Privacy policy

Brussels Airport Company NV/SA (hereinafter: “Brussels Airport” or “we”) respects your privacy and protects and Processes your Personal Data in accordance with Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the General Data Protection Regulation, also known as ‘GDPR’) and the Belgian Act of 30 July 2018 on the protection of individuals with regard to the processing of personal data (Framework Act).

This privacy policy sets out important and relevant information with regard to the Processing of your Personal Data by Brussels Airport. We invite you to read this privacy policy in detail and, if you have any questions, to contact us via the contact details below.

1. Definitions

In this privacy policy, certain terms are used with a capital letter. This means that these are defined terms. Click here for more information on these definitions.

2. When does this privacy policy apply?

This privacy policy applies to the Websites, the social media channels on which Brussels Airport is active, the Brussels Airport newsletter, your participation in an (online) contest and/or campaign and/or campaign and/or satisfaction survey at Brussels Airport, and the entire experience you may have as a Data Subject at Brussels Airport.

This privacy policy will however not be applicable to:

  • The use of wifi at the airport, for which we refer to the privacy policy of the wifi network of Brussels Airport
  • The Processing of Personal Data by Third Parties, such as airlines, handling agents, tenants and retailers, and security firms. Brussels Airport does not have access to the Processing activities carried out by such Third Parties and can therefore not be held liable for them.

Brussels Airport reserves the right to change and update its privacy policy from time to time. If Brussels Airport should use your Personal Data in a manner that is materially different from that stated at the time it was collected, we will notify you by means deemed most appropriate, and in any event will notify you by posting a notice on our Websites indicating that the privacy policy has been changed or updated.

3. Who is responsible for your personal data and how can you contact us?

Brussels Airport Company NV/SA is the data controller of the Personal Data that fall within the scope of this privacy policy.

If you have any questions or comments, please contact our Data Protection Officer by post: Brussels Airport Company NV/SA, attn. the Data Protection Officer, Boulevard Auguste Reyers 80, B-1030 Brussels, or by email: privacy@brusselsairport.be.

4. What personal data do we process and for which purpose?

In this section, we will communicate all relevant information to you, such as the categories of Personal Data that we Process, the Purposes and the permissible grounds in relation to the Processing operations related to:

  • Websites;
  • Social media;
  • Brussels Airport App;
  • Newsletter;
  • Campaigns and (online) contests; and
  • Your experience at Brussels Airport.

Click here for more information on what Personal Data is Processed as part of these Processing operations.

5. How long do we retain your Personal Data?

We shall not retain your Personal Data for longer than necessary for the Purpose(s) for which it was collected or for which it will be further Processed. The retention of certain Personal Data may be subject to a minimum retention period as determined by law, with which Brussels Airport must comply.

6. Who has access to your Personal Data and how is your Personal Data protected when transferred outside the EEA?

We shall not sell, transfer or otherwise disclose your Personal Data to Third Parties without your prior explicit consent, except as provided in this privacy policy and unless it is necessary for the Purpose(s) set out in this privacy policy, or unless we are legally bound to do so.

We may share your Personal Data with cloud service providers and other service providers who help us deliver, understand, commercialise and improve our company activities. We do not authorise these service providers to use or disclose your Personal Data, unless this is strictly necessary to perform services under our supervision or to comply with applicable legislation. We guarantee that your Personal Data will only be disclosed to such service providers to the extent necessary for them to perform their specific function.

Such service providers are in any case bound to treat your Personal Data in accordance with the provisions of this privacy policy. We cannot, however, be held liable for any damage, direct or indirect, that may result from the misuse of your Personal Data by such service providers.

As user of the Websites, you acknowledge and agree that certain content or services offered by Third Parties may be made available to you through the Websites, or that it is possible to link to Third Party Websites from the Websites. You agree that an autonomous privacy policy of such Third Parties with respect to the linked content and/or services may apply, for which Brussels Airport cannot be held liable, nor for compliance therewith. Brussels Airport does not in any way monitor the privacy policies and/or practices of such Third Parties, and we encourage you to read the privacy policies, where relevant, of such Third Parties, since their general terms and conditions may differ from our privacy policy.

In some exceptional cases, Brussels Airport may transfer your Personal Data to and/or store your Personal Data in countries outside the European Economic Area. In such cases, however, we guarantee that the transfer is carried out in accordance with relevant legal requirements and we ensure that the third country can guarantee an appropriate level of protection of your Personal Data. If necessary, the EU standard contractual clauses shall be used and appropriate data transfer agreements shall be concluded.

7. How do we protect your Personal Data?

We will always take appropriate technical, organisational and administrative measures against unauthorised or unlawful Processing of your Personal Data or against accidental loss, destruction or damage, publication or use thereof.

In the event of a Personal Data breach (e.g. infringement of Personal Data security, or unauthorised access) at Brussels Airport involving your Personal Data, we will take all necessary measures to mitigate the consequences of such a breach in connection with Personal Data and to prevent such breaches in the future. We are required by law to notify you if the Personal Data breach may affect your fundamental rights and freedoms and pose a risk to your privacy.

8. What are your rights in relation to your Personal Data and how can you exercise these rights?

We will only Process your Personal Data in a fair and lawful manner, which means that the Personal Data provided to us will only be Processed for the explicit and lawful Purpose(s) mentioned in this privacy policy. We ensure that the Processed Personal Data are adequate, accurate, relevant and not exaggerated. As Data Subject, however, you will also have various rights with respect to the Personal Data that you have shared with us. More specifically, you have the following rights with regards to the Processing of your Personal Data:

  • Right of access;
  • Right to correct inaccurate Personal Data;
  • Right to delete;
  • Right to restrict data Processing;
  • Right to object to data Processing;
  • Right to transfer data;
  • Right not to be subject to automated individual decision-making, including profiling.

Click here for more information on your abovementioned rights.

You can exercise the abovementioned rights or ask questions abut this privacy policy or your Personal Data by sending a signed, written request to Brussels Airport, by post: Brussels Airport Company NV/SA, attn. the Data Protection Officer, Boulevard Auguste Reyers 80, B-1030 Brussels, or by email: privacy@brusselsairport.be.

Despite all our efforts to protect your privacy and to comply with relevant legislation, you may disagree with the way in which we collect, use and/or Process your Personal Data. In this case, you can also file a complaint with the Belgian Data Protection Authority, which you can contact by post: Gegevensbeschermingsautoriteit/Autorité de protection des données, Rue de la Presse 35, 1000 Brussels or by email: contact@apd-gba.be.

Then, if you have suffered damages, you can file a claim with the competent court.

For more information about complaints and legal remedies, we invite you to consult the website of the Belgian Data Protection Authority: https://www.dataprotectionauthority.be.