Clarity Legal BV/SRL (“Clarity Legal”, “we”, “us”, “our”) is a law firm established in Belgium and subject to Belgian and EU data protection rules, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Belgian Data Protection Act of 30 July 2018.
We are committed to protecting the privacy, confidentiality and security of the personal data we process in the course of our activities. This Privacy Policy describes:
• What personal data we collect
• Why and how we process it
• Our legal bases for processing
• With whom we share personal data
• How long we retain personal data
• Your GDPR rights and how you may exercise them
This Policy applies when you:
• Visit our website www.claritylegal.be
• Become a client or request our assistance
• Interact with us as a supplier, partner or counsel
• Apply for a job
• Subscribe to newsletters or attend our events
Clarity Legal BV/SRL
Boulevard Bischoffsheim 15, 1000 Brussels – Belgium
Company number: 1026.433.808
info@claritylegal.be
We determine the purposes and means of the processing of personal data we handle in the course of delivering legal services or managing our operations.
Name, surname
Professional title, employer, department
Email address, phone number, postal address
Language preferences
This includes data provided by clients or collected in the context of legal advice or dispute resolution:
Contractual information
Employment-related documentation
Correspondence, statements, notes, reports
Procedural documents, evidence, supporting documents
Under Article 9 GDPR, we may process sensitive data only when necessary and justified, typically within the context of legal representation. This may include:
Health data
Trade-union membership
Data relating to disciplinary matters
Criminal convictions or offences (Art. 10 GDPR)
We process such data when necessary for the establishment, exercise or defence of legal claims or with your explicit consent.
When you visit our website:
IP address
Browser type, device type, operating system
Pages viewed, access times, referring websites
Cookie identifiers (see Cookie Policy)
Contact details of business contacts
Billing details
Contractual documentation
CV, cover letters
Diplomas, certificates, references
Employment history
Identification data required by law (e.g., national ID when applicable)
Registration details
Attendance lists
Preferences (e.g., areas of interest)
Photographs taken during events (with notice or consent)
We collect personal data:
Directly from you, when you contact us, request services, submit forms, or communicate by email or phone.
Indirectly, from:
Clients who involve you in a matter
Your employer or colleagues
Opposing parties or their representatives
Public databases (BCE, Official Gazette, LinkedIn, websites, press)
Authorities, courts, mediators, experts
Automatically, through cookies, analytics tools and website logs.
We process personal data only when we have a valid legal basis under Articles 6–10 GDPR. Below are the purposes and corresponding legal bases:
Processing is necessary to:
Respond to enquiries
Conduct conflict-of-interest checks
Provide legal advice or representation
Prepare and review legal documents
Manage client relationships
Ensure quality and ethical compliance
Such as:
Anti-money laundering (KYC/AML) obligations
Accounting, tax and regulatory duties
Professional rules imposed by the Bar
Including:
Ensuring IT and information security
Improving our services and website
Preventing fraud and abusive behaviour
Managing business operations efficiently
Defending legal claims
We always balance our legitimate interests with your fundamental rights.
Used for:
Newsletters and marketing communications
Use of non-essential cookies
Photography/video at events (when applicable)
Handling of certain sensitive data where no other legal basis applies
You may withdraw consent at any time without affecting past processing.
This is the primary basis for processing sensitive data in client matters.
We only share data when strictly necessary and always under confidentiality safeguards.
Partners, associates, lawyers
Employees and administrative staff
All are bound by strict professional secrecy obligations.
Depending on the matter or purpose:
IT and cloud-service providers
Accountants, auditors and consultants
Other law firms and counsel
Courts, tribunals and arbitrators
Mediators, experts, bailiffs
Authorities and regulators
Event organisers (for registration purposes)
We ensure that third parties receive only the data necessary for their role.
If data is transferred outside the European Economic Area (EEA), we rely on:
An adequacy decision
Standard Contractual Clauses (SCCs)
Appropriate technical and organisational measures
We retain personal data only as long as necessary for the purposes for which it was collected, and in accordance with legal and professional requirements.
Typical retention periods:
Client files: 10 years after matter closing (Belgian professional rules)
Accounting data: 7–10 years (legal obligations)
Marketing data: until you unsubscribe
Job applications: up to 5 years (unless retained with consent)
Event photos: until consent withdrawal or expiry of purpose
Website logs: short-term technical retention and as specified in Cookie Policy
After retention periods expire, data is securely deleted or anonymised.
We employ appropriate technical and organisational measures to safeguard your data, including:
Secure servers and encrypted storage
Access control and authentication systems
Firewalls and intrusion detection
Data minimisation and confidentiality protocols
Staff training and professional secrecy
Incident detection and breach-notification procedures
Despite these measures, no system can be guaranteed fully secure.
You have the following rights, within legal limits:
Receive confirmation of whether we process your data and obtain a copy.
Correct inaccurate or incomplete data.
Applicable when:
Data is no longer needed
Consent is withdrawn
Processing is unlawful
Restrictions apply for legal obligations and legal claims.
For example, during a dispute about accuracy or lawfulness.
Receive data in structured, machine-readable format or request transfer to another controller.
You may object:
For legitimate-interest processing
At any time for direct marketing
At any time, without affecting prior processing.
Belgian Data Protection Authority (APD/GBA)
Rue de la Presse 35, 1000 Brussels
contact@apd-gba.be
www.dataprotectionauthority.be
To exercise your rights: info@claritylegal.be
We may ask for proof of identity.
We may update this Policy to reflect legal, technical or operational changes. The most recent version will always be available on our website with a revised “Last updated” date.
Last updated: 9 December 2025