Privacy Policy – Leisure Pools Benelux NV

Last updated: 29 June 2026

The Privacy Policy of Leisure Pools Benelux NV describes how we process personal data on leisurepoolsbenelux.be: which data we collect, what we use it for and which rights you have. We protect your privacy.

General

This privacy policy ("Privacy Policy") covers the processing of your personal data when you use our website and the related services (together the "Website"). This processing is carried out by Leisure Pools Benelux NV as data controller, with registered office at Nieuwlandlaan 57, 3200 Aarschot ("we", "us", "our"), registered with the Belgian Crossroads Bank for Enterprises under number 0526.828.477 (VAT BE 0526.828.477), in accordance with applicable data protection legislation (including the GDPR).

Our Website uses cookies and similar technologies. Cookies are small text files that are placed on a device's hard drive and contain certain information, sometimes including personal data. For more information, please see our Cookie Policy.

This Privacy Policy may be amended from time to time. Such changes will be communicated via the Website. The date at the top indicates the latest version.

Which data do we process and why?

Depending on your relationship with us, we may process the following categories of personal data:

  • Identification and contact details: name, address, email address, telephone number;
  • Request/project data: pool type, wishes, location/plot data and any photos or plans you provide to us;
  • Customer and contract data: order, delivery and installation data and communications;
  • Billing and payment data: (we do not store full card details ourselves);
  • Website and technical data: IP address, device/browser information, pages visited, cookie and consent data, and the source of your visit (e.g. via an ad click);
  • Marketing preferences: subscriptions, consents and opt-outs.

We process this data for the following purposes, each on the stated legal basis:

PurposeLegal basis
Handling requests, quotes and contact enquiriesPre-contractual measures / consent
Performing the contract (delivery, installation and servicing of pools)Performance of the contract
Invoicing and accountingLegal obligation
Customer management and after-salesPerformance of the contract / legitimate interest
Follow-up of prospects and leadsLegitimate interest
Direct marketing and newslettersConsent (for existing customers: legitimate interest, always with an opt-out option)
Statistical analysis of the Website and advertising measurement, including offline conversionsConsent (via the cookie banner)
Security of the Website and formsLegitimate interest
Defence against claims and compliance with legal obligationsLegitimate interest / legal obligation

Offline conversions: only after your consent may we link a later (offline) action — such as a request or agreement — back to the original online interaction, in order to measure the effectiveness of our advertisements. Without consent, this does not take place.

In addition to the above purposes, we may also process your personal data to comply with legal obligations (e.g. transfer to a financial institution or payment service provider), to transfer to police or judicial authorities in the event of a justified suspicion of an unlawful act, or in the context of a possible merger, acquisition or demerger.

Who we share data with

We do not sell or trade your personal data. We only share it with external processors that help us provide the Website and our services, and only on our written instructions and under a data processing agreement. These are in particular:

  • Odoo S.A. – our CRM/ERP system (hosting within the EU; see below);
  • Google (Google Analytics 4, Google Ads and Google Maps/geolocation, loaded via Google Tag Manager) – analytics and advertising measurement;
  • PostHog – product and web analytics (European hosting);
  • Vercel – our website hosting and CDN;
  • payment providers and — where necessary for performance — installers/subcontractors;
  • government bodies or competent authorities, where legally required.

We select all our processors with due care, so that the security and integrity of your personal data remains guaranteed. We may share anonymised or aggregated data to improve products and services.

Where we process data (international transfers)

In principle, we process your personal data within the European Economic Area (EEA). In a limited number of cases, data may be processed outside the EEA, always with appropriate safeguards:

  • Odoo (hosting): your data is hosted in production within the EU (data centres in France and Belgium, via OVH and Google Cloud). Back-ups remain within the EU; until our provider's full EU transition is complete, one back-up copy may temporarily be kept in Canada. Canada benefits from an adequacy decision of the European Commission, so this transfer offers an appropriate level of protection.
  • Google: may process data outside the EU, including in the United States, on the basis of the EU-US Data Privacy Framework and/or standard contractual clauses (SCCs).
  • PostHog: processes within the EU.

How we process data (security)

We only process the personal data necessary for the purposes set out in this Privacy Policy, in a lawful, fair and transparent manner, and we make every effort to keep it accurate and up to date.

We take appropriate technical and organisational measures to protect your data against unauthorised access, loss, manipulation or destruction. At our processor Odoo, data is stored encrypted (AES-256) and transmitted via TLS/HTTPS, and the data centres used are, among others, ISO 27001-certified. Access by our staff or that of our processors takes place only on a need-to-know basis and under strict confidentiality. You understand that security is an obligation of means and can never be absolutely guaranteed.

How long we keep your data

We do not keep your data longer than necessary for the purposes for which it is processed, and in accordance with our legal and contractual obligations:

CategoryRetention period
Active customerDuration of the customer relationshipCookie Policy
Former customer – accounting/tax7 years (certain documents up to 10 years)Cookie Policy
Former customer – construction liabilityUp to 10 years after completionCookie Policy
Lead / prospectMax. 2–3 years without interaction, then deleted or anonymisedCookie Policy
NewsletterUntil unsubscription (opt-out always possible)Cookie Policy
Website/cookie dataAs described in our Cookie Policy

After deletion, data may remain in our hosting provider's secure back-ups for up to 12 months, solely to protect the integrity of those back-ups, after which it is automatically destroyed.

Your rights

You have the right to:

  • access to the personal data we process about you;
  • rectification of incorrect or inaccurate data, free of charge;
  • erasure of your data ("right to be forgotten");
  • restriction of processing;
  • object to processing based on legitimate interest, and at any time to direct marketing;
  • portability of the data you have provided to us, in a structured, commonly used and machine-readable format;
  • withdrawal of your consent, at any time, without affecting the lawfulness of earlier processing.

You can exercise these rights via info@leisurepools.be, stating which right you wish to exercise. We confirm receipt and handle your request as soon as possible, and at the latest within one month of receipt. We may ask you for additional proof of identity to prevent abuse.

Complaints

If you have a complaint about the processing of your personal data, please contact us at info@leisurepools.be. If you remain dissatisfied with our response, you can file a complaint with the Belgian Data Protection Authority, Drukpersstraat 35, 1000 Brussels — www.gegevensbeschermingsautoriteit.be