Privacy Policy

The original version of the Privacy Policy is in French language. Any translated version is for your convenience and information only. In case of disputes the French text shall prevail.

Preamble:

We are a Belgian start-up whose goal is to make the law more accessible and understandable for everyone.

We operate in Belgium, and therefore comply with Belgian and European legislation.

We are very concerned about the protection of our users’ Personal Data and the use of cookies.

From the inception of the Symplicy start-up, we have acted proactively and preventively in the processing of Personal Data. Our Personal Data processing register is available upon simple request.

We collect and process your data in accordance with the General Data Protection Regulation (GDPR) of April 27, 2016, as well as the Law of July 30, 2018 regarding the protection of natural persons with regard to the processing of Personal Data. You have control over your data.

This Personal Data Policy explains how we manage Personal Data and presents the choices you have in this regard.

Capitalized terms used in this Personal Data Policy without being defined herein have the meaning given to them in the General Terms of Service (applicable for Lawyers) or in the General Terms of Use (applicable for Justiciables).

By subscribing to or using our Services, you acknowledge that you have read our policy on the protection of Personal Data and you expressly accept it.

Which Personal Data do we process and collect? What is the basis for the processing? How long are your Personal Data retained?

You contact us

If you contact us by email, by phone, by form, by our Calendly appointment booking tool and/or by message on our Facebook, Instagram, LinkedIn, Twitter, or YouTube pages, we process and collect:

  • Your last name.
  • Your first name.
  • Your phone number.
  • Your email address.
  • Your request.

for the following purposes:

  • Responding to your request, your inquiry.
  • Responding to your request regarding the exercise of your Personal Data rights.

The processing and collection of this Personal Data is based on a legitimate interest pursued by us.

From the moment you send us a message, an email, or make an appointment, it is necessary to collect and process your Personal Data to respond to your request.

This Personal Data that we process comes directly from you.

This collected Personal Data is retained for two years.

You use our Software installed on a Lawyer’s website

Symplicy has developed Software that is partially installed on Lawyers’ websites. This Software allows you to get in touch with your Lawyer. This contact is made using Forms. Therefore, by using our Software to contact your Lawyer, you will be asked to complete a Form.

In the interface of our Software, if you fill out a Form and click the “Send” button, your answers are sent directly to the Lawyer’s email inbox. Your answers are also available in the Lawyer’s Personal Area.

In the interface of our Software, if you fill out and submit a Form, we process and collect:

  • The answers provided in this Form:
    • Your last name.
    • Your first name.
    • Your phone number.
    • Your email address.
    • The content of your request for the Lawyer.

for the following purposes:

  • Forwarding your Form responses to the Lawyer.
  • Sending you an acknowledgment of receipt to your email address. This acknowledgment confirms that your request was indeed sent to the Lawyer’s email address.
  • Contacting the Lawyer to check whether they have received your request, the Form completed by you.
  • Resending the Form, your request to the Lawyer if they have not received it.
  • Carrying out a search for judicial decisions and document Templates.

The processing and collection of this Personal Data are based on the performance of a contract to which you are a party. By submitting the form and checking a box provided for this purpose, you accept our General Terms of Use. The processing and collection of this Personal Data are essential for the performance of our General Terms of Use.

This Personal Data that we process comes directly from you.

We retain your Personal Data collected via the Forms until the day the Lawyer terminates their subscription.

Installation of our Software and creation of our Lawyer Directory

In the context of installing our Software on the Lawyer’s Website, the Lawyer’s use of our Software, and the online publication of our Lawyer Directory, we process and collect:

  • The Lawyer’s last name.
  • The Lawyer’s first name.
  • The Lawyer’s company registration number.
  • The Lawyer’s VAT number.
  • The Lawyer’s phone number.
  • The Lawyer’s photo.
  • A photo of the Lawyer’s firm.
  • The address of the Lawyer’s office.
  • The Lawyer’s email address.
  • The language(s) spoken by the Lawyer.
  • The structure of the Lawyer’s firm.
  • The Lawyer’s field(s) of expertise.
  • The Lawyer’s bank account numbers.
  • Links to the Lawyer’s social networks.
  • Link to the Lawyer’s Website.
  • Judgments pleaded by the Lawyer. These decisions contain personal data.
  • The Lawyer’s document Templates. The document Templates contain Personal Data.

for the following purposes:

  • To ensure the provision of our Services.
  • To communicate the Justiciable’s request and Form to the Lawyer.
  • To allow the Lawyer to contact the Justiciable.
  • To carry out our business development and visual presentations for soliciting Lawyers.
  • To ensure communication with the Lawyer.
  • To contact the Lawyer by email or phone to ensure they have received the Justiciable’s request, the Form.
  • To ensure the online publication of the Lawyer’s profile on trouveunavocat.be as well as its indexing.
  • To prepare our various contracts with Lawyers.
  • To ensure the accounting of our Services with Lawyers.
  • To proceed with invoicing our Services and their collection.
  • To share judicial decisions and/or document Templates through the Personal Area.

The processing and collection of this Personal Data are based on a contractual obligation.

These Personal Data are retained for as long as necessary to achieve the intended purposes.

They will be deleted from our database as soon as they are no longer necessary for the pursued purpose or if the Lawyer has validly exercised their right to erasure.

A Lawyer may decide to modify this Personal Data, correct it, or permanently erase it from our database.

We invite you to read in this Policy the following points:

  • What are your rights concerning the protection of Personal Data?
  • How can you exercise these rights?

Online publication and dissemination of judicial decisions or document Templates

When a Lawyer is contacted by a Justiciable via a Form, we provide the Lawyer with judicial decisions and/or document Templates.

The Lawyer also has the option, through their Personal Area, to run a search for judicial decisions and/or document Templates.

Document Templates are provided to us by Lawyers.

Judicial decisions are provided to us by Lawyers or come from public databases that are covered by a free license.

Lawyers import their document Templates and/or judicial decisions through their Personal Area.

We therefore disseminate, through our Software, judicial decisions and/or document Templates that may contain Personal Data.

The collection and processing of judicial decisions from public databases are legally based on:

  • Our legitimate interest in reusing public information.
  • Our response to the public’s legitimate interest in being informed about the decisions rendered by courts (freedom of expression and right to information).
  • Our legitimate interest in fulfilling an educational purpose.

The collection and processing of judicial decisions and/or document Templates from Lawyers’ private databases are based on a contractual basis.

Via their Personal Area, if a Lawyer imports, by activating “Private” mode, judicial decisions or document Templates, we have made the technical choice not to perform any pseudonymization. We process and retain the Personal Data present in the judicial decisions or document Templates until the day the Lawyer terminates their subscription.

Via their Personal Area, if a Lawyer imports, by activating “Public” mode, judicial decisions or document Templates, we have made the technical choice to carry out pseudonymization by random letters rather than by initials, in order to ensure the effectiveness of the pseudonymization performed.

This means that the letters you find instead of people’s names are not their initials.

The identification keys are completely deleted and are not retained.

If you find any decisions in which the names of justice professionals, legal entities, or Justiciables are not pseudonymized, you may send us a link to these decisions so that we can make the necessary corrections.

Judgments of the European Court of Human Rights are not pseudonymized, in accordance with Articles 33 and 47 of the Court’s Rules.

Our goal is to:

  • Make the law more accessible and understandable.
  • Simplify access to legal information.
  • Encourage the sharing of judicial decisions. We believe that judicial decisions are not sufficiently shared, published, and accessible to lawyers.
  • Disseminate legal information.

You visit our social network accounts or pages

By viewing our pages, our accounts on social networks, we jointly process with the social network your Personal Data in order to:

  • Improve the social network’s advertising system.
  • Obtain audience statistics for the page and the account.
  • Conduct our advertising campaigns on social networks.
  • Properly promote our page.

The processing and collection of this Personal Data are based on our legitimate interest in obtaining statistics on the visitors to our page and account.

The audience statistics generated by the social network are transmitted to us only in anonymized form. These anonymized data are processed as long as the account and page exist. We use the following social networks: Facebook, Instagram, YouTube, Twitter, and LinkedIn.

You participate in one of our events or one of our training sessions

By participating in our event or training session, we process and collect:

  • Your last name.
  • Your first name.
  • Your email address.

for the following purposes:

  • Confirming your registration.
  • Organizing our event or training session.

The processing of your Personal Data is necessary for the performance of the contract that binds us in the context of the event or training you have subscribed to and attended.

This Personal Data that we process comes directly from you.

We retain your Personal Data for two years.

If Symplicy co-organizes the event or training with an organization or a company independent of Symplicy, we may share your Personal Data with that partner.

You subscribe to our newsletter

By subscribing to our newsletter, we process and collect:

  • Your last name.
  • Your first name.
  • Your email address.
  • Your phone number.

for the following purposes:

  • To send you electronic newsletters.
  • To contact you regarding our upcoming events or training sessions.
  • To establish sporadic contact regarding our Services.

The processing and collection of this Personal Data are based on your consent. This consent is obtained when you check a box provided for this purpose.

This Personal Data that we process comes directly from you.

We retain your Personal Data until you cancel this service.

You submit your application

If you send us your application, we process and collect:

  • Your CV.
  • Your cover letter.

in order to assess the possibility of a future contractual relationship.

This Personal Data comes directly from you. The processing and collection of this Personal Data are based on our legitimate interest in recruiting.

This Personal Data is deleted within 2 months after the end of the selection process.

You deal with us as a subcontractor or supplier

If you are one of our subcontractors or one of our suppliers, we process and collect:

  • Your last name.
  • Your postal address.
  • Your email address.
  • Your phone number.
  • Your VAT number and/or company registration number.
  • Your bank account number.

for the purpose of fulfilling our legal obligations under the Economic Law Code in tax and accounting matters and for the execution of the contract.

The retention period is 7 years from the year in which the supplier or subcontractor was recorded in the accounting system. This data comes directly from our supplier or subcontractor.

Who is the data controller?

The data controller is the limited liability company, Symplicy, represented by its directors: Adrien Dumonceaux, Simon Genin, Shervin Sardari, Gwenaël Bierlier, and Romain Dubay. The registered office of Symplicy is located at Chemin du Cyclotron number 6, 1348 Ottignies-Louvain-la-Neuve.

As part of one of our Services, we process your Personal Data in our capacity as data controllers, i.e. the entity that determines the purposes and means of the processing.

Who has access to your Personal Data?

The following categories of recipients may receive or have access to certain of your Personal Data (only if necessary for the performance of their mission):

  • The data controller.
  • Freelancers or employees responsible for customer success have access to personal identification data, professional identification data, and contact data for clients (natural persons) or representatives of clients (legal entities), as well as to the Personal Data contained in the documents prepared as part of the Service (which may contain Personal Data relating to other data subjects).
  • Freelancers or employees in charge of business development have access to personal identification data, professional identification data, and contact information for our clients (natural persons), representatives of our clients (legal entities), and representatives of our suppliers only within the framework of our commercial management and supplier management.
  • Our legal advisors and lawyers have access to certain Personal Data of data subjects in connection with corporate restructuring or litigation.
  • We entrust the processing of some of your Personal Data to subcontractors only to the extent necessary for the performance of their tasks and in accordance with applicable data protection legislation.
  • In the case of a corporate reorganization (e.g., a merger-acquisition or financing transaction), we may transfer certain Personal Data regarding a limited number of representatives of clients (legal entities) to a third party involved in the transaction (e.g., a buyer or investor) in accordance with applicable data protection legislation.
  • To tax and social security authorities to meet our legal obligations.

How do we share your data with our subcontractors?

We entrust the processing of some of your Personal Data to subcontractors.

To be completely transparent, Symplicy provides the list of its subcontractors:

  • Aws Amazon
    • The purpose is to host its Websites, its Software, and its databases.
    • The data location is set in Europe. The data is also transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with Amazon is available by clicking here.
  • OVH
    • The purpose is the registration of its domain names.
    • The data location is set in Europe. The subcontracting agreement with OVH is available by clicking here.
  • Postmark
    • The purposes are:
      • Securely sending the request, the Form, to the Lawyer’s email address.
      • Securely sending a copy of the request, the Form, to the Justiciable’s email address.
    • For more information on the security and encryption measures implemented, please see Postmark’s guide. This guide is available by clicking here.
    • The data location is in the United States. Therefore, the data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with Postmark is available by clicking here.
    • Postmark undertakes to comply with the GDPR. You can consult Postmark’s commitment to GDPR compliance by clicking here.
  • OpenAI
    • The purpose is to improve our service for searching judicial decisions and/or document Templates.
    • We use OpenAI technologies to automatically generate keywords and summaries for judicial decisions and/or document Templates.
    • We use OpenAI technologies to anonymize/pseudonymize judicial decisions and/or document Templates.
    • Symplicy’s use of OpenAI technologies is done via an API. This API is provided by OpenAI. OpenAI will not use the data submitted by Symplicy via its API to train or improve its models. All data sent through the OpenAI API are kept for a maximum of 30 days, after which they are deleted. For more information on OpenAI’s data usage via its API, please see: https://openai.com/policies/api-data-usage-policies.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Google Ads, Analytics, and Tag Manager.
    • The purposes:
      • Analyze the audience of its Services.
      • Run advertising campaigns on the Google network. This web analytics service offered by Google ensures the tracking of a Website’s traffic. Google uses the collected data to track and monitor the use of the Services. These data are shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available: Google Ads Data Processing Terms and Google Measurement Controller-Controller Data Protection Terms.
  • Google Maps
    • The purpose is to implement APIs: Place Details API, Autocomplete API, Maps API. These APIs allow a user to be geolocated via their browser so that they can find lawyers near their location.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Google Dialogflow
    • The purpose is to operate our personal assistant, Harvey, on Facebook Messenger.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. These standard contractual clauses are available by clicking here.
  • Microsoft Office 365
    • The purposes are:
      • Creating and hosting text documents, spreadsheets, presentations.
      • Hosting Symplicy’s emails.
    • The data location is set in Europe. The data is also transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with Microsoft is available by clicking here.
  • Facebook
    • The purposes are:
      • Receiving and responding to messages through Facebook and Instagram pages/accounts.
      • Running advertising campaigns on Facebook and Instagram.
      • Analyzing the audience of the pages and accounts. This analytics service offered by the Facebook group uses the collected data to track and monitor the use of the services. These data are shared with other Facebook services. Facebook may use the collected data to contextualize and personalize the ads of its own advertising network.
      • Installing the personal assistant, Harvey, on the Facebook platform.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with Facebook is available by clicking here.
  • LinkedIn
    • The purposes are:
      • Receiving and responding to messages through LinkedIn pages/accounts.
      • Running advertising campaigns on LinkedIn.
      • Analyzing the audience of the pages and accounts. This analytics service offered by LinkedIn uses the collected data to track and monitor the use of services. These data are shared with other LinkedIn services. LinkedIn may use the collected data to contextualize and personalize the ads of its own advertising network.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with LinkedIn is available by clicking here.
  • Twitter
    • The purposes are:
      • Receiving and responding to messages via Twitter pages/accounts.
      • Running advertising campaigns on Twitter.
      • Analyzing the audience of the pages and accounts. This analytics service offered by Twitter uses the collected data to track and monitor the use of the services. These data are shared with other Twitter services. Twitter may use the collected data to contextualize and personalize ads on its own advertising network.
    • The data is transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Twitter is available by clicking here.
  • Accountant Crapanzano
    • The purposes are:
      • Keeping an organized business accounting.
      • Meeting tax and social obligations.
    • The data location is in Belgium.
  • CBC Banque Belgique
    • The purposes are:
      • Maintaining the bank account.
      • Facilitating the execution and receipt of payments.
    • The data location is set in Europe. The Personal Data Protection Policy of CBC Banque is available by clicking here.
  • Calendly
    • The purpose is to enable appointment booking.
    • The data location is in the United States. The data is therefore transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The Personal Data Protection Policy of Calendly is available by clicking here.
  • Asana
    • The purposes are:
      • Organizing teamwork.
      • Internal communication.
    • The data location is in the United States. The data is therefore transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. The subcontracting agreement with Asana is available by clicking here.
  • HubSpot
    • The purpose is to manage the relationship with the client or the potential future client.
    • The data location is in the United States. The data is therefore transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with HubSpot is available by clicking here.
  • Stripe
    • The purpose is to manage the relationship with our client or potential future client for sending Quotes and billing our Services.
    • The data location is set in Europe. The data is also transferred to subcontractors located in countries outside the European Economic Area. This transfer is governed by standard contractual clauses. Our subcontracting agreement with Stripe is available by clicking here.
  • Billit
    • The purpose is to manage the relationship with our client or potential future client for sending Quotes and billing our Services.
    • The data location is set in Europe. The data is transferred to subcontractors located in countries outside the European Economic Area. The Personal Data Protection Policy of Billit is available by clicking here.

For informational purposes, here is their policy regarding the protection of Personal Data:

What level of security do we ensure?

We have taken appropriate technical and organizational measures to protect your Personal Data against any unauthorized access, use, loss, or disclosure.

For example, we have taken the following measures:

  • We maintain an up-to-date register of Personal Data processing. It is available upon simple request.
  • We maintain an up-to-date procedure in the event of data leaks or theft, as well as a register of data leaks or theft. To date, there has never been a data leak or theft.
  • We provide a list of our subcontractors.
  • We have implemented an internal policy that informs and obliges our directors, employees to maintain confidentiality of the data and comply with the GDPR. We have set up a SharePoint to raise awareness among our teams about Personal Data issues.
  • We are able to inform you without delay in the event of a data breach (even though we and our subcontractors work hard to ensure this will not be necessary).
  • We have a username and password policy on all our systems.
  • We pseudonymize personal information when necessary.
  • We systematically back up Personal Data so that it can be recovered in case of physical or technical incidents.
  • We regularly test and evaluate our measures, and adjust them if necessary.
  • We have been advised by legal experts skilled in privacy matters.
  • We keep ourselves informed of guides and guidelines published by the CNIL and by the Belgian Data Protection Authority.

If we undertake new projects that may impact your privacy, we conduct a thorough analysis to ensure your rights, security, and the protection of your Personal Data.

If, however, an incident involving your data should occur, you will be personally informed under the circumstances provided by law.

Do we transfer Personal Data outside the European Union?

Oui, nous transférons des Données à caractère personnel vers un pays hors de l’Union européenne ou de l’Espace économique européen que si et seulement si :

  • La Commission européenne a rendu une décision qui établit que ce pays assure un niveau de protection adéquat des données, c’est-à-dire équivalent à celui prévu par la législation européenne. Les données personnelles seront transférées sur ce fondement.
  • Le transfert est couvert par une garantie appropriée accordant un niveau de protection des données équivalent à celui prévu par la législation européenne, telle que les clauses contractuelles types de la Commission, un Code de conduite, une certification, des règles d’entreprise contraignantes, le consentement.

What are your rights regarding Personal Data protection?

Right of access

  • This right allows you to directly ask us whether we hold information about you, and to request that we provide you with all such data.
  • Exercising the right of access is free unless your request is excessively repetitive, unfounded, or manifestly intended to abuse this right of access.
  • We will be entitled to charge “reasonable fees” based on the administrative costs incurred.

Right to rectification and the right to update your data

  • This right enables you to ask us to correct inaccurate information about you. The right to rectification complements the right of access.

Right to object

  • This right allows you to oppose the processing of Personal Data concerning you.
  • This right of objection applies only to processing that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, or for the purposes of legitimate interests pursued by the controller or by a third party, or for direct marketing purposes, or for scientific or historical research or statistical purposes. We may invoke compelling legitimate grounds overriding your objection to the processing in order to refuse your request.

Right to withdraw your consent

  • If data is processed on the basis of your consent, you may revoke that decision at any time, without affecting past processing.

Right to data portability

  • This right allows you to retrieve some of your data in an open and machine-readable format and to transfer your Personal Data from one organization to another.
  • You may only exercise this right for data processing that is based on your consent or is carried out using automated processes.
  • You may only exercise this right for data that you have provided to us.
  • You may not exercise the right to data portability if it infringes on the rights and freedoms of others.

Right to erasure

  • This right allows you to request the permanent deletion of your data.
  • This right can only be exercised within the limits set by Articles 17 and 18 of the General Data Protection Regulation.

How to exercise your rights regarding Personal Data protection?

If you wish to exercise your rights and if you have any questions or complaints about how we process your Personal Data, please address them first to info@symplicy.com.

If you believe that a data controller is not respecting your personal data, you have the option of filing a complaint with the Data Protection Authority (“APD”). You have the right to lodge a complaint with the competent supervisory authority.

The authority competent for Belgium is: Autorité de Protection des Données, Rue de la Presse 35, 1000 Brussels, +32 (0)2 274 48 00, contact@apd-gba.be or via this link, https://www.autoriteprotectiondonnees.be/citoyen/agir/introduire-une-plainte.

Hyperlinks to other Websites?

By using our Services, they may contain Hyperlinks to other Websites that are operated by natural or legal persons who are not part of our company.

These Websites must have their own policy regarding Personal Data protection.

We invite you to read their policies. We cannot be held responsible for the content of these Websites or the way these Websites process Personal Data.

Which law applies?

This Personal Data Protection Policy shall be interpreted by and in accordance with Belgian law.

Which jurisdiction is competent?

In the event of a dispute between the parties regarding the validity, interpretation, or performance of this Personal Data Protection Policy that cannot be resolved amicably, the Parties will first attempt to resolve this dispute through mediation. The Parties shall designate a mediator from among those approved by the Federal Mediation Commission in Belgium.

If mediation does not resolve this dispute, the dispute will be brought exclusively before the courts of Liège, Namur division, with material jurisdiction.

Miscellaneous clauses

Should one of the provisions of this Personal Data Protection Policy be declared null or void, it shall be deemed unwritten, without affecting the validity of the other provisions.

The original version of this Personal Data Protection Policy is in French. The versions translated into Dutch and English are provided solely for your convenience and information. In the event of any dispute, the French version of the text shall prevail.

This Personal Data Protection Policy is an integral part of the General Terms of Use and the General Terms of Service and is inseparable from them.

If you believe that we are not respecting your privacy, you can send us an email at info@symplicy.com.

This Personal Data Policy is dated March 9, 2025.

You can download a copy of this version on a durable medium (PDF format) by clicking here.