Privacy Policy

Pursuant to their activities, the companies Deprince, Cherpion & Associates SC SPRL, PME Assistance SC SPRL and DTAX.lu SA process personal data concerning natural persons and are consequently subject to the provisions of the General Data Protection Regulation (abbreviated to GDPR) of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, which came into force as of 25 May 2018.

In our capacity as accountants, auditors and tax consultants, we are obliged to comply with certain rules, such as professional secrecy, the duty of discretion or the fulfilment of certain legal obligations such as those resulting from the new law on the prevention of money laundering and terrorist financing.

 WHICH PERSONAL DATA DO WE COLLECT?

When undertaking of our missions, we process and store different kinds of personal data.
The data collected may vary according to the service we provide. These concern mainly:

  • your identification data
    surname, first name, address, place and date of birth, identity card number, etc.
  • your financial data
    income, loans, savings, bank account and related information, value of moveable assets and real estate, etc.
  • your sociodemographic data
    civil status, family situation, etc.
  • other
    copy of your ID card or passport, diplomas, marriage contracts, deeds of gift, etc.

We do not process sensitive data relating to your political opinions, your religious beliefs or your racial or ethnic origin.

When undertaking some kind of our missions, we may process sensitive personal data relating to your health (tax return, succession, insurance,…).

If your mandate concerns drawing up your natural person’s tax return, we may also be obliged to process certain personal data relating to minors, such as the surname, the first name and/or the date of birth of your child(ren) as well as some sensitive data related to the specific status of your husband/wife and child(ren).

HOW DO WE COLLECT PERSONAL DATA?

  1. The data subject or one of his relatives provided us with the personal data.
  2. We collected the personal data from official publications such as the Belgian Official Journal, the National Bank of Belgium, the Crossroads Bank of Belgium (central business database) or the Tax-on-Web platform.
  3. Our client(s) provided us with the personal data. These data concern in particular members of their staff, members of their management body, shareholders, partners or other third persons involved in their activities (e.g. customers, suppliers, etc.).

WHY DO WE COLLECT PERSONAL DATA?

In accordance with the applicable regulations, we only process personal data for the following legal reasons:

  1. to enter into a business relationship
    in accordance with the act of 18 September 2017 on the prevention of money laundering and terrorist financing, we are obliged to collect the personal data of all our clients and their mandataries;
  2. to fulfil a contract or undertake a mission entrusted to us
    without processing these personal data, we would not be able to provide a quality service or complete our mission properly;
  3. to comply with our legal and statutory obligations
    in particular the code of ethics, tax and social obligations or obligations relating to the prevention of money laundering and terrorist financing;
  4. to protect our legitimate interests
    to exercise our rights of defense in disciplinary, criminal and civil matters;
  5. to undertake a public interest mission
    in particular regarding the prevention of money laundering.

The use of these data may vary depending on our mission and the way in which we process it, in particular:

  • for administrative purposes
  • for invoicing
  • for legal, tax and social reasons
  • to draw up accounting and legal documents (minutes, reports, balance sheets, financial statements, etc.)
  • for financial and risk analysis
  • to protect our rights and those of our clients. 

HOW LONG DO WE STORE YOUR PERSONAL DATA?  

Your personal data are stored only for as long as we need them for the purposes for which they were collected. To comply with the legal retention obligations, some data may be stored without being processed. If appropriate, the retention period is set by the legal provisions. At the end of this period, all the data will be deleted.

SHARING PERSONAL DATA

We may have to share personal data with:

  • processors
    to whom we pass on only the data needed to complete their mission;
  • external collaborators
    involved in any operation necessary to carry out our mission (notaries, lawyers, curators, etc.) and to whom we pass on only the data needed to complete their mission;
  • public authorities
    in the event of an investigation, we are legally obliged to disclose the information requested of us (e.g. for the prevention of money laundering and terrorist financing, tax inspections, etc.).

In accordance with the General Data Protection Regulation and unless the data subject has objected, we share the data with any processors or external collaborators only provided that a binding agreement has been concluded between us and the processor or the external collaborator. In general, we also ensure that our partners comply with our observance of personal data protection.

SECURITY OF PERSONAL DATA          

Technical and organisational measures such as firewalls and internal access control are set up to ensure the security of personal data. These measures aim in particular to protect personal data against unauthorized access, loss or destruction.

All the data collected are stored on a secured network.
Our suppliers also comply with the provisions of the General Data Protection Regulation.

THE RIGHTS OF THE DATA SUBJECT

  • right to information and access
    to obtain confirmation that the data are used, to request that the data held are passed on to the data subject, to be informed of any transmission of the data to a third party;
  • right to rectification
    to request the rectification of any inaccurate or incomplete personal data;
  • right to erasure
    to request the erasure of personal data which are no longer used or which are used in an unlawful manner;
  • right to object
    to limit the processing and use of personal data;
  • right to data portability
    to request that the data be transferred to the data subject or to any other controller in the context of their service provision;
  • right to complain
    to claim damages for any damage suffered.

To exercise these rights, the data subject should send a written request

Deprince Cherpion & Associates SC SPRL
or PME Assistance SC SPRL
or DTAX.lu SA

Mutsaardplein 2A
1853 Strombeek-Bever
BELGIUM

To be able to respond to your request as well as possible, we must be able to identify the data subject concerned accurately.
If there is any doubt about the identity of the applicant, additional information may be requested. All requests will be processed within a reasonable period and at the latest within one month of receipt of the request or within two months for complex requests.

Some requests could involve fees for the applicant. We also reserve the right to refuse any unfounded or excessive request. If appropriate, we inform the applicant of this and a service proposal may be sent.

If you are a client, a mandatary of one of our clients or a beneficial owner of one of our clients, we draw your attention to Article 65 of the act of 18 September 2017 on the prevention of money laundering and terrorist financing and the limitation of the use of cash.

This article states that “the person concerned by the processing of personal data in application of this act cannot be granted the right to access and rectification of his data, or the right to be forgotten, or the right to data portability or the right to object, or the right not to be subject to profiling or to receive notification of security breaches”. 

If appropriate, you should contact the Belgian Privacy Authority to exercise your rights.

COMPLAINTS

You can also submit a complaint to the competent supervisory authority.
To do so, please consult the website of the Belgian Data Protection Authority: www.dataprotectionauthority.be.

MODIFICATION OF OUR PRIVACY POLICY

In order to remain compliant with the legislation on the protection of privacy, we reserve the right to amend this Privacy Policy. Consequently, we invite you to consult our website regularly to remain informed about our Privacy Policy.

CONTACT DETAILS

If you have any questions about our privacy policy, please do not hesitate to contact us:

Deprince Cherpion & Associates SC SPRL
or PME Assistance SC SPRL
or DTAX.lu SA

Ms Céline DEGEYE
Mutsaardplein 2A
1853 Strombeek-Bever
BELGIUM

gdpr@pmeassistance.be

Tel. : +32 (0) 2 267 04 89