Center for Aviation and Space Competence at University of St. Gallen
CH-9000 St. Gallen
T +41 71 224 25 00
Privacy statement of the CFAC-HSG
The CFAC respects your privacy. The CFAC strongly believes that any personal data provided to the CFAC by any means must be collected, used and stored in an adequate manner. In this privacy statement, the CFAC informs you of the manner in which personal data is collected and used as well as how you can amend your data or have it removed.
This privacy statement provides information for visitors to our website, creators of an CFAC account, purchasers of products or services, individuals submitting an application, proposal, blog post or other form of submission via the website or e-mail as well as participants/exhibitors at one of our events. If you do not agree with these terms or conditions, please refrain from using the website.
What personal data do we collect and how do we collect this data?
We only store personal data that is provided to us. This includes, but is not restricted to, all data provided when creating an CFAC account, requesting membership, registering for an event, making a purchase via the website or any kind of submission such as an application, proposal or blog post, by e-mail or fax, or during a telephone conversation or in person. This data includes, but is not limited to, personal data such as your name, job title, institution/company, e-mail address and business address as well as debit/credit card account information or other information required to process payments on your behalf.
Besides that, the device you use to access CFAC services may also share data with the CFAC, which is also considered to be personal data. You can control this sharing of data in your browser or device settings.
Purpose of use of your data
The CFAC processes your data in the following situations:
Creation and maintenance of an CFAC account:
To ensure the accuracy of collected and stored data.
To provide you with information regarding the CFAC activities and aviation related news.
To fulfil the obligations that the CFAC has to you as a contract party. For example, your membership of the CFAC obliges us to provide you with confirmation, a receipt, information on CFAC benefits, as well as events organised by, or on behalf of, the CFAC.
To process payments and provide proof of payment.
To create a membership directory to facilitate networking between members. Exclusion from this list is available on request.
From time-to-time to survey our members to improve our services.
Event registration and participation:
To process payments for services, events or products.
To create an event list of participants consisting of name, title, organisation, country and e-mail, which is shared with other attendees of the conference to facilitate networking. Exclusion from this list is available upon request.
To keep you updated on event registrations you have made as well as the results, eg certifications you have gained.
To request feedback on events you have attended in order to improve our events and training programs.
To produce certificates of attendance.
To aid in the acquisition of funding, at the request of the attendee.
To aid in a visa application, at the request of the attendee.
The CFAC can make and publish photos and/or films during CFAC events for the purposes of publicity, advertising, trade or promotional materials. You cannot derive any rights from this publication. Exclusion from being photographed is available upon request at the beginning of the event.
Purchase of products:
To process payment.
To fullfil our contractual obligations and deliver the product to you, either digitally via e-mail or physically through post.
To inform you of similar or related products that may be of interest to you.
Use of our website:
To analyse the use of the website and to gain insights in its usability. The CFAC constantly strives to improve the usability of our website. We, therefore, anonymously track your site use through Google Analytics. This service helps us to see how often our website is used, on which dates and times, on which locations and for how long. We also use additional third party software to analyse movement within webpages. Please note that in your browser and in your mobile device you can switch off the sharing of this data.
Who has access to your data and to whom is it disclosed?
Your personal data will primarily be accessible for employees of the CFAC. By creating an account or registering for membership or an event, your name, organisation job title, country and e-mail address may be visible within the restricted member platform of the website and on the event list of participants to facilitate networking between members or participants. Exclusion from this service is available on request. Further information relating to speakers, electoral candidates, and members of the CFAC leadership may also be visible. Information such as, but not limited to, photo, biography, personal statement and proposal submission content.
We only share your details with third parties for logistical purposes, under the guidance and control of the CFAC. Your data is never shared for the purpose of marketing to or contact by third parties for any services other than those offered by the CFAC.
Only when legally obliged to do so, we will provide your data to authorities, other parties, persons or supervisory bodies, in-line with GDPR regulations.
Although this situation is highly improbable, we might provide your personal data to third parties if and when we consider this necessary to recognise, to contact or to start legal procedures against persons or legal entities causing harm to you, the CFAC or other parties. Besides this, we have to furnish your personal data insofar as we are obliged to do so on a statutory basis.
How do we protect and safeguard your information?
The CFAC takes the storage and security of your data seriously. Our primary database is located onsite on our dedicated, secured server. Physical access is limited to staff essential for its maintenance. Remote access is secured through industry standard firewalls managed by our third party IT infrastructure provider. A back-up of this database, crucial in case of damage or hardware failure, is securely stored at an off-site data centre. It is uploaded via a secure encrypted connection, which is secured with fully redundant firewalls, and the data is stored in encrypted format. Physical access is limited to the provider’s employees essential for maintenance and support.
Besides the measures we have taken to safeguard your information, we strongly advise you to manage your personal data in a safe way. You are advised to protect your personal logon details from misuse or loss and to log off after using a network computer. Our system requires a password of no less than 7 characters that includes a combination of numbers, standard and special characters. CFAC staff are able to reset a password on request but are unable to see a ‘live’ password. We recommend using a unique password for your various online accounts.
Unfortunately, internet use cannot be completely secured. We, therefore, do not guarantee any aspect related to security or safeguarding of information you have provided us via a data connection.
How can you verif, modify or delete your data?
You have several rights regarding the processing of your personal data.
You have a right to request access, correction, deletion, the right to be forgotten, restriction of the use of your data, and, under circumstances, you have the right to object to the use of your data as well as the right to transfer your data to another organisation/provider.
You may contact us (see our contact details mentioned further up) to see the data we process on you. Within the rules of law, we will provide you with a detailed answer. You also have the right to correction or deletion of your data. You can manage this yourself by using your personal login to view or alter your personal data. You can also manage this in your profile or settings of your browser or mobile device.
You have the right to object to the use of your data for marketing purposes. We, however, shall not use your data in such a way. You can request that we provide your data to a third party in a machine readable and interoperable format. For example, to re-use your data with another provider. This is your right under law so we inform you and will comply within the mandatory timeframe as set out under GDPR guidelines. Please do not hesitate to contact us if you want to exercise any of your rights. If you think that we have unlawfully processed your data then we kindly request you to inform us.
How long do we keep your data?
We keep your personal data for as long as we consider this necessary to meet the objectives as mentioned. In order to comply with obligations pertaining to the CFAC financial records, CFAC user accounts containing any financial information cannot be deleted for 10 years, this is the timeframe set by law for audit purposes.
CFAC accounts with no financial information or other activity will be deleted after a period of inactivity of 2 years.
Are you obliged to provide us with your personal data?
When creating an account, requesting membership, registering for an event, making a submission or making a purchase, you are obliged to provide us with your personal data as it is not possible for us to provide our services without this data. It is your choice to create an account, register for any events/services, make a submission or make a purchase.
Can this privacy statement be modified?
Yes, we are authorised to modify or alter this privacy statement from time to time. An alteration or modification can result from unforeseen circumstances, future legislation or changed policies within the CFAC. We will inform you of such alterations or modifications on our website.
If you have any questions and/or remarks on this privacy statement, please let us know. You can contact us by sending a message to firstname.lastname@example.org.