WHAT WE COLLECT
We may collect the following information about you:
Special category data:
Criminal offense data:
Certain personal data categories, such as race, ethnicity, religion, health, sexual orientation and biometric data, fall into a special data category and require additional protection under the EU data protection laws, the same goes for records of criminal offences and are known as “sensitive personal data”.
We will always limit the collection and processing of sensitive personal data to what is absolutely necessary to fulfill regulatory requirements and obtain access to airports where our operations are conducted.
WHAT WE DO WITH THE INFORMATION WE GATHER
We primarily process your Personal Data on the lawful basis of the legal obligation we, as an EASA Part 145 approved maintenance, have towards EASA and local authorities. We do this with the purpose of ensuring we only authorize people with EASA compliant qualifications and to ensure that we are compliant with EASA documentation requirements. We also process your data on the lawful basis of legitimate interests and with the purpose of determining your qualifications and overall suitability, and assigning you to our operations that best fit your qualifications and our responsibilities.
Special category data is collected and processed on the lawful basis of contractual and legitimate interests and on the conditions specified in the GDPR, Article 9, §2 (b).
Criminal offence data is collected and processed on the lawful basis of contractual and legitimate interests and on the conditions specified in the GDPR, Article 6, §1 & Article 10.
When you are offered and accept a position with us, we will only share the personal data necessary to obtain operational approvals, access to airports and other permits needed to ensure our contractual obligations to our customers are met, as well as secure our continued operation. This can include Special category and Criminal offense data, if required.
We may use your personal data such as timesheets, work hours and pay rate for payroll and reporting purposes. In addition, we may need to manage submission of timesheets, payroll services, expenses and other HR related services, such as job performance assessment and surveys.
We may also share your personal data with authorities upon request and we are under legal obligation to retain your data for a period of 3 years from the date of employment end.
When you request a proposal though our website we will only use your personal data (name, email, phone number) to send the requested proposal or if needed, contact you for further details and clarification.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operation to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
SHARING INFORMATION WITH THIRD PARTIES
We do share your information with third parties, but only to the absolute necessary extent. We will however only share your relevant personal data with serious clients with the goal of job matches mutually beneficial to you and the client.
We also, occasionally, share data with third parties in the form of IT services & support, legal services, payment companies, accommodation providers, airlines or institutions required by law. Third party providers are only provided with the absolute necessary data to perform their respective services.
We ensure that our clients and/or service providers, both in- and outside the EEA (European Economic Area), are also in compliance with the GDPR before any personal data is made available to them.
International data transfers
Our Aircraft Maintenance System provider and its servers are located outside the EEA. The system only holds your name and EASA Part 66 Aircraft Maintenance License number, and no processing of your information takes place by the provider.
Links to other websites
STORING YOUR PERSONAL DATA
We retain your Personal Data for the length of your employment and 3 years from employment end date in accordance with EASA Part 145 Regulations. In some cases, we can be required to retain some records for up to 5 years from end of employment by applicable laws.
We are committed to ensuring that your Personal data is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Electronic personal data is stored on secured servers and accessed from password protected computers in a secure environment.
Hard copy personal data – kept to a minimum – is stored in secure, locked storage in a secure environment.
The information is encrypted wherever possible and we undergo periodic reviews of our security policies and procedures to ensure that our systems are secure and protected. However, the transmission of information via the Internet is not completely secure so we cannot guarantee the security of your information when it is transmitted to our website or from third party websites such as job boards.
CONTROLLING YOUR PERSONAL INFORMATION
The GDPR provides the following rights for individuals:
You have the right to know what personal data of yours is being collected, what it is used for and with whom it is shared.
You also have a right to be notified in case of data breach or loss of data.
You have the right to access/view your personal data and verify the lawfulness of the processing.
The right of access allows you to rectify any wrong or incomplete personal data collected on you.
This right allows you to request your personal data be deleted by data controllers and processors. In some cases, your request can be denied due to applicable laws requiring data retention for X amount of time.
Like the right to erasure, this is not an absolute right and requests for restricted processing can be denied for a number of different reasons.
You have the right to receive a copy of your stored personal data and to use this data as you please.
If you would like a copy of the information held on you please write to email@example.com
You have the right to object to processing of your personal data for the following purposes;
If you are unhappy with the way that we have handled your Personal Information, you can file a complaint with the Information Commissioners Office (ICO) which is the UK authority responsible for data protection. Contact details are available online at https://ico.org.uk/concerns/
You have the right to not be subject to decisions based solely on automated processing, including profiling.
You can find the full General Data Protection Regulation here
Copenhagen Airport South
All amendments require notification of data subjects.