Skip to content

Privacy policy

Last updated: 07.05.25

The International Academy of Osteopathy vzw (hereinafter: “IAO”) places great importance on your right to privacy and the protection of your personal data. We process your data in accordance with applicable regulations, including the General Data Protection Regulation (EU 2016/679) (“GDPR”) and the Belgian implementing legislation.

1. Who are we?

IAO is a non-profit association under Belgian law, located at Bollebergen 2B Bus 15, 9052 Ghent, and registered with the Crossroads Bank for Enterprises under number 0459.285.397. We act as the data controller within the meaning of the GDPR.

2. From whom do we collect personal data?

We process personal data from:

  • Students;
  • Prospective students (including information requesters and open day attendees);
  • Teachers, assistants, employees;
  • Visitors to our website;
  • Individuals who share their data with us through other channels.

3. What personal data do we process?

We only process personal data that are relevant for our purposes:

Identification and contact details

  • Name, address, phone/mobile number, email address.

Electronic identification

  • IP address, information collected through cookies (see our cookie policy).

Financial data

  • Bank account number;
  • Payment history.

Personal characteristics

  • Gender, date of birth, nationality.

Education and occupation

  • Professional data, degrees.

Other

  • Any other information you voluntarily provide to us.

We clearly indicate when data is mandatory or optional.

4. Purposes and legal grounds for processing

We process your data for the following purposes:

  • Execution of a contract (e.g. course registration, access to the learning platform);
  • Management and optimization of our website and services;
  • Marketing purposes (e.g. newsletters, subject to your consent);
  • Our legitimate interests (e.g. responding to inquiries, promotion).

The legal basis depends on the purpose:

  • Contract: for education and access to the eCampus (HUB);
  • Consent: for electronic newsletters (opt-in, can be withdrawn at any time);
  • Legitimate interest: for general communication, promotion, and client management.

5. With whom do we share your data?

Your data may be shared with:

  • IT, marketing, and accounting service providers (processors);
  • Professional advisors (e.g. lawyers, accountants);
  • Buckinghamshire New University (for master’s degree programs);
  • Government authorities if legally required.

For transfers outside the EEA, we provide appropriate safeguards (such as EU standard contractual clauses).

Your data will never be sold or rented to third parties for marketing purposes without your explicit consent.

6. Retention periods

We do not retain your personal data longer than necessary:

  • Accounting records: 10 years (invoices: 7 years);
  • Data related to education: up to 10 years after the relationship ends;
  • Website visitor data: see cookie policy.

In exceptional cases, data may be retained longer if legally required or for legal purposes.

7. How do we protect your personal data?

We take appropriate technical and organizational measures, including:

  • SSL encryption for the HUB platform and our website;
  • Secure servers;
  • Data processing agreements with service providers;
  • Confidentiality obligations for staff and instructors.

8. Your rights

Under the GDPR, you have the following rights:

  • Right of access;
  • Right to rectification;
  • Right to erasure;
  • Right to restriction of processing;
  • Right to data portability;
  • Right to object to processing and direct marketing.

You can exercise your rights by contacting us at info@osteopathy.eu. We may request proof of identity. Exercising your rights is generally free of charge, except in cases of excessive or repetitive requests.

9. Direct marketing

You may subscribe to our newsletter. Each marketing email includes an opt-out link. You can also unsubscribe by contacting info@osteopathy.eu.

10. Data in the clinic

In the context of practical training, we manage patient data electronically via CROSSUITE. This data is only accessible to relevant students and clinical supervisors. Data is only shared with third parties upon explicit patient consent.

11. Changes

This policy may be updated. The most recent version is always available on our website. The date at the top will be updated when changes are made.

12. Questions or complaints?

For questions, you can contact us at info@osteopathy.eu.

If you wish to file a complaint, please contact:

Data Protection Authority (Gegevensbeschermingsautoriteit)
Drukpersstraat 35, 1000 Brussels
contact@apd-gba.be
www.gegevensbeschermingsautoriteit.be