CAE Technology Services Limited, Customer Data Privacy Notice
CAE Technology Services Limited (“CAE”) respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you
It’s likely that we’ll need to update this privacy notice from time to time. Please check this page regularly for changes to this notice.
This version was last updated on 21st May 2018.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
CAE will be known as the ‘Data Processor’ and the Customer will be known as the ‘Data Controller’ of the personal data the Customer provides to us.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact, Preference and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
We will only use your personal data when the law allows us to. We only use your personal data in the following circumstances:
where you have provided consent
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and we are unable to process your personal data, we may not be able to perform the contract we have or are trying to enter into with you or it may suffer a degradation in service (for example, to provide you with goods or services). In this case, we will notify you at the time.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we share basic contact information with equipment vendors it may involve transferring such information outside of the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
This is expected to be for the period a customer has a valid contract with CAE and for a further six years afterwards in order to comply with UK tax law and the statute of limitations.
You have a right to access data, to rectify, erase (where the legal basis for processing allows) and restrict personal data, to object to processing, to request a transfer of data to a third party, and, if processing is based on consent, to withdraw consent.
For all queries regarding your data please contact us either by:
Email at: email@example.com
Post at: The Privacy Office, CAE House, Colonial Way, Watford, Herts, WD24 4PT
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.