Data Privacy Policy

We appreciate your interest in the Belgian Structured Investment Products Association (BELSIPA). Protecting your personal data is of particular importance to us. The use of our website is generally possible without providing personal data. However, if a data subject wishes to make use of special association services via our website, the processing of personal data may become necessary. If the processing of personal data is required and there is no legal basis for such processing, we will obtain consent from the data subject.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to BELSIPA. By means of this data privacy policy, we inform the public about the nature, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of the rights to which they are entitled.

As the controller, BELSIPA has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions may in principle have security gaps, so absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, e.g. by telephone.

Name and address of the controller

Controller for the purposes of the GDPR, other data protection laws applicable in Member States of the European Union, and other provisions related to data protection is:

Belgian Structured Investment Products Association (BELSIPA)

E-Mail: secretariat@belsipa.be

Website: www.belsipa.be

Collection of general data and information

The website of BELSIPA collects a series of general data and information when a data subject or an automated system accesses the website. This general data and information are stored in the server log files. Collected may be:

  • the browser types and versions used
  • the operating system used by the accessing system
  • the website from which an accessing system reaches our website (referrer)
  • the sub-pages accessed
  • the date and time of access
  • an Internet protocol address (IP address)
  • the Internet service provider of the accessing system
  • other similar data and information that may be used in the event of attacks on our IT systems

This information is not used to draw conclusions about the data subject. Rather, it serves to (1) correctly deliver the content of our website, (2) optimise the content of our website, (3) ensure the long-term viability of our IT systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in the event of a cyber-attack.

Rights of the data subject

Every data subject has the following rights under the GDPR:

  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure (“right to be forgotten”, Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object (Art. 21 GDPR)
  • Right to withdraw consent (Art. 7(3) GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

To exercise these rights, you may contact us at any time via the contact details provided above.

Legal basis of processing

Where we obtain consent for a specific processing purpose, Art. 6(1) lit. a GDPR serves as the legal basis. If the processing is necessary for the performance of a contract to which the data subject is a party, the processing is based on Art. 6(1) lit. b GDPR. If we are subject to a legal obligation that requires processing, Art. 6(1) lit. c GDPR applies. In rare cases, processing may be necessary to protect the vital interests of the data subject or another person (Art. 6(1) lit. d GDPR). Processing operations may also be based on Art. 6(1) lit. f GDPR if they are necessary for the purposes of the legitimate interests pursued by our association or by a third party, except where overridden by the interests or fundamental rights and freedoms of the data subject.

Period of storage

The storage of personal data is limited to the period necessary to achieve the purpose of processing, or as required by applicable legislation. After expiry of the retention period, the corresponding data are routinely erased, provided they are no longer required for contract fulfilment or initiation.

Existence of automated decision-making

As a responsible association, we do not use automatic decision-making or profiling.

BELSIPA, the association representing issuers of structured investment products active in Belgium was founded in 2013.

BELSIPA is listed in the EU transparency register under number 279150515318-55.

Download Logo Statutes

Thomas Wulf
Secretary General

secretariat@belsipa.be

© BELSIPA Legal Notice Data Privacy Policy