Privacy Policy

At EDPO, we’re committed to protecting and respecting your privacy.

This Policy explains when and why we collect personal information about people who visit our website, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes.

Any questions regarding this Policy and our privacy practices should be sent by e-mail to or by writing to Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

Who are we?

We’re European Data Protection Office (EDPO), a limited liability and privacy-held company incorporated under the laws of Belgium, with registered office at 1030 Brussels, Avenue Huart Hamoir 71, registered with the Register of the Legal Entities of Brussels under number 0689.629.220. Our website is

How do we collect information from you?

We obtain information about you when you use our website or write to us, for example, when:

  • you contact us about our services or our clients
  • you contact us about your rights within the framework of the GDPR 
  • you register as a potential client


We are especially concerned with the protection of the privacy of children aged 16 or under. If you are aged 16 or under‚ please ask your parent/guardian's permission beforehand and ask them to help you whenever you provide us with any personal information.

What type of information is collected from you?

The personal information we collect might include your first name, last name, job title, company name, e-mail address, postal address, telephone number, country and other personal information that you might communicate to us or that is collected by our clients and that you request us to communicate to you in the name and behalf of our clients (which may potentially refer to sensitive personal data). 

Why do we collect information from you?

The purposes for which we may collect your information include:

  • to answer your questions and/or requests for information and/or documents
  • to notify you, as our client’s contact person, with respect to the performance of our services as the client’s GDRP Article 27 EU representative
  • to notify you on behalf of our clients of information related to the processing by our clients of your personal data
  • to carry out our obligations arising from contracts entered into between us and our clients
  • to process the registration form that you submitted via our website
  • to contact you as a prospective client for the purposes of marketing our services as GDRP Article 27 EU representative
  • to seek your views or comments on the services we provide
  • to notify you of changes to our services
  • to send you communications which you have requested and that may be of interest to you
  • for administrative purposes
  • in connection with our legal rights and obligations
  • for certain additional purposes only with your explicit consent.

How long do we keep your information?

We review our retention periods for personal information on a regular basis. We will hold your personal information in our systems only for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract, after which time it will be destroyed, unless we are legally required to hold some types of information to fulfil our statutory obligations. 

Who has access to your information?

We will not sell or rent your information to third parties. 

We may pass your information on to our third party service providers, agents, subcontractors, clients and other associated organisations for the purposes of completing tasks and providing services to you (for example, to answer your requests to exercise your rights under the GDPR). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure, not to use it for their own direct marketing purposes, and to keep it for no longer than necessary for the purposes of completing the tasks and providing the services to you on our behalf. We will not release your information to third parties for them to use for their own direct marketing purposes.  

We may transfer your personal information to a third party as part of a duty to disclose or share your personal data in order to comply with a legal obligation, for example, by a court order, or for the purposes of prevention of fraud or other crime, or to enforce or apply our Terms and Conditions or to protect the rights, property or safety of our clients. However, we will take necessary steps with the aim of ensuring that your privacy rights continue to be protected. 

Your rights in relation to your personal data

You have the right to:

  • access your personal data and to be informed about its use 
  • correct your personal data 
  • have your personal data deleted 
  • restrict the use of your personal data 
  • object to the use of your personal data 
  • complain to a supervisory authority 
  • withdraw your consent to the use of your personal data 
  • ask for the portability of the personal data you shared with us
  • lodge a complaint

How you can access and update your information

The accuracy of your information is important to us. If you change your e-mail address, or if any of the other information we hold is inaccurate or out of date, please send us an e-mail at or write to us at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

Security precautions in place to protect the loss, misuse or alteration of your information

When you provide us with personal information, we take steps to ensure that it’s treated securely.

Non-sensitive details (such as, for example, your e-mail address, etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. 

Use of 'cookies' and Third Party Applications

Like many other websites, our website uses cookies. 'Cookies' are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. It is possible to switch off cookies by setting your browser preferences. Turning cookies off may however result in a loss of functionality when using our website.

Our website uses and Google Analytics. These third party vendors do not identify individual users or associate your IP address with any other data held by them. We use reports provided by and Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by in the manner described in’s Privacy Policy  and Google in the manner described in Google's Privacy Policy and for the purposes set out above. You can find a list of which cookies are used by Google Analytics here. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google- external site . 

Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites including if you access them using links from our website.

In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.

Transferring your information outside of the European Economic Area

As part of the services offered to you through this website, the information which you provide us with may be transferred to countries outside of the European Economic Area (EEA), which includes all EU countries and non-EU countries Iceland, Liechtenstein and Norway. By way of example, this may happen for purposes related to your requests to exercise your rights under the GDPR. These countries may not have equivalent data protection laws to the EU or benefit from an adequacy decision by the EU Commission. By submitting your personal data, you’re agreeing to this transfer and processing. If we transfer your information outside of the EEA in this way, we will take necessary steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. 

If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.

If you have any questions

We respect your data protection and privacy rights. If you have any questions or if you are not satisfied with the way we handle your personal data, don’t hesitate to send us an e-mail at: or to write to us at Avenue Huart Hamoir 71, 1030 Brussels, Belgium. 

For more information on your rights or to lodge a complaint, please contact the authority responsible for data protection in your jurisdiction. 

For persons in the EU, please follow this link to locate the relevant data protection authority:

Review of this Policy

We keep this Policy under regular review. This Policy was last updated on 25 July 2018.