General information

KBC Group NV, Havenlaan 2, 1080 Sint-Jans-Molenbeek, Belgium, VAT BE 0403.227.515, RLP Brussels, www.kbc.com (referred to hereinafter as ‘KBC’) is the data controller of your personal data for the purposes of organising its General Meetings. Please read this Data Protection Statement carefully, because it contains essential information about how KBC processes your personal data. It also contains more information about your privacy rights and how you can exercise them.  

KBC’s aim is to process personal data in a manner that is lawful, fair and transparent. This Data Protection Statement provides more information on which personal data KBC collects and processes. Whenever KBC uses the term ‘data’ in this Data Protection Statement, this refers to your data as a shareholder or shareholder’s representative. Regardless of the capacity in which you act, your rights are the same and KBC will treat your data with equal care. 

Personal data

1. How does KBC obtain personal data?

KBC receives personal data because you or your financial intermediary has provided certain data in the context of the General Meetings.

2. Which personal data does KBC collect?

• Category 1: your identification details;
• Category 2: financial data such as the number of KBC shares with which you wish to participate in the General Meetings, your account number, etc.;
• Category 3: your contact details such as your address, e-mail address, etc.
  

3. Purposes of data processing

KBC processes your personal data for the following purposes: for the organisation of the General Meetings, to facilitate remote participation using an electronic means of communication, and for the analysis and management of the attendance and voting procedures.

4. Duration of data processing

KBC uses your personal data if KBC has a clear purpose for doing so, as described above. If KBC no longer has a purpose, KBC deletes your personal data. In principle, KBC will retain your personal data for the retention period as specified by law.

Your rights

When KBC processes your personal data, you have certain rights:

• Right of access and right to inspect: you have the right to know what personal data we hold on you at any time, and also how KBC uses your personal data.
• Right to rectification, erasure and restriction: It is possible that certain data KBC holds about you is not (or no longer) accurate. You can ask for the data to be corrected or completed at any time. You can ask us to erase your personal data at any time. If KBC no longer has an overriding ground for processing your personal data, KBC will erase it.
• Right to object: You also have a right to object to the processing of your personal data that is based on the justified interests of KBC.
• Right to free data transfer: You have the right to obtain your personal data as processed by KBC in a structured, usual and machine-readable form and/or to transfer your personal data to another data controller. 

Be as specific as possible when you exercise your rights. KBC can then deal with your request specifically and correctly. KBC will need to be able to verify your identity in case someone else tries to exercise your rights. KBC may therefore ask you to provide ID when such a request is made.

If you would like more information or do not agree with our standpoint, you also have the right to submit a complaint to the Belgian Data Protection Authority (Gegevensbeschermingsautoriteit) at : Drukpersstraat 35, 1000 Brussels, Belgium (Tel: +32 (0)2 274 48 00 Fax: +32 (0)2 274 48 35 E-mail: contact@apd-gba.be)

Contact

If you have any questions or comments about the processing of your personal data, please feel free to contact KBC by registered letter sent to KBC Group NV, Havenlaan 2, 1080 Sint-Jans-Molenbeek, Belgium.

Security and confidentiality

In order to be able to process your personal data, KBC grants access to your data to our employees. KBC ensures that strict rules are followed and that the employees concerned:

• Only have access to the data they need in order to perform their tasks;
• Are obliged at all times to treat personal data discreetly, securely and confidentially and only to use the data for the performance of their tasks.

KBC takes internal technical and organisational measures to prevent personal data finding its way into the hands of, or being processed by, unauthorized parties or being accidentally altered or deleted.

Passing on data to third parties

KBC will not sell, lease, distribute or make your personal data commercially available to third parties in any other way without your prior consent. 

In rare cases KBC may be required to disclose your personal data to third parties pursuant to a court order or in order to comply with other mandatory legislation or regulations. KBC will make reasonable efforts to inform you of this in advance, except in cases where the law imposes restrictions.

Support by third parties

KBC may make use of processors for the processing of personal data. These are companies which are permitted to process personal data on contract from KBC, such as external service-providers that KBC uses in the context of the aforementioned purposes.

In addition to using such processors, KBC may also use other service-providers or third parties who are themselves data controllers, such as lawyers or notaries public.

Amendments

KBC may amend this Data Protection Statement at any time. The most recent
version can always be found at www.kbc.com.  In order to keep you informed of the most recent amendments to the Data Protection Statement, KBC will update the revision date each time it is changed. The amended Data Protection Statement is valid on that date. KBC will inform you in advance of any important substantive amendments.

You can also find more information about the Belgian Data Protection Act in general on the website of the Belgian Data Protection Authority, at www.dataprotectionauthority.be .