Data Protection Policy

GOVERN&LAW hereby wishes to inform you and to abide by data protection principles, in compliance with the General Date Protection Regulation (GDPR). This Data Protection Policy may be amended and shall be read in light of applicable laws and guidance from European Data Protection Board (EDPB) and the Belgian Data Protection Authority (APD).

1. Which personal data does GOVERN&LAW process?

Personal data types: Collected and processed by GOVERN&LAW may include: names, emails, phone numbers, addresses and location, academic background, professional experience and qualifications, bank details, questions and needs submitted to GOVERN&LAW. 

Personal data sources: Most personal data stem from your voluntary submissions to GOVERN&LAW; others may be collected from publicly available information about you, or lawfully from partners or third parties. 

2. What are your rights?

You have the right to be informed, to seek access, rectification, limitation or deletion of your personal data. You also have the right to obtain your personal data, in a readable format, for portability purposes. 

Any request to exercising your rights shall be addressed to:

Requests shall be addressed in a timely fashion. Exceptionally, requests may not be satisfied in the event (i) GOVERN&LAW is subject to legal obligations commanding otherwise or (ii) they entail unreasonable efforts or costs for GOVERN&LAW.  

3. How does GOVERN&LAW protect personal data? 

GOVERN&LAW protects personal data through the following technical and organisational measures: 

Minimisation. Personal data being processed are proportionate and limited to meeting their very purpose(s) and ground(s). GOVERN&LAW may further minimise exposure by anonymizing or aggregating data for e.g. statistical, research or cmmunication purposes. 

Accuracy. GOVERN&LAW endeavours to keep personal data accurate and updated provided you are keeping GOVERN&LAW informed of any changes applicable to yours.

Security. GOVERN&LAW makes reasonable efforts to ensure the security of personal data and their processing, such as limiting access and processing to duly authorised people and minimising accidental loss or leaks. Back-up and deletion processes are put in place. 

Accountability. GOVERN&LAW keeps its Data Protection Policy updated, together with a registry of the categories of personal data processing.

Breach. In the event of a breach or incident (e.g. accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data), GOVERN&LAW shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the CNIL and to affected people in case the breach affects them and cannot be remedied.

4. Why and for how long may GOVERN&LAW process personal data? 

Grounds & purposes: 

Personal data processing by GOVERN&LAW is based on the following:

Duration & retention: 

GOVERN&LAW retains personal data for a limited time, as per their ground(s):

Legitimate interest: If you contact GOVERN&LAW, personal data processing is based on GOVERN&LAW’s legitimate interest in answering your inquiries. 

Retention for as long as such interest remains valid and legitimate.

Contract: If you enter into an agreement with GOVERN&LAW, personal data processing is based on meeting such contractual obligations. 

Retention for as long as needed to meet such contractual obligations + 3 years to stay in contact.

Consent: If you consent explicitly to certain processing purposes, personal data processing is based on such consent.

Retention for as long as consent is not revoked, or deletion is not requested, or once the purpose for which consent was given disappears.

Law: GOVERN&LAW may also process personal data to meet legal requirements (e.g. tax, accountancy) or to secure its rights in courts.

Retention most often for 2 to 10 years, depending on the law at hand.


Last updated: 30 September 2021

Contact us

Looking for