Privacy Policy


ACC AVIATION LTD & ITS SUBSIDIARIES & AFFILLIATES

 

PRIVACY POLICY

 

Data and the protection of data are at the centre of everything we do. As such, our business is built on security, compliance, and accountability, enabling us to protect individuals and businesses most valuable assets. We are committed to delivering products and services that are secure and compliant with requirements, including the EU’s General Data Protection Regulation (GDPR) which becomes enforceable on 25 May 2018.

This Privacy Policy sets out details of the information that we may collect from you and how we may use that information. This Privacy Policy should be read alongside, and in addition to, ACC’s Cookie Policy. Please read this Privacy Policy carefully.

  1. About Us

1.1 In this Privacy Policy, references to “we” or “us” are New ACC (2014) Limited and its subsidiaries and branches, including but not limited to ACC Aviation limited and Air Charter Connections Italy SARL, ACC is a company incorporated in England and Wales (whose Head Office is at Priory 18 Castlefield Road, Reigate, Surrey RH2 0AP, United Kingdom) who will be the ‘Controller’ of any personal data processed as described in this Privacy Policy.

1.2 If you have any questions about your personal information, please click contact us using the details on our website, or email us directly at DC@ACCaviation.com.

  1. This Privacy Policy applies to
    This Privacy Policy applies to the personal data of our Website Users, our Blog or on our branded pages on social media services or other sites, existing Clients, Suppliers, prospective employees and other people whom we may contact in order to provide our services, we offer in the United Kingdom, the European Union, USA or any other country or territory worldwide.
  2. Collection of Information

3.1 When you access the Website via any means, register or send a request, respond to or participate in any survey or questionnaire sent to you by us, provide comments,  purchase our services or contact us from anywhere worldwide using any media, we may collect, store, use and share certain personally identifiable information in line with this policy.

3.2 To register or make an enquiry on the Website or by any other media, we will ask for your name and email address. As part of your profile you may also provide your location and other information that will help us to tailor the service to suit you. We may also ask you about your gender and employment history or qualifications in order to understand more about you (responding to these questions will always be optional. When you make a purchase by Credit Card, we and/or our payment services provider will also collect and process your credit card or other payment details and necessary proof of Identity. If you contact us, we may also keep a record of that correspondence.

3.3 We may also collect data relating to your visits to the Website that cannot identify you but records your use of our Website, for example, details of how long you have used the Website for.

3.4 We may also collect your computer’s IP address in order to help us tailor the service to your location.

3.5 If you elect to verify your identity through our Website, we will receive and process and store your personal information and identity documentation for this purpose.

3.6 Finally, we may receive information about you from third parties (such as credit reference agencies) who are legally entitled to disclose that information.

 

  1. Use of Your Information

4.1 By accessing our Website via any means, registering or send a request, providing comments, or purchasing a service, you agree that your personal information may be collected, stored, used and shared by us and our partners or third parties we work with, for any of the following purposes:

  1. to fulfil any contractual agreements between you and us;
  2. to provide, maintain, protect and improve the quality of the Website, including by conducting anonymised market research, and to protect us and our users;
  3. to provide you with a personalised browsing experience when using the Website;
  4. to send you details of our other products and services which we think may interest you, unless you opt out as described at paragraph 9.1.3 below. You can control your email preferences on the settings page accessed through any email which we have sent you;
  5. to tailor our advertising on social media to your use of the Website;
  6. to allow you to use the full range of features on or via our Website;
  7. to comply with legal and regulatory requirements;
  8. to contact you occasionally in order to invite you to share your opinions and experiences of ACC; and
  9. in order to provide third party goods or services available through our Website.

4.2 We may use your email address to send you updates about our Services. You can control your email preferences on the settings page accessed through any email which we have sent you.

  1. Storage of Information/Data Security

5.1 ACC use secure hosting at Tier 1 data centres in the UK, which consist of redundant networking connections with high levels of both digital and physical security and deploy leading EU based Cloud Software as a Services (SaaS) to support our Enterprise Resource Planning (ERP) systems.

Our servers are backed up nightly to an offsite location to ensure that if anything were to happen – to the server or the premises – the data would remain completely secure. Each server we provide is fully supported by us at ACC, alongside the dedicated support team at our data centre, ensuring that we provide the best uptime and the quickest response possible.

All servers are monitored 24/7, alerting key personnel within the company should a data breach occur. This allows us to easily notify users should anything happen to the server.

ACC ensure that the servers and their applications and security packages, are fully up to date at all times, to provide the best possible security and performance to our Clients. In addition to this, we operate our own dedicated Firewall that sits in front of the server to help protect against DDoS and other attacks.

In addition we have deployed a DDoS mitigation software platform, which provides always-on Layer 3/4 DDoS mitigation to ensure the availability of our network when under attack. Each DDoS mitigation centre in our network is based on a Juniper MX480 routing platform and Arbor TMS mitigation platform, for high capacity packet filtering. This software is managed 24/7 by ACC and third-party cybersecurity teams at our Tier1 data centres.

5.2 We (or third parties acting on our behalf) may also store or process information that we collect about you in countries outside the European Economic Area, which may have lower standards of data protection. We have put in place technical and organisational security measures, including 2 factor authentication access, to prevent the loss or unauthorised access of your personal information. However, whilst we have used our best efforts to ensure the security of your data, please be aware that we cannot guarantee the security of information transmitted over the Internet.

  1. Legal Basis for Processing Your Information

6.1 Our legal basis for collecting and using the personal information described above will be Legitimate Interests.  Article 6(1)(f) of the GDPR is the one that is relevant here – it says that we can process your data where it “is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of you which require protection of personal data.”

 

6.2 However, we will normally collect personal information from you only (i) where the processing is in our legitimate interests and not overridden by your rights, (ii) where we need the personal information to perform a contract with you, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect personal information from you.

6.3 If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as the possible consequences if you do not provide your information); this will include providing airline travel services to you when travelling on or working as passengers or crew members on Chartered or Leased flights; this may necessitate transferring personal information overseas. This may necessarily be to counties and territories around the world and ACC are required to ensure that when we need to do this we comply with the DPA.

6.4 In certain of the jurisdictions in which we operate, a different legal basis for data processing, Consent, will be applied and if we collect and use your sensitive personal data, such as medical and dietary information your specific consent will always be requested at the relevant time.

 

We don’t think that any of our activities prejudice individuals in any way – in fact, they help us to offer you a more tailored, efficient service.  However, you do have the right to object to us processing your personal data on this basis.

 

  1. Disclosure of Your Information
    We may disclose your personal information to third parties when permitted by law including:

a. With your consent;
b. to our suppliers in order for them to help us provide our services to you, this includes:

c. if we sell or buy any business or assets, in which case we may disclose your information to the prospective seller or buyer of such business or assets, provided that they continue to use your information substantially in accordance with the terms of this Privacy Policy;
d. if all, or substantially all of our assets, are acquired by a third party provided that they continue to use your information substantially in accordance with the terms of this Privacy Policy, in which case information held by us will be one of the transferred assets; and
e. if we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our DPA Policy and other agreements; or to protect our rights, property, or safety, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

  1. Data Retention

8.1 We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

8.2 When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

  1. Your Rights
    9.1 You have the following data protection rights:
  1. Children

We strongly believe in protecting the privacy of children. In line with this belief, we do not knowingly collect or maintain personal information from persons under 13 years of age, and no part of the Website is directed to persons under 13 years of age. If you are under 13 years of age, then please do not use or access the Website at any time or in any manner. We will take appropriate steps to delete any personal information of persons less than 13 years of age.

  1. Updating this Privacy Policy

We may update or amend this Privacy Policy from time to time, to comply with law or to meet our changing business requirements. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. Any updates or amendments will be posted on the Website. By continuing to access the Website your access and use will be subject to these updates and amendments.

  1. Contacting ACC

If you have any questions, comments or complaints about this Privacy Policy, please contact our Privacy Officer at DC@ACCaviation.com or via our website ACCaviation.com.

Make an Enquiry

* indicates required fields.

*

*

*