Data processing concerns any operation relating to personal data. Personal data relates to all information concerning a natural person. This includes the name, address, date of birth, account number, IP address, and any other data making it possible to identify a natural person. The notion of processing covers, among other things, all aspects related to the collection, registration, storage, use, consultation, modification, disclosure, transfer or deletion of the data.


For some services, the brokerage firm calls upon specialist partners. These partners must then follow the firm’s instructions and comply with its personal data protection policy. The brokerage firm ensures that its partners only receive the data strictly needed to fulfil their contractual obligations.


The brokerage firm also acts as a subcontractor for other financial institutions. In this case, these entities are responsible for processing personal data.

The personal data processed includes:

• Identification data such as the surname, first name, date and place of birth, address, identity card or passport number, email address and IP address of computers or mobile devices;
• Transaction data such as the bank account number, deposits, withdrawals and transfers related to your portfolio;
• Financial data such as knowledge and experience relating to financial instruments, the financial situation, the investment horizon, risk aversion, and the financial instruments held;
• Socio-demographic data such as civil status.
• On-line behaviour and preferences such as the IP address of a mobile device or computer, and the pages visited on the brokerage firm’s website and its app.
• Audio-visual data such as videos from surveillance cameras and recordings of telephone calls.

The brokerage firm does not process any sensitive data relating to health, racial or ethnic origins, political opinions, religious or philosophical beliefs or trade union membership.


It applies to the following people:

• Former, current and potential clients;
• People involved in any transaction with the brokerage firm, whether on their own behalf or representing a legal entity;
• People who are not clients of the brokerage firm, such as recipients of client payments and persons submitting orders.

Personal data are used solely for one of the following purposes:

• To conclude and execute a contract;
• To comply with the legal obligations the brokerage firm is subject to, in particular the client’s investor profile, as well as the fight against money laundering and the financing of terrorism;
• To prevent and combat fraud and preserve the security of the transactions and operations carried out by the brokerage firm

Personal data is only passed on in accordance with the legal obligations to which the brokerage firm is subject. The possible recipients are as follows:

• Independent agents acting in the name of and on behalf of Leleux Associated Brokers. These are registered with the regulator in accordance with the legislation in force;
• To comply with its regulatory obligations, it is possible that the brokerage firm could disclose data to the competent authorities (National Bank of Belgium, Financial Services and Markets Authority, FPS Finance, Financial Intelligence Processing Unit, etc.), e.g. in relation to the fight against terrorism and money laundering or further to the international exchange of tax data (CRS / FATCA);
• The judicial/investigation authorities (police, prosecutor, courts and arbitration/mediation bodies, guardians, judicial officers, etc.) on express and legal request.
• Financial transactions involve exchanges of data with other financial institutions, e.g. for the transfer of financial instruments or cash.

People who transmit data to the brokerage firm have the following rights:

• The right to consult personal data. Clients may consult data concerning them that has been processed by the brokerage firm.
• The right to correct and delete personal data. If the client’s personal data is incorrect, incomplete or not pertinent, he/she may have it corrected, completed or deleted.
• The right to transfer personal data (otherwise known as the right to portability). The client may, under certain conditions, have data he/she has provided transferred to another data manager or to himself.

The aforementioned rights are granted on the condition that this is reasonable and complies with the technical possibilities. Such requests will be met where possible, unless it proves impossible to do so due to a legal obligation


To exercise the aforementioned rights, the client can refer to the person responsible for data protection (DPO – Data Protection Officer). The DPO can be contacted at the following address: Leleux Associated Brokers – DPO – 97 Rue Royale – 1000 Brussels, or by email at [email protected].

To ensure the security of its clients’ data, the brokerage firm implements internal policies and standards for all of its activities. These are regularly updated to take account of the latest regulations and developments in the market. In practical terms, and in accordance with the legislation, the brokerage firm takes the necessary technical and organisational measures to guarantee the confidentiality and integrity of personal data and data processing procedures.


In addition, the firm’s staff are subject to an obligation of confidentiality and, subject to exceptions, are not authorised to disclose personal data.


Although substantial resources are devoted to making the data secure, the brokerage firm advises its clients to take the following measures to secure their own data:

• Install antivirus software, anti-spyware and a firewall. This software must be regularly updated;
• The equipment used must be kept under surveillance or in a secure room;
• Computer platforms must be systematically disconnected if they are not being used;
• Passwords are strictly confidential. The use of complex passwords is recommended.
• Clients must be vigilant when accessing the brokerage firm’s services via the Internet. The firm will never ask for passwords and codes by email.