This is a template provided for your convenience. Do not forget to adjust it to your needs. Replace all red-colored text with your company's details.
ELEACA is a company established in Belgium, having its offices at 22, box C Rue Lincoln, 1180 Brussels, Belgium registered in Belgium under number 0737.480.706.
« E-learning From Scratch» is a commercial name that ELEACA used.
We are a company made up of people working in the field of privacy, data management and IT security. We decided to create a teaching platform that allows everyone to learn, at their own pace, the subject of privacy protection. In practice, you order the course you are interested in and we give you access to it via your personal space on our platform.
In the framework of our activities we collect and process personal data concerning our clients, or any “data subject” who is in contact with us (prospects,…)
The aim of the Policy is to explain how we collect, store and use personal data. Protecting your personal data and the respect of your privacy are essential values for us and we commit ourselves to handle and preserve your personal data with loyalty and transparency in accordance with the Belgian law and the GDPR.
We hereby consider « personal data » as any information relating to an identified or identifiable natural person (data subject).
The following policy is in line with our values and wish to act in full transparency in accordance with the Belgian Data Protection Act of 30 July 2018 on the protection of natural persons in relation to the processing of personal data (as amended) (“Privacy Act”) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) (together: “Privacy Legislation”).
If you wish to react to the practices described below or have any questions, do not hesitate to contact us.
When you contact us via our website, you will send us your name and email. Based on this email address we reply in order to define how we can help you. In this context we process personal data, in particular:
It is possible that we collect non- personal data. This data is qualified as such as it does not identify you directly or indirectly. These may then be used for any purpose whatsoever, for example, to improve our website, or improve the service offered
A cookie is a small text file that contains fragments of information.
When you visit websites, the information collected by different cookies is registered on your device (example: choosing your preferred language for a website).
The cookie contains a unique code that allows its issuer to recognise the device concerned (your computer or mobile device) each time the website is visited.
The cookie identifies the browser on your device. A website's server can only read the cookies it has placed itself and has no access to any other information on your computer or mobile device.
Cookies can either be placed by the server of the website you are visiting (« original cookies ») or by partners with whom this website collaborates (« third-party cookies »).
Cookies generally have an expiration date. Some cookies expire when you close your browser (« session cookies »), while others remain on your device longer, sometimes even until you manually delete them (« permanent cookies »).
You can also delete these cookies or refuse their installation at any time and free of charge by modifying the options of your browser software. The configuration of each browser is different. Each procedure is described in the help menu of your browser. To do this, you must go to each of them and use the following links:
Internet Explorer :
a) Data protection provisions for the use of Google Analytics on the website
If you decide to make the IP address anonymous on this website, it will be hidden. Google will use the information collected in order to analyse the use of the website by the users, to compile reports on website activity and to provide the website operator with further services related to the use of the website and internet navigation in general.
The IP address transmitted by your browser as part of Google Analytics will not be linked to any other data held by Google. You can block the storage of cookies by setting your browser accordingly.
However, please note that if you do this you may not be able to use all of the features of this website to their full extent. You can prevent the data created by the cookie about your use of the website (including your IP address) being sent to Google and the processing of this data by Google by downloading this plug-in http://www.google.com/intl/fr/policies/privacy/.
We collect and process your personal data for the purposes described below. We have determined these purposes and ensure that only necessary and relevant personal data are processed in accordance with the principle of data minimisation.
In general, we base the processing of your personal data on the following legal bases:
In the event we collect and process data that had not been mentioned in the present Policy, we shall contact you before making use of your personal data. The purpose of this contact will be to inform you about this processing operation and, if necessary, to ask you for your explicit consent.
A. Compliance with our legal obligations
In some cases, we are obliged to process your personal data in the context of our legal obligations or when we cooperate with the competent authorities. In these cases, we process your personal data to meet our obligations
B. Our legitimate interests
In some cases, it is in our legitimate interest to process your personal data.
To this end, we always ensure that we maintain a fair balance between the need to process your personal data and the respect of your rights and freedoms, including the protection of your privacy.
Your personal data are processed for:
C. Contract or preliminary measures
When you order a course, we process personal data for the execution of our contract (the pre-contractual phase is included in this legal basis for processing).
Generally speaking, we therefore process them to manage and maintain our customer relationship (invoicing, access to the website, customer management,...).
In general, we ensure not to keep your personal data beyond the time necessary for the purpose for which they were intended.
Specifically, there are two situations that need to be distinguished when determining how long we keep your data.
- We keep your personal data for 3 years from our last contact.
- Then we have a contract. We then keep your personal data for a period of 10 years from the day of payment of your order.
At the end of the retention period, we will do our utmost to ensure that your personal data has been made unavailable and inaccessible.
Your rights under the regulations allow you to keep control of what we do with your personal data.
A. Right to access and copy
This right to access data we possess about you applies to all the purposes we have mentioned above.
This right allows you to inquire in particular whether or not we process your personal data, for what purposes, the categories of data concerned and the recipients of your data.
You may also ask us for a copy of all the personal data we process that concerns you.
B. Right to withdrawal of consent
As soon as we process your personal data on the legal basis of consent, you can always withdraw your consent.
C. Right to rectification
You also have a right of rectification allowing you to ask us, at any time, to modify information that is inaccurate, incomplete or has become obsolete.
D. Right to erasure (to be forgotten)
You can obtain the deletion of your personal data when one of the following applies:
E. Right to data portability
In the event that we process your personal data on the basis of a contract or your consent, you may ask us to transfer all your personal data to you or to transfer them to another controller.
F. Right to restriction of processing
In some cases, you may also ask us to limit the processing of your personal data. The situations in which you may ask us to limit the processing of your personal data are listed as follows:
Without doubt, as soon as the processing restriction no longer applies, we will inform you before it is lifted.
G. Right to object
In the event the processing of data should be used for direct marketing purposes, you have the right to object, at any time, to the processing of your personal data for this purpose.
H. Automated individual decision-making including profiling
You will never be subject to a decision based solely on automated processing.
In order for us to be able to help you enforce your rights, we must verify that your request concerns your personal data.
B. When will we reply?
We commit ourselves to return to you as soon as possible and, at the latest, within one month of your request.
Nevertheless, we may have to extend this period to two months if your request is complex or we face an excess of requests. Should such a situation arise, we will inform you of the reasons for the delay.
In general, we only transfer your personal data to third parties in the following cases:
We do not transfer your data outside the European Union.
Our website contains links to other websites. The content of this information documentation only applies to our own website. It is up to you to consult the information about data protection on these websites.
We shall, by all necessary technical and organisational means, guarantee a suitable security standard for the processing of your personal data. This standard, is determined on basis of risks occurred through the processing and the nature of the data to be protected.
We have put in place appropriate security measures, thus protecting your personal data from loss, theft, the misuse or alteration of the information received and the unauthorized disclosure or use of your personal data.
In the rare and unfortunate event where your personal data should be compromised due to a security breach, we commit ourselves to promptly act to identify the cause of the breach and take appropriate action.
If necessary, in accordance with the applicable law, we will inform you of this incident.
If you question any information described in this Policy, we recommend that you contact us directly to see how we can help you.
You can also file a complaint with the Data Protection Authority at the following address:
Belgian Data Protection Authority
Rue de la Presse 35
02 274 48 00
02 274 48 35
If you are not a Belgian resident, it is possible to lodge a complaint with your Data Protection Authority, you can find their contact information.
For further information on possible complaints and means of redress, we invite you to consult the website of the Data Protection Authority:
In addition, you can always file a complaint with the Court of First Instance of Brussels.
For any further questions and/or complaints concerning the present policy, do not hesitate to contact us.
We reserve all rights to amend at any time the provisions held in the present Policy. We shall publish the amendments directly on our website.
This Policy is governed by Belgian law.
Any dispute relating to the interpretation or the execution of this Policy shall be governed by Belgian law and shall fall within the exclusive jurisdiction of the French-speaking courts of the judicial district of Brussels.
This version of the Policy is effective and has been updated as of 1 January 2020.