Auditor Privacy Policy
This privacy policy will explain how ASD-CERT uses the personal data we collect from you. This privacy policy has been drafted to comply with the General Data Protection Regulation, entered in application in May 2018.
What data do we collect?
ASD-CERT collects the following personal data:
- Personal identification information (Name, professional email address, professional address, phone number, professional background, studies, etc.)
- Information related to professional environment (Employer’s name, daily rate/salary)
- Location during a qualification mission
How do we collect your data?
You directly provide ASD-CERT with most of the data we collect. We collect data and process data when you:
- Register online and apply for an auditor position
- Perform a qualification mission
How will we use your data?
ASD-CERT collects your data so that we can:
- Process your application as auditor
- From time to time, to ensure their level is still in line with ASD-CERT requirements, review your competencies
- Process and record the qualification missions
- Ensure the whole data set of each qualification is complete in case of a qualification quality issue
- Resolve any issue related to the qualification missions
- Raise purchase orders for the qualification missions
To which entity might be transferred your personal data?
Your personal data is processed by the Secretariat General of ASD-CERT. However, to fulfil the purposes mentioned above, ASD-CERT may transfer the collected personal data to its accountant, financial auditor or website provider.
For the sake of guaranteeing your personal data and in strict compliance with GDPR, ASD-CERT does not transfer your data outside of the European Union.
How do we store your data?
ASD-CERT securely stores your data on BNAE’s server and on ASD-CERT website.
The data stored on BNAE’s server is located in a restricted area, whose access is only permitted to ASD-CERT Secretariat General. BNAE’s director and BNAE IT provider are granted access to this area only in case of emergency, in the framework of the service agreement signed between ASD-CERT and BNAE.
The data stored on the website is accessible only to those parties necessary to develop, support, maintain and publish it:
- the Secretariat General,
- representatives of ASD-CERT members,
- the website management company which works as if a member of ASD-CERT,
- including when storing mirrored copies of the website/pages/databases
- on its own secure servers for internal development or external testing,
- the website hosting company, SiteGround, under their Data Processing Agreement
ASD-CERT will keep your personal identification information and mobility information for the whole life of the aeronautical programme for which you have performed a qualification. Once this time period has expired, we will archive your data.
What are your data protection rights?
ASD-CERT would like to make sure you are fully aware of all of your data protection rights. You are entitled to the following:
The right to access – You have the right to request ASD-CERT for copies of your personal data.
The right to rectification – You have the right to request that ASD-CERT correct any information you believe is inaccurate. You also have the right to request ASD-CERT to complete the information you believe is incomplete.
The right to erasure – You have the right to request that ASD-CERT erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that ASD-CERT restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to ASD-CERT’s processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that ASD-CERT transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at secretariat.general@asd-cert.org or call us at +33 1 47 65 70 18.
Changes to our privacy policy
ASD-CERT keeps its privacy policy under regular review. This privacy policy was last updated on 1st August 2019.
How to contact us
If you have any questions about ASD-CERT’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at secretariat.general@asd-cert.org or call us at +33 1 47 65 70 18.
How to contact the appropriate authority
Should you wish to report a complaint or if you feel that ASD-CERT has not addressed your concern in a satisfactory manner, you may contact the Data Protection Authority.
Email: contact@adp-gba.be
Address:
Autorité de protection des données
Rue de la presse 35
1000
Bruxelles
Belgium