Data Protection Policy updated 15th January 2021
Our Contact Details:
Name: International Airline Academy of Travel Ltd (Controller)
(The International Academy of Training & Training for Success registered trade names of International Airline Academy of Travel Ltd.)
Address: Waterford Airport, Terminal Building, Killowen, Co Waterford, Ireland
Email: [email protected]
Introduction:
This is the privacy notice of International Airline Academy of Travel Ltd. In this document “we”, “our”, or “us” refer to International Airline Academy of Travel Ltd. We are registered in Ireland. Our registered office is at Waterford Airport, Terminal Building, Killowen, Co Waterford.
This is a notice to inform you of our policy regarding the information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“personal information”) and information that could not. In the context of the legislation and this notice, “process” means collect, store, transfer, use or otherwise act on information.
Our policy complies with the Data Protection Act 2018. By visiting the website of the Data Controller, the Data Subject (“visitor”, “you”) accepts the terms of this privacy policy.
We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them.
The law requires us to tell you about your rights and our obligations to you regarding the processing and control of your personal data. We do this now, by requesting that you read the information provided at www.dataprotection.ie
Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.
Accuracy of your personal data:
Please keep us up to date with any changes to your personal data, this allows us to ensure that your personal data is kept accurate and up to date.
Personal information we collect about you:
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics (for example, name, address, email and contact number, IP addresses, Student numbers)
- Payment information: financial information such as bank account or credit card information in order to facilitate the processing of payments
- Any information provided to us on your behalf to allow us to carry out our service to you
- Should you apply to work at IAAOT, we collect personal information from you such as;
- Name
- Contact Details
- CV’s education and employment history
We ask that you do not provide any sensitive personal data (eg gender, height, weight, medical information, religion, philosophical or political beliefs, financial data) in job applications
We ask you to provide only the information that is necessary to submit a query to our website on our services.
We do not collect special categories of personal data about you. Special categories of personal data are as follows:
Racial origins, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data, criminal convictions, or offences
When you visit our website:
We use a third-party server to host our website called Hosting Ireland, the privacy policy of which is available here; https://www.hostingireland.ie/privacy-policy.php
Our website server automatically logs the IP address you use to access our website as well as other information about your visit such as the pages accessed, information requested, the date and time of the request, the source of your access to our website (eg the website or URL link) which referred you to our website), and your browser version and operating system.
Use of website server log information for IT security purposes:
We collect and store server logs to ensure network and IT security and so that the server and website remain uncompromised. This includes analysing log files to help identify and prevent unauthorised access to our network, the distribution of malicious code, denial of services attacks and other cyber-attacks, by detecting unusual or suspicious activity.
Unless we are investigating suspicious or potential criminal activity, we do not make nor do we allow our hosting provider to make, any attempt to identify you from the information collected via our server logs.
Cookies:
Cookies are data files which are sent from a website to a browser to record information about users for various purposes.
We use cookies on our website, including essential, functional, analytical and targeting cookies. For further information on how we use cookies, please see our cookies policy.
You can reject some or all of the cookies we use on or via our website by changing your browser settings or non-essential cookies by using a cookie control tool, but doing so may impair your ability to use our website or some or all of its features. For further information about cookies, including how to change your browser settings, please visit www.allaboutcookies.org or see our cookie policy.
How we get the information and why we have it:
Direct interactions
You may provide us with your personal information when you:
- Fill in the query form on our website
- Use our LMS
- Correspond with us via email, phone or otherwise
- Meet with us on a one-to-one and provide us with your business card, for example.
- Send your cv to us in order to apply for work
Most of the personal information we process is provided to us directly by you, however we also receive personal information indirectly, from the following sources in the following scenarios:
- Facebook, Linkedin, Twitter, google analytics
- From visiting these pages, or interacting with us, you are passing information on to us via the above platforms, these are known as cookies. This type of information is technical data about your computer equipment, browsing actions and preferences.
- We also may have access to your publicly available details from these sources.
- We are required to determine the legal basis for which we process different categories of your personal information, and to notify you of the basis for each category. If we receive information about you from a third party in error and/or we do not have a legal basis for processing that information, we will delete your information.
Most of the personal information we process is provided to us directly by you for one of the following reasons:
Information we process because we have a contractual obligation with you:
In order to carry out our obligations under that contract we must process the information you give us. Some of this information may be personal information.
We may use it in order to:
- Setting up your account as a client with us
- Liaising with you
- provide you with our services
- provide you with suggestions and advice on products, services and how to obtain the most from using our website
- Processing and ensuring payment of invoices
We process this information on the basis there is a contract between us, or that you have requested we use the information before we enter into a legal contract
Additionally, we may aggregate this information in a general way and use it to provide class information, for example to monitor our performance with respect to a particular service we provide. If we use it for this purpose, you as an individual will not be personally identifiable.
We may share this information with third parties in order to process the purchasing transaction of our services. These companies must also adhere to the same data protection legislation. If you would like further information about the identities of our service providers please contact us directly by email.
We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.
Information we process for the purposes of legitimate interests:
We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.
Where we process your information on this basis, we do so after having given careful consideration to:
- whether the same objective could be achieved through other means
- whether processing (or not processing) might cause you harm
- whether you would expect us to process your data, and whether you would consider it reasonable to do so
For example, we may process your data on this basis for the purpose of:
- necessary administration of our business – for example, creating your client account or setting up a student profile
- responding to unsolicited communication from you which we believe you would expect a response
- Where you have enquired about a course and we are following up on the information provided
- Processing payments and invoices
- preparing for a job interview with you
Information we process because we have your consent:
Through certain actions when otherwise there is no contractual relationship between us, such as
- when you browse our website or ask us to provide with more information about our business,
- including job opportunities, our products and services, you provide your consent to us to process
- information that may be personal information
- Wherever possible, we aim to obtain your explicit consent to process this information, for example by asking you to agree to our use of cookies.
- Sometimes you might give your consent implicitly, such as when you send us a message by email to which you would reasonably expect us to reply
- You may also provide consent to have your data used in order to receive information such as our newsletter, if available.
- Except where you have consented to our use of your information for a specific purpose, we do not use your information in any way that would identify you personally.
- We continue to process your information on this basis until you withdraw your consent, or it can be reasonably assumed that your consent no longer exists.
- You may withdraw your consent at any time by instructing us at [email protected]
Information we process because we have a legal obligation:
We may be required to give information to legal authorities if they so request and subject to the correct authorisation
We also may be required to process your data in order to comply with common or statutory law
What we do with the information:
- verify your identity for security purposes
- process financial transaction
- sell products to you
- provide you with our services
- keep our website safe and secure
If there are any regulatory requirements to process your personal data whilst carrying out any of the above, we are obliged to do so.
We may share your personal data with selected business associates, suppliers and contractors to provide you with our services. For example, these business partners may include our web hosting provider and our IT Cloud service providers.
In the event that we buy or sell any business or assets, it may be necessary to disclose personal data to the prospective buyer or seller
How long we hold your information:
We keep your information for no longer than it is required or allowed. For information on the time periods your data is held for please contact us on [email protected]
Data Transfers:
In some circumstances it may be necessary for us to transfer your data outside the European Economic Area (EEA). We will only transfer data to receivers that are in countries approved by the EU Commission, or where there are the appropriate safeguards in place to protect your personal data. For further information on these appropriate safeguards, please email [email protected]
Security:
There are appropriate security measures in place to protect your data in the event of being accidentally lost or accessed without authorisation including;
- Your data is also limited to only the necessary parties that need to process your data for business purposes.
- Using secure servers to store your information
- Verifying the identity of any individual who requests access to information prior to granting them access to information
- Using secure sockets layer (SSL) software to encrypt any payment transactions you make on or via our website;
- Using encryption to secure personal data
- Only transferring your information via closed system or encrypted data transfers*
*transmission of information over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk.
We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.
Your data protection rights:
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information
- Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances
- Your right to object – You have the right to ask us to stop processing your personal data for profiling or direct marketing
- Your right to restriction of processing – You have the right to object to the processing of your personal data in certain circumstances
- Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at [email protected] if you wish to make a request.
How we verify your identity:
Where we possess appropriate information about you on file, we will attempt to verify your identity using that information. If it is not possible to identify you from such information, or if we have insufficient information about you, we may require original or certified copies of certain documentation in order to be able to verify your identity before we are able to provide you with access to your information.
Changes to our Privacy Policy:
Where we make changes to our Privacy Policy, we will update our Privacy Policy with a new effective date stated at the beginning of it. Our processing of your information will be governed by the practices set out in that new version of the Privacy Policy from its effective date onwards.
How to complain:
You can also complain to the Data Protection Commission if you are unhappy with how we have used your data.
The Data Protection Commission address:
21 Fitzwilliam Square South
Dublin 2
D02 RD28
