthening their relationships with their own customers, prospects, partners or employees.

    • d) Managing claims

The processing of your personal data enables us to manage any potential claims you may have on behalf of the company you work for or with.

    • e) Protecting our legal rights

We may need to process your data in order to assert or defend our legal rights.

    • f) Ensuring security

We may process your personal data in order to ensure the security of our sites, events, IT security, etc.

We may also be bound by security obligations requiring us to comply with internal procedures designed to ensure the security of sites and events.

    • g) Complying with applicable legislation

We may process your personal data for the purposes of risk assessment, compliance with regulations, investigation (e.g. administrative, tax, judicial, etc.), research, analysis (security of premises, access to sites, IT security, etc.) and assistance.

As explained in more detail below (point 12 « What are your rights »), protecting your personal data is important to us. We therefore also process your data to enable you to exercise your rights in relation to us.

What is the basis for the processing and how long is your data stored ?

Brussels Expo ensures that your data is processed lawfully in accordance with Article 6 of the GDPR.

Your personal data will be kept for as long as is necessary to achieve the purposes for which it is to be used, and in any event until the expiry of the statutory retention periods, particularly in tax and accounting matters, and until the end of the limitation period for contractual liability.

Your data will be deleted when :

  • they will no longer be necessary for the intended purpose; or
  • you have validly exercised your right to erasure; or
  • you have withdrawn your consent, where the processing is based on the lawfulness of that consent.

We set out below certain specific bases and the data retention periods in relation to these bases.

    • a) Managing the (pre-)contractual relationship and all that it entails

The processing of personal data is necessary for the proper performance of the contract to which the company you work for or with is a party or the processing is necessary for the performance of pre-contractual measures taken at your request for the company you work for or with (e.g. request for pre-contractual information).

Certain data is stored for the duration of the pre-contractual and/or contractual relationship and at the latest until the end of the contract, without prejudice however to other grounds which would allow us or oblige us to store the data concerned for a longer period, in particular legal limitation periods in tax and accounting matters.

    • b) Managing accreditation applications

With regard to the processing of accreditations, in addition to the proper performance of the contract or the performance of pre-contractual measures, we also have a legal obligation in terms of security requiring us to comply with internal procedures aimed at improving the security of sites and events.

In addition, ensuring the security of our sites, our events and our IT systems is based on our legitimate interests.

Given that our business and our mission are to develop a hub for meetings and exchanges, we want to ensure the highest level of security so that you have the best possible experience.

Your data will be kept for 6 months after the expiry of your last accreditation.

    • c) Promoting our services

The processing of data in the context of direct marketing to partner companies is based on your consent where such processing concerns your e-mail address, in accordance with Article 13.1 of Directive 2002/58 on privacy and electronic communications.

Your data collected on this basis will be stored for as long as you do not withdraw your consent.

This processing is also based on our legitimate interests when we send you promotional messages by e-mail in the context of Article 13.2 of Directive 2002/58 on privacy and electronic communications.

In view of our activity and our mission, which are aimed at developing the sites entrusted to us, in particular by organising events on these sites, we are led to promote our activities to other companies, including the one you work for or with. The aim is to enable these companies to take advantage of the events organised on our sites in order to strengthen their relationships with their own customers, prospects, partners or employees and to be able to invite them to these events.

However, you may object to your data being processed on this basis.

Your data on this basis will be stored for as long as you do not object to it being processed.

    • d) Managing claims

The processing of your data in the event of a claim may be necessary for the performance of a contract to which the company you work for or with is a party or may be necessary for the performance of pre-contractual measures taken at your request for the company you work for or with.

The data is stored for the duration of the pre-contractual and/or contractual relationship with the company you work for or with and until you no longer work for the partner company (provided we have been informed by the company you work for or with ).

Apart from the two aforementioned cases, the processing of your data in the event of a claim is based on the legitimate interests of Brussels Expo, which consist of being able to give the best possible response to the said claim and prevent it from recurring. This may include taking appropriate actions against those within Brussels Expo who may have made a mistake, improving internal procedures and generally improving its service. You may, however, object to your data being processed on this basis.

The data used for the purposes mentioned in the previous paragraph is stored until the end of the limitation period for civil liability.

    • e) Protecting our legal rights

We may, on the basis of our legitimate interest, process your data where such processing is necessary for the establishment, exercise or defence of legal claims, including administrative claims.

The data processed in this context is stored for the time necessary to ensure the final outcome of the dispute and in compliance with legal obligations, in particular with regard to archiving and accounting, which may require a longer period for all or part of the data stored.

    • f) Ensuring security

We process your data to ensure compliance with applicable security laws.

Your personal data is stored for as long as is necessary to achieve this purpose and in any event until the expiry of the statutory limitation periods.

We also have a legitimate interest in processing your data to ensure security, which consists of being able to provide you with a secure environment on our sites for your events, and to protect your data on our computer network.

However, you may object to your data being processed on this basis. Please note that even in this case, in balancing your interests against our interests, our interests or fundamental rights and freedoms may prevail and justify us processing your data on the basis of our legitimate interests despite your objection.

Your personal data will be stored for as long as is necessary for this purpose.

    • g) Compling with applicable legislation

We process your data to ensure compliance with applicable laws, such as accounting or tax laws.

Taking account of and protecting your personal data is also a legal obligation, based in particular on the GDPR.

Your personal data will be stored for as long as is necessary to achieve this purpose, and in any event until the statutory limitation periods have expired.

How do we protect your data?

We have put in place the organisational, technical and physical measures, which are necessary and proportionate to the risks of infringement of your rights and freedoms, in order to protect your personal data as far as possible against unauthorised access, loss, destruction or alteration.

Our security measures are regularly assessed and adapted to ensure a high level of protection at all times.

We have put in place internal access control procedures to limit access to your data to only those persons whose involvement is necessary to achieve the purpose of the processing.

Who has access to your data?

We undertake not to pass on your personal data to third parties other than for the purposes set out in point 8. In this respect, we may pass on your data to our subsidiaries, subcontractors, the police or our direct partners whose involvement is necessary for the purposes set out above.

Where necessary for these purposes, Brussels Expo may communicate your data to the following third parties:

  • banking institutions;
  • tax and social security authorities ;
  • our lawyers in the event of litigation, tax advisers or any other person bound by confidentiality ;
  • our service providers, such as those responsible for cleaning the sites during your events or for the security of the sites during your events;
  • administrative, criminal and judicial authorities ;
  • the statutory auditors.

Your personal data will always be shared with the utmost confidentiality.

What are your rights?

We make every effort to ensure that your rights with regard to your personal data are respected.

To this end, under the conditions defined by the applicable regulations, and in particular the GDPR, you have the following rights:

  • the right to withdraw your consent at any time in relation to the parts of the processing carried out by Brussels Expo based on that consent (right to withdraw consent);
  • the right to obtain from Brussels Expo confirmation as to whether or not personal data relating to you are being processed and, where they are, access to the said personal data as well as several items of information about the processing (purposes of the processing, categories of personal data concerned, recipients or categories of recipients to whom the personal data have been or will be disclosed, the intended period of storage of the personal data or, where this is not possible, the criteria used to determine this period, etc.) (right of information and right of access);
  • the right to obtain from Brussels Expo, as soon as possible, the rectification of personal data concerning you which is inaccurate or incomplete (right of rectification);
  • the right to obtain from Brussels Expo the erasure, as soon as possible, of personal data concerning you where this is provided for by the applicable legislation indicated in point 3 (right to erasure) ;
  • the right to obtain from Brussels Expo the limitation of the processing of your data to simple storage where this is provided for by the applicable legislation indicated in point 3 (right to limit processing);
  • where the processing of your personal data is based on your consent or on a contract and is carried out using automated processes, the right to ask to receive this data in a structured, commonly used and machine-readable format. You may also request that this data be communicated to another data controller (right to portability);
  • the right not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or which significantly affects you in a similar way (right to object to an automated individual decision);
  • the right to obtain from Brussels Expo at any time, on grounds relating to your particular situation, that it no longer processes your personal data where such processing, including profiling, is based on its legitimate interests;
  • the right to object at any time to the processing of your personal data for direct marketing purposes, including profiling insofar as it is linked to such marketing (right to object).

How can you exercise your rights?

Provided you can prove your identity, you can exercise the rights described above free of charge by sending an e-mail to privacy@brussels-expo.be so that we can help you as best we can.

We consider that any request to exercise rights emanating from the data subject’s registered e-mail address sufficiently demonstrates his or her identity. However, we reserve the right to use other reasonable means to verify the identity of the person concerned. In any event, we invite you to register using your own e-mail address (ideally, a professional e-mail address) and to take care to protect this e-mail address.

In the event of requests that are manifestly unfounded or excessive, particularly because of their repetitive nature, we may :

  • require the payment of reasonable charges which take account of the administrative costs incurred in providing the information, making the communications or taking the measures requested; or
  • refuse to comply with these requests.

It is up to us to demonstrate that your request is manifestly unfounded or excessive.

Your right to complain to the Data Protection Authority

You have the right to contact the Data Protection Authority (hereinafter the « DPA ») if you are dissatisfied with the processing of your personal data by Brussels Expo.

Full details are available on the APD website:

www.autoriteprotectiondonnees.be/ (FR);

www.gegevensbeschermingsautoriteit.be/ (NL);

www.dataprotectionauthority.be (EN);

www.datenschutzbehorde.be/ (DE).

Your data host

Your personal data is hosted by Brussels Expo, which may itself use the services of a qualified subcontractor with servers located within the European Economic Area (EEA).

These hosting solutions offer security to guarantee data confidentiality, availability and integrity. The chosen subcontractor also undertakes, under the same conditions, to back up your data or have it backed up under conditions that guarantee its security and integrity and protect it from any damage that may occur on the servers.

Updating our policy, applicable law and jurisdiction

This policy may be amended at any time in order to comply with applicable laws. The version of the applicable policy is the one in force on our website: https://www.brussels-expo.com. We therefore advise you to consult it regularly .

The validity, interpretation and/or performance of the policy are subject to Belgian law and to the applicable law of the European Union. In the event of a dispute relating to the validity, interpretation and/or performance of the policy, subject to article 211, 3°, paragraph 2 of the law of 30 July 2018 on the protection of natural persons with regard to the processing of personal data, the courts and tribunals of Brussels shall have exclusive jurisdiction.

Date of the last update: 20/11/2023

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×