Personal Data Protection Policy
The General Data Protection Regulation EU 2016/679 (GDPR) entered into force and is applicable from May 25, 2018, and enhances the protection of personal data throughout the European Union. SUPERIOR AIR SA, respecting your personal data, informs you about the ways it protects the confidentiality of your communications, collects, processes, uses and stores your personal data as well as about how you may contact us in case you have objections regarding the process of your Data and, in general, regarding the exercise of your rights.
Our company reserves the right to amend and adjust this policy when deemed necessary; you may be informed on any changes by reading the revised version on our website www.superior-airacademy.gr
1. COLLECTION AND USE OF PERSONAL DATA
1.1. Data controller
The personal data presented on or collected by the Website are managed by the Company, therefore, the Company is the controller of the personal data of the Website Visitor’s, as indicated in the GDPR.
1.3. Purposes of personal data processing
The Company processes the personal data of Visitors for the following purposes:
• to provide Visitors with our services that are accessible on the Website (e.g., by providing access to website functions, e.g., browsing, submitting queries/requests and subscribing to newsletters).
• to ensure the functionality of the Website, to improve it, to offer better and adapted services to Visitors;
• to measure, evaluate and improve the functioning of the Website;
• convenient, efficient and functioning of the Website that meets the needs of the Visitor;
• to ensure smooth administration of the Website;
• submission of responses to Visitors’ queries or requests in a timely and proper manner;
• developing and delivering new products or services;
• in case of the Visitor’s consent, the provision of relevant information and interesting offers;
• to contact the Visitor concerning any information and/or request provided;
• to perform statistical and other analysis by continuously improving the content of the Website and services provided by the Company;
• other purposes that are disclosed to Visitors when such personal data is submitted by the Visitor.
1.4. Basis for personal data processing
The Company processes personal data of Visitors as it is required for:
• the implementation of the Company’s legitimate interests (e.g., to administrate and manage the Website, to provide services and etc.);
• fulfillment of obligations when such are determined by the applicable laws.
Visitor consent as a legal basis is used for direct marketing or third parties access to personal data. Visitors may revoke their consent to process their personal data at any time. If the Company does not have other legal basis for the processing of personal data, the Company will terminate processing of such personal data and destroy the data, unless the laws establish the obligation for the Company to retain such personal data.
1.5. The Visitors’ personal data collected on the Website
The Company processes the Visitors’ personal data which is received from the Visitors submitting such data to the Website and using the Website and the services and functions provided by it.
In addition to the following cases, the Company processes the personal data of Visitors when:
• Visitors submit a request using the Website (e.g., name, surname, phone number, e-mail address);
• Visitors subscribe to newsletters (e.g., name, e-mail address);
• Visitors purchase the services (e.g., name, surname, phone number, e-mail address, address, VAT number / IRS tax office / passport number).
When Visitors use the Website, the Company collects and processes the technical data of the Website’s Visitors by using cookies.
Each time the Visitor visits the Website, the Company collects and processes the following technical personal data:
• IP address of the Visitor’s device;
• date and time of login to the Website;
• name and URL of the web page from which the Visitor connects to the Website;
• data of the operating system of the Visitor’s device;
• information of the Visitor’s internet provider;
• geographic data, language settings of the Visitor;
• other related technical information may also be collected.
These technical data are collected automatically, without any additional actions of the Visitor.
Our Company’s website uses “cookies”, so as each time that the users connect themselves to the webpage, the latter to retrieve via them information and offer to the users services relevant to them. The installation of “cookies” from our end is permitted only upon the users’ consent and following his appropriate briefing.
1.6. Storage of personal data
Your personal data are stored in order to fulfill the purposes that are set with this Policy and, if you so request, we may erase all stored data (unless if law requires their keeping for a longer period).
Additionally, our Company may store personal data after the accomplishment of the collection and processing purposes, in order to use them: before tax and social insurance authorities, control authorities and any other public Authority or competent Court, until the expiration of the provided by law limitation period per case or for the time period that we deem necessary in order to advocate our rights and lawful interests.
Following expiration of the storage period, your personal data will be destroyed/ erased from our files and system, in compliance with our Company’s policy, always under the condition that their storage is no longer necessary for the completion of the mentioned purposes.
1.7. Transfer of personal data to third parties
1.8. Processing of the personal data of minors
The processing of personal data of minors on the basis of consent for the provision of information society services is lawful if the minor is at least 16 years of age. If such a minor is less than 16 years of age, such processing is legal only if the consent was given or processing was allowed by the minor’s parents or carers, and therefore:
• if you are under 18 years of age but already have 16 years of age, using the services available on our Website, you confirm that you have the consent of your parents, guardians for disclosure of your personal information to the Company;
• if you are under the age of 16 years, you can use the Services and content available on our Website only with the consent of your parents, carers, to the Company.
2. DIRECT MARKETING
The Company processes personal data of Visitors for direct marketing purposes in the following cases:
• when it receives a clear permission from the Visitor for such processing (the basis of the processing is the Visitor’s consent);
• where the Visitor is a client of the Company, without expressing the objection of processing personal data for the purposes of direct marketing, marketing of similar services or products (the basis for processing is the legitimate interest of the Company in informing its customers about the services and products offered).
For the purpose of direct marketing, we process the following data of our Visitors: name, email address, phone number.
By the Visitor consenting to receive direct marketing communications or subscription to newsletters, you agree to receive the following notices:
Your personal data can be used for direct marketing purposes in the following ways:
• by e-mail you can receive a newsletter with the Company’s offers, promotions and news;
• you can receive invitations to events, offers and similar information by e-mail;
We inform you that Visitors may at any time refuse our newsletters or other promotional messages by clicking on a link to it in our outgoing newsletters.
3. RIGHTS OF WEBSITE VISITORS
Visitors are given certain rights related to the protection of their personal data. These rights are:
• to know (be informed) about the processing of your personal data;
• to know your personal data which is processed by the Company;
• to request correction or addition, adjustment of your inaccurate, incomplete personal data;
• to require the destruction of personal data when they are no longer necessary for the purposes for which they were collected;
• to request the destruction of personal data if they are processed illegally or when you withdraw your consent to the processing of personal data or do not give such consent, when is necessary;
• to disagree with the processing of personal data or withdraw the previously agreed consent;
• to request to provide, if technically possible, the provision of your personal data in an easily readable format according to your consent or for the purpose of performing the contract, or request the transfer of data to another data controller.
By refusing to comply with your requirement, we will clearly indicate the grounds for such refusal.
4. DATA PROTECTION
The Company, by implementing technical and organizational measures, protects Personal data of Visitors from loss, misuse, unauthorized access, disclosure or modification.
The Company recommends that the Visitors comply with the following minimum safeguards for personal data protection:
• do not visit suspicious websites;
• do not open links of uncertain origins;
• update their software;
• independently take care of using antivirus protection.
Unfortunately, the transmission of any information on the Internet is not completely secure. Although the Company makes efforts to protect the Visitor’s personal data, it is not possible to ensure the full security of personal data when Visitors provide the data on the Website, therefore, Visitors must assume the risks associated with the transfer of personal data to the Website.
In the event of breach on personal data security that may cause a serious threat to the rights or freedoms of the Visitors and after determination of the circumstances under which unauthorized access to personal data has been obtained, the Company will immediately inform the Visitor.
5. GENERAL PROVISIONS