- Who Are We?
- Scope and Application
- Data Processing as a Controller
- HR and Marketing Operations
- Data Processing as a Processor
- What personal data do we collect?
- Contact information, such as name, address, phone number, and email address.
- Flight information, such as flight plans, flight schedules, and passenger information.
- Payment information, such as credit card numbers or bank account details.
- Employment information, such as job title, salary, and employment history, in the case of employees or job applicants.
- Communication data, such as email correspondence and call logs.
- What do we use personal data for?
UAS International Trip Support, ’we", "our", "us", "the Company", "the Group” is a leading global aviation services company that delivers award-winning, customized flight support solutions to the global market, backed by a team of experienced professionals who are dedicated to delivering exceptional support: A one-stop shop for all aviation needs such as trip support, executive travel, and air charter.
We are trusted by Heads of State, VVIPs, Fortune 500 companies & business jet operators worldwide.
You can find more information about UAS and its services on our website: https://www.uas.aero/.
All our Group entities shall abide by this Data Protection Policy and the local laws, as applicable, in their respective jurisdictions.
Before putting in place this Privacy Notice, we have undertaken a Data Protection Impact Assessment (DPIA) in order to ensure that our policies and processes are compliant with relevant data protection regulations, including the General Data Protection Regulation (GDPR).
The DPIA allowed us to audit all of our processes, which helped us to identify areas where we could improve our data protection practices. As a result, we have implemented additional measures to ensure that personal data is processed securely, and that data subjects' rights are respected.
This informed the development of our Privacy Notice, which explains how we collect, use, and protect personal data.
As a company, we act as a data controller in both our marketing and HR operations. In our HR operations, we handle candidates and potential employees' data with utmost care, ensuring that all personal data is processed in accordance with applicable data protection laws and regulations.
We collect and process this data for legitimate business purposes, such as evaluating a candidate's qualifications for employment and managing the hiring process. We also provide candidates with transparency about the data we collect and how it will be used, and we give them the opportunity to exercise their data protection rights in accordance with applicable law. We process personal data for other legitimate HR-related purposes as well, such as managing the employment relationship, administering payroll and benefits, and complying with legal obligations. This personal data may include information such as employee names, addresses, and contact details.
In our marketing operations, we collect and process personal data for marketing purposes, such as sending promotional emails or newsletters. The marketing team collects personal data through various means, such as website forms, events, and surveys. The collected data may include personal information such as name, email address, and interests. We would like to emphasize that we collect consent for data collection for marketing purposes at all times.
We collect personal data through our website to better understand the interests of potential clients and vendors and as well as to improve our services and offers . Our website is designed to collect personal data through various means, such as online forms and surveys. The collected data may include personal information such as name, email address, and interests.
In the course of our business operations, UAS acts as a data processor, which means that in the majority of cases, we process personal data on behalf of our clients or vendors who act as the data controller. As a processor, UAS is responsible for following the instructions of the data controller and ensuring that personal data is processed in a manner that is consistent with the local and international Data protection regulations.
To ensure the protection of personal data, UAS signs contracts with clients and vendors that include GDPR-compliant data protection clauses. These clauses specify the purpose of the processing, the types of personal data that will be processed, and the security measures that must be in place to protect that personal data. UAS may also sign additional data protection Addendums to further clarify and enhance the privacy obligations and commitments of both parties.
Additionally, UAS takes its data protection obligations seriously and implements appropriate technical and organizational measures to ensure the security of personal data. These measures include, but are not limited to, regular training for employees on privacy and data protection, regular audits of our data protection practices , and the use of encryption and other security technologies to protect personal data.
Where personal data is collected and processed, it must be done so only under certain conditions. Where the data subject clearly consents to the processing in question, or where a legitimate interest for the processing is established. A legitimate interest requires three conditions, a well-defined purpose for the processing, that processing being necessary to the interest and that a balance is struck between the interest and those of the individual. We collect and process personal data to enable us to provide you with our services. Personal data collected may vary with the nature of the service we provide or may provide you with.
Commonly, this includes among others:
Any other personal data that is necessary to provide our aviation services and to comply with legal and regulatory obligations.
Cookies, when you use our website, cookies are stored on your computer in addition to the above-mentioned data to make our website more attractive. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using. This means that certain data is transmitted to the location that sets the cookie – in this case to us. Cookies cannot execute programs or transfer viruses to your computer.Note: Sensitive information is only processed when explicitly required and within the constraints of the law.
You provide some of this data to us directly by subscribing to our newsletters or other regular information from UAS, by requesting offers for our services from us or through our website.
The principle of minimization requires that we collect and process only the personal data that is necessary for the specific purpose for which it is collected.
We need your personal data for one or more of the following business purposes:
- the assessment and acceptance of a customer, supplier or business partner.
- the development and improvement of our services.
- the conclusion and execution of agreements with customers, supplier and business partner.
- relationship management and marketing.
- business process execution, internal management and management reporting.
- health, safety, security and integrity.
- compliance with law.
- the protection of the vital interests of individuals.
If and when the processing of your personal data is based on your consent, you have the right to withdraw this consent at any time.
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest:|
|To register you as a new customer/Vendor||
||Performance of a contract or service with you|
To process and deliver your order including:
To manage our relationship with you which will include:
|To enable you to partake in a prize draw, competition or complete a survey||
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||
|To make suggestions and recommendations to you about goods or services that may be of interest to you||
- As Data Controller:
- As Data Processor:
As a data controller, we may need to obtain your consent before collecting, processing, or transferring your personal data. In UAS, we prefer to always collect Consent and keep you well informed about it. We will seek your consent in a clear and transparent manner, providing you with all necessary information regarding the processing of your personal data through sharing our privacy notice.
We will collect your consent through personalized Consent forms and surveys depending on the context, delivered to you physically, through email or through our website.
These include information about the purposes of the processing, the types of personal data involved, the recipients or categories of recipients of the data, and your rights as a data subject.
We will keep records of your consent, including the time and date of your consent, the method used to obtain your consent, and the specific purposes for which your consent was obtained.
You have the right to withdraw your consent at any time by contacting us using the contact details provided in this Privacy Notice. However, this will not affect the lawfulness of any processing carried out before the withdrawal of your consent.
As a data processor, we will only process personal data on behalf of the data controller and will not use the data for any other purpose than instructed by the data controller. At UAS, we ensure that the consent process with the data controller is carried out in accordance with applicable data protection laws and regulations.
If you have any questions or concerns regarding the consent process, please contact us using the contact details provided in this Privacy Notice.
UAS takes the security of personal data very seriously and we take appropriate measures to protect personal data from unauthorized access, use, disclosure, alteration, or destruction.
Personal data collected by us or on behalf of our clients or vendors, is stored in secure servers and are protected by a combination of physical and technical security measures, including firewalls, encryption, and access controls.
We have strict access controls in place to ensure that personal data is only accessed by authorized personnel who require the information to perform their job functions. All employees are subject to confidentiality agreements and are trained on our privacy and security policies and procedures.
In addition, UAS has implemented a responsible data retention policy in accordance with best practices, legal and regulatory requirements. This means that personal data will only be kept for as long as it is necessary for the specific purpose for which it was collected or as determined by the law and will be deleted or anonymized when it is no longer required.
We share your personal data within the UAS Group or to a third-party service provider when it is necessary for the execution of the service and when it is required for the performance of the contract between you and UAS.
In cases where personal data is transferred to a third-party service provider, UAS will sign the appropriate data protection clauses or GDPR addendums with these parties to ensure that they respect the privacy rights of individuals and process the personal data in a manner that is consistent with the GDPR. These data protection clauses or addendums will ensure that the third-party service provider processes the personal data in a secure manner and implements appropriate technical and organizational measures to protect the personal data. In the event that the Company opines that the destination processor resides on a jurisdiction with inadequate data processing protection measures, we will only transfer where you have consented to the same.
Personal data of a sensitive nature is generally only shared by strict application of the law or in case of emergency where your vital interests are best served by sharing relevant information.
UAS is based in Dubai Airport Free Zone, we will only transfer your personal data outside the UAE if the transfer is necessary to the execution of your contract with UAS.
Adequate measures in compliance with Data Protection laws and regulations will be put in place based on the level of adequacy of the country of destination.
If you are a European Citizen, we may transfer your personal data to countries outside the European Union (EU) or the European Economic Area (EEA) in order to perform our services, such as for cloud storage or processing. Such transfers will only occur in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).
This includes implementing appropriate safeguards, such as using standard contractual clauses approved by the European Commission or other mechanisms that provide adequate protection of your rights.
UAS, as a Dubai free zone company, is expected to comply with all relevant data protection laws and regulations, as well as industry-specific regulations and guidelines, to ensure that they process personal data in a manner that is compliant with local and international privacy laws.
In UAS, we made sure that we meet the highest standards out there when it comes to Data protection, our internal policies are compliant with the Federal Decree Law No. 45 of 2021 regarding the Protection of Personal Data and furthermore, the General Data Protection Regulation (GDPR)
All individual rights are stated in both sets of Regulation, and in accordance with international best practice, will be respected by UAS.
These rights include the right to be informed where personal data are collected, the right to access and the right to rectification of your data when it is inaccurate. Also, under specific circumstances mentioned in the GDPR, you may request erasure of your personal data or restrict the processing of it. Furthermore, you have the right to object to the processing of your personal data, or to being subject to automated decision making and profiling. Lastly, you have the right to data portability.
In addition to these rights, you have the right to lodge a complaint with the Data Protection Authority.
In the event of a conflict between this UAS privacy statement and the terms of any agreement(s) between a customer and UAS, the terms of those agreement(s) will apply.
For certain UAS entities, a more specific privacy statement may be applicable and will be offered to you in case of personal data processing.
If you need to contact the regulatory body for data protection in the UAE, please do so at:
Telecommunications and Digital Government Regulatory Authority
Toll Free: +971 800 12
International: +971 4 777 4444
If you are a European Citizen, you have the right to contact the relevant supervisory authority. In the EU, this is the data protection supervisory authority of the member state where you reside, work, or where any alleged infringement occurred.