Privacy policy

Website Privacy Policy

Last updated: [2/4/2025]

About this Policy

This Privacy Policy (the ‘Policy’) describes how we (as defined below) collect, share and use any information that, when used alone or in combination with other information, relates to you (‘Personal Data’) when you (‘you’ and “your”) use our various websites (hereinafter referred to as ‘the Website’):

• www.cll.be
• www.lingonia.be
• www.lcampus.eu

This Policy also sets out your rights in relation to the Personal Data we process about you and how you can exercise those rights.

The CLL takes its privacy obligations seriously. That is why we have developed this Policy describing the standards that the CLL applies to protect your Personal Data.

For the purposes of this Policy, CLL Centre de Langues asbl, with its registered office at Place de l’Université 25/3 – 1348 Louvain-la-Neuve – Belgium, which is registered with the Crossroads Bank for Enterprises under number 0431176282, and whose VAT number is BE0431176282 (‘CLL’, ‘we’, “us”, ‘our’), acts as the data controller for the Personal Data collected via the Website. In its capacity as data controller, the CLL is responsible for ensuring that the processing of Personal Data complies with the data protection legislation in force, and in particular with the General Data Protection Regulation.
Please take the time to read this Policy carefully.
If you have any questions or comments, please contact the CLL’s data protection officer (dpo@cll.be). If you have any questions or comments, please contact the CLL’s Data Protection Officer (dpo@cll.be).

1. What Personal Data is collected by the CLL and why?

The types of Personal Data we collect and the reasons why we process it include:

Why we collect it (purposes)?	Types of Personal Data	Legal basis for processing	Legitimate interest (if applicable)
For creating an account on the CLL website	· Surname, first name · Email address · Password · Date of birth · Telephone number · Postal address · Billing address	Contractual requirement for the execution of the terms and conditions	/
For the order and provision of a service (including customer level testing)	· Surname, first name · Email address · Telephone number · Postal address · Mother tongue, · language you are learning, · learning objectives, · level or other details to help you with your experience. · Information about the minor participant (educational background, language level) · National registration number	Contractual requirement for the fulfilment of the general terms and conditions	/
To take a level test via the website	· Language of instruction and level · Email address	Consent	/
To subscribe to a newsletter	· Email address	Consent	/
To use the live chat service or open a support ticket	· Title · First name, last name · Email address · Phone number · The information you provide in the contact form	Consent	/
To provide personalised content, manage and improve the website, and evaluate our services or products	For more information on the data collected, please refer to the cookie policy (add link)	Legitimate interest of CLL	To personalise your experience and enable us to offer you the type of content and products that interest you most. To ensure that the website functions smoothly and to improve its performance to the highest possible standards.
To be contacted or to obtain a quote	· Title · Surname, first name · Email address · Telephone number · Company name · Position within the company · Company sector · Language used to complete the form	Consent	/
Within the framework of Lcampus, for the provision of educational content	· Title · Surname, first name · Gender · Email address · Language used on the platform · Language and level of learning	Contractual requirement for the execution of the general terms and conditions
Within the framework of		Contractual necessity for the execution of the general terms and conditions

We may also automatically collect certain information from your device. More specifically, the information we collect automatically may include your IP address, device type, unique identifiers, browser type, broadly inferred geographic location (e.g., country or city), and other technical information. We may also collect information about how your device interacted with our Website, including the pages you viewed and the links you clicked.

Collecting this information helps us better understand our Website visitors, where they come from, and what content on our Website interests them. We use this information for internal analysis and to improve the quality and relevance of our Website for our visitors.

Some of this information may be collected using cookies and similar tracking technologies, as explained in more detail in our Cookie Policy, which is available at [link].

From time to time, we may receive Personal Data about you from third parties, but only when we have verified that these third parties have your consent or are legally authorised or required to disclose your Personal Data to us.

In general, we will only use the Personal Data we collect from you for the purposes described in this Policy or for those we explain to you when collecting the Personal Data. However, we may also use your Personal Data for other purposes that are not incompatible with the purposes we have disclosed to you (such as processing for statistical purposes) and provided that such use is permitted by applicable data protection law.

2. With whom does CLL share your Personal Data?

We may disclose your Personal Data to the following categories of recipients:

• to companies within our group for purposes consistent with this Policy. We take precautions to ensure that only personnel with a legitimate business need have access to Personal Data and we contractually prohibit them from using Personal Data for other purposes;
• to our third-party suppliers, service providers and partners who provide us with data processing services, or who process Personal Data on behalf of and on behalf of CLL and for the purposes described in this Policy, acting as processors, or who are notified to you when your Personal Data is collected. This may include communications to third-party providers as well as other service providers we engage in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure or application services, marketing, and data analysis. When we engage subcontractors, we require them to process Personal Data and act strictly in accordance with our instructions and to take appropriate measures to ensure that Personal Data remains protected;
• to any legal, regulatory, government agency, court, or other third party when we believe disclosure is necessary (i) under applicable laws or regulations, (ii) to establish or defend our rights, or (iii) to protect your vital interests or those of any other person.
• to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and subject to a contractual prohibition on using Personal Data for other purposes;
• to a potential buyer (and its agents and advisors), in connection with a proposed purchase, merger or acquisition of part of our business, provided that we inform the buyer that it must only use your Personal Data for the purposes described in this Policy;
• to any other person where you have given your prior consent to the disclosure.

3. How do we protect your privacy?

In accordance with this Policy, we will process Personal Data as follows:

• Fairness: We will process Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will process it in accordance with applicable law.
• Lawfulness: We will only process Personal Data for legitimate purposes.
• Purpose limitation: We will process Personal Data for specified and legitimate purposes, and we will not process it in a manner that is incompatible with those purposes.
• Data minimisation: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data is processed.
• Data accuracy: We take appropriate measures to ensure that the Personal Data we hold is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is as accurate, complete and up to date as possible by promptly informing the CLL of any changes or errors.
• Data security: We use appropriate technical and organisational measures to protect the Personal Data we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.
• Limited retention: We retain your Personal Data in a form that allows us to identify you for as long as necessary to fulfil the purposes for which we process your data and do not store your data for longer, unless required by law. In particular, data related to the opening of your account and your history with CLL will be retained for 5 years. Billing data is retained for 7 years. For further information on this subject, please contact dpo@cll.be.
  4. Data storage, retention and deletion

  The personal data we collect from you is stored on our servers located in Europe.

  We retain the Personal Data we collect from you for as long as we have a legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

  When we no longer have a legitimate business need to process your Personal Data, we will either delete or anonymise it, or if this is not possible (e.g.
  when your Personal Data has been stored in backup archives), we will store it securely and isolate it from any further processing until deletion is possible.

• International data transfers:
• Your Personal Data may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from those in your own country.

  More specifically, our servers are located in Europe and our service providers and third-party partners also operate primarily in Europe.

  When your Personal Data is not processed in Europe, we take appropriate protective measures to require that it remains protected in accordance with this Policy. These include the European Commission’s Standard Contractual Clauses.

  6. Automated decision-making

  Automated decisions mean that a decision about you is made automatically based on a computer determination (using algorithms), without any human intervention. We do not use your Personal Data for automated decision-making.

  7. Your data protection rights

  You have the following data protection rights:

  • Right of access: You have the right to obtain confirmation from us as to whether or not we are processing your personal data and, if so, to access your personal data;
  • Right to rectification: You have the right to request that we rectify inaccurate personal data and complete incomplete personal data;
  • Right to erasure: you have the right to request that we erase your personal data;
  • Right to restriction of processing: You have the right to request the restriction of processing;
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format, and the right to transmit your personal data to another data controller without hindrance;
  • Right to object to processing: You have the right to object to the processing of your personal data at any time where the processing is based on our legitimate interests and we have no overriding legitimate grounds for the processing which override your rights, interests and freedoms;
  • Right to withdraw consent: You have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • Right to refuse advertising communications that we send you. You can exercise this right at any time by clicking on the ‘unsubscribe’ or ‘unsubscribe’ link in the advertising emails we send you. To unsubscribe from other forms of advertising, please contact us using the contact details in point 10 below.
  • Right to lodge a complaint: You have the right to lodge a complaint with the competent data protection supervisory authority regarding the processing of your personal data by us:

  Data Protection Authority

  www.autoriteprotectiondonnees.be

  +32 (0)2 274 48 00

  contact@apd-gba.be

  We respond to all requests we receive from individuals wishing to exercise their rights regarding the protection of their personal data in accordance with applicable data protection law.

  8. Links to other websites

  The Website may contain hyperlinks to websites owned and operated by third parties. These websites have their own privacy policies, which we encourage you to review. They will govern your use of any Personal Data you submit while visiting those websites.

  We are not responsible for the privacy practices of these third-party websites, and your use of these websites is at your own risk.

  9. Updates to this Policy

  We may update this Policy from time to time in response to evolving legal, technical or business developments. When we update our Policy, we will take reasonable steps to notify you, taking into account the significance of the changes we make. We will obtain your consent to any significant changes to this Policy if required by applicable data protection law.

  You can see the date of the last update to this Policy by referring to the ‘last updated’ date displayed at the top of this Policy.

  10. How to contact us

  The data protection officer appointed in accordance with Article 37 of the General Data Protection Regulation is Fieldfisher Belgium, dpo@cll.be, l’Arsenal, Bd Louis Schmidt 29 boîte 15, 1040 Brussels, Belgium.