STIB ensures the protection of personal data within its various departments, in compliance with the General Data Protection Regulation (GDPR). Privacy governance principles have been defined to ensure consistency across the company. All projects with a significant impact on personal data, such as the mobile application, are subject to an impact analysis to identify the appropriate protection measures.

The data protection team was strengthened in 2020, particularly to better support employees, who were invited to take an e-learning course on data protection.

STIB has also published a Privacy Statement on its website containing a detailed and transparent description of the various data processing operations it carries out. The purpose of this statement is to inform clients, candidates for recruitment and everyone else how their data is used, so that they can exercise their rights.

With regard to the rights of data subjects, in 2020 STIB received 164 requests (exercising of rights, complaints, questions from third parties), 78.90% of them concerning the right of access to data. This is an increase of 50.4% compared to 2019. 96.75% of the requests to exercise a right were processed within the legal deadlines.

[ www.stib-mivb.be/privacy ]