Privacy Policy

The original version of the Privacy Policy is in French language. Any translated version is for your convenience and information only. In case of disputes the French text shall prevail.

Preamble:

We are a Belgian start-up that aims to make the law more accessible and understandable to everyone.

We are active in Belgium, so we respect the Belgian and European legislation.

We are very concerned about the protection of our users’ personal data and the use of cookies.

From the inception of the Symplicy start-up, we are proactive and preventive in our handling of Personal Data. Our Personal Data processing log is available upon request.

We collect and process your data in accordance with the General Data Protection Regulation (RGPD) of 27 April 2016 as well as the law of 30 July 2018 on the protection of individuals with regard to the processing of Personal Data. You have control over your data.

This Personal Data Policy explains how we manage Personal Data and sets out the choices you have in relation to it.

Capitalized terms used but not defined in this Privacy Policy have the meanings given to them in the Terms of Use.

By using our Services, you represent that you have read our Privacy Policy and expressly agree to it.

What Personal Data do we process and collect? What is the basis for the processing? How long will your Personal Data be stored?

You contact us

If you contact us by email, by phone, by form, through our Calendly appointment booking tool and/or by message via our Facebook, Instagram or LinkedIn, Twitter or YouTube pages, we process and collect:

  • Your first name.
  • Your first name.
  • Your telephone number.
  • Your email address.
  • Your request.

for the following purposes:

  • To respond to your request or to contact you.
  • Respond to your request concerning the implementation of your rights related to Personal Data.

The processing and collection of Personal Data is based on our legitimate interests.

From the moment you send us a message, an e-mail, or make an appointment, it is necessary to collect and process your Personal Data in order to respond to your request.

The Personal Data we process comes directly from you.

The personal data collected is kept for two years.

You are using our Software installed on a Lawyer’s website

Symplicy has developed software that can be installed on lawyers’ websites. This software allows you to contact your lawyer. This contact is made using forms. Therefore, when using our Software to contact your Lawyer, you will be asked to fill in a Form.

In our Software interface, if you fill in a Form and click on the “Send” button, your answers are sent directly to the Lawyer’s mailbox. Your answers are also available in the Lawyer’s Personal Space.

In our Software interface, if you fill in and submit a Form, we process and collect :

The answers given in this Form:

  • Your last name.
  • Your first name.
  • Your telephone number.
  • Your e-mail address.
  • The content of your request for the Lawyer.

for the following purposes:

  • To communicate your answers to the form to the Lawyer.
  • To send you an acknowledgement of receipt to your e-mail address. This acknowledgement confirms that your request has been sent to the Lawyer’s e-mail address.
  • Contact the Lawyer to check that he/she has received your request and the Form completed by you.
  • Return the form and your request to the lawyer if he has not received it.
  • Carry out a search for court decisions and model documents.

The processing and collection of this Personal Data is based on the performance of a contract to which you are a party. By submitting the form and checking the appropriate box, you agree to our General Terms of Use. The processing and collection of this Personal Data is essential for the performance of our General Terms of Use.

The Personal Data we process comes directly from you.

We retain your Personal Data collected via the Forms until the day on which the Lawyer cancels his or her Subscription.

Installation of our Software and creation of our Lawyer Directory

In connection with the installation of our Software on the Lawyer’s Website, the use of our Software by the Lawyer and the creation of our Lawyer Directory, we process and collect:

  • Lawyer’s last name.
  • Lawyer’s first name.
  • Lawyer’s company number.
  • Lawyer’s VAT number.
  • Lawyer’s telephone number.
  • Lawyer’s photo.
  • Lawyer’s office photo.
  • Lawyer’s office address.
  • Lawyer’s email address.
  • Language spoken by the lawyer.
  • Structure of the lawyer’s office.
  • Lawyer’s jurisdiction.
  • Lawyer’s bank account numbers.
  • Link to the Lawyer’s social networks.
  • Link to the Lawyer’s website.
  • Decisions argued by the Lawyer. The decisions contain personal data.
  • Lawyer’s document templates. The Document Templates contain personal data.

For the following purposes:

  • To ensure the exercise of our Services.
  • To communicate the request, the Litigant’s Form to the Lawyer.
  • To allow the Lawyer to contact the Litigant.
  • To carry out our canvassing and our visual presentations of canvassing to the Lawyers.
  • To ensure communication with the Lawyer.
  • To contact the Lawyer by e-mail or telephone to ensure that he has received the request, the Form of the Justiciable.
  • To ensure the publication of the Lawyer’s profile on trouveunavocat.be as well as its Indexation.
  • To write our various contracts with the Lawyers.
  • To ensure the accounting of our Services with the Lawyers.
  • To proceed to the invoicing of our Services and to their recovery.
  • Communicate through the Personal Space court decisions and / or document templates.

The processing and collection of this Personal Data is based on a contractual obligation.

This Personal Data is kept for as long as necessary to achieve the purposes.

It will be deleted from our database as soon as it is no longer necessary for the purpose or if the Lawyer has validly exercised his or her right to erasure.

A Lawyer may decide to modify, correct or permanently delete Personal Data from our database.

We invite you to read the following points:

  • What are your rights regarding the protection of Personal Data?
  • How to implement them?

Publication and online distribution of court decisions or Model documents

When a Lawyer is contacted by a Litigant via a Form, we communicate to the Lawyer court decisions and/or Model documents.

The Lawyer also has the possibility to search for court decisions and/or Model Documents through his Personal Space.

The Model Documents are sent to us by Lawyers.

Court decisions are sent to us by Lawyers or come from public databases which are covered by a royalty-free license.

Lawyers import their document templates and/or court decisions via their personal space.

We therefore distribute through our Software court decisions and / or Model Documents, which may therefore contain Personal Data.

The collection and processing of court decisions from public databases has a legal basis:

  • Our legitimate interest in reusing public information.
  • Our legitimate interest in informing the public about the decisions rendered by the Belgian courts (freedom of expression and right to information).
  • Our legitimate interest in fulfilling an educational purpose.

The collection and processing of court decisions and/or Model Documents from private databases of Lawyers is based on a contractual basis.

If the Lawyer imports court decisions or Model Documents via his or her Personal Space by activating the “Private” mode, we have made the technical choice not to proceed to pseudonymization. We process and store the Personal Data contained in the court decisions or Model Documents until the day the Lawyer has cancelled his Subscription.

Via his Personal Space, if the Lawyer imports court decisions or Model Documents by activating the “Public” mode, we have made the technical choice to proceed with a pseudonymisation by random letters rather than by initials, in order to ensure the effectiveness of the pseudonymisation carried out.

This means that the letters you will find in place of people’s names are not the initials of these people.

The identification keys are completely removed and are not retained.

If you find decisions in which the names of legal professionals, legal entities or names of litigants are not pseudonymized, you can send us the link of these decisions so that we can proceed to a rectification.

The decisions of the European Court of Human Rights are not pseudonymized, in accordance with articles 33 and 47 of the Rules of the Court.

Our aim is to make :

  • The law more accessible and understandable.
  • To simplify access to legal information.
  • Stimulate the sharing of court decisions. We believe that court decisions in Belgium are not sufficiently shared, published and accessible to lawyers.
  • To disseminate legal information.

You visit the accounts, pages of our different social networks

When you visit our pages, our accounts on social networks, we process jointly with the social network your Personal Data in order to :

  • Improve the advertising system of the social network.
  • To obtain statistics of audience of the page and the account.
  • To carry out our advertising campaigns on social networks.
  • To promote our page adequately.

You take part in one of our events or training courses

By participating in our event or training, we process and collect :

  • Your name.
  • Your first name.
  • Your e-mail address.

for the following purposes:

  • To confirm your registration.
  • To organize our event or training course.

The processing of your Personal Data is essential for the performance of the contract binding us in the context of the event or training course to which you have subscribed and participated.

The Personal Data we process comes directly from you.

We keep your Personal Data for two years.

If Symplicy co-organizes the event or training with an organization or company independent of Symplicy, we may share your Personal Data with this partner.

You sign up for our newsletter

When you subscribe to our newsletter, we process and collect:

  • Your name.
  • Your first name.
  • Your email address.
  • Your phone number.

For the following purposes:

  • To send you electronic newsletters.
  • To contact you for the promotion of our next events or trainings.
  • To make a one-time contact about our Services.

The processing and collection of this Personal Information is based on your consent. This consent is obtained when you check a box provided for this purpose.

The Personal Information we process comes directly from you.

We keep your Personal Information until you terminate this service.

You submit your application

If you send us your application, we process and collect:

  • Your CV.
  • Your cover letter.

in order to evaluate the possibility of a future contractual relationship.

This Personal Data comes directly from you. The processing and collection of this Personal Data is based on our legitimate interest in recruiting.

This Personal Data is deleted within 2 months of the end of the selection process.

You deal with us as a subcontractor or supplier

If you are one of our subcontractors or suppliers, we process and collect:

  • Your name.
  • Your postal address.
  • Your email address.
  • Your telephone number.
  • Your VAT and/or ECB number.
  • Your bank account number.

in order to fulfill our legal obligations under the Code of Economic Law in tax and accounting matters and for the execution of the contract.

The retention period is 7 years from the year in which the supplier or subcontractor has been encoded in the accounts. This data comes directly from our supplier or subcontractor.

Who is the data controller?

The data controller is the limited liability company Symplicy represented by its directors Adrien Dumonceaux, Simon Genin, Shervin Sardari, Gwenaël Bierlier and Romain Dubay. The address of Symplicy’s registered office is Chemin du Cyclotron, number 6, 1348 Ottignies-Louvain-la-Neuve.

In the context of one of our Services, we process your Personal Data in our capacity as data controller, i.e. the entity that determines the purposes and means of the processing.

Who has access to your Personal Information?

The following categories of recipients may receive or have access to some of your Personal Information (only if necessary to perform their duties):

  • The data controller.
  • The freelancers or employees responsible for customer success have access to the personal identification data, professional identification data and contact data of customers (natural persons) or customer representatives (legal entities) as well as to the Personal Data contained in the documents prepared within the framework of the Service (which may contain Personal Data relating to other persons concerned).
  • Freelancers or business development employees have access to the personal identification data, professional identification data and contact data of our customers (natural persons), representatives of our customers (legal entities) and representatives of our suppliers only within the scope of our business management and the management of our suppliers.
  • Our legal advisors and attorneys have access to certain Personal Information of data subjects in connection with corporate restructuring or litigation.
  • We entrust the processing of some of your Personal Data to subcontractors only to the extent necessary to perform their tasks and in accordance with the applicable data protection legislation.
  • In the event of a corporate reorganization transaction (e.g., a merger and acquisition or financing transaction), we may transfer certain Personal Data about a limited number of customer representatives (legal entities) to a third party involved in the transaction (e.g., a buyer or investor) in accordance with applicable data protection legislation.
  • To the tax and social security authorities in order to meet our legal obligations.

How do we share your data with our contractors?

We entrust the processing of some of your Personal Data to subcontractors. In order to be completely transparent, we communicate you the list of these subcontractors:

  • Aws Amazon
    • The purpose is to host our websites, software, and databases.
    • The location of the data is set in Europe. Data is also transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Amazon is available by clicking here.
  • OVH
    • The goal is the registration of our domain names.
    • The location of the data is set in Europe. Our outsourcing contract with OVH is available by clicking here.
  • Postmark
    • The goals are:
      • Sending the application form to the lawyer’s e-mail address in complete security.
      • Sending a copy of your application form to your email address in complete security.
    • To learn more about security and encryption, we invite you to read Postmark’s guide. This guide is available by clicking here.
    • The location of the data is set in the United States. The data is therefore transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Postmark is available by clicking here.
    • Postmark is committed to the RGPD. You can consult the charter set up by Postmark concerning the respect of the RGPD. It is available by clicking here.
  • OpenAI
    • The goal is to improve our Rulings and/or Templates search service.
    • We use OpenAI technologies to automatically generate keywords and summaries of court decisions and/or Templates. We use OpenAI Technologies to anonymize/pseudonymize court decisions and/or Templates. Symplicy’s use of OpenAI technologies is done through an API. This API is made available by OpenAI. OpenAI will not use data submitted by Symplicy via its API to train or improve its models. All data submitted via the OpenAI API will be retained for a maximum of 30 days, after which it will be deleted. For more information on OpenAI’s use of data via its API, please visit this page: https://openai.com/policies/api-data-usage-policies.
      Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Google Ads, Analytics and Tag Manager.
    • Goals:
      • To analyze the audience of our Services
      • To carry out advertising campaigns on the Google network. This web analytics service offered by Google tracks website traffic. Google uses the collected data to track and monitor the use of our Services. This data is shared with other Google services. Google may use the data collected to contextualize and personalize ads in its own advertising network.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available: Google Ads Data Processing Terms and Google Measurement Controller-Controller Data Protection Terms.
  • Google Maps
    • The goal is the implementation of APIs: API Place details, API Autocompete, API Maps. These APIs allow a user to be geolocated via his browser so that he can find lawyers near his position.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Google Dialogflow
    • The goal is to run our personal assistant, Harvey, on Facebook messaging.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Microsoft Office 365
    • The goals are:
      • Create and host our text documents, tables, presentations.
      • Hosting our emails.
    • The location of the data is set in Europe. Data is also transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Microsoft is available by clicking here.
  • Facebook
    • The goals are:
      • Receive and respond to your messages via our pages, Facebook and Instagram accounts.
      • Launch advertising campaigns on Facebook and Instagram.
      • Analyze the audience of our pages and accounts. This analytics service provided by the Facebook group of companies uses the data collected to track and monitor the use of our services. This data is shared with other Facebook services. Facebook may use the data collected to contextualize and personalize ads on its own advertising network.
      • Install our personal assistant, Harvey, on the Facebook platform.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our outsourcing contract with Facebook is available by clicking here.
  • LinkedIn
    • The goals are:
      • Receive and respond to your messages via our pages, LinkedIn accounts.
      • Launch advertising campaigns on LinkedIn.
      • Analyze the audience of our pages and accounts. This analytics service offered by LinkedIn uses the data collected to track and monitor the use of our services. This data is shared with other LinkedIn services. LinkedIn may use the data collected to contextualize and personalize ads in its own advertising network.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with LinkedIn is available by clicking here.
  • Twitter
    • The goals are:
      • Receive and reply to your messages via our pages, Twitter accounts.
      • Launch advertising campaigns on Twitter.
      • Analyze the audience of our pages and accounts. This analytics service offered by Twitter uses the data collected to track and monitor the use of our services. This data is shared with other Twitter services. Twitter may use the data collected to contextualize and personalize ads on its own advertising network.
    • Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Twitter is available by clicking here.
  • Accountant Crapanzano
    • The goals are:
      • To keep an orderly accounting of our activity.
      • To respect our fiscal and social obligations.
    • The location of the data is set in Belgium.
  • CBC Banque Belgium
    • The goals are:
      • To allow the maintenance of our bank account.
      • To enable the execution and receipt of our payments.
    • The location of the data is set in Europe. CBC Banque’s Personal Data Protection Policy is available by clicking here.
  • Calendly
    • The goal is to allow you to select a time slot in our electronic calendar in order to schedule an appointment, a meeting.
    • The location of the data is set in the United States. Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Calendly’s Personal Data Protection Policy is available by clicking here.
  • Asana
    • The goals are:
      • To organize as a team.
      • To communicate internally.
    • The location of the data is set in the United States. Data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our outsourcing agreement with Asana is available by clicking here.
  • HubSpot
    • The purpose is to manage the relationship with our customer or potential future customer.
    • The location of the data is set in the United States. The data is transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with HubSpot is available by clicking here.
  • Stripe
    • The purpose is to manage the relationship with our customer or potential future customer for the sending of our quotations and the invoicing of our Services.
    • The location of the data is fixed in Europe. Data is also transferred to subcontractors established in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Stripe is available by clicking here.

For your information, here is their policy on the protection of personal data:

What level of security do we provide?

We have taken appropriate technical and organizational measures to protect your Personal Data from unauthorized access, use, loss or disclosure.

For example, we have taken the following measures:

  • We maintain a register of the processing of Personal Data. It is available upon request.
  • We maintain a data leakage and theft procedure and a data leakage and theft log. To date, there has never been a data breach or theft.
  • We provide a list of our subcontractors.
  • We have put in place an internal policy informing and obliging our administrators, employees to maintain data confidentiality and compliance with the GDPR. We have set up a Sharepoint to raise awareness of Personal Data issues among our teams.
  • We are able to notify you without delay in the event of a data breach (although we and our contractors work hard to ensure this is not necessary).
  • We have a username and password policy on all our systems.
  • We pseudonymize personal information when necessary.
  • We routinely back up personal data so that it can be recovered in the event of physical or technical incidents.
  • We regularly test and evaluate our measures and adjust them if necessary.
  • We are monitored by competent privacy lawyers.
  • We keep ourselves informed of the guides and guidelines published by the CNIL and the Belgian Personal Data Authority.

In the case of new projects that may have an impact on your privacy, a thorough analysis is carried out to guarantee your rights, the security and the protection of your Personal Data.

Should there nevertheless be an incident involving your data, you will be informed personally in the circumstances provided by law.

Do we transfer Personal Information outside the European Union?

Yes, we transfer Personal Data to a country outside the European Union or the European Economic Area if and only if:

  • The European Commission has issued a decision that establishes that country provides an adequate level of data protection, i.e., equivalent to that provided by EU law. Personal data will be transferred on this basis.
  • The transfer is covered by an appropriate safeguard granting a level of data protection equivalent to that provided by European legislation, such as the Commission’s standard contractual clauses, a Code of Conduct, certification, binding corporate rules, consent.

What are your rights regarding the protection of personal data?

Right of access

  • This right allows you to ask us directly if we have any information about you, and to request that we provide you with all of that information.
  • The exercise of the right of access is free of charge unless your request is excessively recurrent, unfounded or manifestly intended to abuse this right of access.
  • We will be entitled to charge a “reasonable fee” based on the administrative costs incurred.

Right of rectification and right to update your data

  • This right allows you to ask us to rectify inaccurate information about you. The right of rectification completes the right of access.

Right to object

  • This right allows you to object to the processing of your Personal Data.
  • This right of objection only applies to processing that is necessary for the performance of a task in the public interest or in the exercise of official authority, or for the purposes of the legitimate interests pursued by the controller or by a third party, or for canvassing purposes, or for scientific or historical research or for statistical purposes. We may invoke legitimate and compelling reasons overriding you by the processing to not act on your right to object.

Right to withdraw your consent

  • If the data is processed on the basis of your consent, you have the possibility at any time to reverse this decision, without calling into question the past processing.

Right of portability

  • This right allows you to retrieve some of your data in an open, machine-readable format and to transfer your Personal Data from one organization to another.
  • You can exercise this right only for data processing that has been based on consent or that the processing is carried out using automated processes.
  • You can only exercise this right with respect to the data you have provided to us.
  • You will not be able to implement the right to data portability if it infringes on the rights and freedoms of third parties.

Right to erasure

  • This right allows you to request the permanent deletion of your data.
  • This right can only be exercised within the limits provided for in Article 17 and 18 of the General Regulation on the Protection of Personal Data.

How can you exercise your privacy rights?

If you wish to exercise your rights and if you have any questions or complaints about the way in which we process your personal data, please address them in advance to info@symplicy.com.

If you believe that a data controller is not respecting your personal data, you have the possibility to lodge a complaint with the Data Protection Authority (“DPA”), you have the right to lodge a complaint with the competent supervisory authority.

The competent authority for Belgium is: Data Protection Authority, Rue de la Presse 35, 1000 Brussels, +32 (0)2 274 48 00, contact@apd-gba.be or via this link https://www.autoriteprotectiondonnees.be/citoyen/agir/introduire-une-plainte.

Hyperlinks to other websites ?

When using our Services, they may contain Hyperlinks to other Websites that are maintained by legal/physical persons who are not part of our company.

These websites must have their own rules for the protection of personal data.

We invite you to read their rules. We cannot be responsible for the content of these websites or for the way in which these websites handle Personal Data.

What is the applicable law?

This Privacy Policy shall be interpreted by and in accordance with Belgian law.

What is the competent jurisdiction?

In the event of a dispute between the Parties relating to the validity, interpretation or execution of this Privacy Policy that cannot be resolved amicably, the Parties shall first attempt to resolve such dispute through mediation. The Parties shall appoint a mediator from among the mediators approved by the Federal Mediation Commission in Belgium.

If the mediation does not allow to solve this dispute, the dispute will be brought exclusively before the courts of Liège, Namur division materially competent.

Miscellaneous clauses

If any provision of this Privacy Policy is found to be invalid or unenforceable, it shall be deemed unwritten, without affecting the validity of the remaining provisions.

The original version of this Privacy Policy is in French. The translated version in Dutch and English is only available for your convenience and information. In the event of a dispute, the French version of the text will be deemed to prevail.

This Privacy Policy is an integral part of the Terms of Use and cannot be separated from it.

If you feel that we are not respecting your privacy, you can send us an email at info@symplicy.com.

This Privacy Policy is dated februari 7, 2024. You can download a copy of this version in a durable medium (.pdf format) by clicking here.