La recherche au service de l’athlète
Contactez-nous

Privacy Policy

Last updated: 12/01/2026

This privacy policy describes how personal data are collected, used, and protected when using the ReFORM network website (hereinafter referred to as the “Site”), in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of personal data (GDPR) and applicable Belgian law.

1. Identity of the data controller

The data controller is:

  • Name: ReFORM (Réseau Francophone Olympique de la Recherche en Médecine du Sport)

  • Legal form: [to be completed]

  • Registered office address: 1, Avenue de l’Hôpital, 4000 Liège, Belgium

  • Company number (CBE): [to be completed]

  • Contact email address: contact@reform-sportcimed.org

2. Personal data collected

Depending on how the Site is used, the following categories of personal data may be collected and processed:

  • Identification data (last name, first name)

  • Contact details (email address, telephone number)

  • Connection and browsing data (IP address, browser type, pages visited)

  • Data provided via forms (message content)

  • Any other data explicitly provided by the user

Data marked as mandatory in forms are required to access the relevant services.

3. Purposes of processing

Personal data are processed in particular for the following purposes:

  • To respond to requests submitted via contact forms

  • To manage relationships with users

  • To provide the services offered on the Site

  • To ensure the proper functioning and security of the Site

  • To produce usage and traffic statistics

  • To comply with legal and regulatory obligations

Any additional purpose will be subject to prior specific information.

4. Legal bases for processing

Depending on the case, personal data processing is based on the following legal grounds:

  • The data subject’s consent

  • Performance of a contract or pre-contractual measures

  • Compliance with a legal obligation

  • The legitimate interest of the data controller, in particular to ensure the security of the Site, prevent abuse, and improve its operation, while respecting the fundamental rights and freedoms of data subjects

5. Data recipients

Personal data may be disclosed to:

  • Internal departments of the data controller

  • Service providers and processors acting on behalf of the data controller

  • Competent administrative or judicial authorities where required by law

Personal data are never sold or transferred to third parties for their own commercial purposes.

6. Processors and tools used

The Site may use technical service providers and third-party tools, in particular for:

  • Website hosting

  • Audience and performance analysis

  • Form management

  • Security and maintenance services

These service providers act as data processors and only on the instructions of the data controller. A detailed list of processors may be provided upon request or via a specific policy where required.

7. Cookies and similar technologies

The Site may use cookies and similar technologies.

Information regarding their use, purpose, retention period, and consent management procedures is described in the Cookie Policy available at the following address: [link to be completed].

8. Data retention periods

Personal data are retained only for the period strictly necessary to achieve the purposes for which they are processed, in particular:

  • Contact data: [to be completed]

  • Data related to a contractual relationship: duration of the contract plus the applicable statutory retention periods

  • Browsing and statistical data: [to be completed]

At the end of these periods, the data are deleted or anonymised.

9. Rights of data subjects

In accordance with the GDPR, data subjects have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restriction of processing

  • Right to object

  • Right to data portability

  • Right to withdraw consent at any time, where processing is based on consent

10. Exercising rights

These rights may be exercised at any time by submitting a request:

Proof of identity may be requested in the event of reasonable doubt. The data controller undertakes to respond within a maximum period of one month from receipt of the request.

11. Transfers of data outside the European Union

Personal data are:

☒ processed exclusively within the European Union ☐ likely to be transferred outside the European Union

Where transfers outside the European Union take place, appropriate safeguards are implemented in accordance with the GDPR (standard contractual clauses, adequacy decisions, or other recognised mechanisms).

12. Data security

The data controller implements appropriate technical and organisational measures to ensure a level of security appropriate to the risks, including:

  • Restricted access to data

  • Securing servers and systems

  • Use of encryption protocols where necessary

  • Awareness-raising among authorised persons with access to the data

13. Complaint to the Data Protection Authority

Any data subject may lodge a complaint with the Data Protection Authority (DPA):

Belgian Data Protection Authority Rue de la Presse 35 1000 Brussels – Belgium https://www.autoriteprotectiondonnees.be

14. Changes to the privacy policy

This privacy policy may be amended at any time to reflect legal, regulatory, or technical developments.

The applicable version is the one published on the Site at the time of consultation.