Nordic Regional Airlines (Norra) is committed to protecting and respecting your privacy. Norra follows all the applicable laws and regulations regarding privacy, as well as best practices relating to data protection. This Privacy Statement tells you about your privacy rights and sets out how we, as a Data Controller, collect and process personal data about:
- Visitors to our website
- People who we communicate or interact with in the course of our business
- People whose personal data is provided to us in connection with the provision of our services
Our “website” includes this website and our social media pages.
“Legal obligations” as a basis for processing your personal data refer to the obligations set forth by national and international aviation and transport law and regulations as well as recommendations from aviation and transport authorities throughout this Privacy Statement.
- Personal data that we collect
We may request individuals to provide us with their personal data, e.g. through our website. In addition, individuals may volunteer their personal data to us by various means of communication, e.g. by telephone, email or via our website.
In providing our services, we may also receive personal data from our partner airlines or other companies processing passenger data. Categories of such personal data include: names, addresses, contact information and other information that is necessary for providing our services.
- How we use the personal data we collect
We will only use your personal data for the following purposes (legal basis in parenthesis):
- Managing our relationship with you and providing our services (contract with you, complying with our legal obligations)
- Managing and operating our website and social media services (supporting our legitimate interests – you have the right to object at any time)
- Transferring information to third parties, including to our own service providers (complying with our legal obligations and protecting vital interests)
We will store your personal data only for as long as necessary for the legitimate purposes of processing personal data.
We may compile data on the usage, traffic volumes, transactions and other related statistics of our web sites and may process and analyse such data. We may also acquire statistical data from reputable third parties or disclose such data to them. Statistical data is anonym and cannot be de-compiled or reduced to personal data or other information regarding any person.
While you are browsing Norra Internet pages, we may send to your computer over the internet one or more small files known as cookies. Cookies contain information that allows us to identify the computer you are using and lets us know certain aspects of usage of our web sites by you. You will notice the presence of a cookie for instance when certain data that you have previously submitted to us, such as your address, is automatically completed in a field by your browser.
Your browser is likely to automatically accept cookies, but you may be able to configure your browser differently and cookies can be deleted from your computer if you so wish. Some of the services may not be available if your browser does not accept cookies or if they have been deleted. By using cookies and usage data, we hope to be able to develop our internet services according to your and our other customers’ preferences.
- Disclosure of your personal data
We may disclose your personal data to a third party:
- Where we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect the rights, property or safety of Norra, data subjects, or others
- Where it is necessary to protect the vital interests of the data subject or another natural person
We do not regularly transfer personal data to a third party outside of the European Economic Area (EEA). To the very limited extent that it is essential to transfer your personal data outside of the EEA, we will ensure that appropriate safeguards are in place to protect the privacy and integrity of such personal data, including Standard Contractual Clauses under Article 46.3 of the European Union General Data Protection Regulation (GDPR), adequacy decision under Article 45, and the Privacy Shield mechanism.
- Links to other websites
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and Norra does not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.
- Your rights
According to restrictions as laid down by law, you have the right to:
- Receive a copy of your personal data
- Correct any inaccurate or incomplete personal data we hold about you
- Ask us to delete your personal data in certain circumstances
- Ask us to halt the processing of your personal data in certain circumstances
- Object to us processing your personal data on the basis of our legitimate interests (or those of a third party)
- Request us to transmit personal data that you have provided to us, to a third party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible
- Lodge a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR.
If you wish to exercise any of these rights, please contact us (see Contact Us below). We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We may request proof of identification to verify your request.
- Data security
We are committed to protecting your personal data. We use security technologies and procedures to help protect your personal data from unauthorised access and use. We have implemented internal guidelines to ensure that your privacy is safeguarded at every level of our organisation. We will continue to revise policies and implement additional security features.
- Changes to this Privacy Statement
If we make any changes to this Privacy Statement, we will post those changes here and update the “Last Updated” date at the bottom of this Privacy Statement. Please review this Privacy Statement periodically for updates.
- Contact Us
Questions, comments, requests and complaints regarding this Privacy Statement and the personal data we hold are welcome and should be addressed to firstname.lastname@example.org or Norra Tietosuoja, Öljykuja 2, 01530 Vantaa.
Last updated November 1, 2018.
[i] Privacy Statement regarding the use of recruitment data is currently only in Finnish, since we require that job applicants master the Finnish language.
© Nordic Regional Airlines 2018