_edited.png)
PRIVACY POLICY
​
Last Updated: October 9, 2025
​
1. SCOPE AND APPLICATION
1.1 This Privacy Policy (the "Policy") governs the collection, processing, storage, and use of personal data by Advocacy Strategy SRL, a private limited liability company incorporated under Belgian law, trading under the business name "Advocacy Academy" (hereinafter referred to as "Advocacy Academy", "we", "us", or "our"), through its website (the "Website").
1.2 This Policy has been prepared in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "GDPR"), and all applicable Belgian data protection legislation.
1.3 By submitting personal data through the Website, you acknowledge that you have read, understood, and agree to the terms set forth in this Policy.
​
2. IDENTITY OF THE DATA CONTROLLER
2.1 The data controller responsible for the processing of personal data under this Policy is:
Advocacy Strategy SRL
(trading as Advocacy Academy)
Avenue des Evaux 4
1341 Ceroux-Mousty
Kingdom of Belgium
Enterprise Number: BE0804620938
Contact Information:
Telephone: +31 (0)6 24 22 1664
Telephone: +32 (0)470 93 23 29
Email: paul@advocacystrategy.com
​
3. CATEGORIES OF PERSONAL DATA
3.1 We process only such personal data as is voluntarily provided by data subjects through the contact form available on the Website.
3.2 The categories of personal data that may be processed include, but are not limited to:
(a) Full name;
(b) Email address;
(c) Telephone number;
(d) Any additional information voluntarily included in communications submitted via the contact form.
3.3 We do not collect, process, or otherwise handle personal data through automated means, cookies (other than strictly necessary technical cookies), analytics tools, newsletter subscriptions, downloadable content forms, or payment processing systems via the Website.
​
4. PURPOSES OF PROCESSING
4.1 Personal data collected through the Website shall be processed exclusively for the following purposes:
(a) To acknowledge receipt of and respond to inquiries submitted by data subjects;
(b) To provide information concerning our products, services, and business activities;
(c) To facilitate communication with data subjects via email, telephone, or text messaging in connection with their inquiry or expressed interest in our services.
4.2 Personal data shall not be processed for any purpose incompatible with those specified in Article 4.1 above.
​
5. LEGAL BASIS FOR PROCESSING
5.1 The processing of personal data is carried out on the basis of the following legal grounds under Article 6(1) of the GDPR:
(a) Consent (Article 6(1)(a) GDPR): Where a data subject voluntarily submits personal data via the contact form, such submission constitutes freely given, specific, informed, and unambiguous consent to the processing of such data for the purposes set out in Article 4 hereof;
(b) Legitimate Interests (Article 6(1)(f) GDPR): To the extent necessary and proportionate to respond effectively to inquiries, maintain professional business communications, and manage prospective client relationships, provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.
5.2 Where processing is based on consent pursuant to Article 5.1(a), data subjects retain the right to withdraw such consent at any time in accordance with Article 9 hereof.
​
6. DATA STORAGE, SECURITY, AND THIRD-PARTY DISCLOSURE
6.1 All personal data is stored on secure systems located within the territory of the European Union and subject to appropriate technical and organisational security measures.
6.2 We do not sell, rent, lease, trade, or otherwise disclose personal data to third parties for commercial purposes.
6.3 Personal data may be disclosed only in the following circumstances:
(a) Where required by applicable law, regulation, legal process, or governmental request;
(b) Where necessary to comply with valid orders of courts or regulatory authorities having competent jurisdiction.
6.4 We do not transfer personal data to any third country outside the European Union or the European Economic Area.
​
7. DATA RETENTION
7.1 Personal data shall be retained only for such period as is necessary to fulfill the purposes for which it was collected, as set out in Article 4 hereof.
7.2 Upon conclusion of communications with a data subject, or where further communication is no longer reasonably expected or required, personal data shall be securely deleted or anonymised, unless:
(a) A longer retention period is mandated by applicable law or regulation; or
(b) Retention is necessary for the establishment, exercise, or defense of legal claims.
7.3 Retention periods shall be regularly reviewed to ensure continued compliance with the principles of data minimisation and storage limitation.
​
8. DATA SECURITY MEASURES
8.1 We implement and maintain appropriate technical and organisational measures designed to ensure a level of security appropriate to the risk of processing, including but not limited to:
(a) Protection against unauthorised or unlawful access, use, disclosure, alteration, or destruction of personal data;
(b) Protection against accidental loss, damage, or destruction of personal data;
(c) Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
8.2 Such measures are subject to periodic review and updating in accordance with evolving technological standards and threat landscapes.
​
9. RIGHTS OF DATA SUBJECTS
9.1 In accordance with Chapter III of the GDPR, data subjects are entitled to exercise the following rights in relation to their personal data:
(a) Right of Access (Article 15 GDPR): The right to obtain confirmation as to whether personal data is being processed and, where applicable, access to such data and information concerning the processing;
(b) Right to Rectification (Article 16 GDPR): The right to obtain without undue delay the rectification of inaccurate personal data and the completion of incomplete personal data;
(c) Right to Erasure (Article 17 GDPR): The right to obtain the erasure of personal data without undue delay in certain circumstances, including where personal data is no longer necessary for the purposes for which it was collected, or where consent is withdrawn and no other legal ground for processing exists;
(d) Right to Restriction of Processing (Article 18 GDPR): The right to obtain restriction of processing in specified circumstances;
(e) Right to Data Portability (Article 20 GDPR): The right to receive personal data in a structured, commonly used, and machine-readable format and to transmit such data to another controller without hindrance;
(f) Right to Object (Article 21 GDPR): The right to object, on grounds relating to the data subject's particular situation, to processing based on legitimate interests;
(g) Right to Withdraw Consent (Article 7(3) GDPR): Where processing is based on consent, the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
9.2 To exercise any of the rights set forth in Article 9.1, data subjects may submit a request to: paul@advocacystrategy.com
9.3 We shall respond to such requests without undue delay and in any event within one (1) month of receipt, subject to the provisions of Article 12(3) GDPR.
9.4 Data subjects also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or place of the alleged infringement. In Belgium, the competent supervisory authority is:
Data Protection Authority
(Gegevensbeschermingsautoriteit / Autorité de protection des données)
Rue de la Presse 35
1000 Brussels
Belgium
Website: www.dataprotectionauthority.be
​
10. AMENDMENTS TO THIS POLICY
10.1 We reserve the right to amend, modify, or update this Policy at any time in order to reflect changes in our processing activities, legal obligations, or business practices.
10.2 Any amendments to this Policy shall be effective immediately upon publication on the Website, and the date of the most recent revision shall be indicated at the head of this document.
10.3 Data subjects are encouraged to review this Policy periodically to remain informed of any changes.
10.4 Where material changes are made that require fresh consent under applicable law, we shall seek such consent from affected data subjects prior to implementing such changes.
​
11. GOVERNING LAW AND JURISDICTION
11.1 This Policy and all matters relating to the processing of personal data hereunder shall be governed by and construed in accordance with the laws of the Kingdom of Belgium.
11.2 Any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts of Belgium.
END OF PRIVACY POLICY