Privacy Policy

SWISS AVIATION SERVICES PROVIDERS’ ASSOCIATION (SASPA)

The Swiss Aviation Services Providers’ Association (SASPA) is committed to protecting and respecting your privacy. We take your privacy very seriously and we ask that you read this Privacy Policy carefully as it contains important information on:

• the personal data we collect about you

• how we look after your personal data when you visit our website

• with whom your personal data might be shared

• your privacy rights and how the law protects you

WHO WE ARE

SASPA’s incorporated place of business is at 8058 Zurich Airport, Switzerland, with a correspondence address at P.O. Box CH-8058 Zurich Airport

This Privacy Policy is issued on behalf of the SASPA, so when we mention “The Swiss Aviation Services Providers’ Association, “we”, “us” or “our” in this Privacy Policy, we are referring to the relevant company in the group responsible for processing your personal data.

SASPA will let you know which entity will be the controller for your data when you purchase a product or service with us.

SASPA is the controller and is the controller and responsible for personal information obtained through our website – www.saspa.ch, by phone, email, in letters and other correspondence or in person.

PERSONAL DATA WHICH WE COLLECT

We collect personal data about you when you:
• Register as a Member
• Renewal your membership
• Register for an Event (possibly)
• Purchase or make payments for any products and services
• Contact us through our website
• Sign up to receive our newsletter (not in place yet)

The personal data collected in the above manner may include your:
• full name
• postal address
• email address
• telephone number
• payment details (for membership fees)
• information about the way you use our website (see cookie policy for more information)
• image and/or voice captured through photography, filming, videotaping and/or audio recording

Personal data provided by Third Parties
We may receive information about you from other sources (such as event reservation providers), which we will add to the information we already hold about you in order to help us improve how we provide our services to you.

Special categories of personal data
We do not ask for any special categories of personal data to be disclosed to us as part of your job application process via our website. Depending on the nature of the role, we may have to conduct further checks at a later stage and, where those checks will involve special categories of personal data, we will explain why we need that information and how we intend to use it.

Personal data about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
• give consent on his/her behalf to the processing of his/her personal data;
• receive on his/her behalf any data protection notices;
• give consent to the transfer of his/her personal data outside Switzerland; and
• give consent to the processing of their special category personal data (further details relating to special category personal data is detailed below).

HOW WE USE YOUR PERSONAL DATA

Overview

We collect information about you so that we can:
• Identify you and manage your membership
• Process any orders for Products and Services you make with us
• Assist you with your queries in relation to our organisation
• Review any papers or submissions
• Conduct research, statistical analysis and behavioural analysis

– although this is only ever done in an anonymised manner and will not identify you specifically)

• Detect and prevent fraud
• Notify you of any changes to our website or to our services that may affect you; and
• improve our services.

In addition, we may directly collect analytics data, or use third-party analytics tools and services, to help us measure traffic and usage trends for the website service generally.

MARKETING

We would like to send you information by email about our products and services, which may be of interest to you. We will only send you marketing messages when you click to subscribe on our website or tick the relevant consent box when you provide us with your personal data. If you have consented to such receive marketing from us, you can opt out at any time by using the unsubscribe function on each of our emails or by contacting us directly through the “Contact Us” section of this website.

WHEN WE MIGHT SHARE YOUR DATA WITH THIRD PARTIES

We do not, and will not, sell any of your personal data to any third party – including your name, address or email address. We want to earn and maintain your trust, and we believe this is essential in order do that. As an essential part of being able to provide our services to you, we do share your data with the following categories of third parties:

• service providers that help us to run our business such as marketing agencies, website hosting providers, website developers, email and newsletter distributors;

• professional advisers including lawyers, bankers, auditors and insurers who provide advice to us when we require it.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. If you would like any more information about the third parties which we work with to provide our services to you, please contact us on the contact details provided later in this Privacy Policy.

LEGAL BASIS WE USE FOR PROCESSING YOUR INFORMATION

GDPR requires SASPA to rely on one or more lawful bases to use your personal information. We consider the bases listed below to be relevant:

• Necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract – e.g. Membership.

• Consent – where individuals positively opt in and consent has been freely given to hold personal information e.g. Registered / lapsed users, who actively have registered on the website to receive marketing emails.

HOW WE ASK FOR CONSENT

In this case, we need your consent to hold and process your personal data, we will ask you to check a box on any form requiring consent (except when subscribing to our newsletter via our website, when we will ask you to click on subscribe). By checking these boxes you are confirming that you have been informed as to why we are collecting the information, how this information will be used, for how long the information will be kept, who else will have access to this information and what are your rights as a data subject (all of which is set out in this Privacy Policy).

HOW WE KEEP YOUR PERSONAL DATA SECURE

To protect your information we have policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner, and all systems that can access the information have the necessary security measures in place. We also use a range of technologies and security systems to reinforce the policies and procedures, including ensuring that:

• access to personal data is strictly restricted to those employees who need to access this information as part of their role;

• we store your personal data on secure servers and unauthorised external access to personal data is prevented through the use of a firewall;

• information used for reporting and/or customer profiling purposes is anonymised (so that it does not identify you) and we store your personal data on secure servers.

HOW LONG WE KEEP YOUR PERSONAL DATA FOR

We shall only retain your information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

If you would like more information about how long we retain specific types of your information, please contact us on the contact details provided later in this Privacy Policy.

TRANSFERS OF YOUR DATA OUTSIDE SWITZERLAND

All information you provide via our website is stored on our secure servers within Switzerland. If any data that we collect from you is transferred to, or stored at, a destination outside Switzerland, we will update this Privacy Policy accordingly.

YOUR RIGHTS

The right to access information we hold about you

You may contact us at any point to request the information we hold about you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request, we will respond within 30 days.

The right to correct and update the information we hold about you

If the information we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated or you can log into the members area and update your details and preferences.

The right to have your information erased

If you feel that we should no longer be using your information or that we are illegally using your information, you can request that we erase the information we hold. When we receive your request, we will confirm whether the information has been deleted or tell you the reason why it cannot be deleted.

The right to object to processing of your information

You have the right to request that we stop processing your information. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your information to comply with your other rights.

The right to ask us to stop contacting you with direct marketing

You have the right to request that we stop contacting you with direct marketing that is outside what is considered reasonable for a membership body to offer member benefits and to ensure good governance of the membership body.

The right to data portability

You have the right to request that we transfer your information to another controller. Once we have received your request, we will comply where it is feasible to do so. For your security we may need to verify your identity before we process your instructions above.

COOKIES AND TRACKING

Use of cookies

A cookie is a small text file which is placed onto your device when you access our website. We use cookies on this website to:
• recognise you whenever you visit this website (this speeds up your access to the website as you do not have to log in each time);
• obtain information about your preferences, online movements and use of the internet;
• carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests; and
• make your online experience more efficient and enjoyable.

In most cases, we will need your consent in order to use cookies on this website. The exception is where the cookie is essential in order for us to provide you with a product or service you request.

Consent to cookies

If you visit our website when your browser is set to accept cookies, we will interpret this as an indication that you consent to our use of cookies and other similar technologies as described in this Privacy Policy. If you change your mind in the future about letting us use cookies, you can modify the settings of your browser to reject cookies or disable cookies completely.

Description of cookies

The text below provides some information on the cookies which we use on our website:
Strictly necessary cookies
What it does?
Remembers that a user is logged in while navigating during the logged in session.
No personal data is stored within this cookie – it is a simple flag to say that they have logged in.
Why is it used?
So that a user does not need to log in every time they link from one page to another within the site.
How long it lasts? One browser session.

Analytical / performance cookies

What it does?
These cookies are used to understand visitor interactions with our website.
No personal data is stored within this cookie – any information used for analysis is anonymised.
Why is it used?
So that we can understand volumes of visitors to our website and their behaviour through the site.
How long it lasts? 
The timeframes for these will vary but at the most, these cookies will last for 2 years. For more information, please contact us on the contact details provided later in this Privacy Policy.

Turning off cookies

If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website.

TAKE CARE WHEN LINKING TO OUR SOCIAL MEDIA SITES

At a later stage, our website provides links to our social media sites. Once on any of these social media sites, please take care if you choose to post any information as this will be on a public domain and may be widely accessible. If you would like more information about how any information posted on these sites will be used, please the sites’ privacy notice carefully.

CONTACTING US

If you have any queries about this Privacy Policy, need further information about how SASPA uses your personal data or wish to lodge a complaint, please contact us by any of the following means:

• email us at info@saspa.ch, or write to us at P.O. Box, CH-8058 Zurich Airport
• contact us using our “Contact us” page on the website.

CHANGES TO THIS PRIVACY NOTICE

We may change this Privacy Policy from time to time. You should check this Privacy Policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website. Where we have made any changes to this Privacy Policy which affects the manner in which we use your personal data, we will contact you by email to inform you of this change. This Privacy Policy was last updated in December 2018.