Privacy Policy

This Policy is established by:

ORIA LAW

Address: Avenue Louise 54, 1050 Ixelles

email:info@oria-law.be

Hereinafter, "the firm" or "we", "our".

We are particularly attentive to the protection of personal data and to the respect of the privacy of any person who comes into contact with us. We act transparently, in accordance with national and international provisions in this area, notably, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (hereinafter referred to as the "General Data Protection Regulation" or "GDPR").

This information document regarding the protection of personal data describes how we process your data as well as the rights you can exercise regarding the data that concerns you as a data subject.

It may be modified at any time, in order to comply with any regulatory, jurisprudential or technological developments. We invite you to consult it regularly.

You can respond to any of the practices described below by contacting us.

1. ​ ​WHY DOES THE FIRM PROCESS PERSONAL DATA AND WHAT IS THE LEGAL BASIS FOR OUR PROCESSING?

Depending on the data collected and processed as well as the categories of data subjects, the purposes and legal bases of our processing differ.

The firm processes your data:

2. ​ ​WHAT PERSONAL DATA IS PROCESSED BY THE FIRM AND WHERE DOES IT COME FROM?

We only collect personal data that is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed. Depending on the purposes, the collection of data is carried out differently.

We detail below the personal data we collect about our clients, the reason for its collection, as well as the methods of collection.

3. ​ ​WITH WHOM DOES THE FIRM SHARE PERSONAL DATA?

Any data sharing is done in compliance with professional secrecy, ethical rules, and this document.

The data listed above is accessible to members of the firm's team or any colleague acting as a collaborator or specialised lawyer, or any technical advisor to the strict extent necessary for the execution of the firm's obligations.

In the context of defending its interests, the mandate given by the client, and to the extent necessary, the firm communicates the client's personal data to the competent judicial or administrative authorities or legal auxiliaries.

The firm may transmit this personal data to opposing parties in the context of defending the client's interests and to the extent necessary.

The firm may transmit, where applicable, the client's data to banking or insurance institutions in the context of defending the client's interests, in compliance with professional secrecy and to the extent necessary.

The firm may be required to transmit personal data to third parties under the law, decrees, or other regulatory provisions from which it cannot exempt itself.

For example, we may be required to share the client's data with the legal aid office if they benefit from its intervention.

The firm may also share certain data with its co-contractors, classified as 'subcontractors' under the GDPR, to the strictly necessary extent for the operation of computerised or non-computerised management applications or systems to which the firm has subscribed.

In all circumstances, we ensure the protection of clients' data through agreements ensuring confidentiality.

The service providers with whom we are required to share customer data are as follows:

For security reasons, the list of subcontractors, their areas of activity, the purpose pursued, and where applicable, the country in which the data is processed and hosted, are not available on our site but can be provided upon request by the individuals concerned.

4. ​ ​HOW LONG DOES THE FIRM KEEP PERSONAL DATA?

The retention period for personal data varies according to the purposes of processing that data. This period is limited taking into account any retention obligations imposed by law.

5. ​ ​DOES THE FIRM TRANSFER PERSONAL DATA OUTSIDE THE EUROPEAN UNION?

Transfers of data to a country outside the European Union or the European Economic Area will only be permitted if and only if:

➢ The European Commission has made a decision establishing that this country ensures an adequate level of data protection, that is to say equivalent to that provided by European legislation. Personal data will be transferred on this basis.

➢ The transfer is covered by an appropriate guarantee providing a level of data protection equivalent to that provided by European legislation, such as the Commission's standard contractual clauses, a Code of Conduct, certification, binding corporate rules, or consent.

In the absence of an adequacy decision or appropriate guarantees, a transfer or set of transfers of personal data to a third country remains possible if the transfer is necessary for the establishment, exercise, or defence of legal rights.

6. ​ ​HOW DO WE PROTECT CUSTOMERS' PERSONAL DATA?

In all circumstances, we ensure an adequate level of technical and organisational security for customers' personal data, in order to protect them from any data breaches, including loss, destruction, public disclosure, unauthorised access, or any misuse. However, if the customer is aware of a data breach or suspects one, we ask them to report it to us immediately by contacting us.

For security reasons, the list of subcontractors, their area of activity, the purpose pursued, and, where applicable, the country in which the data is processed and hosted are not available on our site but can be provided upon request by the individuals concerned.

7. ​ ​WHAT ARE THE RIGHTS OF CUSTOMERS AND HOW CAN WE BE CONTACTED?

Unless a legal provision in force in Belgium prohibits it, including the GDPR, or if professional secrecy opposes it, clients have the following rights:

➢ The right of access, including the right to know that the firm processes their personal data;

➢ The right to receive a copy of the processed data;

➢ The right to rectify the processed data;

➢ The right to withdraw consent;

➢ The right to object to the processing of their personal data, particularly if their personal data is processed based on our legitimate interest;

➢ The right to restrict the processing of the processed data;

• If the client contests the accuracy of this data. Pending the assessment of the interests at stake before exercising the right to object to the processing of certain personal data.
• If the processing of their personal data is unlawful, but the client does not wish to exercise their right to erasure of the data.
• If we no longer need the client's personal data, but they need it for the purposes of a legal action.

➢ The right to erasure of the processed data;

➢ The right to data portability of the processed data;

➢ The right to lodge a complaint with the Data Protection Authority:

​ ​www.autoriteprotectiondonnees.be

​ ​Rue de la Presse, 35, 1000 Brussels

​ ​Telephone: +32 (0)2 274 48 00

​ ​Fax: +32 (0)2 274 48 35

​ ​Email:contact@apd-gba.be

For further information on complaints and possible remedies, customers are invited to consult the following page of the Data Protection Authority: https://www.autoriteprotectiondonnees.be/citoyen/agir/introduire-une-plainte

We will ensure that we respond to the customer's requests as soon as possible and no later than one month after receiving their request, and we will inform them of the actions we have taken.

Depending on the complexity of their request or the number of requests we receive from other individuals, this timeframe may be extended by two months. In this case, the customer will be notified of this extension within one month of receiving their form.

In all circumstances, when communicating this information, we are always obliged to consider the rights and freedoms of other individuals.

The customer can exercise their rights by contacting the office at the following email address: info@oria-law.be

We ask our customers to attach to their request the documents or information necessary to prove their identity; otherwise, we may need to contact them to request proof of their identity, such as a copy of their identity card, in order to take the necessary actions regarding their request.

Finally, when the request to exercise a right is manifestly unfounded or excessive, particularly due to its repetitive nature, it may be refused or subject to the payment of reasonable fees that take into account the administrative costs incurred to provide the information, carry out communications, or take the requested actions.

8. ​ ​WHAT IS THE APPLICABLE LAW AND THE COMPETENT JURISDICTION?

This Policy is governed by Belgian law. Any dispute relating to the interpretation or implementation of this Policy shall be subject to Belgian law.

9. ​ ​DO WE USE COOKIES OR OTHER TRACKERS?

We use cookies on our websites.

A cookie is a piece of code in the form of a file stored on your computer. During a subsequent visit to our website, these cookies can then be recognized. Cookies help us improve our site, facilitate your navigation, provide targeted advertising, and analyze our audience.

To learn more about our Cookie Policy, please visit our website under the 'Cookie Policy' section.

10. ​MODIFICATIONS

The Firm may, at any time and for various reasons, make corrections, additions, or modifications to this data protection policy information document. The most current version can always be accessed on our website.

Last updated on the 5th of January 2026