Olima – Confidentiality & Data Protection Policy (Belgium)

Last updated: December 2025

At Olima, protecting your family’s privacy is a core part of our mission.

Families trust us with sensitive information: routines, schedules, preferences and personal details and we take that responsibility extremely seriously.

We follow the GDPR, the Belgian Law of 30 July 2018, and industry best practices to ensure your data is safe, confidential and only used for the purpose of helping your household run smoothly.

Sources:

GDPR (Regulation EU 2016/679)

Belgian Data Protection Authority (https://www.dataprotectionauthority.be)

Chambers Data Protection & Privacy – Belgium 2025 (2024, https://practiceguides.chambers.com/practice-guides/data-protection-privacy-2025/belgium).

1. What this policy covers

This page explains:

  • What personal data we collect

  • How and why we use it

  • How we keep it secure

  • Your rights under Belgian and EU law

  • How you can contact us about privacy

This policy applies to all Olima services offered in Belgium.

2. The data we collect

We only collect information needed to provide our services. This may include:

Everyday family & household information

  • Names and contact details

  • Calendars, schedules, appointments

  • To-do lists, bookings, travel preferences

  • Communication with you about tasks

Information about children

If your service involves childcare logistics or school coordination, we may receive:

  • First names

  • School hours, pick-up routines

  • Activity schedules

We avoid collecting any unnecessary information about children.

Sensitive information

We do not request sensitive data (e.g., health details).

If you choose to share something relevant for a task (e.g., dietary needs, mobility notes), we will only use it for that task and only with your explicit consent.

3. Why we collect personal data

We process your data only for purposes that serve your family, such as:

  • Managing household organisation

  • Handling bookings and errands

  • Coordinating calendars

  • Communicating with you about ongoing tasks

  • Improving the quality and reliability of our services

Legal bases:

  • Contract performance (main basis)

  • Consent (when needed for sensitive data)

  • Legitimate interest (improving security, internal processes)

    Sources: GDPR Art. 6–9; Belgian Law of 30 July 2018.

4. How we keep your information safe

Your confidentiality is protected through a combination of technical and organisational measures:

Secure systems

  • Encrypted storage

  • Encrypted communication (TLS/HTTPS)

  • Approved devices only

  • No data stored on personal devices

Strict access control

  • Role-based permissions (“minimum access”)

  • Multi-factor authentication

  • Regular reviews of who has access

Internal confidentiality

  • Every member of the Olima team signs a strict confidentiality agreement

  • Mandatory privacy and security training

    Sources: ER-VA UK (2024, “How to Share Data Securely with Your Virtual Assistant”), OutsourceAccess (2024, “How Virtual Assistants Maintain Confidentiality”).

5. Who can access your data

Only authorised members of Olima who need the information to support your household can access it.

We may use trusted service providers (e.g., cloud storage, calendar tools). Each must meet GDPR standards.

If data needs to be transferred outside the EU (rare), it will only happen with legally approved safeguards such as Standard Contractual Clauses.

Source: GDPR Chapter V.

6. How long we keep your data

We keep personal data only for as long as needed:

  • During your contract: active use

  • After your contract ends: deletion within 90 days unless you request earlier removal

  • Billing data: kept for 7 years as required by Belgian tax law

    Source: Belgian Federal Public Service Finance, 2024.

You can request deletion at any time.

7. Your rights

Under GDPR and Belgian law, you can:

  • Access your data

  • Correct inaccurate information

  • Ask for deletion

  • Restrict or object to processing

  • Withdraw consent at any time

  • Request a copy of your data

Requests are handled within 30 days.

Source: Belgian DPA guidance (https://www.dataprotectionauthority.be).

8. Data breaches

If something risks your privacy, we take it extremely seriously.

We follow GDPR rules for incident response:

  • We assess and contain the issue immediately

  • If required, we notify the Belgian Data Protection Authority within 72 hours

  • If the breach could pose a risk to you, we inform you directly

Source: Belgian DPA – “Data Breach Notification”, 2024.

9. Cookies & website analytics

If you use our website, we may use essential cookies for functionality.

Any analytics cookies will require your consent and will be explained in our cookie banner.

10. How to contact us

For privacy questions or requests:

📩 privacy@o-lima.com

🏢 Olima SRL – Belgium

You may also contact the Belgian Data Protection Authority at https://www.dataprotectionauthority.be.