Privacy policy


1. General


1.1. This is the privacy policy of Curia CVOA, with registered offices at 3000 Leuven, Arnould Nobelstraat 40/0102 and registration number 0883.689.992 with the Crossroads Bank for Enterprises (“Curia”).


1.2. Curia is an established law firm offering a full service to undertakings and entrepreneurs. With this privacy policy, Curia informs who might be concerned about the processing of personal data.


1.3. Curia can modify this privacy policy at any time. Please, consult it therefore regularly.



2. Legal


2.1. Curia is the controller of, and therefore responsible for, personal data: (i) relating to you and/or (ii) regarding other data subjects provided by you or on your behalf (“Personal Data”).


2.2. This privacy policy is subject to, amongst others, the following privacy legislation:

(i) the Belgian Data Protection Act of December 8, 1992 on the protection of privacy in relation to the processing of personal data (as amended, modified and/or completed from time to time) (the “Privacy Act”);

(ii) Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”);

(iii) all other applicable legislation regarding the protection of privacy and the processing of personal data;


(together or separately, the “Privacy Legislation”).


2.3. Curia has the following legal grounds for the processing of Personal Data:

(i) the contract you have entered into with Curia;

(ii) the free, specific, informed and unambiguous consent, from you or through you on behalf of the other data subject concerned, to process Personal Data. Such consent can be given by any means, such as, but not limited to mail, email, an online or offline consent form, a membership form or orally;

(iii) a legal obligation; and/ or

(iv) a legitimate interest of Curia.



3. Purpose


Curia processes Personal Data in accordance with the Privacy Legislation and this privacy policy, in order to:

(i) execute its activities, as described in article 1.2 (including the performance of agreements entered into);

(ii) provide direct marketing regarding its activities such as updates, newsletters, info brochures, emails, marketing materials, invitations to events such as conferences, exhibitions, launches, seminars and workshops and other information that may be useful to the addressee;

(iii) better understand the needs and preferences of the addressee in order to adjust its services hereto;

(iv) answer any question one might have when contacting Curia e.g. by telephone or by email;

(v) get in touch in the context of a selection and recruitment process;

(vi) comply with applicable legislation.


(together or separately the “Purpose”).



4. Personal data


4.1. Curia can request, collect and process all Personal Data that can be useful for the Purpose, such as: (first, middle, last) name, address, email address, phone number, IP address, job, company name, preferred language, specific areas of law that might be of interest of the addressee, resume and/or all other information one provide us with.


4.2. You guarantee that the Personal Data you have provided to Curia are complete and correct and that you are entitled to transfer these.



5. Transfer of personal data to third parties


5.1. Curia can rely on subcontractors to perform certain processing activities (e.g. mailing campaigns, hosting the Curia website, other ICT-purposes etc.). Curia enters into processing agreements with those third parties that can have access to Personal Data.


5.2. Curia guarantees that it does not transfer Personal Data to other third parties, unless:


(i) there is a legal obligation to transfer Personal Data;

(ii) Curia has a legitimate interest to do so.



6. Your rights


6.1. The Privacy Legislation provides the data subjects with a number of rights in regarding their Personal Data. Everybody has the right, free of charge:


(i) to have access to and receive a copy of his/her Personal Data;

(ii) to have his/her Personal Data corrected in case of errors;

(iii) to have his/her Personal Data erased in case:

a. Personal Data are no longer necessary to achieve the Purpose;

b. he/she withdraws his/her consent and there is no other legal ground for the processing of Personal Data;

c. he/she objects to the processing his/her Personal Data and there is no other legal ground for the processing of his/her Personal Data;

d. his/her Personal Data have been unlawfully processed;

e. there is a legal obligation to erase his/her Personal Data;

(iv) to have the processing of his/her Personal Data restricted;

(v) to request that his/her Personal Data are transferred to a third party;

(vi) to object against the processing of his/her Personal Data, in particular the processing for direct marketing purposes;

(vii) to withdraw his/her consent pursuant to which Curia is allowed to process Personal Data;

(viii) to lodge a complaint with the supervisory authority (Data Protection Authority / Commission for the Protection of Privacy) if he/she is of the opinion that the processing of his/her personal data violates the Privacy Legislation. It can be reached through: Rue de la Presse 35, 1000 Brussels,


6.2. In case one wants to exercise any of the above rights, he/she can send a written, dated and signed request, with proof of identity, by ordinary mail to Curia CVOA, Arnould Nobelstraat 40/0102, 3000 Leuven, Belgium or by email to Please note that the Privacy legislation may impose conditions on exercising any of the above rights.



7. Storage and security


Curia stores Personal Data for as long as it is necessary to achieve the Purpose. The Personal Data are stored by Curia, or, if applicable, by its processor of Personal Data.


Curia commits to take (or have) all reasonable measures (taken) to protect the Personal Data through technical safety measures and an appropriate safety policy from destruction, loss, modification or unauthorized processing.


You acknowledge and accept that the transfer and storage of Personal Data is never without risk and consequently, Curia cannot be held liable for the damages that you may suffer as a result of the unlawful use of Personal Data by third parties, other than Curia’s processors.



8. Liability


Curia can solely be held liable for damages which directly result from the processing of Personal Data due to a fault or negligence of Curia. In any event, Curia cannot be held liable: (i) in circumstances of force majeure, (ii) for any indirect or consequential damage, and/or (iii) for damages that result from errors, faults or negligence by you or third parties, other than Curia’s processors. The total amount of Curia’s liability for breaches of this privacy policy and/or Privacy Legislation cannot exceed 2.500 euro (two thousand five hundred euro).



9. Severability


9.1. If any provision in this privacy policy is deemed to be unlawful or unenforceable, such provision shall be amended insofar as necessary in order to make it lawful or enforceable, while retaining the original meaning of that provision as much as possible.


9.2. Whenever possible, the provisions of this privacy policy shall be interpreted in such a manner as to be valid and enforceable under applicable law. However, if one or more provisions of this privacy policy are found to be invalid, illegal or unenforceable, in whole or in part, the remainder of that provision and of this privacy policy shall remain in full force and effect as if such invalid, illegal or unenforceable provision had never been contained herein.



10. Applicable law and competent court


10.1. You agree that all disputes between you and Curia regarding Personal Data and privacy issues, are exclusively subject to Belgian law, excluding any conflict of law principles.


10.2. Every dispute regarding Personal Data and privacy issues should be submitted to the exclusive jurisdiction of the courts of Leuven, Belgium, excluding any other court.