Contact
en
Nederlands français
Register
privacy policy & cookies

privacy policy & cookies

Last updated at: 16 January 2026
Version: 1.0

PRIVACY POLICY
Updated on January 8, 2026

1. Parties and subject matter

Korei Guided Tours vzw (hereinafter "Korei" or the "Controller")
Zaterdagplein 6 1000 Brussels

CBE/VAT: 0457 855 341
Email: info@korei.be
Telephone: +32 2 380 22 09

Korei has established this Privacy Policy, which aims to inform Users in a transparent manner about the website hosted at the following address: www.korei.be (hereinafter referred to as the "Site") and about how personal data is collected and processed by Korei.

The term "User" refers to any user, whether a natural or legal person, who visits the Site or interacts with the Site in any way.

In its capacity as data controller, Korei determines all technical, legal, and organizational means and purposes for the processing of Users' personal data. Korei undertakes to take all necessary measures to ensure that the processing of personal data is carried out in accordance with the Act of July 30, 2018, on the protection of natural persons with regard to the processing of personal data (hereinafter referred to as the "Act") and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (i.e., the General Data Protection Regulation (GDPR) or "GDPR"; hereinafter referred to as the "Regulation").

Korei is free to choose a natural or legal person who processes the personal data of users at its request and on its behalf (hereinafter the "Processor" or "Subcontractor"). Where applicable, Korei undertakes to select a Processor that offers sufficient guarantees with regard to the technical and organizational measures for the processing of personal data, in accordance with the Act and the Regulation.

2. Processing of personal data

The use of the Site by Users may lead to the collection of personal data. The processing of this data by Korei, in its capacity as Data Controller, or by service providers acting on behalf of and for the account of Korei, is carried out in accordance with the Law and the Regulation.

Personal data is processed by Korei, in accordance with the purposes set out below, using the following methods:

Delivery of quotes based on guided tours, newsletter subscriptions, invoicing.

3. Purpose of processing personal data

In accordance with Article 13 of the Regulation, the purposes of the processing of personal data are communicated to the User. These purposes are as follows:

To ensure the performance of the services offered and agreed upon on the site; legal obligation to retain data.

4. Personal data that may be processed

The User agrees that, during their visit and use of the Site, Korei may collect and process the following personal data:

name, address, email address, phone number, company registration number

Korei collects and processes this personal data in accordance with the terms and principles described in this Privacy Policy.

5. Consent

By accessing and using the Site, the User declares that he/she has read and given his/her free, specific, informed, and unambiguous consent to the processing of his/her personal data. This agreement relates to the content of this Privacy Policy.

Consent is given by the positive and active action of the User checking the box for the privacy policy in the hypertext link. This consent is an essential condition for performing certain actions on the Site or for enabling the User to enter into a contractual relationship with Korei. Any agreement binding Korei and a User with regard to the services and goods offered on the Site is subject to the User's acceptance of the Privacy Policy.

The User agrees that the Data Controller, in accordance with the terms and principles set out in this Privacy Policy, may collect and process his/her personal data provided on the Site or in connection with the services offered by Korei for the purposes mentioned above.

The User has the right to withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on prior consent.

6. Retention period for Users' personal data

In accordance with Article 13(2) of the Regulation, the Controller shall retain personal data only for as long as is reasonably necessary to achieve the purposes for which they are processed.

In all cases, this period shall not exceed the legal obligations according to the processing purpose.

7. Recipients of data and disclosure to third parties

Personal data may be transferred to Korei's employees, staff, subcontractors, processors, or suppliers, provided that adequate safeguards are in place to ensure the security of the data and that they cooperate with Korei in marketing its products or providing its services. They act under the direct authority of Korei and are specifically responsible for collecting, processing, or outsourcing this data.

In all cases, the recipients of the data and those to whom the data is provided comply with the content of this Privacy Policy. Korei ensures that it processes this data only for the intended purposes and in a discreet and secure manner.

In the event that the data is provided to third parties for direct marketing or prospecting purposes, the User will be informed in advance so that he or she can give prior and explicit consent to this use of personal data.

8. Data Protection Officer (DPO)

The following person is appointed as Data Protection Officer (hereinafter "DPO"): Koen Maes

The role of the DPO is to ensure the correct implementation of national and supranational provisions on the collection and processing of personal data.

You can contact the DPO as follows:

info@korei.be

9. User Rights

The User may exercise his or her rights at any time by sending an email to the following address: info@korei.be, or a letter by post, accompanied by a copy of his or her identity card, to the following address: Zaterdagplein 6, 1000 Brussels.

In accordance with Article 15 of the Regulation, Korei guarantees the User's right to access their personal data. The User has the right to access this personal data and the following information:

  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed;
  • in the event that the recipients are established in third countries or are international organizations, the appropriate or suitable safeguards;
  • where possible, the proposed storage period for personal data or, if this is not possible, the criteria used to determine this period;
  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the Regulation, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

The Controller may charge a reasonable fee based on administrative costs for additional copies requested by the User.

If the User submits this request electronically (e.g., via email), the data will be provided in electronic form and for general use, unless the User requests otherwise.

The copy of the data will be communicated to the User within one month of receipt of the request at the latest.

Korei guarantees the User the right to rectify and delete personal data.

In accordance with Article 16 of the Regulation, incorrect, inaccurate, or irrelevant data may be corrected or deleted at any time. The User shall first make the necessary changes themselves from their user account, unless these cannot be made independently, in which case the request may be addressed to Korei.

In accordance with Article 19 of the Regulation, the controller shall communicate any rectification of the personal data to each recipient to whom the personal data have been disclosed, unless such communication proves impossible or involves a disproportionate effort. The controller shall provide the data subject with information about these recipients if the data subject requests it.

The User has the right to obtain the erasure of his or her personal data as soon as possible in the cases referred to in Article 17 of the Regulation.

Where the Controller has made the personal data public and is obliged to erase it pursuant to the previous paragraph, the Controller shall, taking into account the available technologies and implementation costs, take reasonable measures, including technical measures, to inform other controllers processing such personal data that the data subject has requested that they erase any links to, or copies or reproductions of, such personal data.

The two preceding paragraphs shall not apply to the extent that such processing is necessary:

  • the exercise of the right to freedom of expression and information;
  • to comply with a legal obligation to process under Union or Member State law to which the controller is subject, or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • the establishment, exercise, or defense of legal claims.

In accordance with Article 19 of the Regulation, the controller shall communicate any erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. The controller shall provide the data subject with information on these recipients if the data subject so requests.

The User has the right to restrict the processing of their personal data in the cases referred to in Article 18 of the Regulation.

In accordance with Article 19 of the Regulation, the controller shall communicate any restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves a disproportionate effort. The controller shall provide the data subject with information on these recipients if the data subject requests it.

In accordance with Article 20 of the Regulation, Users have the right to receive their personal data from Korei in a structured, commonly used, and machine-readable format. Users have the right to transmit this data to another controller without Korei preventing this, in the cases provided for in the Regulation.

When the User exercises his right to data portability pursuant to the previous paragraph, he has the right to have personal data transferred directly from one controller to another, insofar as this is technically possible.

The exercise of the right to data portability shall not affect the right to erasure. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

The right to data portability does not affect the rights and freedoms of third parties.

The User has the right to object at any time to the processing of his/her personal data due to his/her specific situation, including the automation of data by Korei. In accordance with Article 21 of the Regulation, Korei will no longer process personal data unless there are legitimate and compelling reasons for the processing that prevail over the interests and rights and freedoms of the User, or for the establishment, exercise, or defense of legal rights.

When processing personal data for prospecting purposes, the User has the right at all times to object to the processing of personal data concerning him for such prospecting purposes, including profiling insofar as it relates to such prospecting.

If the data subject objects to the processing for prospecting purposes, the personal data will no longer be processed for that purpose.

The User has the right to lodge a complaint regarding the processing of their personal data by Korei with the Data Protection Authority responsible for the Belgian territory. More information can be found on the website: https://www.gegevensbeschermingsautoriteit.be/.

Complaints can be submitted to the following addresses:

Data Protection Authority
Drukpersstraat 35, 1000 Brussels
Tel. +32 2 274 48 00
Fax. +32 2 274 48 35
E-mail: contact@apd-gba.be

The User may also file a claim for cessation with the president of the court of first instance of his place of residence.

10. Limitation of the Controller's liability

The website may contain links to other third-party websites that are not linked to Korei. The content of these sites and their compliance with the Regulation and the Act are not the responsibility of Korei.

The holder of parental authority must give his or her express consent to minors under the age of 16 to disclose personal information or data through the Site. Korei strongly recommends that persons exercising parental authority over minors promote responsible and safe use of the internet. The Data Controller cannot be held liable for the collection and processing of personal information and data of minors under the age of 16 whose consent is not effectively covered by that of their legal parents, nor for incorrect data - in particular regarding age - entered by minors. Under no circumstances will personal data be processed by the Data Controller if the user indicates that he/she is under 16 years of age.

Korei is not responsible for loss, damage, or theft of personal data, particularly as a result of the presence of viruses or after computer attacks.

11. Safety and security

The Controller implements technical and organizational measures to ensure an appropriate level of security for the processing and collection of data. These security measures depend on the implementation costs related to the nature, context, and purposes of the processing of personal data.

The Controller uses standard encryption technologies within the IT sector when transferring or collecting data on the Site.

12. Changes to the Privacy Policy

Korei reserves the right to amend this Privacy Policy in order to comply with legal obligations in this regard. Users are therefore requested to consult the Privacy Policy regularly to stay informed of any changes and amendments. Such changes will be posted on the Site or sent by email to ensure enforceability.

13. Use of cookies

Our website does not use cookies for tracking or marketing purposes. We do not place any files on your device that can track or identify you.

14. Analytics without cookies

For statistics, we use Plausible Analytics, a privacy-friendly alternative that works entirely without cookies. This means:

  • No personal data is collected or stored.
  • No visitor profiles are created.
  • All data is aggregated and anonymous.

Because we do not place cookies and do not collect personal data via analytics, no cookie consent banner is required on our site.

15. Applicable law and competent court

This Privacy Policy is governed exclusively by Belgian law. Any dispute shall be submitted to the courts of the judicial district of Korei's registered office.

16. Contact

For any questions or complaints regarding this privacy policy, the User may contact the Controller at the following address: info@korei.be.