Privacy Policy

Business Advisers on Climate & Competitiveness (“BACC”, “we”, “us”) takes personal data protection seriously and complies with Regulation (EU) 2016/679 on General Data Protection (GDPR) and Directive 2002/58/EC on e-Privacy.

This Privacy Policy explains how BACC collects, uses, protects and otherwise handles your personal data. If you have any questions or queries, contact us at [privacy@bacc.eu or info@bacc.eu] and we will respond as soon as we can.

You may also contact the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit) via https://www.dataprotectionauthority.be.

1. Who is concerned by this Privacy Policy

This Privacy Policy covers the collection and processing of personal data of:

• BACC’s clients (current and former) and their staff
• Contractual partners and suppliers
• People who contact BACC or with whom BACC engages in the framework of its mission and activities, including EU policymakers, parliamentarians and their assistants, national and international civil servants, journalists, and other interest representatives
• Subscribers to any BACC newsletter or attendees of events organised or co-organised by BACC
• Visitors to the BACC website

2. Personal data we collect and how we use it

If you are a client of BACC, or a member of a client organisation, we collect your name, position, employer, business contact details and any other data you provide voluntarily. How we use it: to deliver and administer the consultancy services we have agreed with you, including correspondence, meetings, billing and project management.

If you are a person BACC has contacted or has been contacted by in the framework of its mission and activities (e.g. EU institutional contacts, parliamentarians and their staff, national or international civil servants, interest representatives, journalists), we collect your name, position, organisation, email and other relevant contact details. How we use it: as part of BACC’s activities to advise its clients and conduct legitimate public affairs work on their behalf.

If your organisation has a contractual relationship with BACC (e.g. a supplier, a partner), we process personal data necessary to fulfil the rights and obligations of that relationship. How we use it: to manage the contract, follow up on queries or complaints, and for general management of customers and suppliers, including accounting, the recovery of receivables, and the protection of our rights in general.

If you sign up for a BACC newsletter, we collect and process your personal data to follow up on your registration and send you the relevant communications. You can unsubscribe at any time, either via the unsubscribe link in any newsletter or by emailing [privacy@bacc.eu or info@bacc.eu]. How we use it: to manage your subscription and any related comments or requests.

If you attend an event organised or co-organised by BACC, we collect your name, position, organisation, contact details and, if you are a speaker, your bio and photograph. For events held on the premises of an EU institution (such as the European Parliament), we also collect the information the institution requires for security accreditation, which typically includes nationality, date of birth, identity document type, document number and document expiry date. This information is shared with the host institution solely for the purpose of granting access to the event venue and is deleted by BACC once the event has taken place.

For some events, a simplified participants list (name, surname, organisation) may be shared with other attendees. With your explicit consent, we may also collect information about dietary restrictions or allergies, solely for the purpose of arranging catering. This information is deleted after the event.

How we use it: to register you for the event, manage attendance and follow-up, and, with your consent, to inform you about future events and publications.

If you have corresponded with us by any form of communication (e.g. email, contact form), we may keep that correspondence. How we use it: to respond to you and to keep a record of our correspondence.

When you visit the BACC website, we may receive technical data such as IP address, browser type, device type, pages visited and time of visit. The website uses cookies as described in our Cookie Policy. How we use it: to improve your browsing experience and to compile anonymous statistics on website use.

Personal data of job applicants is covered by separate internal rules in line with the GDPR.

Personal data may also be processed to comply with applicable regulations, respond to requests from public authorities, or protect BACC’s rights, privacy, safety or property.

BACC does not knowingly collect or process personal data of individuals under the age of 16.

3. Transmission of your data to third parties

BACC does not sell personal data. In some cases your personal data may be transferred to a third party, namely:

• Sub-contractors and service providers acting on BACC’s behalf (for example IT and hosting providers, email and newsletter providers, accounting providers, or event co-organisers)
• Competent authorities or other legal entities where required by law or for the purposes of law enforcement
• A co-organiser or supporting partner of a joint event you attend
• Other recipients, with your consent

Where personal data is transferred outside the European Economic Area, appropriate safeguards (such as the European Commission’s Standard Contractual Clauses) are in place.

4. How we keep your data safe

We take appropriate technical and organisational measures to protect personal data against breaches, including unauthorised access, alteration, disclosure or loss. These measures are reviewed regularly to stay aligned with technological standards.

5. What happens in the case of a data breach

In the event of a personal data breach, we will use all technical and organisational means available to contain and resolve the breach as quickly as possible. Where the breach is likely to result in a high risk to your rights and freedoms, we will inform you as soon as possible, by email or any other available means, in line with the GDPR.

6. Third-party links on the website

This Privacy Policy does not cover links from the BACC website to third-party websites. We are not responsible for the data processing practices of those sites. Please consult their respective privacy policies for information about your rights.

7. How long BACC keeps your personal data

We keep personal data only as long as necessary for the purposes set out above. Client and contractual data is kept for the duration of the relationship and for as long as required by applicable law, including Belgian accounting and tax requirements. Other data, for example general correspondence, is typically kept for up to three years from last contact.

8. Your rights

Under the GDPR, you have the right to:

• Access your personal data
• Have inaccurate or incomplete data corrected or updated
• Request the transfer (portability) of your data to another entity
• Request that we stop using your data for direct marketing purposes
• Subject to certain exceptions, request that we erase your data, restrict our processing of it, or withdraw your consent

If you choose to withdraw consent or restrict processing, you may no longer be able to receive certain BACC communications or services.

To exercise these rights, contact BACC at [privacy@bacc.eu or info@bacc.eu]. We may request proof of identity.

You can also lodge a complaint with the Belgian Data Protection Authority (https://www.dataprotectionauthority.be) if you believe we have not acted in line with applicable data protection law.

9. Updates to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect new legal requirements. Updates will be published on this page, with the date of the most recent change noted at the top.