Contact

Privacy statement

We are committed to the confidentiality and integrity of your personal data. Therefore, we will process your data carefully and use it only for specific purposes and in accordance with the legal provisions on data protection.

In this privacy statement, we provide a detailed description of how we handle your personal data.

Controller

Iris Group NV (hereinafter "Iris", "we", "us" and/or "our") with company number BE 0418.161.060, based in 1140 Brussels, Avenue de Basel 5, is responsible for processing your personal data.

Iris Group is the parent company of Iris Facility Solutions, Iris Industry Solutions, Alcyon, Alcyon Service Checks, Technical Building Services, Iris Greencare.

Below we detail for each category of data subjects what personal data we collect, for what purposes and under what legal basis, as well as information on retention periods:

Access to your data is limited to only authorized individuals within Iris who need this information to perform their functions.

In addition, to the extent necessary or appropriate we may share your personal data with:

  • our branches / other entities of the Iris Group
  • our business partners
  • public services (including justice and police services)
  • banks and insurers
  • Our professional advisors (e.g., law firms and consulting firms)
  • suppliers of IT related services
  • other service providers we appoint as data processors

We will impose appropriate contractual, confidentiality, security and other obligations on these third parties. The obligations imposed will correspond to the nature of the services they provide to us. We will only allow them to process your personal data in accordance with the law and our instructions. We will not allow them to use your personal data for their own purposes and if our relationship ends we will ensure that your personal data is securely returned and/or destroyed.

Some of these third parties are themselves data controllers who are responsible for processing your personal data for their own purposes, for example, insurance companies or governments. In these cases, we are not able to impose any obligations or restrictions on these controllers as to how they can process your personal data.

In principle, your data will not be transferred to a destination outside the European Economic Area (EEA). Should this be the case, Iris will ensure that an adequate level of protection is guaranteed.

Certain countries outside the EEA are recognized by the European Commission as providing an adequate level of data protection. For transfers from EEA countries to countries that are not considered adequate by the European Commission, we take appropriate measures such as setting up contractual clauses ("standard contractual clauses") to ensure an adequate level of data protection if necessary.

In accordance with the Data Protection Act, you have the right to:

  • submit a request for access and inspection: this allows you to view your personal data at any time;
  • request that your personal data be corrected or, if necessary, deleted, especially if such data are no longer necessary for the purposes for which they were collected/processed;
  • withdraw your consent to the processing of personal data;
  • to oppose the processing of data relating to you in certain specific cases, including processing for the purposes of direct marketing, in which case we will no longer process your data, except for legitimate and compelling reasons that outweigh your interests, rights and freedoms or if the processing is related to the establishment, exercise or support of a legal claim;
    oppose automated individual decision-making (not applicable at Iris);
  • request that the processing be restricted, especially if you dispute the accuracy of the data, for a period of time that allows us to verify the accuracy of that data; and
  • recover your personal data, for example to transfer them to another processing controller and, if technically possible, to obtain that the data be transferred directly from one processing controller to another.

You may exercise the above rights by sending a written request via email to gdpr@iris.be

We will respond to your request as soon as possible, and in any case within one month of receiving your request. Depending on the complexity of the requests and the number of requests, this deadline may be extended by another two months. We will inform you in that case.

You may exercise your rights free of charge unless your request is manifestly unfounded or excessive, in particular because of its repetitive nature. In such a case, we have the right and choice to charge you a reasonable fee (taking into account the administrative costs of providing the requested information and the costs associated with taking the requested action or refusing to comply with your request).

Complaints in case of violation of applicable rules on the protection of personal data can be addressed to the Data Protection Authority at contact@apd-gba.be.

Iris treats all your personal data confidentially and takes appropriate technical and organizational measures to protect your data from loss or unlawful processing.

To protect your personal data, we take various security measures including secure servers, firewalls, encryption and authentication tools, as well as physical protection of the locations where personal data is kept.

Should you, recently all the precautions taken, still observe a breach of our security, please notify us as soon as possible via gdpr@iris.be

We do not use your personal data for any automated decision-making.

Iris may amend this Privacy Statement from time to time and without notice (last update September 2021). We encourage you to consult this Privacy Statement on a regular basis, at least when you (re)submit personal data to Iris.

If you have any questions about this privacy policy, are not satisfied with the way we handle your personal data or wish to exercise any of your rights, please contact us at gdpr@iris.be

If you are not satisfied with our response to a complaint or if you believe that our processing of your personal data does not comply with data protection legislation, you may contact the Data Protection Authority at contact@apd-gba.be

Iris > Privacy statement
  • © Iris 2025
Facebook f Linkedin-in Envelope
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.