​Privacy Policy

1. General information

AAPI processes personal data within the scope of its activities.

Personal data should be understood to mean any information about an identified or identifiable person. 

Processing should be interpreted broadly and is any operation or set of operations performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or modification, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of data. 

As AAPI values and respects the privacy and security of personal data, such personal data shall only be processed in accordance with (i) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC, better known as the General Data Protection Regulation (GDPR) as well as with (ii) all applicable national regulations. 

This privacy policy serves to provide you with transparent information regarding: 

​(a) The controller of your personal data 

​(b) The purposes for which your personal data is processed 

​(c) The period for which personal data will be stored 

​(d) Your rights in relation to this processing 

​(e) Our obligations in relation to this processing (f) Cookies

2. The controller of your personal data

The private limited company AAPI, registered in the Crossroads Bank for Enterprises under number 0664.752.282, with its registered office at Baron de Celleslaan 68, 2650 Edegem, is the controller of your personal data. 

This means that AAPI determines the purposes and means of processing personal data. 

AAPI does this in its capacity as a company with whom you have a direct or indirect contractual relationship as a customer or as a supplier, or whose website you visit. 

3. The purposes for which your personal data is processed

How? AAPI collects personal data through (i) agreements that you conclude (directly or indirectly) with us, (ii) voluntary provision of personal data by the data subject (whether or not via contact forms), (iii) commercial campaigns in which you participate, or (iv) through the use of our website and social media (which includes the technologies linked to it such as cookies). 

What? The personal data collected by AAPI consists of (i) personal identification data, (ii) electronic identification data, (iii) financial identification data, (iii) personal details, and (iv) image recordings. 

Why? Personal data is always collected and processed by AAPI for one or more well-defined purposes. The purposes for which AAPI processes personal data are the following: (i) to perform the agreements concluded with it, (ii) to comply with applicable statutory obligations, (iii) for marketing purposes (which you may object to at any time), (iv) to improve our services, (v) to combat fraud, and (vi) to manage your account on our website. 

Is there any consequence for not providing personal data? The provision of personal data is a necessary condition for concluding an agreement. If the aforementioned data is not provided, it is not possible to use the website or conclude an agreement with AAPI.

​4. The period for which personal data will be stored

Your personal data will be kept for as long as necessary to achieve the purpose for which it was collected, in line with statutory, regulatory and internal requirements in this regard, and no longer than 10 years. This provision does not, of course, affect your rights as shown in sub-paragraph 5 below.

​5. Your rights in relation to this processing

Right to withdraw consent: You have the right to withdraw your consent at any time as described in sub-paragraph 6 below. Of course, this does not affect the lawfulness of the processing prior to this withdrawal. 

Right of access: You have the right to obtain a definitive answer from AAPI as to whether or not your personal data is being processed, as well as to access it. 

Right of rectification: You have the right to obtain rectification by AAPI of inaccurate personal data. 

Right to erasure of data: You have the right to obtain erasure of the personal data from AAPI without unreasonable delay, in the following cases: (i) the personal data is no longer necessary for the purposes for which they were collected, (ii) the consent on which the processing is based is withdrawn, (iii) you object to the processing which is justified by the public interest or a legitimate interest, or which is done for the purpose of direct marketing, (iv) the personal data has been processed unlawfully, (v) the personal data must be erased to comply with a statutory obligation, (vi) the data has been obtained in connection with an offer of information society services to a child. 

Right to restriction of processing: In a number of exhaustively listed situations, you also have the right to restrict processing, notably: (i) when the accuracy of the personal data is disputed, and this for a period that enables the controller to verify the accuracy of the personal data, (ii) when the processing is unlawful and the data subject opposes the erasure of the personal data, (iii) if AAPI no longer needs the personal data for the processing purposes, but the data subject needs it for the establishing, exercising or substantiating a legal claim, (iv) if the data subject has objected to the processing. 

Right to data portability: You have the right, under certain circumstances, to obtain your personal data in a structured, commonly used and machine-readable form, and to transfer it to another controller. 

Right to oppose marketing purposes: You have the right to oppose the use of your personal data for direct marketing purposes at any time.

6. Our obligations in relation to this processing

Principles of processing: AAPI will always process personal data using the following principles: (i) in a manner which is lawful, proper, and transparent in relation to the data subject, (ii) for specified, explicit and legitimate purposes, (iii) relevant and limited to what is necessary for the purposes for which it is processed, (iv) the data will be accurate and, if necessary, updated, (v) will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed, (vi) all appropriate technical or organisational measures will be taken to ensure that personal data will be processed in a manner that ensures adequate security and that it is protected against unauthorised or unlawful processing and against accidental loss, destruction, or damage. 

Lawfulness of processing: AAPI is only authorised to process personal data if any one of the following conditions is met: (i) you have given your express consent to this, (ii) the processing is necessary for the performance of an agreement to which you are (directly or indirectly) a party, (iii) the processing forms part of a statutory obligation of AAPI, (iv) the processing is necessary to protect your vital interests or those of other natural persons, (v) the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, or (vi) the processing is necessary for the protection of the controller’s legitimate interests (except where the interests of the data subject are overriding). 

Sharing of personal data: Your personal data is only accessible within AAPI to those workers who need to have access to it as part of their duties. These workers are bound by strict internal rules regarding the processing of personal data. If AAPI uses external parties for the purpose of processing personal data, it will only use parties that provide adequate guarantees so that the processing meets statutory requirements and your rights are safeguarded. Your personal data may be transferred to the following categories of recipients: external accountants, IT suppliers, consultants, and marketing companies.

​7. Cookies

Cookies are small files that the server installs on your computer that are necessary for browsing. Certain other cookies have other functions, such as remembering the internet user's details when they log in as a registered member on a website. Certain pages of the website use cookies to remember preferences or for technical reasons. 

You will be asked to consent to the placing of cookies on your device when using the AAPI website (with the exception of purely technical cookies that do not require explicit user consent). 

Cookies are not kept longer than necessary and are subject to a maximum retention period of 3 years. 

If you do not want cookies to be placed on your computer, your browser settings can be adjusted accordingly.

​8. Final provisions

This privacy policy may be amended at any time in the future; any future changes or modifications shall always be communicated to you in advance.

With this privacy policy, we have endeavoured to inform you in a transparent way about your rights and AAPI's obligations in the context of processing personal data. Should anything nevertheless still be unclear, or should you require further information or have any questions, we will be happy to help. 

To contact us, or to exercise any of your data protection rights, please send an email to privacy@aapi.be or a letter to BVBA AAPI, Baron de Celleslaan 68, 2650 Edegem, for the attention of the privacy officer. When you exercise your rights, your letter or e-mail should be accompanied by a copy of your identity card or passport so that your identity can be verified. 

Should you have any complaints and/or suggestions regarding the way we process your personal data, please do not hesitate to contact us. AAPI is committed to safeguarding your rights. We also wish to inform you that you have the right, at any time, to lodge a complaint with the supervisory authority, i.e. the Data Protection Authority.