Privacy Policy
PILOT PEER PRIVACY NOTICE
This Pilot Peer Privacy Notice (hereinafter referred to as “the Privacy Notice”) of UAB “BAA Training” applies to our website https://pilotpeer.com/talk-to-a-peer/ (regardless of which device you are using) and covers the processing of personal data in running of Peer Support Program (hereinafter referred to as the “PSP”). Therefore, we act as a data controller and are responsible for protecting of pilots’ who use or intend to use PSP or visit the website https://pilotpeer.com/talk-to-a-peer/ (hereinafter referred to as “Data subjects” or “you”) information regarding the General Data Protection Regulation (hereinafter referred to as “GDPR”) and any other applicable data protection laws.
A PSP (is defined as a system whereby a pilot needing help can get support with mental wellbeing or life stress issues from a dedicated and trained colleague (peer) in a confidential setting; the system is also accessible to family, colleagues or friends of a pilot who have serious concerns about his/her fitness to fly.
Peer (hereinafter referred to as the “Peer”) is a pilot who is a part of PSP, supports his fellow pilots, does not hold managerial position in the airline, and is trained in basic listening and counselling skills.
This Privacy Notice does not apply to links to other entities websites provided on our websites. Therefore, we recommend that you read the personal data processing rules applied on such websites.
By visiting our website https://pilotpeer.com/talk-to-a-peer/ and/or using the information contained therein and/or our services, and by actively ticking the optional box stating, “I have read the Privacy Notice”, you acknowledge and confirm that you have read and understood this Privacy Notice.
If you provide us with personal information other than your own (for example, you are reporting to us about the colleague/ family member/ friend you are concerned about), please inform them of this Privacy Notice and its content.
1. OUR CONTACT DETAILS
UAB „BAA Training“(hereinafter referred to as „the Company“ or „we“, „our“)
Legal entity code: 300618099
Address: Dariaus ir Girėno str. 21, LT-02189 Vilnius, Lithuania
Phone: +370 5 252 55 36
Email: [email protected]
2. WHAT PERSONAL DATA DO WE PROCESS, WHY, AND HOW LONG DO WE KEEP IT
- To identify you and get in touch with you
| Purpose | Data categories | Legal base | Retention period |
| When you fill in the “Talk to a Peer” request form provided on the website https://pilotpeer.com/talk-to-a-peer/ we collect, use and store the data that is necessary to assess your request, to react to it properly and get in touch with you. | Identification data (your name or pseudonym, your organization, information about how soon would you like us to contact you, contact number, contact email). | consent | We will process your personal information for this purpose no longer than needed to achieve and fulfil the purposes to identify you, get in touch with you as well as for the purposes of having evidence to justify the lawfulness of our personal data processing operations. Personal data will be usually processed no longer than 1,5 (one and a half) years after provision of PSP service to you. In exceptional cases when a threat to public safety is identified, the data might be kept for 3 (three) years from the time when the case was closed. |
- To provide feedback to your organization.
| Data categories | Legal base |
| Summary of communication with you (the essence of the problem, what was agreed during the consultation, number of consultations carried out, the status of the case (open or closed)). | our legitimate interest |
- To identify your preferences regarding the Peer’s organization and provide of feedback to your organization thereof.
| Data categories | Legal base |
| For this purpose, we collect, use and store the same personal data as described in the Section 2 part 2.1. and part 2.3. | consent
and our legitimate interest |
- To provide appropriate advice and assistance to you and to assess potential threats to air safety and taking actions to ensure air safety.
| Purpose | Data categories | Legal base | Retention period |
| When you fill in the “Talk to a Peer” request form provided on the website https://pilotpeer.com/talk-to-a-peer/ we collect, use and store the data that is necessary to provide appropriate advice and assistance to you and to assess potential threats to air safety and taking actions to ensure air safety. | Information on your mental health and/ or information about your issues of substance abuse | Legal obligation (Commission Regulation (EU) 2018/1042)
our legitimate interest.
|
We will process your personal information for this purpose no longer than needed to provide appropriate advice and assistance to you and to assess potential threats to air safety and taking actions to ensure air safety, as well as for the purposes of having evidence to justify the lawfulness of our personal data processing operations. Personal data will be usually processed no longer than 1,5 (one and a half) years after provision of PSP service to you. In exceptional cases when a threat to public safety is identified, the data might be kept for 3 (three) years from the time when the case was closed. |
If you do not provide personal data, the provision of which to us is necessary for the performance of the PSP, we will not be able to provide you with services.
3. THE SOURCES WE COLLECT PERSONAL DATA FROM
Most of the personal data we process is provided directly by you to us by filling in the application form in our website https://pilotpeer.com/talk-to-a-peer/.
We may also collect information about you from the following sources:
- from psychiatrist, to whom we can provide your data for consulting purposes, but only when your consent is provided;
- from your organization (airlines) (in case of your positive psychoactive test result after psychoactive substance testing carried out by the airline);
- from people close to you (your family or friends in cases of their concern for your mental wellbeing).
4. DATA SHARING INSIDE EEE/EU
We can only disclose your personal information to the following third parties for the purpose of running the PSP. Usually, your personal data will only be provided to the Peer, assigned to contact and talk to you, and in situations where this is necessary and only having your consent – to a psychiatrist. However, we assure you that we have selected these individuals carefully, making sure that they will handle your personal data responsibly and in compliance with the relevant confidentiality obligations.
We will provide only statistical anonymized data about the PSP services to your organization (airlines). We guarantee that, there will be no possibility to identify specifically you from the data provided. Only in very rare cases, when the threat to public safety is presumed, your personal data might be shared with your organization (airlines). In this case, the data is transferred and exchanged based on a Joint Controllers Agreement signed between us and your organization (airlines).
We may also share your personal data under the following circumstances:
- in response to court orders, or as otherwise required by legal process, or to establish or exercise our legal rights or defend against legal claims;
- to companies, which process personal data so as to ensure the development, improvement/ update and support of information systems;
- our other service providers (data processors) or our subcontractors.
5. DATA TRANSFER OUTSIDE EEE/EU
Generally, your data is processed within the territory of the European Economic Area (hereinafter referred to as “EEA”). However, in certain cases, your personal information may be transferred to data processors or independent controllers such as Avia Solutions Group companies and other entities, including service providers, located in countries outside the EU/EEA, including the UK. In this regard, we will implement the necessary technical and organizational measures, as required by the GDPR, to ensure proper data transfer and the protection of personal data.
For recipients located outside the EU/EEA but in countries with adequacy decisions, the transfer is recognized as providing an adequate level of data protection from a European data protection law perspective.
For recipients located outside the EU/EEA that do not provide an adequate level of data protection from an GDPR perspective, we will ensure the transfer by implementing appropriate safeguards, such as: binding corporate rules, standard contractual clauses, approved code of conduct or certification mechanisms with binding commitments or “Ad hoc” contractual clauses authorized by supervisory authority along with binding and enforceable commitments of the recipient.
Together with adequacy decision, binding corporate rules, approved code of conduct or certification mechanisms with binding commitments or “Ad hoc” contractual clauses authorized by supervisory authority and when the personal data is transferred to data processors, the data processing agreement would be conducted additionally.
6. DO WE APPLY AUTOMATED DECISION-MAKING OR PROFILING?
We do not normally use automated decision-making to initiate and execute contractual relationships as well as we do not process your personal data in a partially automated way to assess certain personal aspects (hereinafter referred to as the “Profiling”) under Article 22 of the GDPR. Should we apply this procedure in individual cases, we will inform you separately, if required by law.
7. RIGHTS GUARANTEED TO YOU
We guarantee the implementation of the following rights and the provision of any related information at your request or in case of your query:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
If you have any questions, comments or complaints regarding how we handle information about you, or if you want to assert any of your rights under the GDPR, please send an email to [email protected] or submit a request at our office. Any request to exercise one of these rights will be assessed by us on a case-by-case basis. There may be circumstances in which we may not legally required to comply with your request or because of relevant legal exemptions provided for in applicable data protection legislation.
You can withdraw your application at any time.
8. HOW TO COMPLAIN
If you disagree with our actions or the response to your request, you can complain to the State Data Protection Inspectorate, address: L. Sapiegos str. 17, 10312 Vilnius, Lithuania, e-mail: [email protected]; phone: (8 5) 271 28 04, 279 1445, website: https://vdai.lrv.lt/lt/.
In all cases, we recommend that you contact us before making a formal complaint so that we can find the mutual solution.
9. UPDATES
We may change this Privacy Notice from time to time. We encourage you to review this Privacy Notice periodically.
