Privacy Policy for California Residents and Notice at Collection

Last Updated: 01/16/2024

This California Consumer Privacy Act Privacy Policy and Notice at Collection (collectively, “CCPA Notice,” “Notice,” or “Policy”) is provided on behalf of Global Aerospace, Inc. and its affiliates (“Global Aerospace,” “we,” “us,” “our,” or “company”). This CCPA Notice is addressed to California residents only (“you”), to the extent the information is subject to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively referred to as “CCPA” or “CPRA”).

This CCPA Notice explains our online and offline privacy practices, including what personal information we collect, why we collect it, how we collect it, and how you can exercise your rights with respect to your personal information. Any terms defined in the CPRA have the same meaning when used in this CCPA Notice. Please note that we may update or make changes to this Notice.

This CCPA Notice does not apply to certain types of information, including (i) information that is subject to the federal Gramm-Leach-Bliley ‎‎Act (“GLBA”) and its ‎implementing regulations, or the California Financial Information Privacy Act, (ii) ‎‎medical and health information covered by the Health Insurance Portability and Accountability Act (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act, or the California Confidentiality of Medical Information Act, (iii) de-‎identified or aggregate consumer information, (iv) publicly available ‎‎information, (v) information that is subject to the Fair Credit Reporting Act (“FRCA”),  or (vi) information that is subject to the Driver’s Privacy Protection Act, and certain other laws. If you are not a California resident or this CCPA Notice does not otherwise apply to you, please refer to our Privacy Policy for more information about how Global Aerospace handles personal information.

We collect information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”).  The charts below include information collected for ‎various types of individuals, such as our customers, employees, and others.  As a result, not all ‎the categories of collected personal information described below may be applicable to you.

1. Key Terms. For the purposes of this Privacy Policy:

We, Us, Our, Company, or Global AerospaceGlobal Aerospace, Inc., its affiliates, and its subsidiaries
Our RepresentativesRosa Ortiz, Assistant General Counsel
Kerry Roach, General Counsel
Our Contact InformationOffice of General Counsel
Global Aerospace, Inc.
115 Tabor Road, Suite 3A
Morris Plains, NJ 07950
Email: Privacy@global-aero.com
Telephone: (833) 367-4386 (toll free)
Personal informationAs defined by CPRA, any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
Sensitive personal informationAs defined by CPRA, personal information that reveals:
(A) A consumer’s social security, driver’s license, state identification card, or passport number.
(B) A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
(C) A consumer’s precise geolocation.
(D) A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership.
(E) The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication.
(F) A consumer’s genetic data.
(G) The processing of biometric information for the purpose of uniquely identifying a consumer.
(H) Personal information collected and analyzed concerning a consumer’s health.
(I) Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.
(J) Sensitive personal information that is “publicly available,” as such is defined by CPRA, shall not be considered sensitive personal information or personal information.
Biometric InformationAs defined by CPRA, an individual’s physiological, biological, or behavioral characteristics, including information pertaining to an individual’s deoxyribonucleic acid (DNA), that is used or is intended to be used singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes, but is not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
Publicly Available InformationAs defined by CPRA, information that is lawfully made available from federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the general public by the consumer or from widely distributed media; or information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge.

Within the last twelve (12) months, we may have collected the following categories of personal ‎information from the sources identified below for the business and commercial purposes ‎indicated below. Within the last twelve (12) months, we may have disclosed such categories of personal information ‎to the specified categories of recipients listed in the charts below. Please note that our collection, use and disclosure of Personal Information about you will vary depending upon the circumstances and the nature of our interactions or relationship with you.

2. Categories of Personal Information We Collect.

The following identifies the categories of Personal Information we may have collected about you in the preceding 12 months, and the categories of Personal Information that we may collect about you:

Categories of Personal Information Examples of the Specific Types of Personal Information
A. IdentifiersA real name, alias, postal address, unique personal identifier, online identifiers (including device IDs and cookie data), Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
B. Personal information categories as listed in Cal. Civ. Code s1798.80(e)A name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. (Some personal information included in this category may overlap with other categories).
C. Characteristics of protected classifications under California or federal lawAge (40 years or older), race, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status.
D. Commercial informationRecords of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric informationFaceprints, voiceprints, health, or exercise data
F. Internet or other electronic network activity informationBrowsing history, search history, and information regarding a consumer’s interaction with our internet, website, portal, application, and/or advertisements.
G. Geolocation dataInformation regarding physical location or movement
H. Audio, electronic, visual, thermal, olfactory, or similar informationAudio, electronic, visual, thermal, olfactory, or similar information, such as audio information including call recordings, video, photographs, recorded meetings and webinars, and CCTV footage to secure our offices and premises.
I. Professional or employment-related informationOccupation, title, employer information, current or past job history or performance evaluations.
J. Non-public education information as defined by the Family Educational Rights and Privacy Act (FERPA)Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences and PreferencesInferences or preferences drawn from any of the information identified above (but not including sensitive personal information) to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
L. Sensitive Personal InformationSocial security, driver’s license, state identification or passport numbers; account log-in, financial account, debit or credit card number in combination with any required security or access code, password or credentials allowing access to an account; precise geolocation data; racial or ethnic origin, religious or philosophical beliefs or union membership, content of mail, email and text messages unless business is the intended recipient; genetic data; processing of biometric information for the purposes of uniquely identifying a consumer; personal information collected and analyzed concerning your health, sex life, or sexual orientation.

3. Sources of Personal Information.

The following identifies the sources from which we may have collected Personal Information about you in the preceding 12 months, and the sources from which we may collect Personal Information about you:

Category of Personal InformationSources
All Categories
  • Directly from you and/or your authorized representative, and/or indirectly, and/or automatically
  • Global Aerospace affiliated companies and subsidiaries
  • Our service providers, vendors, clients, partners, and others
  • Publicly available sources
  • Background checks and screening tools
  • Government authorities
  • Other parties with your consent
  • Our IT systems

4. Why We Use Personal Information.

The following identifies the commercial or business purposes for which we may have collected Personal Information about you in the preceding 12 months, and the commercial or business purposes for which we may collect Personal Information about you:

Category of Personal InformationPurposes
All Categories
  • Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
  • Helping to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for these purposes;
  • Debugging to identify and repair errors that impair existing intended functionality;
  • Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business, provided the consumer’s personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business;
  • Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business or service provider;
  • Providing advertising and marketing services, except for cross-context behavioral advertising, to the consumer;
  • Undertaking internal research for technological development and demonstration;
  • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business;
  • To comply with our legal and regulatory obligations;
  • For the performance of our contract with you or to take steps at your request before entering into a contract;
  • Where you have given consent;
  • For our legitimate interests or those of a third party, including, but not limited to:
    • To operate, manage, and maintain our business, such as to make insurance decisions, communicate with you and others as part of our business, provide our products and services, and maintain records;
    • For the performance of our contractual obligations;
    • To underwrite, issue, maintain, renew, cancel, or terminate insurance policies, bonds or warranty products, obtain reinsurance, and communicate information to you throughout this process;
    • To process, adjust, and administer claims under an insurance policy, bond, or warranty contract and to communicate with you throughout the process;
    • To collect premium payment, collect purchase payments, collect reinsurance proceeds, purchase reinsurance, pay insurance claims, pay third-party service providers and other payees, and to make other business-related payments;
    • To fulfill or meet the reason you provided the information; to respond to your inquiries, including to investigate and address your concerns; and to monitor and improve our response(s);
    • For vendor management;
    • To respond to law enforcement, regulatory, or other legal requests; to prevent and detect fraud, to comply with legal, regulatory, or contractual obligations; to comply with internal policies and procedures; to respond to and resolve complaints (including consumer complaints); for financial, claim, or other audits; to establish and defend Global Aerospace’s legal rights and as necessary or appropriate to protect the rights, property or safety of our clients or others;
    • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us is among the assets transferred;
    • For other internal business operations, such as to service your account, to manage commercial risk, and for quality assurance measures, safety assurance measures, to develop and improve our products, audit customer interactions, resolve complaints, and evaluate customer service;
    • To provide you with the services that you request, such as by completing transactions, or providing a quote for one of our products;
    • To administer insurance claims;
    • To track transactions
    • To provide you with alerts or other notices, concerning our products, services, payments, events, or news that may be of interest to you; and to communicate important information regarding our policies, terms and conditions and other administrative information;
    • To communicate with you;
    • To respond to your inquiries;
    • To create, maintain, customize, and secure accounts with us;
    • for security purposes, such as to maintain our facilities and infrastructure, protect against malicious, deceptive, or fraudulent activity, and conduct internal investigations;
    • for monitoring purposes, such as to establish the existence of facts, maintain compliance with regulatory or self-regulatory practices, or for other purposes permissible under applicable law;
    • to operate, maintain and improve our websites and other online services or applications;
    • to perform other necessary and appropriate internal functions, such as accounting and auditing;
    • to conduct research, analytics, and data analysis, and for marketing purposes, in accordance with applicable law; and
    • For Human Resource purposes, including but not limited to, communication with Personnel, to keep track of records related to our relationship with Personnel, too evaluate applicants for employment, to obtain background checks, to allow Personnel to clock-in or clock-out, to allow Personnel physical access to our premises, and to ensure Personnel compliance with our policies and procedures.‎‎*

*Sensitive Personal Information: Notwithstanding the Purposes described above, we do not collect, use, or disclose “sensitive personal information” beyond the purposes authorized by the CCPA. Accordingly, we only use and disclose sensitive personal information as reasonably necessary and proportionate: (1) To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services, (2) To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information, (3) To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions, (4) To ensure the physical safety of natural persons, (5) For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business, provided that the personal information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business, (6) To perform services on behalf of the business, (7) To verify or maintain the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by the business, and (8) To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about a consumer. ‎

5. Disclosure of Personal Information.

The following identifies the category of recipients to whom we may have disclosed Personal Information about you in the preceding 12 months, and to whom we may disclose Personal Information about you:

Category of Personal InformationCategories of Recipients
All Categories
  • Affiliates and subsidiaries
  • Service providers, vendors, partners, and others with which you or we maintain a relationship regarding your services or products, including software providers
  • Advisors, accountants, auditors, representatives, underwriters, actuaries, claims handlers, investigators, surveyors, loss adjustors/assessors, specialist risk advisors, pension providers or trustees, financial institutions, and other fiduciaries, and consultants
  • Agents, legal advisors, brokers, adjusters, claims administrators, insurance support organizations, insurers, reinsurers, industry bodies, and other insurance companies, financial institutions, consultants, and other parties
  • Fraud prevention/detection agencies, regulators, government entities, tax entities, and law enforcement
  • Others as required by law or as authorized by you

6. No Sales or Sharing of Personal Information.

We do not sell personal information for monetary or other consideration and we do not share your personal information for cross-context behavioral advertising (as defined by CPRA). We do not knowingly collect personal information from children under 16. We have also not sold or shared the personal information of consumers under 16 years of age.

7. How Long Personal Information Will Be Kept.

We retain the Personal Information we collect only as reasonably necessary for the purposes described in this policy or otherwise disclosed to you at the time of collection. We will retain certain Personal Information for as long as it is necessary pursuant to our records retention guidelines. Our records retention guidelines are based on our legal or business needs including but not limited to the following criteria: legal and regulatory obligations and requirements; contractual requirements owed to you or to third parties; operational, fiscal, administrative or historical value to business operations; the duration of our business relationship with you, your employer or another related entity; the possibility of future complaints; whether the record is part of an insurance or reinsurance transaction or claim file; audits; investigations or litigation or the possibility of these; the possibility of future insurance or reinsurance claim activity; whether the documentation is needed for processing of financial records; statutes of limitations; health and safety requirements; tax requirements; personnel requirements; corporate governance requirements; and record-keeping requirements. Different retention periods apply for different types of personal information.

8. Your Privacy Rights.

The following rights are provided by the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA), to be exercised free of charge. Your rights under the CPRA may include:

Right to Know: You have the right to request to know the following information about our practices over the past 12 months: (i) the categories of personal information we collected about you; (ii) the categories of sources from which we collected the personal information about you; (iii) the categories of third parties with whom we shared personal information, (iv) the categories of personal information we sold or disclosed about you and the categories of third parties to whom we sold or disclosed that particular category of personal information; (v) our business or commercial purpose for collecting or selling your personal information; and (vi) the specific pieces of personal information we collected about you. You may exercise your right to request to know twice a year. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Right to Delete: You have the right to request that we delete the personal information that we have collected from you. You should be aware, however, that California law allows us to retain your personal information under certain conditions, even if you have asked us to delete it, such as if we need to retain your personal information to comply with our legal obligations or if retaining the information is necessary to complete a transaction for which your personal information was collected. If we deny your request to delete, then we will let you know the reason why. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Right to Correct: You have the right to request that we correct any inaccurate personal information that we have collected from you either directly or indirectly. We will instruct all service providers and contractors that maintain your personal data to make the necessary corrections in their respective systems. Service providers and contractors shall comply with the business’s instructions to correct the personal information or enable the business to make the corrections. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Right to Opt-Out of Sale or Sharing of Personal Information: If a business “sells” or “shares” Personal Information as those terms are defined under the CPPA, you have the right to opt-out of the sale or sharing of your Personal Information. As explained herein, we do not and will not sell or share your Personal Information. We do not “sell” your Personal Information under the CPPRA because we do not disclose Personal Information to a third party for monetary or other valuable consideration. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Right to Limit Use and Disclosure of Sensitive Personal Information: We do not use or disclose sensitive personal information other than for the limited purposes permitted under the CPRA and, as such, are not required to offer a consumer a right to limit its use. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Right to Non-Discrimination: If you choose to exercise any of these rights, we will not discriminate against you in any way. See below for additional details about how to submit a consumer request or to contact us with questions about this Privacy Policy.

Submitting Consumer Requests You may submit a consumer request to us by email at ‎Privacy@global-aero.com, or by phone at (833) 367-4386 (toll free) to make a consumer request. You may make up to two disclosure requests in any 12-month period, free of charge. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. Making a verifiable consumer request does not require you to create an account with us.

Verification. Before responding to your request, we must first verify your identity using the Personal Information you recently provided to us. The information we need to verify your identity differs depending on the request made and our relationship with you and might include (as applicable) your name, the email address you regularly use to interact with us, your phone number, your date of birth, and, if available, your policy number. We will take steps to verify your request by matching the information provided by you with the information we have in our records. In some cases, we may request additional information to verify your identity, or where necessary to process your request. If we are unable to verify your identity or authority to make the request and confirm the personal information relates to you after a good faith attempt, we may deny the request and, if so, will explain the basis for the denial.

Authorized Agent. You may designate someone as an authorized agent to submit requests and act on your behalf. To use an authorized agent, you will need to provide (i) written instructions to your agent, and verify your identity to us, or (ii) provide a valid power of attorney. We reserve the right to (1) request additional information if needed for verification, as reasonable, (2) reject authorized agents who have not fulfilled the above requirements, or (3) reject automated CCPA requests where we have reason to believe the security of the requestor’s personal information may be at risk.

Contact Us. If you have any questions or comments about this section of the Privacy Policy, the ways in which we collect and use your Personal Information, your choices, and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us by:

Email: Privacy@global-aero.com
Telephone: (833) 367-4386 (toll free)

Or if by mail to
Attention: Office of General Counsel
Global Aerospace, Inc.
115 Tabor Road, Suite 3A
Morris Plains, NJ 07950