Declaration on the protection of personal data

MedExel respects the privacy of all users of its site.

1. Introduction

Promut cvba pays particular attention to the respect for the privacy and confidential nature of the data that we process, as well as to the legislation on the protection of privacy.

Our personal data protection policy is based on the legal provisions applicable in this area, including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter the “General Data Protection Regulation” or “GDPR").

2. Who is responsible for the processing of personal data?

Promut, Cooperative company with limited liability, with registered office at Louis Mettewielaan 74-76, 1080 Sint-Jans-Molenbeek, registered with the Belgian national enterprises register under number 0440.342.980, represented by Mr Alex PARISEL, Managing Director, is responsible for the processing of personal data.

3. Which personal data do we process?

We process the following personal data and/or categories of personal data: personal identification data (name, email address, address, telephone number, date of birth, sex, language, etc.); electronic identification data (mobile phone number, IP address, connection time, etc.).


4. For what purposes do we process your personal data?

We collect and process your personal data in order to:

  • Enable Promut cvba to respond to the request for which you have filled in the contact form and to inform you;
  • provide the information necessary for the performance of the processing regarding the management of the health insurance entrusted to Promut (MedExel) by customers;
  • identify you on our website and give you personal access to the system (MyMedExel);
  • update the personal identification data in your file;
  • analyse errors in order to improve the functioning of the system.

We process the data in accordance with this declaration and the provisions of the GDPR.

Only personnel of Promut and its processors may process the data, exclusively for the purposes described above and to improve the service.


5. How long do we keep your data?

For the purposes of the processing concerned, your data will be kept as long as there is regular contact between you and Promut. If the regular contact is broken off without a sales contract being established, the data will be destroyed no later than 1 year after the last contact.

6. For whom is the collected data intended?

Within the scope of the aforementioned data processing, we may be obliged to pass on your data to the following persons or organisations (non-exhaustive list):

  • the members of our staff responsible for supervising customer requests;
  • MLOZ-IT vzw (IT infrastructure);
  • AssurCard nv (insurance card - electronic invoicing);
  • Zetes nv (insurance card production);
  • Sentenial bvba (DOMI band and SEPA format - management of bank mandates);
  • Manufast-ABP vzw (printing, envelopes and mailing OUT);
  • Soludoc cvba (scanning documents, storage couriers IN);
  • Wijs bvba (website editor);
  • the staff of “Partena-Mutualité Libre” (IT support service).

We do not pass on any personal data to third parties who belong to the aforementioned recipients but are not covered by the aforementioned legal framework, without prejudice to any communication thereof to bodies entrusted with a control or inspection task in application of Belgian law, such as an examining magistrate.
Promut will not disclose personal data to third parties for direct marketing purposes.
7. What rights do you have?

  • Right of access  
    The right of access is the right to obtain information, on request, about the personal data we hold about you.

  • Right to rectification  
    This is your right to ask us to correct any inaccurate personal data as soon as possible. If you think that the personal data are incomplete, you also have the right to request that they be supplemented.

  • Right to erasure
    In some cases, you have the right to request that your personal data are erased. This is the case, for example, if
    • the personal data are no longer needed for the purposes for which they were collected or processed by the controller;
    • the personal data have been processed unlawfully;
    • the user as data subject objects to the processing, but then only in certain specific cases. The right to erasure does not apply in all situations.

  • Right to restriction of processing
    In certain cases, you have the right to obtain from the controller a restriction of the processing of your personal data in accordance with data protection legislation.

  • Right to data portability  
    To the extent necessary, you also have the right to receive your personal data in a structured, commonly used and machine-readable format, under the conditions provided for by the applicable data protection legislation. In any event, the right to erasure of the data continues to apply.

  • Right to object
    You have the right to object at any time to the processing of your personal data for reasons relating to your specific situation. In such a case, we must stop processing the personal data unless we can demonstrate that there are legitimate and compelling reasons for the processing that override your interests, rights and freedoms or that the processing is necessary for the establishment, exercise or substantiation of a legal claim.

8. How do you assert your rights?

You can send your request by email to or by regular mail to the following address:

                    Promut cvba
                    Attn: Kurt Mellaerts
                    Louis Mettewielaan 74-76
                    1080 Sint-Jans-Molenbeek

To ensure respect for your privacy and your security, we will take the necessary measures to verify your identity before allowing you to consult and possibly correct the data.


9. Data about children

As a general rule, we do not intentionally collect or process personal data relating to children under the age of 16. If we become aware that we have inadvertently collected data about children under the age of 16, we will take the necessary measures to erase these data as soon as possible, unless we are obliged to retain them under applicable law.

If we know that a child is over the age of 16 but is considered a minor under applicable law, we must obtain the consent of a parent/guardian before using that child’s personal data.

10. How do we protect your personal data?

Promut has implemented and regularly reviews and updates technically and organisationally adjusted security procedures to prevent the destruction, loss, falsification, alteration, unauthorised access, accidental disclosure to third parties of data to ensure the security of such data and to guarantee the correct use of the information collected for the processing in question.

11. Limitation of liability

Promut’s liability is limited to direct damage, to the exclusion of all indirect damages. Promut can never be held liable for damages deemed indirect, such as, but not limited to, loss of personal data, financial or commercial damage, loss of profit, increase in general costs, disruption of planning.

Furthermore, Promut can never be held liable for any damage resulting from unlawful processing of the personal data by third parties (data theft, viruses, hacking or other IT crimes).

Promut would like to point out that this website may contain hyperlinks and other references to other websites that we only mention to you for information purposes, but which we do not manage or control. Promut disclaims all liability for any inappropriate, unlawful or illegal content on those hyperlinks and also for any damage that may result from consulting them. We therefore advise you to read the privacy rules of each website you visit carefully as they may differ from this privacy declaration.


12. Who can you contact with questions/complaints?

If you feel that we are not fulfilling any of our legal and/or contractual obligations, please contact us via email to or by letter to Promut’s registered office.

               Promut cvba
               Louis Mettewielaan 74-76
               1080 Sint-Jans-Molenbeek

We will do our utmost to process your request as quickly as possible.

Any complaint or objection can be sent to us via e-mail to our Data Protection Officer at or by letter to Promut’s registered office.

                Promut cvba
                Attn: the Data Protection Officer
                Louis Mettewielaan 74-76
               1080 Sint-Jans-Molenbeek

If you are not satisfied with our response, you may file a complaint with the Belgian Data Protection Authority, the Gegevensbeschermingsautoriteit (GBA).

                Drukpersstraat 35
                1000 Brussel
                Tel.: +32 (0)2 274 48 00
                Fax: +32 (0)2 274 48 35
                Email: contact(at)
​​​​​​​                URL:

13. Applicable law and competent court

This declaration is governed by Belgian law. Any dispute which could not be settled amicably within a period not exceeding one month after it arose, whereby this period can be extended by mutual consent, falls under the jurisdiction of the competent court in Brussels (Belgium). Promut reserves the right to turn to another competent court if it deems this necessary.


                                                                      Versie 25.06.2018