Data Privacy Policy for the NICE Aircraft Services & Support GmbH

 

Effective as of May 15, 2018

We take the protection of your personal data very seriously and want you to feel secure with regard to the protection of your personal data. Of course, we comply with the applicable national and European data protection laws and regulations. Personal data within the meaning of this Policy are any information that may be related to you.
We want you to know when we collect which personal data and how we use it. We have taken technical and organizational measures to ensure that the data protection regulations are observed both by us and by external service providers.
The following Data Privacy Policy will give you an overview of the processing of your personal data by us and your rights under data protection law.

1. Who is responsible for data processing and to whom can I contact?

(1) The controller within the meaning of Article 4 number 7 of the General Data Protection Regulation (hereinafter "GDPR") and the service provider within the meaning of § 13 of the German Telemedia Act (hereinafter "TMG") is:

NICE Aircraft Services & Support GmbH
Cargo City Süd, Building 640
60549 Frankfurt am Main

(2) The data protection officer of the controller can be reached at:

NICE Aircraft Services & Support GmbH
Data Protection Officer
Cargo City Süd, Building 640
60549 Frankfurt am Main

E-mail: datenschutz@nice-services.aero

2. Which sources of personal data do we use?

We will process personal data that we receive from you when you visit our website, when you contact us by email, or when you complete our contact form.

3. Which categories of personal data are processed?

(1) If you visit or use our website for information purposes only, i.e., if you do not register or otherwise transmit information to us, we will only collect personal data that are transmitted to our server by your browser. If you wish to view our website, we will collect the following data, which we need for technical reasons to show our website to you and to ensure stability and security:

  • your IP address
  • the date, time, and duration of your visit
  • the content requested (specific page),
  • the access status/http-status code,
  • the data volume transmitted,
  • the website from which the request is received,
  • your browser, and
  • your operating system.

Those data will be used exclusively for internal statistical purposes.

(2) In addition to the aforementioned data, cookies will be stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive by your browser and that transmit certain information to the party that has placed the cookie. Cookies can execute no programs or transmit any viruses to your computer. Their purpose is to make the website as a whole more user-friendly and effective.

(3) We use cookies to be able to recognize you the next time you visit our website, if you have created an account with us. Otherwise you will have to log in for each new visit.

(4) Most browsers are configured by default to accept cookies. However, you can block cookies in your browser at any time or select settings in your browser to receive a notification as soon as a cookie is transmitted. Please note, however, that if you do so, you may not be able to use all functions of this website.

(5) This stored information will be stored separately from any additional data you may have provided to us. In particular, data from cookies will not be linked to any other of your data.

4. What happens when you use other functions and services of our website?

(1) In addition to purely informational use of our website we offer various services that you may use if you are interested. To use those services, you will generally have to provide additional personal data, which we will then use to provide the service you have selected.

(2) If you contact us by email, the data you have provided (your email address and, if applicable, your name and telephone number) will be stored by us in order to answer your questions. Data we receive in this connection will be erased as soon as their storage is no longer necessary, or, if we are subject to legal recordkeeping obligations, we will restrict the processing of such data.

5. Who receives my data?

(1) For some of the aforementioned processes and services we have carefully selected third-party service providers in conformity with applicable data protection law. Such third-party service providers are bound by our instructions and are audited by us on a regular basis. They will transfer no data to third parties.

(2) In terms of transferring data to other recipients, we will transfer information about you only if we are required to do so by law, if you have consented, or if we otherwise have the right to transfer your data.

6. For which purposes, do we process your data and on which legal bases?

We will process your personal data in compliance with applicable data protection laws. Data processing is lawful if the following conditions are satisfied:

Consent (Article 6 paragraph 1a) of the GDPR: Processing of your personal data is lawful if you have consented to processing for specific purposes (e.g., processing  of your inquiry, use of data for marketing purposes). Your consent may be revoked at any time with effect for the future. This also applies to the evocation of consents you gave us before the GDPR took effect, i.e., prior to May 25, 2018

Legal requirements (Article 6 paragraph 1c) of the GDPR:
NICE Aircraft Services & Support GmbH is subject to various legal obligations, including the following:
- recordkeeping obligations under the German Commercial Code (HGB) and the German Tax Code (AO)
- audit and reporting obligations under tax law.

Legitimate interests (Article 6 paragraph 1f) of the GDPR:
To the extent necessary, we will process your data beyond the actual performance of the agreement with you to protect our rightful interests or those of third parties. For example, we may process your data:
- to assert legal claims or defend legal actions,
- to guarantee IT security and IT operation,
- to analyze and improve use of our website.

7. Is there any intention to transfer the personal data to a third country or an international organization?

Personal data will be actively transmitted to third countries only if this is expressly disclosed in connection with the aforementioned services.

8. How long will my personal data be stored and according to which criteria will the duration be determined?

(1) Data will be stored in compliance with applicable data processing laws and in conformity with legal recordkeeping obligations. We will process and use data only for the purposes to which we are entitled, and we will store data for as long as they are needed for those purposes.

(2) If and when data are no longer needed for their purpose or for compliance with legal obligations, they will generally be erased unless continued processing of such data – for a limited time period and, where applicable, on a restricted basis – is necessary for any of the following purposes:
- Compliance with recordkeeping obligations under commercial or tax law: noteworthy are the German Commercial Code (HGB) and the German Tax Code (AO). These statutes provide for recordkeeping and/or documentation periods of up to 10 years.
- Preservation of evidence in connection with statute of limitations provisions: under §§ 195 et seq. of the German Civil Code (BGB) the standard limitation period is three years, but may be up to 30 years under special circumstances.

9. Which data privacy rights do you have?

(1) Every data subject has a right to information under Article 15 of the GDPR, a right to rectification under Article 16 of the GDPR, a right to erasure under Article 17 of the GDPR, a right to restricted data processing under Article 18 of the GDPR, a right of revocation under Article 21 of the GDPR, and a right to data portability under Article 20 of the GDPR. The right to information and the right to erasure are subject to the limitations of §§ 34 and 35 of the Federal Data Protection Act (BDSG). In addition, every data subject has a right to lodge a complaint with a competent data protection regulatory authority (Article 77 of the GDPR in conjunction with § 19 of the Federal Data Protection Act (BDSG)).

(2) Your consent to the processing of personal data by us may be revoked at any time with effect for the future, as if the case for consents that were given to us before the General Data Protection Regulation took effect, i.e., prior to May 25, 2018.

(3) You have a right to object at any time to the processing of your personal data based on Article 6 paragraph 1 e) of the GDPR (data processing in the public interest) or Article 6 paragraph 1 f) of the GDPR (data processing on the basis of a legitimate interest) if the reasons for the objection involve special personal circumstances.
If you object, we will no longer process your personal data unless we can show that there are compelling, protected reasons for processing your data that outweigh your interests, rights, and freedoms, and unless your data are processed to assert, exercise, or defend legal rights or claims.
Objections may be made informally and, if possible, should be addressed as follows:

NICE Aircraft Services & Support GmbH
Data Protection Officer
Cargo City Süd, Building 640
60549 Frankfurt am Main

E-mail: datenschutz@nice-services.aero

10. Is there an obligation to provide personal data and what are the consequences of not providing it?

In connection with using our services you must make available personal data which are necessary for achieving the purpose for which they are collected or which we are required to collect by law. Without those data, we will generally be unable to enter into or perform a contract with you or to provide the desired services.

11. Data security

We have taken technical and organizational security measures to protect your personal data from loss, destruction, manipulation and unauthorized access. All our employees and all third parties involved on data processing are obliged to handle personal data confidentially in accordance with the GDPR. In case of the collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are continuously revised in line with technological developments.

12. Protection of minors

Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children and young people, do not collect them and do not pass them on to third parties.

13. Automated decision-making process, including profiling

We generally use no fully automated decision-making process within the meaning of Article 22 of the GDPR to enter into or maintain a business relationship with you. Should we use such a process in a particular case, we will notify you by separate notice if required by law.

14. Can this Data Privacy Policy change?

We continuously develop and optimize our services and make technical changes as necessary. For this reason, we expressly point out that our that our Data Privacy Policy is only applicable in the version valid at the time of your visit.