IAA Website - Sunday, January 26, 2020 2:08 PM

IAA Privacy Notice

Learn who is responsible for your personal data

This privacy statement ("statement") describes how the Irish Aviation Authority (“IAA”) collects, stores and uses information that identifies individuals ("Personal Information") in connection with its business activities, including via the IAA website (www.iaa.ie). Please take the time to read this statement carefully.

We have published this statement to clearly outline, in a transparent way, how we will collect, use, store, protect and retain your personal information. This statement is an important document because it explains the way that we use your personal information when you interact with us including but not limited with our website. 

Data Controller

For the purposes of data protection laws, the IAA is the data controller or data processor of personal data covered by this statement.

Data Protection Officer

You may contact the IAA’s data protection officer about all issues related to this statement, your personal data and to exercise your rights under data protection laws.

You can contact us via email at dataprotection@iaa.ie or in writing to The Data Protection Officer/Company Secretary, Irish Aviation Authority, The Times Building, 11-12 D'Olier Street, Dublin 2, D02 T449.

Learn about the personal data the IAA collect about you AND WHY WE USE IT

Overview of personal data that we collect

We may collect personal data about you whenever there is contact between you and the IAA such as:

  • Information that you provide by filling in forms either on the website or in paper copy. This includes, but is not limited to;
    • licence applications
    • aircraft registration
    • customer complaints
    • conference centre bookings
    • safety reporting
    • drone registration

 

  • Information that we are required to collect and process for statutory or regulatory reasons e.g. statistics for the Central Statistics Office

 

  • If you contact us by phone, email or post we may keep a record

 

If you are present at IAA controlled sites

We may collect information such as CCTV images or logging information for the purposes of maintaining security in sensitive areas including, but not limited to offices and control towers.

If you are applying for a licence

We may collect details of your licence application for the purposes of processing your application and dealing with licensing matters.

If you are a supplier (or prospective supplier) to the IAA

We may collect, store and use your personal and/or professional contact details for the purpose of contacting and corresponding with you, as well as contact details for any organisation that you represent. We may also collect your personal information through materials you may provide to us in relation to the services you supply to us, as well as your bank account and/or other payment details for the purpose of paying your fees.

If you have a complaint

We may collect your name, address, phone number and details of the nature of your complaint so that we can investigate and respond to you in the most efficient way.

If you sign up for a newsletter or updates

We may collect your name and email address for the purpose of providing you with a newsletter or updates about IAA services.

If you complete a job application

As part of any recruitment process, the IAA collects and processes Personal Information relating to job applicants. We may collect your name, address, personal public service number and contact details, including email address, telephone number, details of your qualifications, skills, experience and employment history, information about your current level of remuneration (including benefit entitlements).

 

If you contact us via a web form

Web forms may be used to submit queries and other communications to the IAA. Details collected by web forms will be retained by the IAA for a reasonable period in accordance with legislation.

If you enquire about meeting room facilities in the IAA Conference Centre

We may collect information such as your name, organisation, telephone number and email address if you make an enquiry about renting conference centre space in our Dublin offices.

If you contact us via twitter or other social media

We may collect your name and contact details for the purposes of contacting you in the future. We are also bound by the terms and conditions of these platforms.

If you contact our AIM/AIS section

We may collect information such as your name, organisation, telephone number, email address, licence details and aircraft registration, if you contact our Aeronautical Information Management/Aeronautical Information Services section e.g. in relation to making a flight plan.

If you exercise rights under the GDPR

We may collect information such as your passport, drivers’ licence, utility bills etc. in order to verify your identity and process such requests.

The Categories of Data we Collect

  • Identification data: including, name, addresses, contact details, date of birth, evidence and verification of identification
  • Employment details: including occupation, employer, employment status, time with employer
  • Special Categories of Data: Health Data, Criminal Record Data, Health and Safety Records

 

 

Learn who we share your personal information with

For the ongoing management of our business operations and in we may share your data with the following recipients;

-        Medical practitioners

-        Security contractors

-        Facilities Management contractors

-        Business Management consultants

-        Auditors

-        Regulatory bodies

-        Insurance companies

-        Legal services

These recipients include third party agents or subcontractors who work on our behalf and provide us with expertise or assistance in such areas as legal, compliance, audit, debt collection, credit agencies, IT or insurance. W

These recipients are limited to parties that we have relationships with in order to operate our business. All recipients will have a Data Processing Agreement with us or GDPR specific clauses within our contract with them, which commits them to their obligations under Data Protection laws and provides the IAA with the assurance that your data is being processed to the highest of standards.

The Legal Basis for Processing your Data

The IAA comply with the EU General Data Protection Regulation and Irish Data Protection Legislation. We only collect, utilise and share your data in strict adherence with these laws and principles. Your data will only be collected, utilised or shared by the IAA if the processing is:

-        undertaken on the basis of your consent;

-        necessary for the performance of (or entering into) a contract;

-        as a result of an existing legal obligation to which we are subject;

-        in your vital interests;

-        in the public interest;

-        IAA’s legitimate interests.

 

Learn how the IAA keeps your personal data secure

We are committed to applying the appropriate technical and organisational security measures to protect your personal information against unlawful or unauthorised use and against accidental loss, damage or destruction. We have strict confidentiality agreements and data processing agreements in place with our third-party providers (including data protection obligations). 

Learn how the IAA use Cookies and other tracking technologies

Our website (www.iaa.ie) does not use cookies apart from temporary "session" cookies which enable a visitor's web browser to remember which pages on the website have already been visited.

Your Data Protection Rights

Individuals have data rights which allow you to address any concerns or queries regarding the processing of your Personal Data.

-        We will respond to your request within 1 (one) month of receipt of your request.

-        All of your rights may be exercised freely and at no cost.

You can exercise your rights by contacting dataprotection@iaa.ie

You have a right to request access to the personal data that we hold about you or to have that information updated if it is incorrect.

In order to request a copy of the personal data that IAA holds about you, please email dataprotection@iaa.ie and include the following information:

  • Your full name (including previous name, if applicable);
  • A brief description of the data that you are requesting, including a date range;
  • Any email addresses (past and present) used to contact IAA; and
  • A copy of current and valid photo ID (e.g. drivers’ licence).

Alternatively, you can fill in a copy of this subject access request form here and submit it to the email address mentioned.

From the date that we receive this information, we will endeavour to process your request in line with the relevant regulations.

Where applicable you have the right to restrict the processing of your personal data, to have your data rectified and keep up to date, the right to have your data erased, the right to data portability and the right to object to processing.

If you have questions in relation to your personal data rights, please contact us via email at dataprotection@iaa.ie or in writing to The Data Protection Officer/Company Secretary, Irish Aviation Authority, The Times Building, 11-12 D'Olier Street, Dublin 2, D02 T449.

 

ENFORCING YOUR DATA PROTECTION RIGHTS

If you feel that the processing of your Personal Data is not in line with IAA’s data protection obligations, you can complain to a Data Protection Supervisory Authority.

 

The Supervisory Authority for the IAA is the Data Protection Commission.

Telephone: +353 (0)761 104 800
Lo Call Number: 1890 252 231
Fax: +353 (0)57 868 4757
Email info@dataprotection.ie
Address Data Protection Commission
Canal House
Station Road
Portarlington 
Co. Laois 
R32 AP23

 

Learn about Changes to the Privacy Policy

Any changes to the Privacy Policy will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use personal data in a manner significantly different from that stated in this Privacy Policy, or otherwise disclosed to you at the time it was collected, we will notify you either on this website or by email.

 

Data Retention

The IAA will retain your data for as long as it is necessary to fulfil the purposes for which it was collected.

However, we may be required by applicable laws and/or regulations to hold your data for longer than this period (e.g. a legal case).

Unless legally obliged to the contrary, the IAA will delete your Personal Data in line with our Data Retention Policy.

 

Where we transmit and store your personal data

Personal Data that we collect may be transferred, stored, and/or processed between and accessed from other jurisdictions throughout the world. Laws in these other jurisdictions may differ from and may not provide an equivalent level of data privacy, security, and protection as the EU/EEA. Where your data is transferred outside the EU/EE, we ensure that there are appropriate safeguards in place, such as EU Commission approved Standard Contractual Clauses.

 

Changes to this Policy

The IAA may change this statement from time to time, in whole or part, at our sole discretion or to fulfil a legal obligation.

We encourage you to check our website to view the most recent version of this statement (www.iaa.ie.)

Revision Date: October 2019

Previous Revision Date: May 2018

 

Important information regarding cookies and the IAA.ie

By using this website, you consent to the use of cookies in accordance with the IAA Cookie Policy. For more information on cookies, see our cookie policy.