Last updated 28 March 2022.
We are committed to protecting your safety and privacy, and we take our responsibilities regarding the protection of personal information seriously.
Who we are
AviLabs is in the business of providing disruption management software and related services to airlines and develops, maintains, operates, and markets a flight monitoring and disruption handling software for the travel industry called Plan3. Therefore, AviLabs is the company behind the Plan3 product.
2. When AviLabs is a Data Processor/Service provider for its Customers
As mentioned above, AviLabs is in the business of providing disruption management software (called Plan3) and related services to airlines or travel companies. AviLabs is therefore a company who provides services to such companies – who are our customers. These companies may upload personal information to the Plan3 product in relation to their passengers or end users. In such cases, our customer is going to be the data controller of such personal data, while AviLabs will be the data processor. As such, AviLabs customers, not AviLabs itself, determine how and why personal data submitted to the Plan3 is used, either by or at the direction of such customers.
4. Personal data processed under this policy
Avilabs acts as a data processor with respect to any personal data comprised in the data uploaded to Plan3 by the customer.
5. Why we use personal data as a data processor
AviLabs uses the personal data to provide its services, mainly the Plan3 product, to its customers pursuant to the applicable data processing terms with those customers.
6. Disclosure of personal data
AviLabs does not disclose personal data uploaded to Plan3 to third parties except where permitted or requested by its applicable customer, or where required by law.
AviLabs does not sell, rent or lease personal data uploaded to Plan3.
AviLabs may disclose personal data uploaded to Plan3 to its contracted service providers so that they can provide AviLabs with services, such as IT, system administration and hosting, and customer support.
7. How long we keep personal data for
Our data retention depends on the data processing terms with our customers and their choices, type of personal data, purposes of its collection and processing, and applicable law.
8. Protecting personal data
We are committed to protecting the personal data we hold and we have implemented appropriate technical and organisational measures against unauthorised, accidental or unlawful access, loss, destruction or damage of such data. We use standard, industry-wide practices such as firewalls, encryption of data at rest and in transit, and (in certain areas) Secure Socket Layers (“SSL”) to protect such information.
In addition, we only allow access to our employees, agents, contractors or other parties who have a business need to know.
9. Your data protection rights
You have specific rights under the GDPR that allow you to understand and, to certain extent, control how your personal data is processed. You can obtain information about the applicable rights and how to exercise them from the relevant customer that is the data controller of your personal data.
Within the scope of our authorization to do so, AviLabs will work with its customers, the data controllers, to support them in providing their data subjects access to their personal data that AviLabs holds on behalf of its customers. AviLabs will also take steps to enable individuals, in connection with its customers, to correct, amend, or delete personal data that is demonstrated to be inaccurate.
If you have further questions about the collection, retention and use of your personal data, about your choices and rights regarding such collection, retention and use, or wish to exercise your rights under applicable law, you should contact the entity (e.g. the airline that serviced you) that is the data controller of your personal data, as the data controller may be in the best position to resolve your issue. If you decide to send us an enquiry related to the data controller, we will forward any such communications to our customer, provide you with contact information for the customer, and work with the customer to address your questions and/or facilitate your choices and rights as appropriate.
10. Updates to this Policy
11. Contact information
Questions or comments in relation to this Policy, and/or requests concerning your rights under GDPR, should all be directed to our Data Protection Officer in writing to the following email: email@example.com, or to our address: AviLabs ehf., Nóatúni 17, 105 Reykjavík, Iceland.