Sustainable Development

Home > Privacy Policy

Privacy Policy

This privacy policy sets out how Hong Kong Aircraft Engineering Company Limited and its subsidiaries (“HAECO”, “us” or “we”) collect, store and handle Personal Data.

HAECO may change this privacy policy from time to time by updating this page. You should check this page from time to time to ensure that you are informed of any changes. We will take reasonable steps to inform you of changes that will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you.

1. Your privacy

HAECO is committed to protecting your Personal Data and will observe relevant legislation in the collection, use and maintenance of your personally identifiable information.

2. What information do we collect?

We may request information from you which may be used to identify you personally (“Personal Data”), including but not limited to:

  • Your personal information such as your name, gender, date of birth, nationality, passport or other personal identification number;
  • Your contact information such as your telephone number, mailing address or email address;
  • Your credit or debit card information and billing information;
  • The name of the aircraft owner or operator; and
  • Your business information such as company name, business title and associated contact information.

If certain Personal Data is requested in relation to specific services but not supplied by you, we may be unable to provide the services to you in whole or in part. We will notify you if this is the case at the time.

3. Use of cookies

We use the term 'cookies' to refer to all technologies which store and access information on the device that you use to access online services, such as your computer, tablet or mobile phone. A cookie is a small amount of data created in a computer when a person visits a website on a computer. It often includes a unique identifier, which can be used to identify a computer.

We use session cookies on our website and mobile applications. These are temporary cookies that allow us to link the actions of a user during a browser session. A browser session starts when you open the browser window and finishes when you close the browser window. Session cookies are created temporarily. Once you close the browser, all session cookies are deleted.

We also use third party cookies such as Google Analytics. These analytics services are provided by Google, Inc. ("Google"). Google Analytics uses cookies. The information generated by the cookie about your use of a website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators such as us and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. You may refuse the use of cookies by Google by selecting the appropriate settings on your browser, but please note that if you do this you may not be able to use the full functionality of our website. For more information on how Google collects and uses data, and how you can control the information Google collects, please visit the following website operated by Google:

https://policies.google.com/technologies/partner-sites

You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the features on our website and mobile applications if cookies have been disabled completely.

4. How we use your Personal Data

We may use the Personal Data you or third parties provide for one or more of the following purposes:

  • For the performance of a contract, including processing and administering your request of our services;
  • To contact you and for the supply of any services which we may offer to you or you may require from us from time to time including alerts by text message (SMS) and other forms of messaging;
  • Your credit or debit card information and billing information;
  • For identification and verification purposes in connection with any of the services that may be supplied to you;
  • For conducting and managing our business to enable us to give you the best services and the best and most secure experience;
  • To improve our services;
  • For marketing, promotional and customer relationship management purposes;
  • For the verification of credit card details with third parties to detect or prevent fraudulent transactions;
  • To provide urgent assistance;
  • For airport security purposes; and
  • Where we need to comply with a legal or regulatory obligation (please see section 9 below).

We will only use your Personal Data for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

To process your Personal Data as described above, HAECO relies on the following legal bases. In view of purposes A to D, we process your Personal Data where necessary for the performance of the contract we have with you. In view of purposes E to H, we rely on our legitimate business interests (or those of a third party) to, amongst others, provide and improve our services and to prevent fraud. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. For purpose I, we process your Personal Data where necessary in order to protect your vital interest or the vital interest of another individual. For purposes J to K, HAECO relies on this, where applicable, for compliance with its legal obligations.

Generally we do not rely on consent as a legal basis for processing your Personal Data. Where required by applicable law, we rely on consent in relation to sending third party direct marketing communications to you via email or text message (please see section 5 below). You may opt out from receiving marketing communications at any time, free of charge, by writing to us at the address below or by emailing us at dpo@haeco.com

Where special categories of Personal Data (this could include details about your race or ethnicity, religious beliefs and information about your health and genetic and biometric data etc.) are collected and processed to provide certain services to you, we will obtain your explicit consent to do so beforehand where required by applicable law.

5. Accessing your Personal Data

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us. You may request access to, or correction or deletion of, your Personal Data held by us or object to, or restrict further processing of your Personal Data. You also have the right to data portability. Where processing is based on your consent, you have the right to withdraw your consent at any time, which will not affect the lawfulness of any processing carried out before you withdraw your consent. Any such request must be in writing and sent to dpo@haeco.com or the following address:

The Data Protection Officer
Hong Kong Aircraft Engineering Company Limited
80 South Perimeter Road
Hong Kong International Airport, Lantau, Hong Kong

HAECO may, under certain circumstances as permitted by the applicable law (e.g. if your request is clearly unfounded, repetitive or excessive), charge a reasonable fee for the processing of any data access request. Alternatively, we may refuse to comply with your request in these circumstances and where we are not allowed to comply with your request according to applicable law.

You also have the right to lodge a complaint with a supervisory authority.

6. Links to other websites

Our website and mobile applications may contain links to other websites that are operated by third party companies with different privacy practices. You should remain alert when you leave our system and read the privacy statements of other websites. We have no control over Personal Data that you submit to or receive from these third parties.

7. Security

We are committed to ensuring that your Personal Data is secure. In order to prevent unauthorised access or disclosure, we have implemented appropriate physical, technical and administrative measures to safeguard and secure the Personal Data we collect. We have put in place procedures to deal with any suspected Personal Data breach and we will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Disclosure and transfer of Personal Data

We will not sell, distribute or lease your Personal Data to third parties except as indicated in this privacy policy.

For the purposes of providing the services requested by you, we may disclose and transfer Personal Data to certain companies who we consider appropriate.

The entities with whom we may share your Personal Data include but are not limited to:

  • any agent, contractor or third party service providers including hotels, catering or towing companies;
  • credit reference agencies;
  • credit or debit companies and/or banks; and
  • government or non-government authorities, agencies, and/or regulators.

We may disclose your Personal Data to relevant third parties, whether within or outside the EU, to provide our services to you, where we are required to do so by law, regulatory requirement or government or law enforcement authorities (such as immigration and customs control and/or border control agencies), or where we have otherwise requested and obtained your express consent. Please be advised that some jurisdictions offer less protection of Personal Data than that provided in the European Economic Area (EEA).

We will transfer your Personal Data in compliance with applicable data protection laws, including having adequate measures in place to protect your Personal Data where it is transferred internationally (e.g. by means of EU Model Clauses or data protection agreements). If you have questions or wish to obtain more information about the international transfer of your Personal Data or the implemented safeguards, please contact us as provided in this privacy policy.

If HAECO restructures or has a change in corporate control we may transfer your Personal Data to relevant parties.

9. Retention of data

All Personal Data that has been collected from you will only be stored for a limited duration that is relevant to the purpose for which it was processed and for as long as required by applicable law. When determining how long to retain Personal Data, we take into account the necessity of the Personal Data for the provision of our services, applicable laws and regulations and our legal obligations. We may retain Personal Data to investigate or defend against potential legal claims.

This Privacy Policy is written in English language and translated into Chinese. In the event of any inconsistency between the English version and the Chinese translated version of this Privacy Policy, the English version shall prevail.