BailBelgique attaches paramount importance to the protection of your personal data. This policy explains what data we collect, why, how we protect it, how long we retain it and what your rights are, in accordance with the General Data Protection Regulation (GDPR – EU 2016/679) and applicable Belgian legislation.
1. Data controller
The data controller for your personal data is:
| Company name | BailBelgique SRL |
| Registered office | Avenue Louise 367, 1050 Brussels, Belgium |
| BCE number | [to be completed] |
| General contact | contact@bailbelgique.be |
| GDPR contact | contact@bailbelgique.be |
For any questions regarding the processing of your data, you may contact us at the above coordinates.
2. When do we collect your data?
BailBelgique collects and processes your personal data in several situations, depending on your use of the Site and Services.
2.1 Browsing the Site
When you browse, certain technical data is automatically collected to ensure proper functioning of the Services and improve the user experience:
- Your browsing history (pages viewed, visit duration)
- Information about your device and browser (type, operating system, browser used)
- Your connection data (IP address, date and time of connection, technical logs)
2.2 Account creation
Access to the Services requires creating a Client Account. The data collected may include:
- Your contact details: first name, surname, postal address, email address, telephone number
- Lease party details: in particular those of the tenant (first name, surname, address, email)
- Information about the property: address, area, characteristics, equipment, year of construction
- Information about the rental: type of lease, duration, start date, legal diagnostics
2.3 Document generation
When generating documents (leases, property condition reports, amendments), you complete forms containing personal data relating to the parties and the property. You remain responsible for the accuracy of this data before validation and use.
2.4 Payment
Payments are processed through an approved secure payment provider, who alone is authorised to collect your banking details.
BailBelgique does not store and does not have access to your banking data. Only the transaction history is retained, for contractual, accounting and statistical purposes.
2.5 Newsletter subscription
With your consent, you may receive our newsletter. You may withdraw your consent at any time, free of charge and without justification:
- By clicking the “Unsubscribe” link at the bottom of each email
- By writing to us at contact@bailbelgique.be
Withdrawal of consent does not affect the lawfulness of mailings sent before the withdrawal.
2.6 Contacting support
When you contact our customer service team, we only collect the information necessary to process your request: identification details, email address, telephone number if provided, and any information you voluntarily share.
Certain data is essential for the proper performance of the Services. Failure to provide this data may prevent access to the relevant Services.
3. Purposes and legal basis for processing
In accordance with the GDPR, each data processing operation is based on a specific legal basis. Here is a summary:
| Purpose | GDPR legal basis |
|---|---|
| Creation and management of the Client Account | Performance of a contract (Art. 6.1.b) |
| Document generation (lease, condition report) | Performance of a contract (Art. 6.1.b) |
| Invoicing and payment | Performance of a contract and legal obligation (Art. 6.1.b and c) |
| Retention of accounting data | Legal obligation (Art. 6.1.c) |
| Site security and fraud detection | Legitimate interest (Art. 6.1.f) |
| Service improvement and statistics | Legitimate interest (Art. 6.1.f) |
| Newsletter sending | Consent (Art. 6.1.a) |
| Non-essential cookies | Consent (Art. 6.1.a) |
| Legal defence and litigation | Legitimate interest (Art. 6.1.f) |
4. Security measures
The security of your data is an absolute priority. We have implemented measures adapted to all users, from individuals to professionals.
4.1 Accessible security
- Hosting in Europe, in data centres compliant with the GDPR
- Restricted access to authorised personnel only, bound by confidentiality obligations
- Communications protected by SSL/TLS protocol
- Accounts secured by unique credentials and strong passwords
- Regular backups to reduce the risk of data loss
4.2 Advanced security
- AES-256 encryption for data at rest and TLS 1.3 protocol for data in transit
- Enhanced authentication with secure tokens (JWT) for sessions and APIs
- Continuous monitoring of infrastructure (24/7 monitoring, firewall, IDS/IPS)
- Regular security audits, both internal and external
- Proactive application of security updates and patches
- Disaster recovery and business continuity plans (DRP/BCP)
- Logging of sensitive actions to ensure traceability and integrity
Our practices follow international best practices, including those from the ISO 27001 standard. However, as no system is entirely invulnerable, BailBelgique is bound by an obligation of means, not of result.
5. Retention period
We retain your personal data only for as long as necessary to fulfil the purposes described in this Policy.
| Type of data | Retention period |
|---|---|
| Account and contractual data | Duration of the contractual relationship + 3 years |
| Generated documents (leases, condition reports) | 10 years after the end of the lease |
| Invoicing and accounting data | 10 years (legal obligation) |
| Contact data (prospects) | 3 years from last contact |
| Marketing data (newsletter) | Until withdrawal of consent |
| Technical and connection logs | 12 months maximum |
| Cookies | 13 months maximum (DPA recommendation) |
At the end of these periods, your data is deleted or anonymised securely, so that no identification is possible. Certain data may be archived with restricted access for an additional period required by law.
6. Recipients and data sharing
BailBelgique only shares your data with trusted third parties and only where strictly necessary.
6.1 Service providers (processors)
Our data may be shared with providers acting on our behalf:
| Provider | Purpose |
|---|---|
| Hostinger International Ltd. | Web hosting |
| Amazon Web Services (AWS) | Hosting and storage |
| Approved payment provider | Payment processing |
| eIDAS trust service provider | Qualified electronic signature |
| Email service provider | Newsletter and notification delivery |
| Google Analytics / equivalent | Audience measurement (with consent) |
These providers act only on BailBelgique’s instructions, may not use your data for other purposes, and are contractually bound to strict confidentiality and security obligations (GDPR processor agreement – Art. 28).
6.2 Commercial partners
Only with your explicit consent may your data be shared with partners in the context of complementary offers you have selected.
BailBelgique commits to never selling your personal data and to not allowing any commercial prospecting by third parties without your prior consent.
6.3 Authorities and legal obligations
We may communicate certain data to competent authorities, legal advisors or public bodies when required by law, in the context of litigation, judicial proceedings, administrative audits or to defend BailBelgique’s rights.
7. Data transfers outside the European Union
Your data is primarily hosted within the European Union. However, some of our providers may be located outside the EU (for example AWS for certain regions, or analytics tools).
When a transfer outside the EU is necessary, BailBelgique ensures it is governed by:
- An adequacy decision by the European Commission, or
- Standard contractual clauses (SCCs) adopted by the European Commission, or
- Any other appropriate safeguard provided by the GDPR (Art. 46)
You may request details of the safeguards in place for these transfers by contacting us at contact@bailbelgique.be.
8. Cookies and trackers
Our Site uses cookies to ensure proper functioning, measure audience engagement and improve the user experience. Details of the cookies used, their purposes and how to manage them are presented in our cookie policy.
On your first visit, a consent banner allows you to accept, refuse or customise non-essential cookies. You may change your preferences at any time via the cookie manager at the bottom of the page.
9. Your rights
In accordance with the GDPR and Belgian legislation, you have the following rights regarding your personal data:
To verify your identity, we may ask you to provide proof of identity with your request. We will respond within one month, which may be extended by two months in complex cases.
10. Complaint to the supervisory authority
If you believe your rights have not been respected, you have the right to lodge a complaint with the Data Protection Authority (DPA), the competent Belgian authority for personal data protection.
However, we encourage you to contact us first so that we can seek an amicable solution to your request.
11. Policy updates
This policy may be updated, in particular to reflect:
- Legislative and regulatory developments
- Recommendations from supervisory authorities (DPA, EDPB)
- Changes to the Services and their technological evolution
Any modification takes effect upon publication on our Site. The date of the last update always appears at the top of this document.
In the event of a major change affecting your rights or the way we process your data, BailBelgique commits to informing you directly by email or by notification on the Site and, where required by law, to obtaining your consent again.
12. Contact
For any questions regarding this policy or the processing of your personal data:
- By email: contact@bailbelgique.be
- By post: BailBelgique SRL, Avenue Louise 367, 1050 Brussels, Belgium