CFA Society Belgium Privacy Policy

This policy has been established by CFA Society Belgium, VZW, Louizalaan 54, 1000, Brussels, Belgium (also refered to as “the Society”). The Society has been registered with Kruispuntbank der Ondernemingen under RPR number 0880.132.765. 

The policy applies to any person handling personal data, including board members, the Society Manager, members of the Society, volunteers and suppliers.

CFA Society Belgium attaches great importance to the protection of privacy and therefore handles personal data with care. This document describes how we handle personal data received through digital means (website, email), or offline with regard to our members, candidates, participants in our events and other relations. 

CFA Society Belgium acts as controller and is therefore responsible for the processing of personal data in accordance with the applicable laws and regulations.

CFA Society Belgium complies with applicable Belgian laws and regulations, including the General Data Protection Regulation (GDPR). The goals and type of personal data are described in this Privacy Policy.

This means that we: 

• Process personal data in accordance with the purpose for which it was provided.  

• Limit the processing of personal data to only the data that are minimally required for the purposes for which they are processed;

• Ask for consent if we need it for the processing of your personal data; 

• Have taken appropriate technical and organizational measures to ensure the security of personal data; 

• Will not pass on personal data to other parties, unless it is necessary for carrying out the purposes for which they were provided; 

• Are aware of your rights regarding personal data  and we respect them.

Personal data of members, candidates and interested parties in relation to the Society are processed by CFA Society Belgium for the following purposes: 

• Administration (such as member administration, raising contributions); 

• The organization of education and events; 

• Communication about the educational programs and events, membership and Society; 

• The publication of newsletters and trade magazines; 

• The distribution of information to members, participants and/or sponsors; 

• To announce information about stakeholders and activities of the Society through social media, the website and the app (including photos, for example); 

• Other activities of internal management; 

• To better understand your needs; 

• To improve our services; 

• Website visit monitoring; 

• To maintain and manage a history of accreditations and qualifications, registrations and Charter registration; 

• To verify identities. 

We may share data with the following parties:

• The CFA Institute

• Companies that process personal data in our name and on our behalf (known as ‘processors’).

• Entities with whom we organize activities to which members or candidates may subscribe.

• External parties when required by law.

• Government entities entitled to request the personal data.

Personal data is stored digitally and on paper, and both are kept in secure places. Digital data is protected from unauthorised access, accidental deletion, and malicious hacking attempts. Data, such as Salesforce or Excel files, is protected by strong passwords that are changed regularly. Data is not stored on removable media such as USB sticks.  All servers and computers containing data are protected by  security softwares and firewalls.

We may keep data for a maximum of 10 years after your last contact with us and as long as required for our legal obligations under Belgian law.

We may transfer personal data to countries outside the EEA, including the United States. Such transfer will be carried out based upon an adequacy decision or through the use of standard data protection clauses to guarantee an adequate level of protection.

This policy is, at least, reviewed annually by the President and Society Manager, made available on our website and shared with the board and all committee members, including volunteers.