Our Commitment:
Civil Air Support is committed to protecting the privacy and security of personal data. We adhere to the principles of the General Data Protection Regulation (GDPR) in all our data processing activities. This statement outlines our approach to GDPR compliance and our commitment to ensuring the lawful, fair, and transparent processing of personal data.
Lawful Basis for Processing:
We process personal data based on one or more of the following lawful bases, as defined by GDPR:
Consent:
We obtain explicit consent from individuals before collecting and processing their data for specific purposes, such as the provision of our services or event participation. We ensure consent is freely given, specific, informed, and unambiguous.
Contract:
When necessary for fulfilling a contract with an individual (e.g., processing donations or providing services), we rely on the contractual basis for processing.
Legal Obligation:
We may process data to comply with legal obligations, such as reporting requirements or safeguarding regulations.
Legitimate Interests:
We may process data based on our legitimate interests, provided these interests are not overridden by the rights and freedoms of the individuals concerned. This includes activities such as fundraising, research, and improving our services.
Data Collection and Use:
We collect only the personal data that is necessary for the specific purposes for which it is intended.
We are transparent about why we collect data and how we use it. Our privacy policy details the types of data we collect, the purposes for which it is used, and who we might share it with.
We ensure that data is accurate, up-to-date, and kept for no longer than is necessary for the purposes for which it was collected.
Data Security:
We implement appropriate technical and organisational measures to protect personal data from unauthorised access, loss, or disclosure.
These measures include, but are not limited to, secure systems, encryption, access controls, and training on data protection.
We regularly review and update our security measures to ensure they remain effective.
Individual Rights:
We respect the rights of individuals under GDPR, including:
Right to access: Individuals can request access to their personal data held by us.
Right to rectification: Individuals can request that inaccurate or incomplete data be corrected.
Right to erasure: Individuals can request the deletion of their personal data in certain circumstances.
Right to restrict processing: Individuals can request that we limit the way we process their data.
Right to data portability: Individuals can request a copy of their data in a structured, commonly used, and machine-readable format.
Right to object: Individuals can object to the processing of their data in certain circumstances.
We have procedures in place to respond to requests from individuals regarding their personal data.
Accountability and Transparency:
We maintain records of our data processing activities and demonstrate our compliance with GDPR.
We have appointed a Data Protection Officer (DPO) to oversee our data protection efforts and ensure compliance.
We provide clear and accessible information about our data protection practices in our privacy notice.
Contact Us:
If you have any questions or concerns about our GDPR compliance, please contact our Data Protection Officer at admin@civilairsupport.com
Review and Updates:
This statement will be reviewed and updated regularly to reflect changes in legislation, best practices, and our data processing activities.
Civil Air Support 