Privacy Policy

Privacy Policy

This privacy policy applies to (i) the personal data that STVV NV, with registered office at Tiensesteenweg 168, 3800 Sint-Truiden and registered with the CBE under number VAT BE0845.049.251 (hereinafter: “STVV” or “we”) via the website (hereinafter: “Website”) and / or following offline counter sales collects “tickets / subscriptions (Season seat card, Cashless card, Binkenkaart)” and “dining at Stayen” and (ii) the use thereof for the execution of the concluded agreement and / or (personalized) marketing purposes by STVV.

We appointed Maetzler Rechtsanwalts GmbH & Co KG as our Data Protection Officer (DPO) according to Art 37 GDPR. Our DPO can be contacted at .

What are your rights?

You have the following rights: Right of access, correction, deletion, limitation, objection and transferability of personal data.

If the processing of your personal data is based on your prior consent, you naturally have the right to withdraw that consent.

To exercise your rights, it is sufficient to contact us to go to privacy contact page ( or by post to Tiensesteenweg 168, 3800 Sint-Truiden. We do everything we can to answer you as soon as possible and within 30 days at the latest.

An additional identification can be requested for identification purposes.

Where can you file a complaint?

You have the right to file a complaint with the Belgian Data Protection Authority, Drukpersstraat 35, 1000 Brussels, Tel +32 (0) 2 274 48 00,

What personal data do we collect from you?

Personal data that you provide to us:
- When you visit the Website, we obtain your IP address and your choice of language (“technical information”),
- When registering for the STVV newsletter: your name and e-mail address;
- When registering for “tickets / subscriptions (Season ticket, Cashless card)” (via Website and offline counter sales) we obtain your name and first name, address details, date of birth, e-mail address and telephone number;       
- When using the “cashless” function on your subscription (Season ticket, Cashless card, Mobile app), we have access to financial data (card balance) and consumption behavior;
- When registering for "dining at Stayen" (via Website and offline counter sales) we obtain your name and first name, address details, e-mail address, telephone number and any specific dietary requirements;
- When visiting the stadium we obtain images and video material which may include your personal data. To prevent unauthorized access to the stadium we may also process personal data on criminal convictions.

It is possible that the personal data mentioned above will be collected from minors. STVV acknowledges personal data of minors are to be protected with a higher level of protection and STVV commits itself to treat the personal data of minors with the utmost vigilance.

How do we collect personal data from you?

We collect your personal data in various ways:
- By means of cookies (see Cookie policy );
- By means of a registration form or order form (for the STVV newsletter, “tickets / subscriptions (Season ticket, Cashless card)” and “dining at Stayen”);
- By using the “cashless” function on your subscription (Season ticket, Cashless card, Mobile app);
- By using access control to the stadium.

Why do we collect personal data from you? (purposes)

We collect technical information for the care and improvement of the Website and for the preparation of anonymous visitor statistics.

We collect your personal data (eg identity data, financial data,…) for the purpose of (i) delivering and invoicing your order (“tickets”, “dining at Stayen”, “cashless”) and / or (ii) the sending a newsletter and / or (personalized) marketing.

Personal data will thus be processed in order to enter into and execute a contract or keeping you informed about STVV. If you fail to provide the necessary personal data, STVV cannot guarantee it will be able to enter into and execute the contract nor keep you up to date by means of newsletters and via marketing.

We collect data on criminal conviction to ensure the safety in the stadium.

Can we process your personal data? (legal basis)

We may process your technical information because you consent to this via the "cookie banner" ( Cookie policy ) on the one hand and because it is part of our legitimate interest to continuously improve our Website and services.

We may process your personal data to execute the agreement. In addition, as a football club, we are legally obliged to be able to identify every spectator at the stadium. We process your personal data on criminal conviction based on the performance of the contract including the house rules when you buy a ticket and enter the stadium. If no contract is in place we base such processing on legitimate interest to maintain safety and order and to prevent crimes.

We may process your personal data to send you a newsletter and / or (personalized) marketing:

·       If you have registered for the STVV newsletter via the Website, you have given us permission to send the newsletters. This permission can always be withdrawn.

·       If you have purchased a subscription (Season ticket), we will send you a newsletter and a subscription magazine based on our legitimate interest.

·       If you have made a reservation for “dining at Stayen” or/and purchased “Tickets” or/and registered “cashless”, we will send you a newsletter based on our legitimate interest.

Do we share your personal data with third parties (yes or no within Europe)?

If this is necessary to achieve the stated purposes, your personal data will be shared with third parties: just think of the maker / hoster of our Website, the bank / payment service provider, the caterer, the printer. We guarantee that all third party recipients will take the necessary technical and organizational measures to protect your personal data.

STVV will not sell your personal data, nor rent it or make it commercially available to third parties (including STVV's commercial partners), unless with your prior consent.

Insofar as you have agreed that we forward your personal data to Pro League nv for its direct marketing purposes, you are aware of the fact that we, together with Pro League nv, will act as 'joint controllers' for this specific processing. This processing consists of the joint controllers sending your personal data to each other, if you have explicitly consented to this (via an opt-in box), via the CRM database. With regard to the rights that you can exercise under the GDPR with regard to this processing (including Article 13 and 14 GDPR), you can contact us to exercise them.

Your personal data may also be sent out of Europe. STVV undertakes to only appoint such controllers and/or processors outside the European Economic Area who offer adequate guarantees for the security and protection of personal data in conformity with applicable privacy legislation. The complete and updated list of decisions on the adequacy of the Protection of Personal Data in third countries by the EU Commission can be consulted at A copy of the personal data can be asked with

Finally we could be obliged to share your personal data with public authorities (eg. police, justice, prosecution authorities, Minister of the Interior), especially in case of criminal conviction.

How long do we keep your personal data?

Your personal data will only be processed for as long as necessary to achieve the purposes. They will therefore be kept for the period necessary to achieve the purposes or to comply with legal requirements (including in the field of accounting or in the context of specific football legislation).

What about links to third-party websites, eg. online fanshop?

The STVV online fanshop is operated by a third party ('Belgoshop'). The privacy conditions can be found at .

STVV is not responsible for the content of the websites to which is linked from STVV by the manager or visitors. The visitor is aware that the privacy of other websites may differ from STVV.

What technical and organizational security measures have we taken to protect your personal data?

We have developed security measures that are adapted on a technical and organizational level, to prevent the destruction, loss, falsification, modification, unauthorized access or notification by mistake to third parties of personal data as well as any other unauthorized processing of these personal data: for an SSL certificate, the personal data is only accessible for the administrator account, ...

Under no circumstances can STVV be held liable for any direct or indirect damage resulting from incorrect or unlawful use by a third party of the personal data.

You must observe the safety regulations at all times. You are therefore solely responsible for the use made from the Website of your computer, IP address and your identification data, as well as for the confidentiality thereof.

Version: April 19th, 2021