Elix Aviation Capital Limited Business Contact Privacy Statement
At Elix we take privacy seriously and we aim to be clear about how we use personal data. Personal data means information that can be used to identify you. This Data Protection Notice sets out how we process and protect personal data that we obtain through our dealings with other businesses and corporate entities that we have business or professional dealings with. This includes personal data relating to employees, officers, directors, shareholders and third-party representatives of those corporate entities or businesses (Relevant Individuals, you).
1. Who we are and how to get in touch
When we refer to Elix we mean Elix Aviation Capital Limited (we). We are the data controller for all personal data.
If you have any queries in relation to this Notice or any aspect of our data privacy policies, please feel free to contact us at:
|Address:||Elix Aviation Capital Limited|
|12/13 Exchange Place,|
|Custom House Docks,|
2. Type of personal data we collect
We collect individual contact details and identification details (such as a passport and proof of address) for Relevant Individuals either directly from you or from the businesses you represent.
3. Why we process it, on what legal basis and for how long
We will collect, hold and process personal data provided by you for the following purposes:
|Purpose for processing your information
|To interact with Relevant Individuals as part of professional dealings with the businesses and corporate entities they represent||This processing of personal data is necessary for our legitimate business interest in managing and promoting our provided our interest is not overridden by your interest.
In identifying this basis, we have weighed our legitimate interest as a business against your rights and freedoms and determined that that it will not unfairly impact your rights. If you would like further information on how we balanced these interests you can contact us using the details below.
Please note that you have a right to object to processing of your personal data where that processing is carried on for our legitimate interest.
|To ensure proof of identity for anti-money laundering Know Your Customer requirements;
|This processing of your data is necessary in order for us to comply with any legal or regulatory obligations.|
4. Recipients of personal data we collect
It may be necessary to share your personal data with third parties including:
- Entities within the Elix Group;
- CK Solutions, our outsource partner providing IT services;
- Service providers which provide sanction checks in respect of Relevant Individuals in connection with the Office of Foreign Control (OFAC);
- Statutory or regulatory bodies to whom we are obliged to disclose information, and
- Other support service providers necessary to support Elix in its services (including external legal counsel).
5. WHERE YOU DO NOT PROVIDE US WITH YOUR PERSONAL DATA
If you do not provide us with your personal data we may not be able to comply with our legal obligations or manage our business. We will tell you when we ask for information which is a statutory or contractual requirement or needed to comply with our legal obligations.
6. TRANSFERS OF PERSONAL DATA OUTSIDE THE EEA
The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA), including the United States, for the purposes described above. To ensure that your personal information receives an adequate level of protection and is treated securely, we have put the appropriate safeguards in place to protect the privacy and integrity of such personal information when being transferred outside the EEA. If you would like further information in respect of the safeguards we have in place in respect of a transfer outside of the EEA, please contact us as per the details set out in paragraph 1.
7. RETENTION OF PERSONAL DATA
Data will be stored for as long as required to satisfy the purpose for which the data was collected and used, unless a longer period is necessary for our legal obligations or the exercise or defence of legal claims.
Where we process your personal data for the purpose of corresponding with you for our legitimate interests in managing our business we will retain personal data for as long as is necessary to enable us to conclude our business or professional dealings. The criteria we use to determine the duration of retention will be the duration of our engagement and whether the nature of the engagement is such that it is likely that we will need to interact on a regular basis.
Where we enter into a contract, we will retain the personal data obtained pursuant to that contract for as long as is necessary to:
- perform our obligations under the contract;
- comply with our legal obligations (e.g.' the anti-money laundering regulations); and
- exercise our legal rights and defend legal claims.
Typically this will require that we hold such data for a period of 7 years from the date on which that the contract is terminated.
If you have any further queries in relation to our data retention procedures please contact us at the address given in paragraph 1 above.
8. AUTOMATED DECISION MAKING/PROFILING
We will not process your data in such a way so as to make solely automated decisions about you which will have a legal or similarly significant effect
It may be necessary for us to provide your information to third party processors who will engage in an automated process of sanctions checks in respect of Relevant Individuals in connection with OFAC. The results of this automated process will be reviewed before a decision is made. We undertake these checks to protect our business against fraud and to ensure we do not engage in any activity which would infringe our legal and regulatory obligations.
Where we engage in profiling of this nature you have a right to object and can raise such an objection by contacting us at the above address. We note that, as set out in section 5, if you refuse to allow certain types of data processing we may not be able to comply with our legal obligations or manage our business and accordingly may not be able to engage with the business you represent.
9. Relevant Individual rights
You have several rights in relation to your personal data. You have a right to:
- Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- Object to processing of your personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes;
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
- Request the transfer of your personal information to another party; and
- Lodge a complaint with the Office of the Data Protection Commission (if you are unhappy with how your personal data is being handled).
Contact the Data Protection Commission at:
Telephone: +353 761 104 800 (Lo Call Number 1890 252 231)
Post: Data Protection Commission, Canal House, Station Road, Portarlington, Co Laois R32 AP23