General Data Protection Regulation (GDPR)
EU 2016/679, April 27th;
Portugal – Law n. 58/2019, August 8th
OMNI Aviação, SGPS, S.A.
WHITE Airways, S.A.
OMNI Aviação e Tecnologia, S.A.
OMNI Aviation – Training Center, Ltd.
AEROMEC – Mecânica de Aeronaves, S.A.
OMNICONTROL – Serviços Partilhados, Ltd.
Emergência Médica Internacional, Ltd.
Cabo Verde Express, S.A.
All of the OMNI Group’s Companies (Group), recognizes the importance of Privacy and Protection of Personal Data, so our Policy reflect the application of the General Data Protection Regulation (GDPR), in force since May 25th, 2018, as well as all current legislation regarding Privacy and Security of Personal Data.
With this Policy, we want to let you know why we collect your Data, how we use them, what we do to keep them safe and what Rights you have over them.
WHAT IS PERSONAL DATA?
Personal Data means any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (data subject).
Any person who can be identified directly or indirectly, namely by reference to an identification OMNI AVIATION GROUP Rua Henrique Callado, n.º 4, piso 2, Edifício Orange – Leião, 2740-303 Porto Salvo, Portugal Tel. (+351) 21 219 457 560 | E-mail: [email protected] number or to more specific elements of his / her physical, physiological, mental, economic, cultural or social identity, shall be considered identifiable.
WHAT DATA IS COLLECTED?
Personal Data is collected at the time of your hiring or when necessary, through information directly provided by you, which is included in the following Data categories:
WHAT IS THE DATA INTENDED FOR?
These Personal Data are exclusively treated by the OMNI Group within the scope of the aforementioned lawfulness and only transmitted to the entities that the Group’s companies are obliged to communicate, such as state agencies, Banking and Insurance and regulators of the aeronautical sector. Under no circumstances, and in safeguarding the obligatory communications, does the Group share its data with any other entity.
WHAT RIGHTS ARE GUARANTEED TO YOU AND HOW CAN YOU EXERCISE THEM?
The OMNI Group guarantees you the possibility of exercising the Right:
a) To access the Data;
b) To the updating / rectification of Data;
c) To the Information;
d) And, in the cases to which it applies, the Right to:
d1) Oppose the treatment of the Data;
d3) Deleting the Data; and
d4) The portability of the transmitted Data.
To make use of your Rights, you should do it in writing, by e-mail or by lettering, using the contacts indicated below:
OMNI Group – Data Protection Officer
Rua Henrique Callado, nº 4,
2º andar, Leião 2740 – 303 Porto Salvo,
Portugal [email protected] If you’re under the impression the OMNI Group isn’t treating your Personal Data within the legal limits, you may complain to the Control Authority in Portugal – CNPD – Comissão Nacional de Proteção de Dados. The contact details may be consulted at www.cnpd.pt.
WHO CAN ACCESS YOUR DATA?
The access to your Personal Data is only allowed, apart from the holders themselves, to the Employees of the OMNI Group company, OMNICONTROL – Serviços Partilhados, Lda., who have direct responsibilities within the scope of Contractual Management (departments: Human Resources, Finance, Legal, IT), and within the framework strictly necessary for the OMNI AVIATION GROUP Rua Henrique Callado, n.º 4, piso 2, Edifício Orange – Leião, 2740-303 Porto Salvo, Portugal Tel. (+351) 21 219 457 560 | E-mail: [email protected] exercise of their functions. This does not compass, in any circumstance, the information regarding Personal Data that can be sold or commercialized to third parties.
FOR HOW LONG DO WE KEEP YOUR DATA?
These Personal Data will be kept for ten years after the termination of your contractual relationship with any of the OMNI Group’s Companies, except for those sent to official entities whose term is of twelve to twenty years.
HOW DO WE PROTECT YOUR DATA?
The OMNI Group ensures adequate technical and organizational measures, taking into account available technical expertise and the costs resulting from its application, to protect the Personal Data against the destruction, accidental or illicit, accidental lost, any change, diffusion or non-authorized access, thus seeking to ensure an adequate level of Security in relation to the risks that the treatment may present and the nature of the Data.