Privacy statement
VREG stands for Flemish Regulator of the Electricity and Gas Market. The VREG respects your privacy. In our Privacy Statement we want to inform you in a clear, transparent, simple but correct way when, why and how the VREG collects, uses, shares and protects personal data, in short, processes them.
1. Who we are and what we aim for
More details about our origins and our tasks can be found under About VREG.
2. Information we collect
2.1 What personal information do we collect from you?
The VREG strives to only use personal data where this is either obligatory or strictly necessary in order to carry out the task or where it receives your permission to process personal data. In any case, we always try to process as few personal data as possible.
2.1.1 VREG newsletter
If you want to be kept informed of what is going on in the energy market, you can subscribe to the VREG newsletter. The details we ask you for are your e-mail address and the areas of interest you would like to receive. You can unsubscribe at any time with every newsletter you receive, or by contacting us at info@vreg.be.
2.1.2 Put the V-TEST in your agenda
To allow you to be notified when your energy contract is about to expire, we ask for your first name, surname, e-mail address and expiry date of your electricity or natural gas contract via a form on the website.
2.1.3 Groencheck
The groencheck allows you to check whether your electricity contract with your supplier is really green. In order to check your personal situation, you need to enter your EAN code. The EAN code is the number of your electricity or gas meter. VREG does not keep the EAN code provided. The data will only be used for the functionality of the Groencheck.
2.1.4. Extranet
In order to access the VREG extranet, you must use the eID.
We keep track of the data of the market parties that report via the extranet. For each market party we register the local manager of the company. The local manager is the person who can give or deny access to the other employees for his company. He/she manages the list of his or her organisation's employees who have access to the company's data in the certification database and the extranet. To this end, the local manager adds their national register number to this list.
On their first visit to the website, we also ask them to complete a number of contact details. This enables us to contact you in the event of problems. You can always change these contact details yourself.
2.1.5 VREG platform
In order to know clearly who owns a green energy certificate, cogeneration certificate and guarantee of origin (or roughly: a portfolio of certificates) and to give the right persons access to this portfolio of certificates, we register, among other things, the national registry number of the owner (if he is a natural person) or the national registry number of the persons authorised by the company to access these data.
In order to gain access to the VREG platform, you must therefore use the eID. The eID (and in particular the national register number) is used to check which certificate portfolios you have access to and to grant you this access.
The local administrator is the person who can give or deny access to other employees for his company. He/she manages the list of his or her organisation's employees who have access to the company's data in the VREG platform and the extranet. To this end, the local manager adds their national register number to this list.
As soon as you have access to the VREG platform, you will be asked to provide contact details (postal address, e-mail address and optionally telephone number, mobile phone number, fax and an alternative e-mail address). This will enable us to contact you in the event of problems. You can always change these contact details yourself.
A number of the data in the VREG platform are exchanged with the network operators. In summary, this is a (fully automatic) data exchange for the following purposes:
Authorisations have been obtained for these exchanges of data, which can be found on this page: https://www.vreg.be/nl/disclaimer-juridische-informatie
2.1.6 Simulator Digital Meter
The simulator digital meter allows you to get an estimate of your percentage self-consumption, how many euros you will pay more or less compared to the prosument rate which percentage of self-consumption has no impact on your electricity bill and a comparison of your self-consumption with the average in Flanders. To be able to check your personal situation, we ask you to enter several parameters: postcode, your current meter type, your annual net consumption, your consumption profile on weekdays and the number of people in the household.
If you have a solar panel installation, we will ask you for the following additional information: power inverter, power panels, orientation and angle of inclination, the date of commissioning and the annual yield of your solar panels.
The simulation can also take into account additional techniques in combination with your solar panels, in particular electric hot water production, heat pump or a home battery. For this we ask for the following information:
The data entered is also logged for analysis and statistics purposes and in order to continuously improve our tool.
2.1.7 Complaints and disputes
In order to be able to deal with complaints and disputes, VREG also receives personal data. Depending on the complaint or dispute, for example, names and (e-mail) addresses of the person lodging the complaint. The processing of this data includes entering the name of the complainant in a complaints or disputes register. In addition, customer details (name and usually address) are communicated to the market party/parties concerned, i.e. a system operator, a closed distribution system operator, a heat or cold system operator, and possibly a supplier, as appropriate, as part of the resolution of the dispute and sometimes also of a complaint.
2.2 Cookies and similar technologies
When using the website or certain applications of the VREG, we may store local storage about your use of the website or application in order to better tailor it to your needs and preferences. Based on this information, we may offer you certain functionalities to improve your ease of use. The information we collect is limited to technical information, such as device brand, provider and session and browser data. For more information regarding the use of cookies, you can always consult our cookie policy at https://www.vreg.be/en/cookie-policy
2.3 Log files
Log files are created automatically when applications of the VREG are used. These logs store information such as IP address, date and time, and so on. This information enables us to continuously improve the applications.
3. Why do we use this data?
We collect and process your personal data for the following purposes:
4. With whom do we share your information?
We only share your personal data with network operators, energy suppliers and other authorities in the event that this is necessary for the performance of VREG's tasks.
We try to pseudonymise or anonymise your personal data when we share it with external parties. We do this by aggregating sufficient personal data (e.g. statistical research) or omitting certain parts of personal data so that the information can no longer be associated with a person.
We do not sell personal data to third parties and do not share your personal data with third parties without your consent, unless there is a legal obligation to do so.
5. How do we secure your data?
The VREG makes every effort to protect your personal data and privacy at all times by taking the necessary organisational, technical and physical measures. With this in mind, we have implemented an information security policy and standards in line with the international ISO27001-2 standard. Various functions within the organisation monitor compliance with legislation and the security of your information, our infrastructure and systems. We continuously try to implement new technical measures, such as encryption, firewalls, access control with strict password requirements, intrusion and anomaly detection and physical security. In the event of an incident involving your information, you will be notified personally in the circumstances provided for by law.
The number of employees who have access to your information is limited and carefully selected. These employees will be granted access to your personal information to the extent that they need it to carry out their duties properly. Our employees are trained to handle your information correctly. In addition, in the case of new projects that may have an impact on your privacy, an extensive analysis will be carried out to guarantee your rights, the security and protection of your personal data.
Our websites sometimes contain links to sites of third parties (other authorities, energy suppliers, network operators or other organisations) whose terms of use do not fall within the scope of this privacy statement. Please read carefully their statement(s) concerning the protection of your personal data.
7. Your rights and how to exercise them
7.1 Right of inspection, transferability and correction of your data
The quality and accuracy of your personal data are very important to us. That is why you always have the right to access your personal data held by us, as well as to have them corrected in the event of inaccuracies. You do this by submitting a request to the DPO of VREG. The contact details can be found at the bottom of this page.
In order to exercise your right of access, and to prevent any unauthorised disclosure of your personal data, you must provide us with proof of your identity. We therefore ask you to preferably add a copy of the front of your identity card to your request.
We will always process your request within 30 days of receiving it. If we are unable to process your request in full within 30 days, we will inform you of this in good time, including the scheduled date by which we will have been able to process your request.
For the sake of completeness, we inform you that if we do not respond to your request, reject it or if our response does not meet your expectations, you always have the right to contact the Data Protection Authority, via contact@apd-gba.be, which will then intervene as part of its mediation process.
7.2 Right to delete your data
You have the right to have incomplete, incorrect, inappropriate or outdated personal data removed or modified. You can also submit a request to this effect to the above-mentioned services. However, we reserve the right to determine whether your request is justified. Please also note that, depending on your request, we may no longer be able to offer you some services. For example, we must process certain personal data if you wish to be reminded of the V-TEST. In addition, we have to comply with certain legal retention periods, as a result of which we are unable to comply with your request for deletion.
In order to keep your data up to date, we ask you to notify us of any changes, such as new contact details. Wherever possible, we provide our platforms with the possibility of updating your data.
8. How long will your data be stored?
The VREG undertakes not to keep your data longer than necessary for the provision of our services for the purpose for which we have collected them. However, retention periods may vary for different purposes. At the end of the applicable retention period(s), personal data will be anonymised.
9. How should you contact us?
If you have any questions about this Privacy Statement, if you wish to exercise your rights with regard to your privacy or if you have any other questions about our privacy policy, please contact us:
Flemish Regulator of the Electricity and Gas Market
Graaf de Ferraris building
Koning Albert II-laan 20, bus 19
1000 Brussels
info@vreg.be
Free telephone 1700
Fax: 02/553.13.50
If you wish to contact our Data Protection Officer, please send your question to
Flemish Regulator of the Electricity and Gas Market
To the Data Protection Officer
Graaf de Ferraris building
Koning Albert II-laan 20, bus 19
1000 Brussels
email: dpo@vreg.be
If you wish to contact the supervisory authority, please send your question to
Data Protection Authority
Drukpersstraat 35, 1000 Brussels
Telephone: +32 (0)2 274 48 00
email: contact@apd-gba.be
10. Changes to our privacy statement
From time to time we may change our privacy statement. We therefore recommend that you check it regularly. The last amendment was made on October 27, 2020.