PRIVACY & COOKIE NOTICE
Last date of revision: 11 June 2019
1. WHO THIS PRIVACY AND COOKIE NOTICE APPLIES TO
1.1 Aviapartner Holding NV (“Aviapartner” or “we / us”) is a provider of airport ground handling services. We have our registered seat at Brussels National Airport, 1930 Zaventem and our company number is 0432.388.386.
1.2 We act as a data controller for all personal data processed by our company. All our affiliated companies are separate and independent legal entities. They act as separate data controllers for the personal data they process.
1.3 We want to be a great company. In order to achieve that goal, we are committed to work in the right way. We are committed to protect your privacy and to process your personal data in an open and transparent manner, in particular with respect of the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”).
2. WHAT IS COVERED BY THIS PRIVACY AND COOKIE NOTICE?
2.1 With this Privacy and Cookie Notice we would like to inform you about why and how we process personal data as a data controller when we perform any activities that form part of the operation of our business or when you use the Sites and any of the services we offer through the Sites (“the Services”), who we give that information to, what your rights are and who you can contact for more information or queries. We also provide information about the type of cookies we use and how you can control them.
2.2 When we refer to “the Sites“, we mean the specific webpages with a URL commencing:
- https://www.aviavip.com: the website of our brand dedicated to Premium Services and Executive Aviation (“AviaVip”);
- https://www.aviapartner.aero : the general website about our company;
- https://www.aviapartnerexecutive.com : the website of our brand dedicated to Premium Services and Executive Aviation (“Aviapartner Executive”);
- https://www.primavistagroup.com : the website of our brand dedicated exclusively for airport premium services
The sites may link to other sites provided by other affiliated companies entities or by third parties. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices of other websites.
When linking to any such sites, we strongly recommend you to review the Privacy and Cookie Notices on these sites, before disclosing any personal information.
3. HOW WE OBTAIN DATA
3.1 We may obtain your personal data in the framework of the execution of our business activities or when you use the Sites and its applications and services.
3.2 We may obtain such personal data because you give them to us (e.g. by contacting us), because others give them to us (e.g. your employer or third party service providers that we use in the framework of our business activities) or because they are publicly available.
When we obtain personal data from third parties, we make reasonable efforts to conclude contractual clauses with these parties obliging them to respect the data protection legislation. This can be done by obliging this party to provide you with all necessary information or – if necessary – to obtain your consent for processing the personal data as described in this Privacy and Cookie Notice.
We may also obtain personal data when you interact with us (e.g. by completing forms on the Sites, by contacting us etc.)
4. DATA WE COLLECT
4.1 The personal data that we collect or obtain may, among other things, include:
- Standard identification data (e.g. name, address (private/work), phone number (private / work), e-mail address (private / work), country of residence)
- Electronic identification data (e.g. IP addresses, browser type, cookie identifiers, …);
- personal characteristics (e.g. age, gender, date of birth, place of birth, nationality, language, family composition, hobby’s etc.);
- financial specifics (e.g. bank account number,…);
- employment and educational data (e.g. organization you work for, job title, qualifications,…);
- data about how you interact with us (e.g. when you contact us via the details mentioned on the “Contact” pages of the Sites) and other similar information.
5. WHY WE USE YOUR DATA
5.1 We only process your personal data for legitimate business reasons. These purposes include, but are not limited to
- customer and supplier management;
- order and supply management;
- invoicing and accounting;
- the provision of information on our company, services and activities;
- the good organisation of our services;
- direct marketing and sales;
- dealing with the enquiries and requests of clients and suppliers;
- dispute management;
- public relations;
- statistics and market research;
- access control;
6. THE LEGAL GROUNDS FOR PROCESSING YOUR DATA
6.1 We process your personal data for the purposes mentioned above:
- when necessary for the performance of contracts to which you are party or in order to take steps at your request prior to entering into a contract;
- when necessary for compliance with our legal obligations;
- for the purposes of the legitimate interests of the Company and/or of a third party, including (but not limited to) our business activities, client and supplier management etc.
If we have the legal obligation to obtain your free, informed, specific and unambiguous consent to process your personal data for certain purposes (e.g. specific direct marketing or market research activities), we will only process your data for such purposes to the extent that we have obtained such consent from you.
7.1 We may disclose your personal data to affiliated companies, third parties that provide services to us that reasonably require access to personal data relating to you for one or more of the purposes outlined in the “Why we use your data section above” section above. The following third parties may for instance be concerned:
- external service providers we rely on for various business services;
- law enforcement authorities in accordance with the relevant legislation;
- external professional advisors (e.g. attorneys or consultants of the company);
- police authorities.
If our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
7.2 Please note that some of the recipients of your personal data referenced above may be based in countries outside of the European Union whose laws may not provide the same level of data protection. In that case we will take adequate safeguards such as standard contractual clauses according to article 46.2 (c) of the GDPR.
7.3 In general, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy and Cookie Notice.
We reserve the right to disclose your personal information as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.
7.4 With your explicit consent, we may transfer your personal data obtained through (the use of) the Sites to third party advertisers or sponsors for direct marketing purposes, including targeted advertising.
8. COOKIES – GOOGLE MAPS – RECAPTCHA
8.1 Cookies are small text files that are stored by your browser onto your computer or mobile device when you visit this Site.
They are used to provide you with a good experience when you browse this Site and allow us to improve this Site. You can find more information about cookies by visiting the following website: www.allaboutcookies.org
8.2 We have not implemented any cookies in the Sites as such. The Sites contain however two services powered by Google Inc which might rely on a limited number of strictly necessary cookies to function properly:
- Google Maps
ReCAPTCHA is a service powered by Google Inc which uses advanced risk analysis techniques to keep humans and bots apart. We use reCAPTCHA to prevent bots from sending us automatic messages through the contact forms on the Sites. ReCAPTCHA might use strictly necessary cookies and information such as IP addresses to determine whether the forms are completed by human users or by robots. The IP addresses used by ReCAPTCHA are however truncated and anonymized. For more information about Google’s privacy practices, please click on this link: Google’s privacy practices.
8.3 You can enable, disable and/or delete cookies as you wish. You can delete all cookies that are already on your device and you can set most browsers to prevent them from being placed.
The ability to enable, disable and/or delete cookies can be completed at browser level. These settings are usually found in the “options” or “preferences” menu of you internet browser. In order to understand these settings, the following links may be helpful. Otherwise you should use the “Help” option in your internet browser for more details:
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
9. SECURITY OF YOUR DATA
9.1 We employ strict technical and organizational (security) measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage both online and offline.
These measures include:
- training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;
- administrative and technical controls to restrict access to personal data on a ‘need to know’ basis;
- technological security measures, including fire walls, encryption and anti-virus software;
- physical security measures, such as staff security badges to access our premises.
9.2 Although we use appropriate security measures once we have received your personal data, the transmission of data – especially over the internet (including by e-mail) – is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.
We limit access to your personal information to those who we believe reasonably need to come into contact with that information in order to carry out their jobs.
10. DATA RETENTION
10.1 Your personal data will not be retained longer than necessary for the purposes described above and according to our internal retention policy.
11. AUTOMATED DECISION-MAKING
11.1 Automated decisions are defined as decisions about individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals involved.
11.2 As a rule, your personal data will not be used for automated decision-making. We do not base any decisions about you solely on automated processing of your personal data.
12. YOUR RIGHTS
Aviapartner can only act upon requests concerning your rights if we are the controller of the data we hold about you. If you are a passenger on a flight we have handled, we process your information on behalf of an airline. Please contact your airline to exercise your rights.
12.1 You have several rights concerning the information we hold about you. We would like to inform you that you have the right to:
- obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;
- ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete;
- ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data if you believe that there is no (longer a) lawful ground for us to process it;
- withdraw consent to our processing of your personal data (to the extent such processing is based on consent);
- receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract);
- object to our processing of your personal data for which we use legitimate interest as a legal basis, in which case we will cease the processing unless we have compelling legitimate grounds for the processing.
You have also the right to object at any time to the processing of personal data for direct marketing. If you do not want to continue receiving any direct marketing from us, you can contact us (see below) or click on the unsubscribe function in any such communication. In that event, the personal data shall no longer be processed for such purposes.
12.2 In order to exercise any of your rights, you can send us a request, indicating the right you wish to exercise by e-mailing us at firstname.lastname@example.org.
You may also use this contact address if you wish to make a complaint to us relating to your privacy.
12.3 If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Data Protection Authority (“DPA”) in your jurisdiction. If you would like to be directed to the appropriate DPA, please contact us.
13. HOW TO CONTACT US?
13.1 We hope that this Privacy and Cookie Notice helps you understand, and feel more confident about, the way we process your data. If you have any further queries about this Privacy and Cookie Notice and the Sites in general, please contact us:
- by e-mailing us at email@example.com or
- by addressing your query to Aviapartner Holding NV, Brussels National Airport, 1930 Zaventem, at the attention of Data Protection Coordinator.
14. CHANGES TO THIS PRIVACY AND COOKIE NOTICE
We may modify or amend this Privacy and Cookie Notice from time to time. Any changes we may make to this Privacy and Cookie Notice in the future will be posted on this page. To let you know when we make changes to this Privacy and Cookie Notice, we will amend the revision date at the top of this page. The new modified or amended Privacy and Cookie Notice will apply from that revision date. Please check back periodically to see changes and additions.