Policy

Shareholder and UBO Data Privacy Notice

Processes such personal data in its capacity as a data controller for the provisions of the General Data Protection Regulation (EU) 2016/679) (“GDPR“), and determines how and why your personal data will be processed.

SHAREHOLDER AND UBO DATA PRIVACY NOTICE

This Privacy Notice describes how AVIA SOLUTIONS GROUP (ASG) PLC (hereinafter “we”, “us”, “the Company”) collects and processes certain personal data provided by you or on your behalf from third parties, (e.g., share registrars and brokers), and which relates to you as an individual shareholder of the Company or an ultimate owner (also called ultimate beneficiary, owner beneficial owner, UBO) of it or its direct shareholders. The personal data processed in this fashion could also relate to you if you are an officer, legal representative, UBO or director of a corporate shareholder of the Company.

The Company processes such personal data in its capacity as a data controller for the provisions of the General Data Protection Regulation (EU) 2016/679) (hereinafter “GDPR“), and determines how and why your personal data will be processed.

The purpose of this Privacy Notice is to provide you with more information in relation to the processing of your personal data, and your rights in connection with that personal data.

1. OUR CONTACT DETAILS

AVIA SOLUTIONS GROUP (ASG) PLC, legal entity code: 727348, address: Building 9, Vantage West, Central Park, Dublin, D18 FT0C, Ireland, phone number: +44 2080899777, email: [email protected].

The Company is part of the Avia Solutions Group of companies.

2. WHAT PERSONAL DATA IS PROCESSED?​

The Company collects certain personal data of its registered individual shareholders or ultimate beneficial owners, also personal data of officers or directors of corporate shareholders of the Company, which may include the following types of data:

  • Contact information such as your name, title, home address, email address, contact details in other videoconferencing platforms (e.g. Skype, Zoom, etc.) and telephone number(s), bank account details;
  • Identity information such as identity number, tax number, date of birth, or copy of an identity document (may include your signature and image), signature;
  • Shareholder information regarding your shareholding (number of shares and any notes/information to be linked to that shareholding according to law, structure of shareholding).
  • Data from any communication between you and the Company, including data in minutes of board meetings and general meetings (including your voice and / or image captured during general meetings, organized online) and respective decisions.
  • General meetings information - in connection with general meetings the personal data is used for registration, drawing up of voting lists and, where applicable, minutes of the general meeting.

3. HOW WE WILL USE YOUR PERSONAL DATA?

The personal data we collect will be held and processed for the following purposes:

The legal basis for doing so

To manage your shareholder interest in Company

  • Where necessary to comply with the law
  • Where necessary to manage your shareholder rights and our obligations to you as a shareholder in accordance with the Articles of Association of the Company and applicable laws
  • It is in our legitimate interests to make sure that the services provided to you as a shareholder are well managed in accordance with applicable laws and regulations

To check your identity and the validity of documents in order to keep the shareholder register up-to-date

  • Where necessary to manage your shareholder rights and our obligations to you as a shareholder in accordance with our Articles of Association and applicable laws
  • Where necessary to comply with the law
  • It is in our legitimate interests to check your identity and the validity of your documents so we can protect our business and keep to laws that apply to us

To check your identity and the validity of documents in order to be compliant with anti-money laundering and counter terrorist financing regulations. Also providing information for know your customer (or similar) procedures at the request of third parties (e.g. banks, stock exchanges, etc.)

  • Where necessary to comply with the law
  • It is in our legitimate interests to check your identity and the validity of your documents so we can protect our business and keep to laws that apply to us
  • It is in our legitimate interests to check your identity and the validity of your documents and provide your personal data to the certain third persons so we can start or maintain dealing with other businesses (e.g. banks, our service providers and agents (legal, accounting, etc.), who are subjects to AML and CTF regulation

To allow you to exercise your rights as a shareholder in accordance with our Articles of Association and applicable laws

  • Where necessary to comply with the law
  • Where necessary to manage your shareholder rights and our obligations to you as a shareholder in accordance with our Articles of Association and applicable laws

To communicate with you about shareholder related information for legal, regulatory and servicing purposes. This includes information on shareholder payments, shareholder resolutions, the annual report and accounts, Notice of our Annual General Meeting and any other relevant information that relates to your shareholding in the Company

  • Where necessary to manage your shareholder rights and our obligations to you as a shareholder in accordance with our Articles of Association and applicable laws
  • Where necessary to comply with the law

To meet responsibilities we have to the tax authority, law enforcement, or otherwise meet our legal responsibilities

  • Where necessary to comply with the law

To identify, issue or resolve legal claims

  • It is in our legitimate interests to process your personal data so we can respond to any complaints or challenges from you or others which might be raised later. We will also retain personal data if we reasonably believe there is a prospect of litigation.

4. HOW LONG DO WE STORE YOUR PERSONAL DATA?​

Personal data is only processed for as long as it is necessary in order to fulfil the purpose of the processing, or as long as the Company is required to store such data by law. The data is erased when you cease to be a shareholder in the Company. However, as mentioned, certain data is stored for a longer period of time when required by law, including company, securities and tax legislation.

5. TO WHOM DO WE DISCLOSE YOUR PERSONAL DATA?​

Your personal data may be disclosed to a third party if required by law, regulations or an official decision by a relevant authority or who work with us to help deliver our services, in order to fulfil our legal obligations or at your request, under the following circumstances:

  • other members of Avia Solutions Group as necessary to operate our business (for example, for internal reporting and where those companies provide services to us);
  • our service providers and agents (including their sub-contractors);
  • your advisers (such as lawyers and other professional advisers) who you have authorised to represent you, or any other person you have told us is authorised to give instructions on your behalf (such as under a power of attorney);
  • the legal authorities;
  • any third party after a restructure, sale or acquisition of any company, as long as that person uses your
  • information for the same purposes you originally provided it for;
  • anyone we transfer or delegate our rights or obligations to, as allows under terms and conditions of any agreement you have with us (e.g. if we transfer the management of our share register to another service provider).

6. INTERNATIONAL TRANSFERS

In some circumstances the Company may transfer your personal data to third parties or group companies in a country (including your country of residence) other than the country in which the data was collected. When we transfer your personal data to a different country, we will take steps to ensure that such data transfers comply with applicable laws.  For example, if we transfer personal data from the European Economic Area (EEA) to a country outside it, we will implement an appropriate or suitable data transfer safeguards and the means or taking other measures to provide an adequate level of protection under EU law.

7. YOUR DATA PROTECTION RIGHTS​

We guarantee the implementation of these rights and the provision of any related information at your request or in case of your query:

  • Your right of access - You have the right to ask us for copies of your personal information.
  • Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

If you consider that our processing of your personal data does not comply with the Data Protection legislation, you are also entitled to lodge a complaint with the Supervisory authority (https://edpb.europa.eu/about-edpb/board/members_en).

You have legal rights under data protection laws in relation to your personal data. We may ask you for proof of identity when making a request to exercise any of these rights. We do this to ensure we only disclose information where we know we are dealing with the right individual for ensuring the rights of data subject.

We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.

We aim to respond to all valid data subject’s requests regarding processing of it’s personal data within one month. It may however take us longer if the request is complicated or you have made several requests. To speed up our response, we may ask you to provide more detail about what you want to receive or are concerned about.

We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, if it falls within inside dealing limitations, restrictions by law or if we are otherwise legally entitled to deal with the request in a different way.

8. DATA PROTECTION OFFICER​

Our Data Protection Officer helps us to ensure how we protect your personal data and comply with GDPR and other data protection legislation.

If you have any questions about our Privacy Notice or if you would like more information on your rights, or want to exercise them, please contact our Data Protection Officer`s team by email:  [email protected]

9. UPDATES

We may change this Privacy Notice from time to time. We encourage you to review this Privacy Notice periodically.

The Privacy Notice was last updated on 28 December 2023.