Effective Date: July 2, 2021
We at Global Aerospace are committed to applying the appropriate standard of care to our processing of personal data, all around the word.
Where it applies, the General Data Protection Regulation (“GDPR”) sets out rules and gives you rights regarding how we process *your personal data* – we define these expressions below but, broadly, it means how we handle any personal information about you from which you can be identified.
Under the GDPR, we are a data controller of this personal data. For this purpose, “we” is one or more of the following, as appropriate:
Global Aerospace Underwriting Managers Limited (CRN 2512067), Fitzwilliam House, 10 St Mary Axe, London EC3A 8EQ; or
Global Aerospace Underwriting Managers (Europe) SAS (RCS 841 334 188)
65/67 Rue de la Victoire, 75009, Paris
Purposes and legal grounds of our processing your personal data
Your personal data will only be used for the following purposes:
- to send you newsletters or emails
- to provide you with any features or tools on our site
- to make our services more rewarding and relevant for you to use
- to contact you for account and promotional purposes.
- to deliver products you or your employer have purchased
- to communicate with you and respond to your requests
- to inform you about our products and services, including by direct marketing
- to manage our relationship with you or your employer
- to comply with our legal obligations, such as compliance processes
- for internal administration
- to improve our services
- to detect and prevent fraud
- for security
- to exercise our rights
- for purposes related to proposed corporate activities, such as a sale.
The legal grounds on which we process your personal data are as follows, depending on the purpose of the processing:
- performance of a contract – often we need to process your personal data to perform a contract we have with you or your employer, in particular to fulfil an order or to take steps at your or your employer’s request before entering into a contract.
- legitimate interest – in many cases, the purposes we have described simply represent our legitimate business interests and the processing is necessary to achieve them and does not override your interests, fundamental rights or freedoms: this includes direct marketing, fraud prevention, ensuring information and network security and other purposes evident from this policy.
- consent – in certain specific situations, we may process your personal data with your specific freely given consent: if so, we will inform you of the purpose of that processing, and you can withdraw consent at any time.
Recipients of your personal data
We will not share your personal data with any third parties without your permission, except that we may share it with our subsidiary and group companies and with:
- our and their service providers to enable them to provide services to us, or to you on our behalf (for example, to process payments)
- public authorities where we are required to do so pursuant to a lawful request by them, for the purposes of that request.
Retention of your personal data
Your personal data will be stored securely and confidentially.
We will retain your personal data only for the period that is proportionate for us to do so in relation to the purposes of the processing. More specifically:
- if you or your employer has a contract with us we will retain your personal data for six years from the end of the contract unless there is a dispute, in which case we will keep it at least until the end of the dispute, if later than six years from the end of the contract; and
- otherwise, we will delete your data two years from the date on which we last received an active communication from you or your employer.
These periods are, however, subject to other legal and regulatory requirements.
Should we need or decide to transfer your personal data to a country which is outside of the EEA and UK and does not have an EU adequacy decision, we will do so using approved contractual clauses which protect your rights. If you would like more details of these clauses, please contact our Data Protection Officer, Marcus Browne at Global Aerospace, Fitzwilliam House, 10 St. Mary Axe, London EC3A 8EQ, email: .
Under the GDPR, you have the following rights in relation to our processing of your personal data:
- the right to obtain confirmation as to whether we process your personal data
- the right to request access to your personal data
- the right to rectify your personal data if you believe it to be inaccurate
- in any specific case where we have obtained your consent for the purposes of the processing, the right to withdraw such consent, without affecting the lawfulness of processing before such withdrawal
- the right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- in certain cases, the right to the transfer your personal data to another data controller providing similar products (“data portability”)
- the right to lodge a complaint with your local data protection regulator
Should you have any questions regarding our processing of your personal data please direct them, in the first instance to:
If you are not satisfied with our use of your personal data or with any of our responses to you in exercising your rights, or if you think we have breached the GDPR, you have the right to complain in the UK to the Information Commissioner’s Office, (ICO):
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
If you are located in an EEA country your local data protection regulator can be found here.
*Personal Data means*…any information relating to an identified or identifiable natural person… such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
*Process* means any operation we perform on Personal Data, such as collection, organizing, storing, updating, using, disclosing and erasing it.