The Club's Data Protection Policy

1. Purpose of this policy

This policy explains how the Brussels Women’s Club collects, uses, stores, and protects personal data relating to its members, prospective members, office holders,volunteers, and other individuals with whom it has regular contact. The Club is committed to complying with Regulation (EU) 2016/679, the General Data Protection Regulation, and with applicable Belgian data protection law. Personal data are handled with care, discretion, and respect for individual rights, in accordance with this policy.

When you sign up for membership or to use the Club’s facilities we obtain personal information about you. This policy explains what we do with that information and how we protect it.

2. Data controller

The Brussels Women’s Club acts as the data controller for the personal data it processes in the context of its activities. The Club is established in Brussels and may be contacted at its registered address. Responsibility for data protection mattersrests with the Club’s designated contact person. Any correspondance should be sent to info@brusselswomens.club.

3. Personal data collected

The Club collects and processes only personal data that are necessary for legitimate club purposes. This includes identification and contact details provided by members, such as names, titles, date of birth, postal addresses, email addresses, and telephone numbers, together with information relating to membership status, subscriptions, payments, participation in club activities, and correspondence with the Club. The Club does not intentionally collect special category personal data unless this is strictly necessary for a specific activity and appropriate safeguards are inplace. Certain personal data are required in order to administer membership effectively, and failure to provide such data may make it difficult or impossible for the Club to offer or maintain membership or participation in its activities.

4. Purposes and legal basis for processing

Personal data are processed solely for defined and lawful purposes connected with the operation and governance of the Club. These purposes include the administration of membership and subscriptions, communication with members regarding meetings, events, and activities, maintenance of accurate records, compliance with legal and accounting obligations, and the proper conduct of elections, committees, and internal governance. Processing is carried out on the basis of the membership relationship as a contractual arrangement, compliance with legal obligations, and the legitimate interests of the Club in functioning effectively. Where required by law, processing is based on the individual’s consent, which may be withdrawn at any time without affecting the lawfulness of prior processing. The Club does not use automated decision-making or profiling in relation to its members or other individuals.

5. Data minimisation and accuracy

The Club applies the principle of data minimisation by collecting only data that are relevant and proportionate to its purposes. Reasonable steps are taken to ensure that personal data remain accurate and up to date. In particular, members are encouraged requested to notify the Club promptly of any changes to their personal details so that records may be corrected without delay. Members may consult data held by the Club by logging into "Profile" on the website and clicking on "view my Profile". Members may amend their own data at any stage.

6. Storage and retention

Personal data are stored securely, whether in electronic systems or in paper records. Access is restricted to officers or representatives of the Club who require the data in order to perform their functions. Data are retained only for as long as necessary to fulfil the purposes for which they were collected, taking into account statutory retention periods applicable to financial and administrative records. Once data are no longer required, they are securely deleted or destroyed.

7. Data sharing

The Club does not sell, rent, or otherwise commercialise personal data. Personal data may be shared only where this is necessary for the proper administration of the Club or required by law. This may include sharing limited information with service providers assisting with administration or IT support, with banks or payment providers for subscription handling, or with public authorities where a legal obligation applies. Any third party processing personal data on behalf of the Club is required to apply appropriate confidentiality and security measures and to process the data only in accordance with the Club’s instructions.

8. Security measures and data breaches

The Club applies technical, legal and organisational measures that are appropriate to the nature, scope, and scale of its activities in order to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures are reviewed periodically and adjusted where necessary to maintain an appropriate level of security. The information is held on a need to know basis and any volunteers are trained in handling the information securely. The Club also maintains procedures to address personal data breaches and will notify the Belgian Data Protection Authorityand affected individuals where required by law.

9. Rights of individuals

Individuals whose personal data are processed by the Club have rights under the GDPR. These include the right to obtain access to a copy of their personal data (which can be seen via the Profile section of the website), to request correction of inaccurate or incomplete data, to request erasure or restriction of processing in certain circumstances or to object to processing based on the Club’s legitimate interests. Requests should be submitted in writing to the Club’s data protection contact point at info@brusselswomens.club. We may require you to provide proof of identity to enable us to comply with your request. You also have the right to lodge any concerns with the Belgian Data Protection Authority if the Club is unable to provide you with sufficient assurances.

10. Under GDPR, photographs and video that identify an individual are considered to be personal data and so covered by the regulations. The club takes photos at various events for publicity or social media. Every effort will be made at these events to ensure that you are asked if your photograph can be taken. If you do not consent to your photo being taken, please let us know at the time, if possible by telling the photographer. If a photo of you is published inadvertently, please write to info@brusselswomens.club and it will be removed as soon as is possible. Images will be stored securely and privacy will be maintained in line with the GDPR.

10. Review of this policy

This policy is reviewed periodically and updated where necessary to reflect legal developments or changes in the Club’s activities. The most recent version of the policy will always apply.