Privacy Policy


This privacy policy sets out how Northern Aerotech collects, uses and protects any personal data given to us directly by you or provided by recruitment agencies or other intermediaries.

Northern Aerotech is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using our website or in the recruitment process or as a Northern Aerotech employee, then you can be assured that it will only be used as described in this privacy policy and in accordance with EASA Part 145 and EU Regulation 2016/679 (GDPR). 



We may collect the following information about you:

  • personal and contact details (e.g. your name, email address, date of birth, gender and job title
  • personal and contact details you give us when requesting a proposal through our website
  • during the hiring process we will request details from you and/or the recruitment agency including, your name, your work history, qualifications, contact details (such as email, telephone number and home address), your work permits, security clearances and any additional data specifically required for a particular job or operation
  • details of your education, employment history, references and other information provided by you about yourself (e.g. the information contained within your CV) 
  • data we collect via cookies or similar technology stored on your device (find out more about cookies below) 
  • additional information which you provide voluntarily and/or which we may ask from you, for example, for the purpose of obtaining access to certain airports or approvals for specific tasks.
  • bank details or other payment details
  • email correspondence 

Special category data:

  • We may request Special category data or Sensitive Personal Data about you (including details of your physical or mental health and/or other Sensitive Personal Data that you may choose to provide to us voluntarily or in some cases we may be required by applicable law to provide authorities with your personal data in order to obtain access and approvals.

Criminal offense data:

  • We will also ask you to provide us with a Criminal records certificate

Certain personal data categories, such as race, ethnicity, religion, health, sexual orientation and biometric data, fall into a special data category and require additional protection under the EU data protection laws, the same goes for records of criminal offences and are known as “sensitive personal data”. 

We will always limit the collection and processing of sensitive personal data to what is absolutely necessary to fulfill regulatory requirements and obtain access to airports where our operations are conducted.



We primarily process your Personal Data on the lawful basis of the legal obligation we, as an EASA Part 145 approved maintenance, have towards EASA and local authorities. We do this with the purpose of ensuring we only authorize people with EASA compliant qualifications and to ensure that we are compliant with EASA documentation requirements. We also process your data on the lawful basis of legitimate interests and with the purpose of determining your qualifications and overall suitability, and assigning you to our operations that best fit your qualifications and our responsibilities. 

Special category data is collected and processed on the lawful basis of contractual and legitimate interests and on the conditions specified in the GDPR, Article 9, §2 (b).

Criminal offence data is collected and processed on the lawful basis of contractual and legitimate interests and on the conditions specified in the GDPR, Article 6, §1 & Article 10.

When you are offered and accept a position with us, we will only share the personal data necessary to obtain operational approvals, access to airports and other permits needed to ensure our contractual obligations to our customers are met, as well as secure our continued operation. This can include Special category and Criminal offense data, if required.

We may use your personal data such as timesheets, work hours and pay rate for payroll and reporting purposes. In addition, we may need to manage submission of timesheets, payroll services, expenses and other HR related services, such as job performance assessment and surveys.

We may also share your personal data with authorities upon request and we are under legal obligation to retain your data for a period of 3 years from the date of employment end.

When you request a proposal though our website we will only use your personal data (name, email, phone number) to send the requested proposal or if needed, contact you for further details and clarification.


How we use cookies:

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operation to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. 



We do share your information with third parties, but only to the absolute necessary extent.  We will however only share your relevant personal data with serious clients with the goal of job matches mutually beneficial to you and the client. 

We also, occasionally, share data with third parties in the form of IT services & support, legal services, payment companies, accommodation providers, airlines or institutions required by law. Third party providers are only provided with the absolute necessary data to perform their respective services.

We ensure that our clients and/or service providers, both in- and outside the EEA (European Economic Area), are also in compliance with the GDPR before any personal data is made available to them.


International data transfers

Our Aircraft Maintenance System provider and its servers are located outside the EEA. The system only holds your name and EASA Part 66 Aircraft Maintenance License number, and no processing of your information takes place by the provider.


Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, we do not have any control of the content of that website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy policy. You should exercise caution and look at the privacy policy applicable to the website in question.



We retain your Personal Data for the length of your employment and 3 years from employment end date in accordance with EASA Part 145 Regulations. In some cases, we can be required to retain some records for up to 5 years from end of employment by applicable laws. 


We are committed to ensuring that your Personal data is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

Electronic personal data is stored on secured servers and accessed from password protected computers in a secure environment.

Hard copy personal data – kept to a minimum – is stored in secure, locked storage in a secure environment. 

The information is encrypted wherever possible and we undergo periodic reviews of our security policies and procedures to ensure that our systems are secure and protected. However, the transmission of information via the Internet is not completely secure so we cannot guarantee the security of your information when it is transmitted to our website or from third party websites such as job boards. 



We do not sell, rent, distribute or otherwise make Personal Data commercially available to any third party not related to our business legitimate interests or in violation of your rights, but we may share information with our service providers for the purposes set out in this Privacy Policy. We will keep your information confidential and protect it in accordance with our Privacy Policy, the GDPR and all applicable laws.



The GDPR provides the following rights for individuals: 

  • The right to be informed 

You have the right to know what personal data of yours is being collected, what it is used for and with whom it is shared.

You also have a right to be notified in case of data breach or loss of data.

  • The right of access 

You have the right to access/view your personal data and verify the lawfulness of the processing.

  • The right to rectification 

The right of access allows you to rectify any wrong or incomplete personal data collected on you.

  • The right to erasure 

This right allows you to request your personal data be deleted by data controllers and processors. In some cases, your request can be denied due to applicable laws requiring data retention for X amount of time.

  • The right to restrict processing 

Like the right to erasure, this is not an absolute right and requests for restricted processing can be denied for a number of different reasons.

  • The right to data portability 

You have the right to receive a copy of your stored personal data and to use this data as you please.

If you would like a copy of the information held on you please write to

  • The right to object 

You have the right to object to processing of your personal data for the following purposes;

  • processing based on legitimate interests or the performance of a task in the public interest/exercise 
  • of official authority (including profiling); 
  • direct marketing (including profiling); 
  • processing for purposes of scientific/historical research and statistics.

If you are unhappy with the way that we have handled your Personal Information, you can file a complaint with the Information Commissioners Office (ICO) which is the UK authority responsible for data protection. Contact details are available online at

  • Rights in relation to automated decision making and profiling. 

You have the right to not be subject to decisions based solely on automated processing, including profiling.



You can find the full General Data Protection Regulation here



If you have any questions regarding our privacy policy you can contact us using the information below.

Copenhagen Airport South

Building 273

2791 Dragoer


This Privacy Policy is in effect from 25 May 2018.

All amendments require notification of data subjects.