Privacy Policy
Last updated: 29 June 2026
This Privacy Policy explains how BrusselsMUN ("we", "us", "our"), operated under Polaris Production, collects, uses and protects your personal data when you use brusselsmun.com and our application portal at portal.brusselsmun.com. We act as the data controller and handle your data in accordance with the EU General Data Protection Regulation (GDPR) and Belgian data protection law.
What we collect
When you create an account or submit an application, we collect the information you provide: your name, email address, date of birth, nationality, country of residence, school or university, dietary requirements, committee and country preferences, your application answers, and any documents you upload such as position papers. We also keep a record of your account activity, including sign-in times and the status of your application. When you pay a fee, payment is processed by Stripe; we store only the amount, currency, status and a payment reference. We never see or store your card details.
Why we use it and our legal basis
We use your data to review and process your application, assign you to a committee, communicate with you about the conference, take payment of fees, and run the event safely. Our legal bases are the performance of our agreement with you (your participation), your consent where you provide it, and our legitimate interest in organising and improving the conference. Where you are a minor, we rely on parental or guardian consent where required.
Who we share it with
We share data only with the service providers that help us run the conference: our server hosting provider, Stripe (payment processing), and Resend (transactional email delivery). Our organisers and committee chairs can see the application details necessary to run committees. We do not sell your personal data or use it for third-party advertising.
International transfers
Some of our providers (for example Stripe and Resend) may process data outside the European Economic Area. Where this happens, the transfer is protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses.
How long we keep it
We keep application and account data for up to 12 months after the conference you applied to, after which it is deleted or anonymised. Payment and invoicing records are kept for up to 7 years to meet Belgian accounting and tax obligations. You can ask us to delete your data sooner where we are not legally required to keep it.
Your rights
Under the GDPR you have the right to access your data, correct it, request its deletion, object to or restrict its processing, withdraw consent at any time, and receive a copy of your data in a portable format. To exercise any of these rights, email info@brusselsmun.com. You also have the right to lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit).
Minors
Some delegates may be under 18. Where a participant is a minor, the consent of a parent or guardian is required to create an account, apply and attend. Please contact us if you need details about parental consent.
Security
We protect your data with industry-standard measures including encrypted connections (HTTPS), hashed passwords, access controls that limit organiser access to what is needed, and trusted payment and email providers. No system is perfectly secure, but we work to keep your data safe.
Contact
For any question about this policy or your data, email info@brusselsmun.com.