AerData Privacy Notice

Confidentiality and protection of personal information

AerData is sensitive to the issue of confidentiality and the protection of personal information, known as Personal Data in the European Economic Area. In this Notice, personal information means any data that relates to an individual and which identifies that individual, directly or indirectly. We are committed to protecting individual privacy across our range of websites, mobile applications, products and services (hereafter ‘products and services’).

This Privacy Notice provides information about how we at AerData collect, use, store and share personal information in compliance with the European Union General Data Protection Regulation. When you access or use our range of products and services you acknowledge that you have read this Privacy Notice and understand its contents. This Notice is intended to cover all scenarios that may involve data collection and processing; specific products and services may not collect and process all personal information covered. For more information, please contact us at privacy@aerdata.com

Please follow the links below for further information about:

  • Why do we collect personal information?
  • What personal information do we collect?
  • How do we collect personal information?
  • Cookies
  • Collection of personal information from children
  • Sensitive personal information
  • How do we use personal information?
  • How do we retain personal information?
  • What security measures do we have?
  • Transfer and disclosure of personal information
  • Corporate changes (mergers, acquisitions & divestures)
  • Your rights
  • Dispute resolution
  • Changes to this Privacy Notice

Why do we collect personal information?

We rely on a wide variety of information to run our business. In some instances, this information may include data that could be used to identify an individual, otherwise referred to as personal information. So that we may provide you with our products and services, AerData processes your personal information to meet the requirements of our legitimate business interests, and legal, statutory and contractual obligations.

In this Privacy Notice, we provide examples of how personal information we collect may be used and why it is important.

What personal information do we collect?

Below are examples of personal information we collect. The specific kind of information collected will depend on your use of our products and services:

  • First and last name;
  • Phone number;
  • E-mail address;
  • Mailing address;
  • Title;
  • Job title;
  • Company name. 


How do we collect personal information?

We collect information directly from you or your employer, as well as automatically through your use of our products and services (e.g. webforms, helpdesk queries, log data, products usage data).

Information collected via email:

When you send an email to an AerData email address, we save your email address and any other information you provide in that email (such as your name, telephone number and the information contained in any signature block in your email). When you send an email directly from our products, we collect the sender and recipient email addresses.

Information collected via our contact form:

When you contact us using our contact form, we collect the following information: your name, title, company name, email address and any information you include in the message field. If you do not provide the mandatory information required by our contact form, you will not be able to submit the contact form and we will not receive your inquiry.

Information collected when contact us by phone:

When you contact us by phone, we collect your phone number and any information you provide to us during the call. At this time we do not record phone calls.


Cookies

We use cookies to ensure that we give you the best experience on our website. AerData’s website enables you to change your cookie settings at any time. For more information, please visit www.aerdata.com/cookies.


Collection of personal information from children

AerData’s products and services are not intended for use by children, and we do not knowingly or intentionally collect personal information from children. If you believe that we have collected personal information from children, please inform us at privacy@aerdata.com, so that we can delete the collected information.


Sensitive personal information

AerData does not knowingly or intentionally collect sensitive personal information from individuals, and you must not submit sensitive PII to us. Sensitive personal information is information about an individual that reveals their racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information for the purpose of uniquely identifying an individual, information concerning health, information concerning a natural person’s sex life or sexual orientation.


How do we use personal information?

AerData takes your privacy very seriously and we strive to avoid collecting unnecessary personal information from you and not process your information in a way other than as specified in this Privacy Notice. We will not purposefully disclose, share or sell your personal information without your consent, unless required to do so by law. Uses of personal information includes:

  • Providing access to our products and services;
  • Undertaking normal and reasonable business activities;
  • Providing ongoing support for the products and/or services purchased;
  • Investigating, responding to, and managing inquiries or events;
  • Asking you opinion for improving our products and services;
  • Contact you with information about our products and services;
  • Detection, prevention, investigation and prosecution of crime;
  • Working with and respond to law enforcement and regulators;
  • Research matters relating to our business such as security threats and vulnerabilities.

 

How do we retain personal information?

AerData retains personal information for as long as necessary to provide its products and services and to fulfill requested transactions, or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary. The criteria used to determine the retention periods include:

  • How long is the information needed to provide the products and operate our business? This includes such things as maintaining and improving the performance of those products, keeping our systems
  • secure and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most data retention periods;
  • Has the user provided consent for a longer retention period? If so, we will retain data in accordance with your consent;
  • Is AerData subject to a legal, contractual, relevant agreed industry practices, or similar obligations to retain the data?
  • The level of risk, cost and liability involved with AerData continuing to hold the information;
  • Effort required to ensure that the information can be kept up to date and accurate;
  • Any relevant surrounding circumstances (such as the nature and status of our relationship with you).

 

What security measures do we have?

We take appropriate and reasonable administrative, organizational, technical and physical safeguards to secure personal information and to protect it against unauthorized or unlawful use and accidental loss or destruction, including:

  • Where appropriate, only sharing and providing access to your information to the minimum extent necessary, subject to confidentiality restrictions, and on an anonymized basis whenever possible;
  • Using secure servers to store information;
  • Verifying the identity of any individual who requests access to information prior to granting them access to information;
  • Ensuring data minimization, pseudonymization and encryption as appropriate;
  • Using Secure Sockets Layer (SSL) or other similar technologies to encrypt any data transfer via our products and services;
  • Training employees on the importance of protecting privacy and on the proper access to, use and disclosure of personal information;
  • Maintaining security and incident response plans to handle incidents involving unauthorized access to private information we collect or store.

 

Transfer and disclosure of personal information

AerData will not transfer or disclose your personal information to unrelated third parties without your permission, except as otherwise allowed by this Privacy Notice.

We may use external service providers to assist with administrative support services or to perform services/functions on our behalf. In all cases, we will not authorize them to collect or process your personal information for other purposes than the provision of contracted services/functions.


Corporate changes (mergers, acquisitions & divestures)

In the event of a re-organization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock, AerData is likely to disclose your personal information to the new owners, subject to a requirement that such information be used only in accordance with this Privacy Notice.


Your rights

Subject to limitations on certain rights, you have the following rights in relation to your information:

  • The right to be informed - Organizations must be completely transparent in how they are using personal information (this Notice).
  • The right of access - Individuals will have the right to know exactly what information is held about them and how it is processed.
  • The right of rectification - Individuals will be entitled to have personal information rectified if it is inaccurate or incomplete.
  • The right to erasure - Also known as 'the right to be forgotten', this refers to an individual's right to request having their personal information deleted or removed without the need for a specific reason.
  • The right to restrict processing - Refers to an individual's right to block or suppress processing of their personal information.
  • The right to data portability - This allows individuals to obtain (in a standard machine readable format) and reuse their personal information for their own purpose.
  • The right to object - In certain circumstances, individuals are entitled to object to their personal information being used. This includes, if a company uses personal information for the purpose of direct marketing, scientific and historical research, or for the performance of a task in the public interest.
  • Rights of automated decision making and profiling - The General Data Protection Regulation (GDPR) has put in place safeguards to protect individuals against the risk that a potentially damaging decision is made without human intervention. For example, individuals can choose not to be the subject of a decision where the consequence has a legal bearing on them or is based on automated processing.

In accordance with the GDPR, you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the GDPR. Access this link to find the Supervisory Authority in your jurisdiction.

You can exercise your rights contacting our offices or sending an email to privacy@aerdata.com.


Dispute resolution

To communicate any questions or concerns regarding this Privacy Notice or AerData's treatment of personal information, please e-mail us at privacy@aerdata.com or contact our offices. Please note that in certain circumstances, personal information may not be able to be removed. Upon receipt of formal written complaints, it is AerData's policy to contact the complainant regarding any concerns.


Changes to this Privacy Notice

We reserve the right to make changes to this Privacy Notice, so please check back periodically for changes. You will be able to see that changes have been made by checking to see the effective date posted at the beginning of the Notice. In addition, AerData follows the notice provisions below relative to minor and major changes to our Privacy Notice:

Minor changes to our Privacy Notice:

Where we make minor changes to our Privacy Notice, we will update our Privacy Notice with a new effective date stated at the beginning of it. Our processing of your information will be governed by the practices set out in that new version of the Privacy Notice from its effective date onwards.

Major changes to our Privacy Notice:

Where we make major changes to our Privacy Notice or intend to use your information for a new purpose or a different purpose than the purposes for which we originally collected it, we will notify you by email (where possible) or by posting a notice on our website.

We will provide you with the information about the change in question and the purpose and any other relevant information before we use your information for that new purpose.

Wherever required, we will obtain your prior consent before using your information for a purpose that is different from the purposes for which we originally collected it.