WHO ARE WE AND HOW YOU CAN CONTACT US
In processing the Personal Data, we responsibly comply to the regulation No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter – GDPR), the Republic of Lithuania Law on the Legal Protection of Personal Data, the Republic of Lithuania Law on Electronic Communications and other directly applicable legal acts regulating the protection of Personal Data, as well as instructions from competent authorities.
WHAT PRINCIPLES DO WE COMPLY TO?
When processing your Personal Data:
- we will comply with current and applicable legislation, including the GDPR;
- we will process your personal data in a lawful, fair and transparent manner;
- we will collect your personal data for specified, clearly defined and legitimate purposes and will not continue to process it in a way incompatible with those purposes, except to the extent permitted by law;
- we will take all reasonable steps to ensure that personal data which are inaccurate or incomplete, having regard to the purposes for which they are processed, are rectified, supplemented, suspended or destroyed without delay;
- we will keep them in such a form that your identity can be established for no longer than is necessary for the purposes for which the personal data are processed;
- we will ensure that your personal data is processed in such a way as to ensure the appropriate security of personal data through appropriate technical or organizational measures, including protection against unauthorized or unlawful processing of personal data and against unintentional loss, destruction or damage. Contact details of our Data Protection Officer: [email protected]
WHAT PERSONAL DATA DO WE PROCESS AND FOR WHAT PURPOSE?
|What kind of categories of Personal Data we process?||Why we process personal data?|
|Your name, surname, email address||For the purpose of creating and administering Aeroclass account, as well as for further communication with you as our client|
|Your name and surname, information about courses taken||For the purpose of issuing certificates proving your courses taken|
|Information relating to you as a purchaser of our services, your use of our services, your purchasing history, your communications with us relating to the provision of the service to you, and any other information you provide to us on our website, our social network accounts or by any other means||For the purpose of being able to ensure a proper service to you, to respond to your questions, send you information about your purchased product, provide you with consultations and information about the services you have purchased and/ or improve the quality of our services.|
|Your email address||For the purpose of direct marketing|
|Information about your use of our website, our social network accounts (such as login information, your IP address, duration and length of your session, search terms that you enter on our site, any information stored in the cookies that we have identified on your device etc.).||For the purpose of performing statistical analysis of the use of our website and services and improving the quality of our services and the website. improving our analytics, services and the website quality.|
We provide you with the ability to pay for the Services through a third-party payment processing service provider. Please note that we do not collect and process your financial information – it does our service provider.
LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
Our use of your Personal Data will always have a lawful basis. Most commonly, we use your Personal Data where:
– we need to conlude any contract and/or perform any contract we have entered into with you (for example, to comply with the Terms and Conditions which you agree with when you create your account on our Website and start using our services and/ or to comply with our contract to provide services to you, your academic institution, your employer, or other organization that may be providing you with access to our services);
– we need to comply with a legal obligation (for example, when performing accounting, archiving, data breach notification processes);
– we have your consent (for example, in cases when you agree to receive our newsletters);
- it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. “Legitimate interest” means our interest to enhance our services, products, to manage the processes of businesses and activities. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. The legitimate interests that we pursue include:
– provision of marketing offers of our similar services or products;
– presentation of our services on social networks, submission of answers to your queries or messages on social networks, analysis of our accessibility on social networks;
– provision of information to your request, responds to your queries;
– establishment, exercise or defence of legal claims;
– analysis, expansion and improvement of our services, customer service quality assurance and compilation of statistics and analysis related with it;
– protection of information related to the provision of our services, improvement, development and maintenance of the security of IT systems.
For direct marketing purposes, we process data in the following cases:
- when we obtain your explicit consent to such processing.
With your expressed consent you agree to receive direct marketing messages and newsletters from us containing the information of our services and products. Your data will be used for direct marketing purposes for 3 years after your consent is obtained or until you withdraw your consent.
- when you are our customer and have not objected to the processing of Personal Data for the purposes of direct marketing, marketing of similar services or products.
If you are our customer who is using our services and have not objected to receive direct marketing communications from us, we will send you information regarding our services that are similar to the services provided or purchased to you. In this case your data will be used for direct marketing purposes for as long as you are our customer or until you refuse such processing.
We consider you to be our customer:
– 3 years after your order or purchase of our product or service.
You can unsubscribe from our newsletters or other promotional messages at any time by clicking on the relevant link in our newsletters or by sending email to [email protected]
HOW LONG WE WILL RETAIN YOUR PERSONAL DATA?
We ensure and take all necessary measures to avoid storing outdated or unnecessary information about you. In order to ensure the accuracy and relevance of your Personal data, we ask you to notify us of any changes in the Personal data you have provided to us.
The main terms of Personal Data retention are as follows (non-exhaustive list):
- We will retain your Personal Data collected for the purposes of concluding the contract and further administration of this relationship for 10 years after the termination of the contract;
- We will use your Personal Data for direct marketing purposes for 3 (three) years after your consent was given or until you are our customer (3 years after your order or purchase of our product or service) or until your refusal to receive newsletters. After expiration of this term, we will keep (archive) your consent and other related information proving the legitimacy of the marketing carried out for another 2 (two) years for the purpose of having evidences;
- We will delete your account on our Website 3 years after it becomes inactive.
HOW DO WE PROTECT YOUR DATA?
We responsibly implement appropriate organisational and technical data security measures intended for the protection of Personal Data against accidental or unlawful destruction, alteration and disclosure as well as against any other unlawful processing. The security measures we implement include the protection of personnel, information, IT infrastructure, internal and public networks as well as office buildings and technical equipment.
In the event of Personal Data breach that could seriously jeopardise your rights or freedoms and determine the circumstances with which unauthorised access to Personal Data has been obtained, we will immediately inform you about it.
TO WHOM YOUR DATA CAN BE DISCLOSED?
We assume the obligation of confidentiality with the highest respect to you. We may disclose Personal Data to third parties only in cases when it is necessary for us to provide you with the service or only when having other legitimate reason. In all cases where we transfer your data to third parties, we only do so having a clear legal basis. In addition, in each such transfer, we assess the amount of Personal Data to be transferred and only transfer the data to the extent necessary for the purpose for which the Personal Data are provided and only in accordance with all Personal Data protection legislation.
- Certain technical data on your visits on the website (IP address, cookies, technical information of your browser, other information related to the browser’s activity and browsing the site) may be transmitted or made available for statistics, analyses and related purposes both for entities operating in the EU and outside the EU (e.g., when we use the Google Analytics service).
- in certain cases, we may transfer your data to Avia Solutions Group  company and/ or it’s affiliates. Such cases could be, for example, the supervision of the group companies performed by Avia Solution Group, the implementation of the standards set by Avia Solution Group and so on;
- to a company that provides a newsletter sending services to us;
- companies providing data centers, hosting, cloud, site administration and related services, software developers, providing, maintaining and developing companies, companies providing information technology infrastructure services, companies providing communication services;
- entities entitled to receive information in accordance with legal requirements (e.g. courts, state and municipal authorities, etc.) only to the extent necessary for the proper performance of the requirements of the legislation in force.
- our professional advisors, auditors, lawyers and/or financial advisers;
- our other service providers (data processors) or our subcontractors.
DATA TRANSFER OUTSIDE THE EUROPEAN ECONOMIC AREA
As a general rule, your Personal Data will be processed in the countries of the European Economic Area (hereinafter – EEA). However, in certain cases, your Personal Data may be transferred to non-EEA countries. Please note that in non-EEA states, Personal Data may be subject to less protection than within the EEA, but we carefully evaluate the conditions under which such data will be processed and stored after being transferred to the above-mentioned entities.
Please note that if the European Commission has determined that the third country, territory or one or more specified sectors in that third country or international organization concerned provides an adequate level of Personal Data protection, the transfer must take place in the same manner as in the EEA. Please be informed that you can have access to the information as to the states in respect of which the decision of the European Commission has been taken, here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
In other cases, we take all necessary measures to ensure that your Personal Data is transferred to the recipient safely processing the data. The tools we use: a contract with a non-European recipient of Personal Data includes specific clauses for the secure processing of the data. In certain cases, we ask for your consent to transfer your data outside the Republic of Lithuania or the EEA.
RIGHTS GUARANTEED TO YOU
We guarantee the implementation of these rights and the provision of any related information at your request or in case of your query:
- know (be informed) about the processing of your Personal Data;
- to get access to your Personal Data which are processed by the Data Controller;
- request correction or addition, adjustment of your inaccurate, incomplete Personal Data;
- require the destruction of Personal Data when they are no longer necessary for the purposes for which they were collected;
- request the destruction of Personal Data if they are processed illegally or when you withdraw your consent to the processing of Personal Data or do not give such consent, when is necessary;
 AVIA SOLUTIONS GROUP PLC, a private limited liability company, established and acting under the laws of the Republic of Cyrpus, registration code HE 380586, registration addres 28 Oktovriou, 1, ENGOMI BUSINESS CENTER BLC E, Flat / Office 111 Egkomi, 2414, Nicosia, Cyprus.
- disagree with the processing of Personal Data or withdraw the previously agreed consent;
- request to provide, if technically possible, the provision of your Personal Data in an easily readable format according to your consent or for the purpose of performing the contract, or request the transfer of data to another data controller.
In order to exercise your rights, please send us an e-mail to: [email protected], send a registered letter or submit the request physically to our office at address Dariaus ir Girėno g. 21A, LT-02189 Vilnius, Lithuania. Upon receipt of your request, we may ask you to provide proof of identity, as well as any additional information required by us for the request, which we undertake to delete after identification.
Upon receipt of your request, we will respond to you within 30 calendar days of receipt of your claim and the due date for submission of all documents necessary to prepare the answer.
By refusing to comply with your requirement, we will clearly indicate the grounds for such refusal. If you disagree with our actions or the response to your request, you can complain to the competent state authority – the State Data Protection Inspectorate (for more information – address L. Sapiegos g. 17, Vilnius, Lithuania, email address [email protected], website www.vdai.lrv.lt). In all cases, we recommend that you contact us before making a formal complaint so that we can find the mutual solution.
WHAT HAPPENS IF OUR BUSINESS CHANGES HANDS?
We may, from time to time, expand or reduce the scope of our business operations and this may involve the sale and/or the transfer of control of all or part of our business. Any Personal Data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this notice, be permitted to use that data only for the same purposes for which it was originally collected by us.
LINKS TO OTHER WEBSITES
Our Website may contain links to other websites, which are not operated by us. We have no control over how your data is collected, stored, or used by such other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
When you visit social networks, your Personal Data is processed by a specific social network, and we start processing your Personal Data when you visit us on our social networks. Through various social media channels, we want to introduce you to our services / products and exchange ideas and opinions with you on important topics.
Our pages on social networks are managed by specific social networks, so when you visit them, the processing of Personal Data is based on the social network privacy policies. With some social networks, depending on the social network policy, the purposes and scope of the processing, we are considered as joint data controllers.
We encourage you to read third-party privacy notices and contact social network administrators directly if you have any questions about how they use your Personal Data:
Our social network accounts are: