Privacy Policy

Last updated: 7 April 2026

1. Data Controller

The data controller responsible for processing your personal data is:

LawSupport
Stockerstrasse 45
8002 Zürich, Switzerland
Email: info@lawsupport.be
Phone: +41 44 51 52 590

For all data protection inquiries, please contact our Data Protection Officer (DPO) at dpo@lawsupport.be.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

2.1 Data You Provide Directly

• Identity data: full name, date of birth, nationality, passport or ID number
• Contact data: email address, phone number, postal address
• Business data: company name, registration number, business activity, financial information relevant to company formation or accounting services
• Communication data: content of emails, contact form submissions, and phone call notes
• Payment data: bank account details, invoicing information

2.2 Data Collected Automatically

• Technical data: IP address, browser type and version, operating system, device type
• Usage data: pages visited, time spent on pages, referral source, click patterns
• Cookie data: as described in our Cookie Policy

3. Legal Basis for Processing

Under the GDPR, we process your personal data on the following legal bases:

• Contractual necessity (Art. 6(1)(b) GDPR): processing necessary to perform our services, such as company registration, accounting, bank account opening, or residence permit applications
• Legal obligation (Art. 6(1)(c) GDPR): processing necessary to comply with Belgian, Swiss, or EU law, including anti-money laundering (AML) and know-your-customer (KYC) regulations
• Legitimate interest (Art. 6(1)(f) GDPR): processing necessary for our business interests, such as improving our services, marketing, and fraud prevention, provided these interests do not override your fundamental rights
• Consent (Art. 6(1)(a) GDPR): where you have given explicit consent, for example for marketing communications or non-essential cookies. You may withdraw consent at any time.

4. How We Use Your Data

We use your personal data for the following purposes:

• Providing and managing our corporate services (company registration, accounting, banking, immigration, licensing)
• Communicating with you about your case, inquiries, or service requests
• Processing payments and invoicing
• Complying with legal and regulatory obligations (AML/KYC checks, tax reporting)
• Improving our website, services, and user experience
• Sending marketing communications (only with your explicit consent)
• Preventing fraud and ensuring security of our systems

5. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience, analyse traffic, and personalise content. For full details on the types of cookies we use and how to manage your preferences, please see our Cookie Policy.

6. Data Sharing and Third Parties

We may share your personal data with the following categories of third parties, only to the extent necessary:

• Belgian authorities: Crossroads Bank for Enterprises (KBO/BCE), SPF Finance, National Bank of Belgium, FSMA, immigration authorities (Office des Étrangers), as required for service delivery
• Financial institutions: Belgian banks for account opening procedures
• Professional advisors: external lawyers, notaries, auditors, and tax advisors engaged on your behalf
• IT service providers: hosting, email, and CRM providers who process data on our behalf under data processing agreements
• Analytics providers: Google Analytics (anonymised data) for website performance analysis

We do not sell your personal data to third parties. When sharing data with third-party processors, we ensure appropriate data processing agreements are in place in accordance with Article 28 GDPR.

7. International Data Transfers

Your data may be transferred to and processed in Switzerland, where our office is located. Switzerland is recognised by the European Commission as providing an adequate level of data protection (adequacy decision). For any other international transfers, we rely on Standard Contractual Clauses (SCCs) or other appropriate safeguards as required by the GDPR.

8. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Client files and contracts: 10 years after the end of the business relationship, as required by Belgian commercial and tax law
• AML/KYC records: 10 years after the end of the business relationship, in accordance with the Belgian Anti-Money Laundering Act
• Accounting and tax records: 7 years, as required by Belgian tax legislation
• Marketing consent records: retained until you withdraw consent
• Website analytics data: 26 months
• Contact form inquiries (non-clients): 2 years

9. Your Rights Under the GDPR

As a data subject, you have the following rights:

• Right of access (Art. 15): You may request a copy of the personal data we hold about you.
• Right to rectification (Art. 16): You may request correction of inaccurate or incomplete data.
• Right to erasure (Art. 17): You may request deletion of your personal data, subject to legal retention obligations.
• Right to restriction (Art. 18): You may request restriction of processing in certain circumstances.
• Right to data portability (Art. 20): You may request to receive your data in a structured, commonly used, machine-readable format.
• Right to object (Art. 21): You may object to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent (Art. 7(3)): Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority (see Section 10).

To exercise any of these rights, please contact us at dpo@lawsupport.be. We will respond within 30 days of receiving your request.

10. Supervisory Authority

If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with the Belgian Data Protection Authority:

Autorité de protection des données (APD) / Gegevensbeschermingsautoriteit (GBA)
Rue de la Presse 35 / Drukpersstraat 35
1000 Brussels, Belgium
Phone: +32 2 274 48 00
Email: contact@apd-gba.be
Website: www.autoriteprotectiondonnees.be

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and authentication mechanisms
• Regular security assessments and updates
• Staff training on data protection
• Secure data processing agreements with third-party providers

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated version on this page with a revised "Last updated" date. We encourage you to review this page periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data protection practices, please contact us:

LawSupport — Data Protection Officer
Email: dpo@lawsupport.be
General: info@lawsupport.be
Phone: +41 44 51 52 590
Address: Stockerstrasse 45, 8002 Zürich, Switzerland