1. Your privacy
HAECO is committed to protecting your Personal Data and will observe relevant legislation in the collection, use and maintenance of your personally identifiable information.
2. What information do we collect?
We may request information from you which may be used to identify you personally (“Personal Data”), including but not limited to:
- Your personal information such as your name, gender, date of birth, nationality, passport or other personal identification number;
- Your contact information such as your telephone number, mailing address or email address;
- Your credit or debit card information and billing information;
- The name of the aircraft owner or operator; and
- Your business information such as company name, business title and associated contact information.
If certain Personal Data is requested in relation to specific services but not supplied by you, we may be unable to provide the services to you in whole or in part. We will notify you if this is the case at the time.
We use the term 'cookies' to refer to all technologies which store and access information on the device that you use to access online services, such as your computer, tablet or mobile phone. A cookie is a small amount of data created in a computer when a person visits a website on a computer. It often includes a unique identifier, which can be used to identify a computer.
We use session cookies on our website and mobile applications. These are temporary cookies that allow us to link the actions of a user during a browser session. A browser session starts when you open the browser window and finishes when you close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.
You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the features on our website and mobile applications if cookies have been disabled completely.
4. How we use your Personal Data
We may use the Personal Data you or third parties provide for one or more of the following purposes:
- For the performance of a contract, including processing and administering your request of our services;
- To contact you and for the supply of any services which we may offer to you or you may require from us from time to time including alerts by text message (SMS) and other forms of messaging;
- Your credit or debit card information and billing information;
- For identification and verification purposes in connection with any of the services that may be supplied to you;
- For conducting and managing our business to enable us to give you the best services and the best and most secure experience;
- To improve our services;
- For marketing, promotional and customer relationship management purposes;
- For the verification of credit card details with third parties to detect or prevent fraudulent transactions;
- To provide urgent assistance;
- For airport security purposes; and
- Where we need to comply with a legal or regulatory obligation (please see section 9 below).
We will only use your Personal Data for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
To process your Personal Data as described above, HAECO relies on the following legal bases. In view of purposes A to D, we process your Personal Data where necessary for the performance of the contract we have with you. In view of purposes E to H, we rely on our legitimate business interests (or those of a third party) to, amongst others, provide and improve our services and to prevent fraud. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. For purpose I, we process your Personal Data where necessary in order to protect your vital interest or the vital interest of another individual. For purposes J to K, HAECO relies on this, where applicable, for compliance with its legal obligations.
Generally we do not rely on consent as a legal basis for processing your Personal Data. Where required by applicable law, we rely on consent in relation to sending third party direct marketing communications to you via email or text message (please see section 5 below). You may opt out from receiving marketing communications at any time, free of charge, by writing to us at the address below or by emailing us at firstname.lastname@example.org
Where special categories of Personal Data (this could include details about your race or ethnicity, religious beliefs and information about your health and genetic and biometric data etc.) are collected and processed to provide certain services to you, we will obtain your explicit consent to do so beforehand where required by applicable law.
5. Accessing your Personal Data
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us. You may request access to, or correction or deletion of, your Personal Data held by us or object to, or restrict further processing of your Personal Data. You also have the right to data portability. Where processing is based on your consent, you have the right to withdraw your consent at any time, which will not affect the lawfulness of any processing carried out before you withdraw your consent. Any such request must be in writing and sent to email@example.com or the following address:
The Data Protection Officer
Hong Kong Aircraft Engineering Company Limited
80 South Perimeter Road
Hong Kong International Airport, Lantau, Hong Kong
HAECO may, under certain circumstances as permitted by the applicable law (e.g. if your request is clearly unfounded, repetitive or excessive), charge a reasonable fee for the processing of any data access request. Alternatively, we may refuse to comply with your request in these circumstances and where we are not allowed to comply with your request according to applicable law.
You also have the right to lodge a complaint with a supervisory authority.
6. Links to other websites
Our website and mobile applications may contain links to other websites that are operated by third party companies with different privacy practices. You should remain alert when you leave our system and read the privacy statements of other websites. We have no control over Personal Data that you submit to or receive from these third parties.
We are committed to ensuring that your Personal Data is secure. In order to prevent unauthorised access or disclosure, we have implemented appropriate physical, technical and administrative measures to safeguard and secure the Personal Data we collect. We have put in place procedures to deal with any suspected Personal Data breach and we will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Disclosure and transfer of Personal Data
For the purposes of providing the services requested by you, we may disclose and transfer Personal Data to certain companies who we consider appropriate.
The entities with whom we may share your Personal Data include but are not limited to:
- any agent, contractor or third party service providers including hotels, catering or towing companies;
- credit reference agencies;
- credit or debit companies and/or banks; and
- government or non-government authorities, agencies, and/or regulators.
We may disclose your Personal Data to relevant third parties, whether within or outside the EU, to provide our services to you, where we are required to do so by law, regulatory requirement or government or law enforcement authorities (such as immigration and customs control and/or border control agencies), or where we have otherwise requested and obtained your express consent. Please be advised that some jurisdictions offer less protection of Personal Data than that provided in the European Economic Area (EEA).
If HAECO restructures or has a change in corporate control we may transfer your Personal Data to relevant parties.
9. Retention of data
All Personal Data that has been collected from you will only be stored for a limited duration that is relevant to the purpose for which it was processed and for as long as required by applicable law. When determining how long to retain Personal Data, we take into account the necessity of the Personal Data for the provision of our services, applicable laws and regulations and our legal obligations. We may retain Personal Data to investigate or defend against potential legal claims.