This general privacy notice (hereinafter, "the Privacy Notice") aims to inform you how we collect, use and store your personal data. The contractual terms applicable between us remain unchanged.


  • 1. Identity and contact details of the controller


AlliA Insurance Brokers (hereinafter "AlliA Insurance Brokers", "we" or "us") attaches great importance to your privacy and considers it important that your personal data is always treated with due care and confidentiality.


AlliA Insurance Brokers comprises the following companies:

  • AlliA Insurance Brokers NV headquartered in Kwadestraat 157 bus 51, 8800 Roeselare, Belgium and registered Crossroads Bank for Enterprises (VAT) nr. BE0508.449.056;
  • AlliA Insurance Services NV headquartered in Kwadestraat 157 bus 58, 8800 Roeselare, Belgium and registered Crossroads Bank for Enterprises (VAT) nr. BE0654.949.245
  • Brokers Star NV headquartered in Kwadestraat 157 bus 70, 8800 Roeselare, Belgium and registered Crossroads Bank for Enterprises (VAT) nr BE 0823.340.354
  • AlliA Insurance Brokers Luxembourg SA headquartered in 1 Rue de la Poudrerie, 3364 Leudelange, Grand Duchy of Luxemburg and registered RCS nr. B41435 VAT nr. LU 174 11633


AlliA Insurance Brokers always acts as the data controller for the personal data that it processes itself or whose processing it outsources to third parties as client. Even in the context of any cooperation with other controllers, AlliA Insurance Brokers retains its qualification as a controller and does not act as its processor.


For further questions or comments regarding the way we handle your personal data, you can always contact us, either by e-mail to for Belgium and for the Grand Duchy of Luxembourg or by post to any of the aforementioned postal addresses.


Our DPO can be reached via the following contact details for Belgium and for the Grand Duchy of Luxembourg


  • 2. What is the scope of this Privacy Statement?


A. What does 'processing of personal data' mean


Personal data is any information about an identified or identifiable natural person. It can be, for example, a person's name, a photograph, a phone number, a code, a password, a contract number, an e-mail address.


Involving personal data. Processing includes, inter alia, all aspects related to the collection, recording, organization, structuring, storage, updating or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of that data.


B. For whom is the Privacy Statement intended?


Our Privacy Statement is intended for all natural persons, both policyholders (including prospective or prospective policyholders) and insured persons, beneficiaries or third parties (for example: aggrieved parties, witnesses, experts, insurance intermediaries, ...) as well as website visitors, contacts at business partners, prospective employees or any other persons with whom we come into contact. In contrast, this Privacy Statement is not intended for legal entities.


C. What data does this Privacy Statement cover?


Below we clarify what data we may process from you. Depending on the specific situation, your preferences and the way you contact us, we do not process all the data below about you.



Of all our contacts, we may process the data below:

  • Electronic identification and usage data (eg. IP adres, browsertype, location information);
  • Identification data (e.g. copy of your identity card in the context of a GDPR request);
  • Contact details (e.g. name, first name, address, e-mail address, telephone, etc.);
  • Contact history (e.g. e-mail messages, messages sent via web forms, etc.);
  • Camera images (e.g. when you are filmed by our surveillance cameras in and around our buildings).


Main activity

Within the scope of our main activity, we may additionally process the following data for the provision of our services and related advice. Depending on your capacity as policyholder, insured, beneficiary or third party as well as the specific insurance policy involved, we may process the following data about you.


  • Identification data (e.g. national register number for the purpose of legally required identity verification when taking out insurance);
  • Contact details and history;
  • Contractual data (e.g. scheduled appointments, signed client sheet/agreement, etc.);
  • Personal details (e.g. nationality, date of birth, gender, country of legal residence, etc.);
  • Payment and billing details (e.g. bank, account number, payment card and transaction details, etc.);
  • Account and usage data (especially for accessing our e-platform);
  • All relevant data with a view to providing a proposal for the desired insurance and necessary to accurately determine the probability of the insured risk occurring and the premium as also further explained on the relevant customer information sheets, e.g. :
  • Global financial overview (e.g. your properties, ...);
  • Profession (e.g. position held, education,...);
  • Living habits;
  • Habits regarding the use of goods and services;
  • Hobbies and interests;
  • Family composition (e.g. marital status, number of children, etc.);
  • Property features;
  • Image and sound recordings.
  • In certain cases, also relevant special and criminal personal data (see below).


Business partners

From our (contact persons at) business partners, including members of our network, insurance companies we cooperate with and suppliers, we may additionally process the data below:

  • Contact information and history;
  • Contractual data (e.g. company name, address, VAT number, agreement, etc.);
  • Payment and billing data (e.g. payment card details, invoices, etc.);
  • Feedback, testimonials and promotional content such as photos and videos related to our collaboration.


Candidate employees

In addition, we may process the following data on candidate employees. Of course, this will largely depend on what data you yourself wish to provide us with in relation to your application.

  • Contact details and history;
  • Personal details (e.g. age, gender, date of birth, etc.);
  • Work-related data (e.g. CV, training courses, certificates, language skills, etc.);
  • Personality data (e.g. cover letter, hobbies, social activities, etc.);
  • Foto’s (bv. foto op CV).


Special categories of personal data

As part of our main activity, we may process special categories of personal data. In practice, we may need to process your health data for, for example: the correct management of insurance contracts relating to your health (life or hospitalisation insurance, Guaranteed Income, etc.), the management of your medical file and the management of a claim involving physical damage. You can count on us to treat this data with particular care. This data will only be processed with your prior express consent and for the purposes for which you will have given that consent. Furthermore, access to such data is limited to those persons who need it to perform their tasks for the purpose for which consent was given. Under no circumstances will we use your data from the special categories for prospecting purposes.


Data on criminal convictions and offences

We also treat this data with particular care. They are processed only insofar as a law providing appropriate safeguards allows us to do so. Under no circumstances do we use this data for prospecting purposes.


  • 3. From whom and how do we obtain your personal data?


We have also obtained most of the data we process from you directly (e.g. when you visit our website or contact us, when we have contact with you as our service provider or business partner, when you use our services and products as a customer; when you fill in the forms and contracts we submit to you; when you declare a claim or request personal assistance; when you declare a hospitalization; etc.).


Within the scope of our services, we may also indirectly obtain data about you from external or public sources. For example, through employers who take out insurance policies for their employees or when your data is published or communicated by other authorized third parties (persons you have specially authorized, the Belgian Official Gazette, your insurer or professional data suppliers).


In cases where you yourself provide personal data that relates not only to yourself, but also to one or more of your relations (for example: your children, your partner, the beneficiary of a life insurance policy, your employees, etc.) or to a person involved in a claim (for example: a witness, the victim, etc.), you should inform them.



Access to your personal data is allowed only to those persons who need it to perform their duties. They must observe strict confidentiality and comply with all technical and organizational rules for ensuring the confidentiality of personal data. We have provided technical resources and specialized teams dedicated primarily to the protection of your personal data. In this way, we aim to prevent unauthorized persons from accessing, processing, modifying or destroying data. Our Internet sites may sometimes contain links to third-party sites whose conditions of use fall neither within the scope of this Privacy Statement nor within our responsibility. We therefore recommend that you read their privacy statement carefully to find out how they protect your privacy.



A. General


To protect your privacy, the persons who will have access to your data will be carefully selected on the basis of their duties. Such data will, where appropriate, be able to be communicated to insurance companies, their representatives, their contact points abroad, the reinsurance companies involved, claims settlement offices, an expert, a lawyer, a technical adviser, another insurance intermediary or a processor. For example, we provide your insurer with data so that they can provide you with the insurance quote you have requested. We use external service providers, for example, to support our operational purposes such as managing our websites and IT systems (IT service providers), sending mail (postal companies, transport and delivery companies), receiving or executing payments (payment service providers).


We also communicate your data to other persons or bodies if we are contractually or legally obliged to do so, if a legitimate interest so warrants or if this is necessary to achieve the above-mentioned purposes. In this case, we ensure that:



B. No data transfer for commercial use


We do not share your data with third parties for commercial use.


C. Data transfers outside the European Economic Area (EEA)


We aim to process the data we process as much as possible within the European Economic Area (EEA). If, when using specific services or software tools, your data is processed outside the European Economic Area (EEA), it will only be processed in/to countries that the European Commission has confirmed as providing an adequate level of protection for your data, or measures will be taken to ensure the lawful processing of your data in these third countries.



You have various rights in relation to the data we process about you, as listed below.


You may exercise your rights by contacting us using the contact details provided at the top of this Privacy Notice, subject to enclosing a copy of the front of your identity card or other document that identifies you. The copy will only be used to identify you in accordance with the GDPR.


A. Right of inspection


You have the right to access your data and obtain a copy thereof. This right also includes the possibility of requesting further information on the processing of your data, including on the categories of data processed about you and for what purposes.


B. Right of rectification


If you find that, despite all our efforts, your data is incorrect or incomplete, you can ask us to rectify it.


C. Right to data erasure ('right to oblivion')


In well-defined cases, legislation gives you the option to have your personal data erased. However, we will not always be able to comply with such a request, including when we still need the data in function of an ongoing contract, or when keeping certain of your data for a certain period of time is required by law.


D. Right to restriction of processing


You have the right to restrict the processing of your data. In this way, the processing is temporarily stopped until, for example, there is certainty about its accuracy.


E. Right of transferability


You have the right to obtain in electronic form your data that you yourself have provided to us with your consent or in execution of a contract. That way, they can be easily transferred to another organization. You also have the right to request us to transfer your data directly to another organization, if this is technically possible.



a) General


Where the processing of your personal data is based on a legitimate or public interest on our side, you have the right to object to it at any time for reasons relating to your particular situation. However, your request will not be taken into account if our legitimate interest outweighs yours or if the processing of your data remains necessary to establish, exercise or substantiate a legal claim.


b) In the context of prospecting


You can always object, free of charge, to the processing of your personal data for prospecting or marketing purposes. We provide you with offers and proposals because we think they are of real interest to you. However, if you wish that we no longer contact you in connection with information, advertising or proposals, products and services, and/or that we use your data for profiling in the context of prospecting, you can easily inform us of this.



If the processing is based on your consent (see above), you have the right to withdraw this consent at any time free of charge by contacting us. If there is no other legal basis to process the personal data when your consent is withdrawn, we will delete this personal data. However, the withdrawal of your consent will not affect the lawfulness of the processing before its withdrawal.



If you believe that the processing of your personal data violates privacy legislation, you also have the right to lodge a complaint with the competent supervisory authority, which has the following contact details:



Gegevensbeschermingsautoriteit (België)

Drukpersstraat 35

1000 Brussel


+32 (0)2 274 48 00

+32 (0)2 274 48 35


Commission Nationale pour la protection des données (Grand-Duché de Luxembourg)

15, Boulevard du Jazz L-4370 Belvaux

Grand-Duché de Luxembourg

(+352) 26 10 60 -1


8. How long do we keep your data?


We do not retain your data for longer than necessary for the purpose for which the data was collected or is processed. Since the period for which data can be kept depends on the purposes for which the data was collected, the storage period may vary in each situation. Sometimes specific legislation will require us to keep the data for a certain period of time. Our retention periods are always based on legal requirements and a balancing of your rights and expectations with what is useful and necessary to fulfil the purposes. At the end of the retention period, your data will be deleted or anonymized.


9. How do you stay informed of changes to this Privacy Statement?


We reserve the right to change this Privacy Statement. The most recent version will be available on our websites at all times. The date on which this Privacy Statement was last amended is always indicated. In case of a substantial change to the Privacy Statement, we will directly inform the data subjects on whom it may have an impact, if possible.