Business Lawyers :: Bonhivers Law Firm :: Brussels

Data Protection Policy


For technical reasons, browsing our website is likely to mean cookies will be installed on your computer. A cookie is a piece of code, in the form of a small data file, that does not identify the user, but which records information relating to navigation of a computer on a website. The data obtained in this manner is intended to facilitate subsequent navigation of the website, improve our website and also allow us to analyse the number of visits (using tools such as Google Analytics). For further information on the Privacy Rules relating to the use of Google Analytics, please consult the section “About Google Analytics”.

You can configure your browser to notify you each time cookies are created or to prevent them from being created at all:

  • Internet Explorer:
  • Chrome:
  • Firefox:
  • Safari:


Access to our website will not be denied as a result of this configuration.

1. Foreword

BONHIVERS Law Firm, established at 1150 Brussels, avenue de Tervueren, 273, (hereinafter referred to as the “Law Firm”) is particularly concerned with personal data protection and ensuring that the privacy of anyone in contact with us is respected. We act in complete transparency, in accordance with national and international provisions in this regard, notably the EU Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 relating to the protection of natural persons with regard to personal data processing and on the free movement of such data and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).

This declaration is intended for natural persons who come into contact with us, including those who are clients of the Law Firm, work for clients of the Law Firm or its suppliers, browse our website or are parties involved in the cases handled by the Law Firm.

Data collected is used within the context of the task entrusted to the Law Firm or for another necessary task related to the former.

The data controller is Mr. Cyrille Barette.

2. Why does the law firm process personal data and what is the legal basis for our data processing?

2.1. Depending on the data collected and processed as well as the categories of those individuals concerned, the purposes and legal bases for data processing may vary. The Law Firm processes your data within the context of:

  • defending the interests of our clients or those of a legal or natural person for whom the natural person acts;
  • the administrative management of our clients’ cases (fulfilment of the Law Firm’s contractual obligations);
  • – accounting (notably for the purpose of issuing, collecting and verifying invoices);
  • the management of pre-contractual relationships, including the verification of conflicts of interest within the Law Firm;
  • the management of our suppliers;
  • the management of our staff;
  • defending the Law Firm in the context of any possible litigation;
  • fulfilment on the part of the lawyers of their obligations;
  • relationship management and correspondence with courts and other law professionals;

or for any other purpose, of which you have been personally informed.

2.2. 2.2. Depending on the intended purpose, the Law Firm processes your data when this action is necessary for:

  • The fulfilment of its legal obligations, notably required under the Belgian Judicial Code, the Belgian Code of Economic Law, and Belgian law of 18 September 2017 relating to the prevention of money laundering and terrorist financing and limiting the use of cash (article 6.1.c. of GDPR);
  • The performance of the contract under which we are bound to our clients (article 6.1.b of GDPR);
  • – The fulfilment of pre-contractual measures (article 6.1.b. of GDPR) for the purpose of enabling or facilitating a future contractual relationship;
  • In the pursuit of our legitimate interest, when it is necessary to store your data to file, bring or support possible legal proceedings (article 6.1.f. GDPR).

We may also process sensitive data (particular categories of personal data), each time it is necessary to do so for the establishment, exercise or defence of legal claims in accordance with the provisions of article 9 §2, f. of GDPR.

3. What personal data is processed by the law firm and what is its source?

3.1. The Law Firm collects the data processed through different channels , either directly from you or from a judicial or administrative authority, a party involved (opposing party, etc.) within the context of a dispute or an insurance company involved in the defence of your interests (professional indemnity insurance, family civil liability insurance, legal protection, etc.), or even from publicly accessible data.

We only collect appropriate, relevant personal data, limited to the data required for the purposes for which it is processed.

By refusing to communicate certain personal data, it may lead to your lawyer being unable to fully perform the assignment instructed.

3.2. The following categories of data are processed:

  • Identification data: last name, first name, home and/or business address, email address, telephone number, business number, identity photograph, identity card, national number;
  • Family data: last names and first names of children, filial relationship, civil status, household composition, etc.;
  • Personal characteristics: age, sex, date and place of birth, nationality, country of origin, language(s) spoken, etc.
  • Professional characteristics: profession, qualifications, career, etc.
  • Medical data: medical history, illnesses, disability, medical imaging, laboratory reports, biological sample data, doctors’ letters and reports, etc.;
  • Financial data: account number, account statements, tax assessment notice, and/or any document attesting to the financial situation;
  • Data relating to criminal convictions and offences ;
  • Data relating to the dispute/case (including court or law enforcement record) entrusted to the Law Firm may be data from particular categories depending on the type of matter.

If required in the handling of the matter, the data processed can therefore be sensitive data or data be related to race, sexual orientation, trade union membership or religious or philosophical beliefs or otherwise. Generally, all data required for the establishment, exercise or defence of our clients’ legal interests.

4. With whom does the Law Firm share personal data?

4.1. Any sharing of data is carried out with due regard for professional confidentiality, ethical rules and this privacy policy.

4.2. The data listed below is accessible to members of the Law Firm team, to any colleague, working as an associate or specialist lawyer, or any technical consultant (accountant, auditor, architect, expert, etc.) strictly to the extent necessary to execute the obligations of the Law Firm.

4.3. The Law Firm is likely to have cause to send your data: :

  • To judicial or administrative authorities, to court officers or any other legal professional (notary, etc.);
  • To the opposing sides;
  • Where appropriate, to banking or insurance institutions;
  • Where appropriate, to the employees of our clients or other professional or personal contacts of our clients;

Within the context of defending the interests of our clients, the mandate given by the client and to the extent necessary.

The Law Firm may have reason to send personal data to third parties under the law, decrees or other regulatory provisions from which it may not be able to exempt itself.

4.4. The Law Firm may also share certain data with its co-contractors, termed as “processors” within the meaning of GDPR, to the extent strictly necessary for the operation of applications or IT management systems or non-computerised systems that the Law Firm uses.

Service providers (and their location) with whom we have cause to share client data are as follows:

  • Email solutions service providers _ In Europe
  • Postal service providers _ In Europe
  • IT solutions and infrastructure and systems maintenance service providers _ In Europe
  • Hosting/Cloud service providers _ In Europe and the United States
  • Accounting and financial services providers _ In Europe
  • Banks/Insurance companies _ In Europe
  • Third-party insurer _ In Europe
  • Lawyers – associates – trainee lawyers _ Worldwide
  • Belgian French- and German-speaking federal bar association ( _ In Europe

For security reasons, the list of processors along with details of their fields of activity, the intended purpose and where applicable, the country in which the data is processed and hosted are not available on our website but available to those persons concerned on request.

5. How long does the Law Firm keep personal data?

5.1. The length of time personal data is stored varies depending on the purpose of processing that data.. This length of time is limited taking into account the possible record-keeping obligations imposed by law (fiscal statute of limitations, money laundering prevention, etc.).

Subject to article 5.2. of this Policy, the Law Firm will not store data beyond a period of 10 years from the end of the relationship with the Law Firm.

5.2. In the event of disputes with the Law Firm, the data will be stored beyond the period of 10 years and will be deleted after the dispute is finally closed.

6. Does the Law Firm transfer personal data outside the European Union?

The transfer of data to a country outside the European Union or the European Economic Area will only be authorised if, and only if:
  • The European Commission has issued a decision that establishes that the country in question guarantees a suitable level of protection for the data, that is to say the equivalent level of protection as that provided under European legislation. Personal data will be transferred on this basis;
  • The transfer is covered by a suitable guarantee affording a level of data protection equivalent to that provided under European legislation, such as the standard contractual clauses of the Commission, a Code of Conduct, certification, binding corporate rules, consent.

In the absence of an adequacy decision or appropriate guarantees, a transfer or collection of transfers of personal data to a third-party country is still possible if the transfer is necessary for the establishment, exercise or defence of our clients’ legal interests.

7. How do we protect personal data?

In all circumstances, the Law Firm ensures an appropriate level of technical and organisational security for personal data pertaining to clients, with the aim of protecting against any data leaks, notably the loss, destruction, public disclosure, unauthorised access or any misuse. However, and if the client is aware of the existence of a data leak or suspects one, the Law Firm requests that the client reports this immediately by contacting us.

8. What rights do clients have and how to contact us?

8.1. Unless a legal provision in force in Belgium does not allow for it, including GDPR, or if legal privilege conflicts with this, you have the following rights: :

  • Right to access and correct: you have the right to request which information pertaining to you is recorded and request corrections, if some information is incorrect;
  • Right to receive copies: you can obtain, free of charge, written communication (including electronically) of the personal data pertaining to you and subject to processing;
  • Right to withdraw consent: if your data has been processed based on your consent, you have the right to withdraw that consent;
  • Right to restrict processing;
  • Right to erasure: you have the right to request deletion of the personal data from your file;
  • Right to data portability: you have a right to receive all information pertaining to you that are recorded in a portable and readable format;
  • Right to object to processing: you have the right to object to processing and the portability of your data.

You also have the right to file a complaint with the Autorité de protection des données [Belgian Data Protection Authority]:
Rue de la Presse, 35 à 1000 Brussels
Telephone: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35

For further information on complaints and possible review procedures, you are invited to consult the following page published by the Autorité de protection des données:

8.2. You can exercise your rights by contacting the Law Firm at the following email address: or by post to the following address: avenue de Tervueren, 273, 1150 Brussels (Belgium).

We will follow up on your requests as soon as possible and at the latest within a month of receipt of your request, we will inform you of the actions we have taken.

Depending on the difficulty of the request or the number of requests that we receive from other people, this may be extended by two months. In this case, you will be notified of this extension in the month following receipt of your request.

In all circumstances, when communicating this information, we always have an obligation to consider the rights and freedoms of other people.

Please enclose with your request all documents or information required to prove your identity, for the purpose of responding to your request.

Finally, when the request to exercise rights is manifestly unfounded or excessive, notably due to the repetitive nature, it may be refused or be the subject of payment of reasonable fees that take into account administrative costs incurred to supply information, proceed with communications or take the requested actions.

8.3. The Law Firm has the duty to ensure that your data is processed completely securely and to inform you if the security of your data has not been respected.

9. What is the applicable law and court with jurisdiction?

This Policy is governed by Belgian law. Any dispute relating to the interpretation or execution of this Policy will be subject to Belgian law.

10. Do we use cookies or other trackers?

For technical reasons, browsing the website Law Firm is likely to mean cookies will be installed on your computer. A cookie is a piece of code, in the form of a small data file, that does not identify the user, but which records information relating to navigation of a computer on a website. The data obtained in this manner is intended to facilitate subsequent navigation of the website, improve our website and also allow us to analyse the number of visits.

To find out more on our Policy regarding cookies, please consult our website, under the section “Privacy Policy”.

11. Changes

The Law Firm can, at any time, for different reasons, make corrections, provide additional information or make changes to this information document on the data protection policy. The most up-to-date version may be consulted at any time on our website

Last updated on 2 January 2024.