EN

Privacy Policy

skyguide Privacy Policy Effective as of November 1st, 2018 By accessing the information and services made available by skyguide (Swiss limited company for civil and military air navigation services, Route de Pré-Bois 15-17, PO Box 796, 1215 Geneva 15, hereinafter ‘skyguide’) on its Internet site (hereinafter ‘website’) you accept the following rules. If you do not accept the conditions listed in this document, do not make use of the skyguide services proposed on our website and leave our website.

 

1. SCOPE AND CONSENT

This Privacy Policy describes our collection, use, disclosure, retention and protection of your Personal Data. It applies to any skyguide site, and to any skyguide application, service, or tool (collectively”Services”) offered by skyguide, regardless of how you access or use them, including through mobile devices. This Policy is based on the requirements of European General Data Protection Regulation(Regulation (EU) 2016/679 or “GDPR”) and the Swiss Data Protection law.

By using our Services, offering your Services and/or registering for an account with us, you are accepting the terms of this Privacy Policy and you are consenting to our collection, use, disclosure, retention and protection of your Personal Data as described in this Privacy Policy. If you do not provide the information we require, we may not be able to provide all or part of our Services to you.

Unless expressly specified otherwise, skyguide is your data controller, and is responsible for the collection, use, disclosure, retention and protection of your Personal Data in accordance with our global privacy standards as well as any applicable laws. We may process and retain your Personal Data on our servers in Europe and elsewhere in the world where our data centres or service providers (including clouds) are located. In any case we implement appropriate measures (technical and/or contractual) to ensure the data privacy level at all our data centres or with all our service provider.

 

 

1.1 PERSONAL DATA

“Personal Data” is data or information that can be associated with a specific person and could be used to identify that specific person whether from that data or from that data and other information that skyguide has or is likely to have access to. We do not consider Personal Data to include information that has been made anonymous or aggregated so that it can no longer be used to identify a specific person, whether in combination with other information or otherwise.

 

2. COLLECTION

We may collect, process and retain the below described Personal Data from you and any devices (including mobile devices), in the following situations:

– Providing a service to skyguide (Service Agreement / Purchase Order)

– Using E-recruiting service- Registration to an event

– Using Skybriefing service- Announcing your special flight to skyguide’s Special Flight Office

– Visiting our Website- Subscribing to our Newsletter- Contacting skyguide services through the contact form available on the website

– Any other service where this Privacy Policy is referenced

 

2.1 PROVIDING A SERVICE TO SKYGUIDE (SERVICE AGREEMENT / PURCHASE ORDER)

The Personal Data we collect may include the following pieces of information:

– Name

– Sex/gender

– Position

– Company

– Contact details

– Extra information that you choose to tell us

 

2.1.1 WE COLLECT CANDIDATE PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us

 

PERSONAL DATA YOU GIVE US

– In any written or oral form

 

2.2 E-RECRUITING

Depending on the job position you are applying for, the Personal Data we collect may include the following pieces of information:

– Name (first name and last name)

– Age

– Sex/gender

– Marital status

– Nationality/citizenship/place of birth

– Work permit

– Profile picture

– Contact details (Address, ZIP, City, State, Country, Phone, Mobile, Email)

– Education details, institutes and schools attended

– Result notes of the last diploma

– Employment history, company names and titles

– Languages

– Medical information (resulting from health questionnaire and eye test)

– Referee details

– Social security number (or equivalent in your country) and any other tax-related information

– Details about your current remuneration, pension and benefits arrangements

– Information on your interests and needs regarding future employment, both collected directly and inferred (e.g. from jobs viewed or articles read on our website)

– Extra information that you choose to tell us (e.g. in the cover letter or in the documents and CV attached to the application)

– Extra information that your referral contact chooses to tell us about you

– Assessments and tests results (e.g. First European Air Traffic Controller Selection Test (FEAST);Insight)

– Audit logs (including but not limited to IP address)

 

2.2.1 WE COLLECT CANDIDATE PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us

– Personal Data we collect automatically

– Personal Data we collect using cookies, web beacons and similar technologies

– Personal Data from other sources

 

PERSONAL DATA YOU GIVE US

– Entering your Personal Data on our recruiting websites (application form)

– Leaving a hard copy CV at a recruitment event, job fair or in one of our offices

– Mailing your CV to skyguide (or given/forwarded to one of our employees who recommended you)

– Applying for jobs through a job aggregator

– Filling forms attached to your application- Participating in a campaign on social media channels such as Facebook or Twitter

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device’s settings’ menu

– Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information

 

PERSONAL DATA WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES

– We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content. For more information about our use of these technologies and how to control them, see our policy on Cookies, Web Beacons and Similar Technologies

 

PERSONAL DATA FROM OTHER SOURCES

– From third party researcher (e.g. Eurocontrol for FEAST results, Insight for Insight test results),recruiting agencies and by analysing online and offline media

– From our employees to the extent that they provide us with your details to act as a referral

– If you give us Personal Data about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their Personal Data according to our Privacy Policy

 

2.3 EVENTS

The Personal Data we collect may include the following pieces of information:

– Name (first name and last name)

– Date of birth

– Address

– Email address

– Phone

– Language

– Audit logs (including but not limited to IP address)

For job information sessions, we collect the following additional pieces of information:

– Place of residence

– Education level

– Nationality

 

2.3.1 WE COLLECT PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us via the application form

– Extra information that you choose to tell us, by mail or electronic mean or during the information session

– Personal Data we collect automatically

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Audit logs, including but not limited to computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, and our web server log information

 

2.4 SKYBRIEFING

The Personal Data we collect may include the following pieces of information:

– Name (first name and last name)

– Sex/gender

– Position

– Company

– Contact details (Address, ZIP, City, State, Country, Phone, Mobile, Email)- Audit logs (e.g. IP address, the dates, times and frequency with which you access our website)

 

2.4.1 WE COLLECT CUSTOMER PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us- Personal Data we collect automatically

– Personal Data we collect using cookies, web beacons and similar technologies

– Personal Data from other sources

 

PERSONAL DATA YOU GIVE US

– Filling out web forms- Information you give us in meetings and personal conversations, including phone recording

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Audit logs, including but not limited to computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, and our web server log information

 

PERSONAL DATA WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES

– We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content

– All information that we collect using these technologies is anonymous

 

PERSONAL DATA FROM OTHER SOURCES

– We may occasionally use XING/Amiando for subscription for event tickets

 

2.5 SPECIAL FLIGHT OFFICE

The Personal Data we collect may include the following pieces of information:

– Name (first name and last name)

– Company

– Contact details including email address

– Activity information

– Extra information that you choose to tell us

– Audit logs (including but not limited to IP address)

 

2.5.1 WE COLLECT VISITOR PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us- Personal Data we collect automatically

 

PERSONAL DATA YOU GIVE US

– Filling out web forms

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Audit logs, including but not limited to computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, and our web server log information

 

2.6 WEBSITE VISITOR DATA

The Personal Data we collect may include the following pieces of information:

– Name (first name and last name; collected only when using a registration form)

– Sex/gender

– Estimated geo-location

– Company

– Contact details including email address (collected only when using a registration form)

– Extra information that you choose to tell us

– The dates, times, duration and frequency with which you access our websites and the pages you visit

– The technology and channel through which you access our website

– Audit logs (including but not limited to IP address)

 

2.6.1 WE COLLECT VISITOR PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us- Personal Data we collect automatically

– Personal Data we collect using cookies (Google Analytics, Facebook Pixel, Google Optimize, Google Tag Manager functionalities, AppNexus pixel), web beacons and similar technologies

– Personal Data from other sources

 

PERSONAL DATA YOU GIVE US- Filling out web forms

– Participating in a campaign on social media channels such as Facebook or Twitter

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Geo-location information, including location information from your mobile device. Keep in mind that most mobile devices allow you to control or disable the use of location services by any application on your mobile device in the device’s settings’ menu

– Computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, your browsing history and your web log information

 

PERSONAL DATA WE COLLECT USING COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGIES

– We use cookies, web beacons, unique identifiers and similar technologies to collect information about the pages you view, the links you click and other actions you take on our Services, within our advertising or e-mail content

– All information that we collect using these technologies is anonymous

 

PERSONAL DATA FROM OTHER SOURCES

– If you give us Personal Data about someone else, you must do so only with their explicit and prior consent. You have to inform them how we collect, use, disclose and retain their Personal Data according to our Privacy Policy

 

2.7 NEWSLETTER

The Personal Data we collect may include the following pieces of information:

– Name (first name and last name)

– Email address

– Language

– Audit logs (including but not limited to IP address)

 

2.7.1 WE COLLECT VISITOR PERSONAL DATA IN THE FOLLOWING WAY:

– Personal Data you give us via the application form- Personal Data we collect automatically

 

PERSONAL DATA WE COLLECT AUTOMATICALLY

– Audit logs, including but not limited to computer and connection information such as statistics on your page views, traffic to and from the sites, referral URL, ad data, your IP address, and our web server log information

 

3. USE

We collect and process your Personal Data for the purposes and on the legal bases identified in the following:

 

3.1 SERVICE TO SKYGUIDE (SERVICE AGREEMENT / PURCHASE ORDER)

We use Personal Data we collect for:

– Supplier management activities

– Conduct of the work / project

– Analysis of suitability of the person for the execution of the foreseen activities and duties

– Performing statistics

 

3.2 E-RECRUITING

We use Personal Data we collect for:

– Recruiting Activities- Marketing Activities

– Performing statistics

 

3.3 EVENTS

We use Personal Data we collect for:

– Organising the event

– Marketing and recruitment activities

– Performing statistics

 

3.4 SKYBRIEFING

We use Personal Data we collect for:

– Providing and improving our Services

– Marketing Activities

– Performing statistics

 

3.5 SPECIAL FLIGHT OFFICE

We use Personal Data we collect for:

– Coordination and approval of special aerial activities

– Ensuring safe air navigation services

– Performing statistics

 

3.6 WEBSITE

We use Personal Data we collect for:

– Providing, improving and personalizing our Website:

– Offering you site content that includes items and services that you may like

– Customizing, measuring and improving our Services

– Providing other services requested by you as described when we collect the information

– We may use geo-location information to provide you with location based services (such asadvertising, search results and other personalized content)

– Marketing Activities- Performing statistics

 

3.7 NEWSLETTER

We use Personal Data we collect for:

– Sending the Newsletter

– Marketing Activities

– Performing statistics

 

3.8 PREVENT, DETECT, MITIGATE AND INVESTIGATE FRAUDULENT OR ILLEGAL ACTIVITIES

– Prevent, detect, mitigate and investigate fraud, security anomalies and unauthorized access, potentially prohibited or illegal activities

– Enforce our Privacy Policy and other policies

 

4. DATA RETENTION

We may retain your Personal Data for a period of time consistent with the original purpose of collection(see Section 3 “USE”). We determine the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of your Personal Data processed, the potential risk of harm fromun authorized use or disclosure of your Personal Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).

In addition, we may retain Personal Data from closed accounts to comply with national laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation,enforce our User Agreement and take other actions permitted or required by applicable laws.

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.

You may at any time request a deletion of your Personal Data (see Section 9 “YOUR RIGHTS RELATING TO YOUR PERSONAL DATA / QUESTIONS AND COMPLAINTS”).

Please take note of the following information regarding particular databases:

 

4.1 E-RECRUITING

The personal data of the candidate will be saved up to one year from your last profile update. Afterwards,the personal data of the candidate will get deleted automatically (except audit logs).In case of performing tests by an external provider (e.g. Eurocontrol), the later one may save its own Personal Data for a longer period.

 

4.2 SKYBRIEFING

The Personal Data of the customer will be saved up to 24 months after the end of the service (except audit logs).

 

4.3 SPECIAL FLIGHT OFFICE

The personal data of the customer (except audit logs) will be saved up to 24 months after the special flight event took place. However, saving the Personal Data of the applicant for a longer time is possible for safety reasons.

 

4.4 AUDIT LOGS

Audit logs (or audit trail) is a security-relevant chronological record (event log) or set of records (event logs) that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, system, service or event.Audit logs may be stored up to 5 years, for security forensic investigation purposes.

 

5. DISCLOSURE

We may disclose your Personal Data to third parties as described below. This disclosure may be required to operate (e.g. Cloud Services) and to provide you access to our Services, to perform Customer satisfaction surveys, to comply with our legal obligations, to facilitate our marketing and advertising activities, or to prevent, detect, mitigate and investigate fraudulent or illegal activities related to our Services. We minimize the amount of Personal Data we disclose to what is directly relevant and necessary to accomplish the specified purpose.

We do not disclose your Personal Data to third parties for their marketing and advertising purposes.We may disclose your Personal Data to the following parties and for the following purposes:

 

5.1 SERVICE PROVIDERS AND FINANCIAL INSTITUTION PARTNERS

– Third party service providers, as well as Affiliates, who help us to provide our Services, payment processing services, services such as IT, system administration and hosting, Cloud Services and Cloud Storage, who assist us in providing customized advertising, who assist us with the prevention,detection, mitigation and investigation of potentially illegal acts, violations of our User Agreement, fraud and/or security breaches, bill collection, and other business operations

 

5.2 LAW ENFORCEMENT, LEGAL PROCEEDINGS AND AS AUTHORIZED BY LAW

– To comply with our legal requirements, respond to claims that a listing or other content violates the rights of others, or protect anyone’s rights, property or safety

– To law enforcement or governmental agencies, or authorized third-parties, in response to a verified request relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability. We will only disclose information we deem relevant to the investigation or inquiry, such as name, city, state, postcode, telephone number, email address, User ID history, IP address, fraud complaints

– To third parties involved in a legal proceeding, if they provide us with a subpoena, court order or substantially similar legal procedure, or we otherwise believe in good faith that the disclosure of information is necessary to prevent imminent physical harm or financial loss or to report suspected illegal activity

 

6. INTERNATIONAL TRANSFER OF PERSONAL DATA

Your Personal Data may be processed outside Switzerland and outside the European Economic Area (EEA), and in countries which are not subject to an adequacy decision by the European Commission,and/or are not considered by the Federal Data Protection and Information Commissioner to have an adequate level of protection. In this event, we will ensure that the recipient of your Personal Data offers an adequate level of protection, according to the European and Swiss requirements, or we will ask you for your prior consent to such international data transfers.

 

7. SECURITY

We manage Information Security with our Information Security Management System (ISMS) following internationally recognized good practices. Within ISMS we protect your information using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and encryption, physical access controls to our data centers and information access authorization controls to name a few. If you believe your personal data had been misused, please contact us following the instructions in the Section 9 “YOUR RIGHTS RELATING TO YOUR PERSONAL DATA / QUESTIONS AND COMPLAINTS”.

 

8. THIRD PARTY PRIVACY PRACTICES

This Privacy Policy addresses only the use and disclosure of Personal Data we collect from you. If you disclose your information to others, or if you are directed to a third-party website, their privacy policies and practices will apply.We cannot guarantee the privacy or security of your information once you provide it to a third party and we encourage you to evaluate the privacy and security policies before you share your information.

 

9. YOUR RIGHTS RELATING TO YOUR PERSONAL DATA / QUESTIONS AND COMPLAINTS

 

9.1 YOUR RIGHTS

You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the EEA, these rights may include:

– To access your Personal Data held by us (right to access)

– To rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete (right to rectification)

– To erase/delete your Personal Data, to the extent permitted by applicable data protection laws (right to erasure)

– To restrict our processing of your Personal Data, to the extent permitted by law (right to restriction of processing)

– To object to any processing of your Personal Data carried out on the basis of our legitimate interests (right to object)

– To the extent we base the collection, processing and sharing of your Personal Data on your consent,to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal

 

9.2 HOW TO EXERCISE YOUR RIGHTS

To exercise your rights of access, rectification, erasure, object, or if you have a question or a complaint about this Privacy Policy, our global privacy standards or our information handling practices, you can reach our Data Protection Officer (DPO) in writing by sending us a letter or postcard to: skyguide, Data Protection Officer (DPO), Route de Pré-Bois 15-17, P.O. Box 796, CH-1215 Geneva or by email todpo@skyguide.ch.

In such a case, we may verify your identity, or ask for more information about your request. Where we are legally permitted to do so, we may decline your request with a reason.

 

10. CHANGES TO THIS PRIVACY POLICY

We will update this Privacy Policy from time to time to reflect changes in our practices, technologies,legal requirements and other factors. If we do, we will update the “effective date” at the top of this Privacy Policy. If we make an update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you using the email address you provided.

We encourage you to periodically review this Privacy Statement to stay informed about our collection,processing and sharing of your Personal Data.