No fishy business, just privacy facts!

Sparkfish BV, with registered offices at 3500 Hasselt (Belgium), Pietelbeekstraat 4, company number 0739.872.052, as well as all affiliated companies, hereafter ‘Sparkfish’, handles personal data with the utmost care at all times.

This Privacy Statement indicates which personal data is collected and how it is used, as well as how Sparkfish seeks to ensure an adequate protection of the data concerned.

Sparkfish will observe the provisions as incorporated in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, hereafter ‘GDPR’, as well as incorporated in all other regulations regarding privacy.

In addition, Sparkfish will ensure to comply, to the extent possible, to the provisions of the implementing decisions that are taken in accordance with the aforementioned legislation.

Personal data entail any information relating to an identified or identifiable natural person. A natural person is considered to be ‘identifiable’ if he can be identified, directly or indirectly, in particular by reference to an identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural of social identity of that natural person.

As a controller, Sparkfish can collect e.g. a data subject’s name, address, date of birth, telephone numbers, e-mailaddress and IP-address.

This personal data is processed and used by Sparkfish in order to optimize her services and to work as efficient and accurate as possible. Sparkfish will process the data for, among others:

  • the execution of her agreement with clients (the keeping of the accounts, the draft of recommendations or agreements, various types of consultancy, …);
  • the compliance with her legal obligations (e.g. the identification requirement in accordance with the Law regarding the prevention of money laundering and the funding of terrorism);
  • the implementation of marketing strategies (e.g. mailing newsletters);
  • the execution of (internal) analyses and the development of new products.
  • The processing of personal data by Sparkfish will be based on the following legal bases:
  • consent given by the client/data subject;
  • necessity for the performance of a contract to which the data subject is party;
  • necessity for the purposes of the legitimate interests pursued by Sparkfish, namely to ensure the continuity of its business activities.


Sparkfish will provide sufficient security regarding the personal data that is stored and processed.

Both Sparkfish and her appointees will take the appropriate technical and organizational measures to safeguard the processing that will take place.

As far as possible and can reasonably be expected, Sparkfish will make sure that the personal data she has in her possession is updated and that incorrect, incomplete and redundant personal data are corrected or deleted.

Moreover Sparkfish will, as far as possible and can be reasonably expected, make sure to only grant limited access to the personal data to her appointees. This access will be restricted to those appointees that need the personal data in order to execute their duties or to what is necessary information with regard to the requirements of the department.

In this manner Sparkfish will attempt to offer an appropriate level of security for this personal data and the processing thereof.

The data subject will be required to provide all requested personal data to Sparkfish following a legal requirement (e.g. with respect to the Law regarding the prevention of money laundering and the funding of terrorism) and/or because it is a requirement necessary to enter into a contract and to enable the execution of that contract.

In case the data subject does not provide the requested personal data, Sparkfish will not be allowed or able to render the services that have been demanded.

In principle, Sparkfish will only share the personal data with others if the data subject has given its consent to do so or if it is necessary in order to complete a transaction, to deliver a product or to render a service.

If necessary, the personal data will also be shared with Sparkfish’s suppliers, in case it is legally required, in case Sparkfish is involved in a dispute with the data subject, in order to protect Sparkfish’s clients, in order to guarantee product safety and in order to safeguard Sparkfish’s (property) rights.

Sparkfish will not transfer the personal data concerned to third countries or international organizations.

The personal data that has been collected will be stored by Sparkfish for a period of ten years starting from the end of the partnership with the data subject, unless certain legal statutes of limitation or retention periods should demand a longer period.

When a data subject visits Sparkfish’s website, it will need to accept the use of cookies. These cookies are used in order to record the data subject’s preferences. This information might be used to optimize the functionality of the website. These cookies may also be used to store settings or to recognize patterns.

Furthermore, web beacons and other similar technologies, as well as Google Analytics are used.

Sparkfish makes use of profiling in order to carry out targeted mailings of newsletters. This way Sparkfish will attempt to inform her clients only regarding campaigns and products they might show a particular interest in.

Sparkfish will facilitate the execution of the data subject’s following rights:

  • the right of access to its personal data;
  • the right to rectification of incorrect personal data;
  • the right to erasure of its personal data;
  • the right to restriction of processing of its personal data;
  • the right to data portability;
  • the right to object to automated individual decisionmaking.


In order to exercise this right/these rights, the data subject will need to send an e-mail in this regard to the following e-mailadress: Seeing that Sparkfish will need the necessary assurances regarding the identity of the questioner, the data subject will need to add a copy of its identity document to the request.

Sparkfish will respond promptly and in principle within one month, to the data subject’s request.

In any case the data subject has the right to withdraw its consent regarding the processing of its personal data at any time. However, this withdrawal will not affect the lawfulness of the processing based on that consent before its withdrawal.

Sparkfish’s appointee responsible for security and privacy can be contacted at the following e-mailadress:

Should the data subject believe that the processing of its personal data constitutes a breach of the provisions of the GDPR, the data subject will have the right to lodge a complaint with the competent supervisory authority.

In case of any discrepancies between the provisions of this Privacy Statement and the agreement that has been concluded between Sparkfish and the data subject, the provisions as stated in the agreement will prevail.

Sparkfish explicitly reserves the right to amend this Privacy Statement at any time, without any prior notice.