General Terms and Conditions - Privacy statement

By means of this Privacy Statement, we inform you about the way in which we collect and process your personal data within the framework of the European General Data Protection Regulation 2016/679 (GDPR) and the relevant Belgian legislation. This Privacy Statement applies to the relationships between the law firm, its lawyers, and the clients, suppliers, other lawyers, third parties and counterparties.

1. Data controller

The person responsible for processing your personal data is: BV MDP Advocaten, Jean Baptiste de Ghellincklaan 31/001, 9051 Sint-Denijs-Westrem (GENT), KBO 0466.770.829.

2. Your privacy

Your privacy is very important and that is why we do what is reasonably possible to protect it. We have therefore organised our data processing on the basis of the GDPR and the relevant Belgian legislation.
To protect the security of your data as much as possible, our own internal data server, for example, is secured with a firewall, anti-malware software, internal backup and a wired LAN network, and our premises are locked and secured with an alarm system and badges.
The legal and deontological rules that govern the lawyer's profession in particular also contain obligations that ensure the protection of your personal data (such as the lawyer's professional secrecy protected by criminal law, the duty of confidentiality, etc.). In addition, when we act as an arbitrator or mediator, the legal or regulatory obligations of secrecy and confidentiality associated with those functions apply. On the other hand, we are also required by law to comply with the rules relating to the prevention of money laundering, which may exceptionally oblige us to report suspicious acts to the chairman of the Bar (“Stafhouder”) (see also our General Terms in this respect).

3. Which personal data do we process?

As a law firm, we collect and process personal data that is necessary and useful (or may be useful) to enable us, as lawyers, to fulfil our professional assignments: (i) identification and contact details of clients, other involved parties, their counsel and involved third parties, (ii) financial accounts and transactions, (iii) family data, (iv) data on professional qualifications and careers, (v) management positions within legal entities, (vi) etc. In addition, our files may contain many other personal data and documents that are useful or necessary to fulfil our assignments in a specific file. This may include sensitive data. The personal data may relate to clients and their families, colleagues, acquaintances, partners, etc., to counterparties, their representatives or advisers, to our suppliers, but also to third parties directly or indirectly involved (witnesses, experts, etc.).
We collect, store and process personal data provided to us directly or indirectly by a client, counterparty or confrere, agent, expert, adviser, insurer or broker, etc., as well as public data that we can obtain from public sources accessible to us (e.g. the Crossroads Bank for Enterprises, the National Register, online databases such as REGSOL, the world wide web, files at the court registry, etc.).
Generally speaking, personal data are processed to enable us to carry out the tasks entrusted to us, such as, for example, conducting legal proceedings or other forms of dispute resolution (arbitration, mediation, amicable negotiations, etc.), drawing up or reviewing contracts and other legal documents, providing legal advice and assistance, conducting negotiations or discussions, etc.
In addition, certain data will also be processed for our own general and financial administration and for customer management purposes and it may be necessary to process data for the purposes of complying with the legal obligations to which we are subject (e.g. in the context of anti-money laundering legislation).
We do not engage in direct marketing (with the exception of periodically sending out a newsletter, proactively providing individual information that may be of interest to a client or sending invitations to existing clients, for each of which you may indicate at any time in writing, by telephone or verbally that you do not wish further communication) and we do not pass on personal data to third parties for similar purposes, nor to the media (except exceptionally and with your specific consent, for the sole purpose of representing your interests).
We strictly respect the lawyer's professional secrecy. We may, however, ask you for permission to use certain data (e.g. contact information) in the context of a reference for participation in a private or public tender or inclusion in a legal directory, for example.

4. Legal basis for the processing of your personal data

Article 6.1 of the GDPR stipulates the legal grounds on which personal data may be processed. Below we give an overview of the various possible legal grounds which we invoke to account for the processing of the necessary data:

  • To carry out the contractual assignment(s) you give us (e.g. conducting a procedure, editing documents, providing advice or representation, etc.), including customer management;
  • In order to comply with all our legal and deontological obligations;
  • Based on your consent: e.g. where you specifically consent to the use of certain data;
  • Exceptionally, when we believe that we have a legitimate interest in using personal data with minimal impact on privacy (e.g. when we proactively provide you with certain information).

5. Limited access to personal data

Only lawyers, assistants and members of the secretariat have access to personal data. They are bound by the lawyer's professional secrecy and/or by a confidentiality agreement.

In addition, there are also a number of external service providers (mainly ICT and internet providers, e-mail programme, lawyer software, accountant, corresponding law firms at home and abroad), who (may) have limited legal access due to their specific services. We have taken the necessary measures to ensure that they only process personal data for the purposes and in the manner accepted by us, and that they offer sufficient guarantees to respect the confidentiality and confidentiality of personal data. You accept, however, that we must be able to call upon third parties to provide our services in an efficient and effective manner. If one of these service providers is located outside the European Economic Area, we will only transfer the personal data if an adequate level of protection is ensured.
Furthermore, we must of course also be able to pass on personal data to third parties in the performance of our task(s), such as, for example, the transmission of documents containing personal data to a court of law, a lawyer, a counterparty, and so on.

6 . Term of processing and retaining information

We keep personal data for as long as is necessary to carry out our assignment(s) in full, in order to comply with our legal and/or deontological obligations. If we have a legitimate interest in doing so, we may retain them for a longer period if necessary.
In the event of follow-up, we will pass on the personal data to the lawyer of your choice. We will then only keep copies of data that may be necessary to protect our legitimate interests.

7. Your privacy when visiting our website

You can visit our website without providing any personal data. We do make limited use of cookies, however, as you can read in our separate Cookie Policy. You can change your cookie settings at any time.
Our website may redirect you to websites that are not operated by our firm, for example a link in a blog. Our firm cannot be held liable for the privacy settings or content of these websites and we encourage you to read these applicable statements and contractual terms and conditions thoroughly at all times.

8. Which rights are granted to you?

The GDPR provides you with a number of rights, which can be exercised under certain circumstances:

a) the right to access and consultation;
b) the right to rectify inaccurate data and complete incomplete personal data;
c) the right to erasure of data;
d) the right to portability;
e) limitation of processing;
f) the right to object (except for the processing of personal data which is necessary for us to fulfil out one of our legal obligations, the performance of our contract or our legitimate interest).

Where processing is based on your consent (e.g. when you consent to the use of a reference), you have the right to withdraw such consent at any time, without prejudice, however, to the lawfulness of processing based on consent prior to withdrawal.
Anyone wishing to exercise one of the aforementioned rights must send a request MDP at the email address: or via the other contact details provided on the website. Please be as specific and clear as possible and provide us with a copy of your proof of identity so that we can verify that you are a valid rightsholder. In any case, we will reply to you very soon.

You can also lodge a complaint with the competent supervisory authority. In Belgium, this is the Data Protection Authority, with the following contact details:

Drukpersstraat 35, 1000 Brussels
+32 (0)2 274 48 00
+32 (0)2 274 48 35

Contact us