1. Who is the data controller and who is the data protection officer ?
ACTALYS Notaires Associés SRL processes personal data in the context of its activities.
ACTALYS Notaires Associés SRL, located at 1000 Brussels, boulevard de Waterloo 16, with company number 0831.909.513, acts as the controller of the personal data processed within the firm (hereinafter ‘the firm’). The data controller is the natural or legal person who determines the purposes and means of the processing of personal data.
The firm is committed to the protection of privacy. It undertakes to protect and process your personal data with particular care and transparency, in strict compliance with privacy protection legislation, in particular the General Data Protection Regulation (EU) 2016/679 (hereinafter ‘GDPR’) and the Code of Conduct of the National Chamber of Notaries of 28 January 2021 specifying certain procedures for the application of the General Data Protection Regulation (EU) 2016/679 (GDPR) for notaries (hereinafter ‘Code of Conduct’).
In accordance with the RGPD and the Code of Conduct, the firm has appointed a data protection delegate, namely Privanot ASBL. The Data Protection Officer can be contacted at the following e-mail address: info@privanot.be, or by letter at the following address: Privanot ASBL, rue de la Montagne 30, 1000 Brussels.
By means of this personal data protection policy, we would like to explain to you more about how we handle the personal data we hold. In this policy you will find answers to the following questions:
Please note that information on the processing of personal data of internal employees carried out in the context of human resources is set out in the firm's employment regulations. Information relating to the processing of personal data of external employees in the context of human resources is contained in specific documents, such as service contracts or general policy documents of the firm.
2. Why are your personal data processed?
Purposes - The main purpose of collecting and processing personal data is to ensure the legal security of transactions whose authenticity is guaranteed by the notary, and to manage the files entrusted to the notary.
In addition, the processing operations are necessary to carry out other important tasks and objectives, namely :
- management of the office's files, including processing carried out before and after the execution of an authentic instrument, such as the necessary searches and verifications, as well as any other processing required to fulfil the notary's duties as a public official and the tasks entrusted to him by the public;
- administrative management and monitoring of citizens' files, including invoicing and accounting;
- to carry out the necessary checks and controls within the framework of legislation relating to the fight against money laundering;
- to optimise navigation on the website through the use of cookies;
- to improve user-friendliness and services by using feedback from citizens and statistical analysis of the study's operations and services using software;
- to improve the quality of the firm's operations in the preparation of the deeds and documents necessary for the exercise of the notaries' functions as public officers through the use of low-risk artificial intelligence systems.
3. What is the legal basis for processing your personal data?
Lawfulness - The processing of personal data by a notary is considered to be lawful where it is, in most cases, necessary to comply with a legal obligation to which the notary is subject or necessary for the performance of a task in the public interest entrusted to the notary in charge of the case within the firm.
Personal data is processed by the firm on the basis of, but not limited to, the following legislation:
- The law of 25 Ventôse An XI containing the organisation of the notarial profession;
- The Law of 18 September 2017 on the prevention of money laundering and terrorist financing and the limitation of the use of cash.
In addition, the lawfulness of processing may also be based on the legitimate interest of the data controller, as in the case of improving customer satisfaction.
Finally, the lawfulness of the processing may be based on the consent of the data subject, for example when non-functional cookies are used on the study website.
4. What personal data does the study process?
Depending on the services you request, the survey may process the following personal data:
- identification data (surname, first name, marital status, national registration number, place and date of birth, etc.) ;
- contact data (postal address, e-mail address, telephone number, etc.);
- economic and financial data (bank account number, etc.);
- data relating to legal capacity;
- data relating to professional activity;
- data relating to acts carried out within the firm;
- data relating to family, social, tax or other composition that the notary must collect from official sources and administrations concerning you;
- data relating to the quality/satisfaction of the services provided.
5. What are the sources of information?
As a public official, the notary is required to collect and use personal data about you in order to carry out his activities.
Your personal data comes from
- yourself or your legal representative ;
- authentic data sources strictly regulated by specific legislation, such as the National Register, the Crossroads Bank of Social Security, the Central Inheritance Register, the Central Register of Cohabitation and Marriage Contracts, etc. ;
- official bodies authorised to supply data to notaries as part of their public duties.
6. To whom may your personal data be communicated?
Personal data processed by the firm may be communicated to third parties (‘recipients’), depending on the context of the processing, and in particular :
- legally authorised partners, such as public services and notarial institutions, for the storage of transcripts of deeds and their metadata in the context of electronic registration and for the registration of your data in the central registers of the notarial profession (e.g. the Central Register of Marriage Contracts, the Central Register of Mandate Contracts, the Central Register of Declarations relating to the appointment of an administrator or a person of trust, etc.);
- to the Fédération Royale du Notariat belge asbl (Royal Federation of Belgian Notaries), in respect of data relating to immovable property to be recorded in a notarial database, the purpose of which is to generate statistics and enable notaries to estimate the value of immovable property in the exercise of their functions;
- the Provincial Chamber of Notaries involved in your case and/or the National Chamber of Notaries (e.g. as part of their accounting control duties or as part of the prevention of and fight against money laundering);
- other notaries involved in your case (e.g. in connection with a property sale);
- the State Archives for the conservation of files, minutes and wills;
- the banks involved in your case;
- thechartered accountant/tax advisor who manages the firm's accounts;
- subcontractors for the management and continuity of the office, such as software suppliers for the preparation of deeds.
7. Who are the firm's subcontractors?
A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the firm.
The firm uses the following categories of processors in particular:
- hardware suppliers ;
- software suppliers, e.g. for file management and accounting;
- server/back-up supplier;
- supplier of paper document destruction services;
- external consultant or collaborator;
- etc.
8. Will your personal data be transferred outside the European Economic Area (EEA)?
In principle, your personal data will not be transferred outside the European Economic Area (hereinafter ‘EEA’).
However, should your personal data nevertheless be transferred to countries outside the EEA and the European Commission has considered that the country to which the data is transferred does not offer an adequate level of protection, the firm will endeavour to protect your personal data by providing additional safeguards (e.g. by entering into standard contractual clauses approved by the European Commission, adopting binding corporate rules, etc.).
9. How long will your personal data be kept?
In accordance with the principle of limiting the retention of personal data, the aforementioned data may only be retained for the period necessary to achieve the purpose for which it was collected, in accordance with the laws specifically applicable and the limitation periods for commercial and personal claims. The retention periods below correspond to the retention periods indicated in the study's register of processing activities.
The retention periods vary according to the nature of the documents concerned, i.e. :
- citizens' client files will be kept for as long as the citizen has not chosen to change notary, and will be kept for a maximum of the citizen's entire lifetime to enable the provision of advisory services (in accordance with article 9 of the Ventôse An XI law containing the organisation of the notarial profession) ;
- files are kept for 30 years following their closure for evidential purposes (in accordance with article 3.27 of the new Civil Code);
- minutes are kept for 50 or 75 years after the deed is signed and will then be transferred to the State archives (in accordance with article 62 of the Ventôse An XI law on the organisation of the notarial profession);
- the books (accounts) are kept for 10 years after the close of the financial year (in accordance with article 33 of the Ventôse An XI law containing the organisation of the notarial profession);
- account statements are kept for 10 years after the end of the financial year in question (in accordance with article 33 of the law of Ventôse An XI containing the organisation of the notarial profession);
- personal data covered by the Money Laundering Act are deleted after a retention period of 10 years (in accordance with Articles 60 and 62(1) of the Act of 18 September 2017 on the prevention of money laundering and terrorist financing and the restriction of the use of cash);
- personal data processed for the management of the website are kept for as long as necessary to achieve the intended purpose;
- personal data processed using artificial intelligence software will no longer be processed by these technologies once your file has been closed by the firm.
10. How are the security and confidentiality of your personal data guaranteed?
The firm takes appropriate technical and organisational measures to ensure a level of security appropriate to the risk. In addition, the firm ensures that it adopts the security measures for the processing of personal data set out in the Code of Conduct of the National Chamber of Notaries of 28 January 2021.
Security measures shall be taken to prevent the loss, destruction, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
In particular, the firm shall ensure that:
- the server environment is properly secured;
- personal data is stored and destroyed securely;
- employees and subcontractors are provided with secure access to the data required to achieve the intended purpose;
- a personal data breach notification procedure applicable to all members of the firm is in place;
- a procedure for managing the rights of data subjects applicable to all members of the firm is put in place;
- an information security policy accessible to all members of the firm is in place;
- there is an RGPD awareness policy for the members of the firm;
- technical security measures, such as firewalls, anti-virus software and regular security updates, are applied.
These measures are regularly monitored and reviewed by the aforementioned DPO following an audit.
The firm has, in accordance with Article 28 of the RGPD and Article 2 of the Code of Ethics of the National Chamber of Notaries of 28 January 2021, signed a subcontracting agreement with the various subcontractors it uses.
11. What are your rights?
Under the RGPD, you have a number of rights as a person concerned by the processing of your personal data by the firm.
Thus, depending on the circumstances and subject to compliance with its legal obligations and the fulfilment of its public interest missions by the data controller, you have the following rights:
- Right to information: you have the right to know, among other things, the personal data that the study processes about you, the purposes of this processing, how long this data is kept, etc. ;
- Right of access: you have the right to consult and obtain communication of your personal data held and processed by the firm;
- Right of rectification: you have the right to obtain rectification of inaccurate or incomplete personal data concerning you;
- Right to erasure: you have the right to request the destruction of your personal data processed by the firm;
- Right to restriction of processing: you have the right to restrict the processing of your personal data, for example if you dispute the accuracy of the data;
- Right to data portability: you have the right to receive your personal data in a structured, commonly used and machine-readable format and to transmit it to a third party;
- Right to object: you have the right to object to the processing of your personal data by the firm.
You may exercise your rights directly with the firm by e-mail (info@actalys.be) or by letter (ACTALYS SRL, boulevard de Waterloo 16, 1000 Brussels) or with the Data Protection Officer by e-mail (info@privanot.be).
Finally, if you consider that your rights are not being respected in accordance with the RGPD, you are entitled to lodge a complaint with the Data Protection Authority (rue de la Presse 35, 1000 Brussels or via their website https://www.autoriteprotectiondonnees.be/).
Un cookie est un petit fichier texte envoyé à votre navigateur et enregistré sur le disque dur de votre terminal (PC, ordinateur portable ou smartphone, …) lorsque vous visitez un site Internet, comme votre choix de langue.
En tant que gestionnaire du site Internet https://www.actalys.be/, l’étude ACTALYS (responsable du traitement) utilise trois types de cookies qui seront détaillés dans un tableau ci-après.
Les cookies essentiels sont nécessaires pour vous permettre de naviguer sur le site Internet et pour permettre aux fonctionnalités techniques de base de fonctionner. Ils permettent, par exemple, aux actions exécutées pendant l’une de vos visites d’être conservées, et ce, également quand vous naviguez d’une page à l’autre sur le site Internet. Ces cookies ne peuvent dès lors pas être désactivés.
Les cookies fonctionnels permettent au site Internet d’enregistrer des informations qui ont déjà été fournies et de vous offrir des fonctionnalités améliorées personnalisées. Ils permettent, par exemple, de retenir la langue de votre choix. Ces cookies ne peuvent dès lors pas être désactivés.
Le site Internet utilise « Google Analytics » pour des finalités analytiques. Cet outil d'analyse nous permet de quantifier les visites (le trafic) sur le site Internet afin notamment de savoir combien de fois une page déterminée a été lue. Nous utilisons ces informations uniquement pour améliorer le contenu de notre site Internet et la communication qui l’entoure.
Ces cookies ne seront placés sur votre terminal que si vous y avez consenti préalablement.
Le site Internet utilise les cookies suivants :
Clé des cookies |
Type de cookie |
Expiration |
Description |
---|---|---|---|
PHPSESSID |
First-party |
Session |
Cookie généré par les applications basées sur le langage PHP. Il s'agit d'un identifiant à usage général utilisé pour gérer les variables de session utilisateur. Il s'agit normalement d'un numéro généré aléatoirement, la façon dont il est utilisé peut être spécifique au site, mais un bon exemple consiste à maintenir un statut de connexion pour un utilisateur entre les pages. |
Clé des cookies |
Type de cookie |
Expiration |
Description |
---|---|---|---|
langue |
First-party |
1 an 1 mois |
Il existe de nombreux types de cookies associés à ce nom, et un examen plus détaillé de la manière dont il est utilisé sur un site Web particulier est généralement recommandé. Cependant, dans la plupart des cas, il sera probablement utilisé pour stocker des préférences linguistiques, potentiellement pour proposer du contenu dans la langue stockée. La catégorie ICC donnée ici est basée sur cet usage. |
Clé des cookies |
Type de cookie |
Expiration |
Description |
---|---|---|---|
_ga_01KSSH49KQ |
First-party |
1 an 1 mois |
Ce cookie est utilisé par Google Analytics pour conserver l'état de la session. |
_ga |
First-party |
1 an 1 mois |
Ce nom de cookie est associé à Google Universal Analytics, qui constitue une mise à jour importante du service d'analyse le plus couramment utilisé de Google. Ce cookie est utilisé pour distinguer les utilisateurs uniques en attribuant un numéro généré aléatoirement comme identifiant client. Il est inclus dans chaque demande de page d'un site et utilisé pour calculer les données de visiteurs, de sessions et de campagnes pour les rapports d'analyse des sites. |
_gid |
First-party |
Un jour |
Ce cookie est défini par Google Analytics. Il stocke et met à jour une valeur unique pour chaque page visitée et est utilisé pour compter et suivre les pages vues. |
_gat_gtag_UA_101028579_4 |
First-party |
55 secondes |
Ce cookie fait partie de Google Analytics et est utilisé pour limiter les demandes (taux de demandes de limitation). |
uid |
First-party |
1 an 1 mois |
Ce cookie fournit un identifiant utilisateur attribué de manière unique et généré par une machine et collecte des données sur l'activité sur le site Web. Ces données peuvent être envoyées à un tiers pour analyse et reporting. |
Cookie Actalys |
First-party |
1 an |
|
Contact
Si vous avez la moindre question concernant l’utilisation des cookies sur le site Internet, vous pouvez prendre contact avec notre délégué à la protection des données :