Privacy statement Brainphonics

Your privacy is important to us. BrainPhonics is committed to protecting and respecting your privacy. When we process your personal data, we always do so in accordance with the applicable laws and regulations, including the General Data Protection Regulation (‘GDPR’) and the Belgian Law of 30 July 2018 on the protection of individuals with regard to the processing of personal data.

This privacy statement is a document in which we clearly and transparently set out how we handle the processing of your personal data when you visit our website and/or order our services or products, what personal data we process, with whom we share it, what measures we take to protect your privacy, and what rights you have as a user or customer. We encourage you to read and take note of this policy carefully.

Beyond this privacy statement does not apply where you have been informed that an alternative statement applies.

Our privacy statement covers the following aspects:

  • Identity of the controller
  • Purposes of processing personal data
  • (Categories of) personal data we process
  • Legal basis for processing data
  • Transfer of personal data
  • Transfer to third countries
  • Retention period of personal data
  • Security and confidentiality
  • Rights of the data subject
  • Cookies
  • Agreement and modification of privacy statement

1. Identity of the controller

The controller of your personal data is the company BrainPhonics BV, with its registered office at Sluisstraat 79/3.1, 3000 Leuven, Belgium, and company number 1013.011.877.

For any questions or complaints regarding your personal data or our data processing and privacy policy, please do not hesitate to contact us using the following details:

  • Email:
  • Postal address: Sluisstraat 79/3.1, 3000 Leuven, Belgium

2. Purposes of processing personal data

To use our website or our services and products, we may ask you for certain personal data.

Processing is carried out for the following purposes:

  • To fulfill our contractual obligations with you, such as managing orders, payments, and invoices;
  • To manage our website for better internal operation, such as ensuring that our website content is optimally displayed for you and your device;
  • To improve our services, handle your requests, and better tailor our offerings to your needs (better customer service, support, and quality control);
  • For market research, customer satisfaction surveys, product development, and clinical studies, possibly in collaboration with third parties, to develop new research & development studies;
  • To identify (potential) customers and provide targeted marketing information about our (new) products, services, offers, and promotions relevant to their needs;
  • To collect contact details of healthcare professionals for networking, collaborations, or partnerships that promote the sale and distribution of medical equipment;
  • To prevent fraudulent or illegal use of our products and services, such as verifying your identity.

3. (Categories of) personal data we process

We process various personal data, including but not limited to:

A. Data you provide to us:

  • Identity details (e.g., name, title, company name, email address, phone number, date of birth, address, etc.);
  • Information provided through forms on our website or via phone or email communication;
  • Information obtained from creating a profile on our website, including usernames and passwords;
  • Financial and transactional data for processing orders;
  • Marketing and communication preferences, including subscriptions to our publications;
  • Your feedback, including feedback about our websites, products, and services in general;

B. Data we collect about you when you visit our website:

  • Information about the IP address used to connect to the internet, including browser type and version, time zone, types and versions of browser plug-ins, and operating system and platform;
  • Identification of the device used to visit our website;
  • Data about your visit to our website (e.g., duration, interaction, date, and time).

C. Data obtained from third parties: These are data we receive from third parties when you use a website/application other than ours that advertises or utilizes our services. We work closely with third parties (including business partners, subcontractors for technical services, payment and delivery services, advertising networks, analytics providers, search data providers) and will collect and process the data we receive from them.

We process your data based on the following legal grounds:

  • BrainPhonics’ legitimate interests, provided this does not infringe on your fundamental rights and freedoms, such as understanding your preferences, personalizing our product offerings or securing our website;
  • Your consent (e.g., for marketing purposes);
  • A contractual relationship between BrainPhonics and you arising when using our products or services;
  • Compliance with legal obligations to which BrainPhonics is subject.

5. Transfer of personal data

For certain services or products, we reserve the right to share your personal data with our partners. If legally required to disclose your data, we will be compelled to do so.

6. Transfer to third countries

We may transfer your data to destinations outside the European Economic Area (EEA) when necessary to achieve one of the purposes mentioned in point 2 and/or share your data with third parties as specified in point 5.

The following security mechanisms oversee data transfers outside the EEA:

  • Article 45 GDPR: The laws of the country receiving your data offer an adequate level of data protection;
  • Article 46.2 GDPR: The transfer is covered by European Commission-approved data protection clauses or the EU-US Privacy Shield;
  • The transfer is based on binding corporate rules, approved codes of conduct, certification mechanisms, or agreements adopted by the Belgian data protection authority.

If you have explicitly consented, we may share your data with third-party service providers offering relevant products or services. You can withdraw your consent at any time.

For more information, please contact us via the details provided in point 1.

7. Retention period of personal data

We will retain your data for as long as we reasonably consider necessary to fulfill our purposes as set out in this privacy statement and as required and/or permitted under applicable law.

Specifically, we will:

  • Retain your purchase data for as long as necessary for billing, payment processing, and to comply with legal obligations. In accordance with tax and accounting regulations, invoice data will be retained for the legally required period. After this period, your data will be deleted or anonymized;
  • Retain data related to your online inquiries only as long as necessary to provide the requested information;

Unless:

  • It is necessary to process your data in connection with an ongoing or potential dispute. In such cases, we will retain your data until the dispute is resolved; and/or
  • It is required to retain your data to comply with legal or regulatory obligations. In such cases, we will retain your data for as long as prescribed by law.

8. Security and confidentiality

We take the necessary measures to secure and protect your data against loss, misuse, or unauthorized access/disclosure. We always treat your personal data with confidentiality.

All data is stored on secure, encrypted servers. Regular security updates are carried out, including automatic patching. Our systems are secured with antivirus and anti-malware programs. Regular security audits are also part of our security measures. (This section may be amended or supplemented.)

If we have provided you with a password (or if you have chosen a password yourself) to access certain parts of our website, you are responsible for keeping this password confidential. We request that you do not share this password with others.

Our website may contain links to and from websites and/or applications of our partner networks, advertisers, and affiliates. If hyperlinks or banner advertisements with hyperlinks are used to access third-party websites and/or applications, please be aware that these third-party websites and/or applications are not controlled by us and have their own privacy policies. Therefore, they are not subject to this privacy policy, and we accept no responsibility or liability for such policies. Please review these policies before submitting any data to these websites and/or applications.

9. Rights of the data subject

As an individual, you have a number of rights concerning the processing of your personal data. These rights can be exercised by contacting us via the contact details provided above (see point 1). The list below provides a non-exhaustive overview of your rights:

  • You have the right at any time to access your processed personal data that we hold;
  • You have the right to request the correction of your data if it is incorrect or incomplete;
  • Under certain circumstances, you have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format;
  • Under certain circumstances, you have the right to request that the processing of your personal data be stopped or restricted. In such cases, we may no longer use your data, only store it;
  • Under certain circumstances, you have the right to request that your personal data be deleted;
  • You also have the right to object to certain types of processing, including processing for direct marketing purposes.

If our processing of your personal data is based specifically on your consent, you have the right to withdraw this consent at any time. This includes, among other things, your right to withdraw consent for the use of your data for direct marketing purposes

You have the right to file a complaint with the Belgian Data Protection Authority regarding how we process your data.

For all requests mentioned above, you can send an email to with the subject “Request regarding data privacy.”

When requesting access, correction, or deletion of personal data, we may ask you to verify your identity. Preferably, this is done via an already known email address or phone number. Only if there is reasonable doubt about your identity may we ask you to provide additional information, such as a partially redacted copy of your identity document. We will only use this information for verification purposes and will delete it after verification. We aim to process your request as soon as possible. If it takes longer than one month to process your request, we will notify you in advance.

10. Cookies

When you visit our website, we may use cookies. These cookies make browsing easier and improve your user experience. It also gives us the opportunity to improve our website. You can refuse the use of our cookies, but please note that this may limit your access to certain features of the website.

11. Agreement and Changes to the Privacy Statement

By using this website, you confirm that you have read the privacy policy and agree to the data collection and use practices described therein.

This privacy statement may be amended from time to time due to changes within the legal framework or within our organization. It is advisable to consult this privacy statement regularly.

By continuing to use the website after changes have been made to this privacy statement, you accept these changes. The last update of this privacy statement took place on May 21st, 2025.