Global Aerospace GDPR Privacy Policy
Effective Date: 01/16/2024
We at Global Aerospace are committed to applying the appropriate standard of care to our processing of personal data, all around the world.
This GDPR Privacy Policy applies to all personal data we process in the context of the activities of our offices and other establishments in the United Kingdom, France, Germany, Switzerland and any office or establishment we may set up in the European Economic Area. It also applies should we intentionally market our products to you as an individual if you are habitually located in the UK or EU. Where it applies, the General Data Protection Regulation (“GDPR”) sets out rules and gives you rights regarding how we process *your personal data* – we define these expressions below but, broadly, it means how we handle any personal information about you from which you can be identified.
Under the GDPR, we are a data controller of this personal data. For this purpose, “we” is one or more of the following, as appropriate:
Global Aerospace Underwriting Managers Limited (CRN 2512067), Fitzwilliam House, 10 St Mary Axe, London EC3A 8EQ; or
Global Aerospace Underwriting Managers (Europe) SAS (RCS 841 334 188)
65/67 Rue de la Victoire, 75009, Paris
Purposes and legal grounds of our processing your personal data
Your personal data will only be used for the following purposes:
- to send you newsletters or emails
- to provide you with any features or tools on our site
- to make our services more rewarding and relevant for you to use
- to contact you for account and promotional purposes.
- to deliver products you or your employer have purchased
- to communicate with you and respond to your requests
- to inform you about our products and services, including by direct marketing
- to manage our relationship with you or your employer
- to comply with our legal obligations, such as compliance processes
- for internal administration
- to improve our services
- to detect and prevent fraud
- for security
- to exercise our rights
- for purposes related to proposed corporate activities, such as a sale.
The legal grounds on which we process your personal data are as follows, depending on the purpose of the processing:
- performance of a contract – often we need to process your personal data to perform a contract we have with you or your employer, in particular to fulfil an order or to take steps at your or your employer’s request before entering into a contract.
- legitimate interest – in many cases, the purposes we have described simply represent our legitimate business interests and the processing is necessary to achieve them and does not override your interests, fundamental rights or freedoms: this includes direct marketing, fraud prevention, ensuring information and network security and other purposes evident from this policy.
- consent – in certain specific situations, we may process your personal data with your specific freely given consent: if so, we will inform you of the purpose of that processing, and you can withdraw consent at any time.
Recipients of your personal data
We will not share your personal data with any third parties without your permission, except that we may share it with our subsidiary and group companies and with:
- Our and their service providers to enable them to provide services to us, or to you on our behalf (for example, to process payments)
- Third parties who operate javascript tags or APIs
- Public authorities where we are required to do so pursuant to a lawful request by them, for the purposes of that request.
Retention of your personal data
Your personal data will be stored securely and confidentially. We will retain your personal data only for the period that is proportionate for us to do so in relation to the purposes of the processing. The precise period will depend on the purpose for which we hold your information. Further, as a regulated institution, there are laws and regulations that apply to us which set minimum periods for data retention. The criteria that we use to determine how long we keep your PI include:
- A legal or regulatory obligation (We will keep the information for at least as long as is required to comply with that obligation)
- To provide a product or service (we will keep the information for at least as long as we provide the product or service, and for a number of years after expiration of the policy for the handling of any potential related claims)
- The circumstances, nature, or the type of product or service provided to you
- The circumstances, nature, or type of relationship we have with you
- To respond to any queries or concerns that may be raised later (e.g. with respect to the handling of a policy or claim)
For further information about the data retention period for which we retain your Personal Information, please contact our Data Protection Officer, Marcus Browne at Global Aerospace, Fitzwilliam House, 10 St. Mary Axe, London EC3A 8EQ, email: mbrowne@global-aero.com.
International transfers
Should we need or decide to transfer your personal data to a country which is outside of the EEA and UK and does not have an EU adequacy decision, we will do so using approved contractual clauses which protect your rights. If you would like more details of these clauses, please contact our Data Protection Officer, Marcus Browne at Global Aerospace, Fitzwilliam House, 10 St. Mary Axe, London EC3A 8EQ, email: mbrowne@global-aero.com.
Your rights
Under the GDPR, you have the following rights in relation to our processing of your personal data:
- the right to obtain confirmation as to whether we process your personal data
- the right to request access to your personal data
- the right to rectify your personal data if you believe it to be inaccurate
- in any specific case where we have obtained your consent for the purposes of the processing, the right to withdraw such consent, without affecting the lawfulness of processing before such withdrawal
- the right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- in certain cases, the right to the transfer your personal data to another data controller providing similar products (“data portability”)
- the right to lodge a complaint with your local data protection regulator
Contact details
Should you have any questions regarding our processing of your personal data please direct them, in the first instance to:
The Data Protection Officer, Marcus Browne at Global Aerospace, Fitzwilliam House, 10 St. Mary Axe, London EC3A 8EQ at mbrowne@global-aero.com.
If you are not satisfied with our use of your personal data or with any of our responses to you in exercising your rights, or if you think we have breached the GDPR, you have the right to complain in the UK to the Information Commissioner’s Office, (ICO):
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 Email: casework@ico.org.uk
If you are located in an EEA country your local data protection regulator can be found here.
*Personal Data means*…any information relating to an identified or identifiable natural person… such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.”
*Process* means any operation we perform on Personal Data, such as collection, organizing, storing, updating, using, disclosing, and erasing it.