Data Protection

IJM privacy policy

Controller: International Jet Management GmbH
Concorde Business Park 2/F14
2320 Schwechat
ÖSTERREICH
E-Mail: contact@ijm.at

Processed data: This company processes personal data from suppliers (low risk), from employees (medium risk) and from passengers and aircraft owners (medium risk), as well as from employees of data processors, service providers, institutional contact partners such as official authorities, handling agents, maintenance firms, aircraft and parts suppliers, insurers, catering firms, tax offices, etc.
Legal bases: The data are processed exclusively for the purposes of carrying out, safeguarding, improving and complying with obligations pursuant to the legal and economic environment in which the company carries on business. Data concerning data subjects that are relevant to performing services are protected appropriately according to the associated risk category and processing risk. New employees joining IJM and new partners in the value chain will be required to provide confirmation of their acknowledgement of the privacy policy.
Data are collected from employees based on legal obligations (payment of salaries and social security obligations) and, if their data is used on the company’s website or in other media (e.g. brochures), on corresponding declarations of consent.
Measures have been agreed (contracts, guarantees) with all organisations and persons involved in performance of the company’s services to ensure processing of personal data in accordance with the EU General Data Protection Regulation (GDPR).
Use of data: The data will be used exclusively for performance of the company’s services and fulfilment of legal obligations to government institutions and official authorities. Compliance with the GDPR is assured in all cases. All data processors who have or may have access to data concerning employees, suppliers and especially customers are bound by penalties to maintain secrecy and confidentiality in accordance with section 6 Datenschutzgesetz (Data Protection Act), and their compliance with the GDPR is ensured by corresponding contracts or guarantees.
When transferring data to tax advisers or bookkeepers, only the data necessary for performance of statutory tasks are transferred (without data that are not relevant to third parties, in particular any additional data that is only collected for internal purposes).
Storage period: This company stores personal data only for the period required for performance of the business purpose, unless legal regulations require retention of data for a longer period. (Federal Tax Code, provisions of aviation law, qualification testing, and in individual cases the controller’s overriding interest for reasons of liability or security).

Rights of the data subject: The data subject’s rights pursuant to articles 12-22 GDPR are assured with fulfilment of the obligation to provide information. This privacy policy makes reference to the data controller, legal basis for processing, purposes of processing, recipients and limitation of data storage periods. In particular, data subjects have the right to receive access to stored data within one month, and the right to any rectifications, amendments or erasure of data, and to withdraw their consent. They also have the right to data portability and to lodge a complaint with the data protection authority.