Privacy Statement
SMBC Aviation Capital ("we", "us" or "our") is committed to protecting and respecting your privacy. This Privacy Statement tells you about your privacy rights and sets out how we, as a Data Controller, collect and process personal data about:
- visitors to our website;
- individuals who apply for jobs through our website (including to our graduate programme);
- subscribers to or users of our investor services (in particular our Investor Portal);
- individuals who we communicate or interact with in the course of our business;
- individuals whose personal data is provided to us in connection with the provision of our services.
Our "website" includes this website. This statement also sets out information about data subject rights and our obligations under data protection law.
This Privacy Statement should be read in conjunction with our Cookie Policy.
This Privacy Statement should be read in conjunction with our Website Terms of Use which sets out how you are entitled to access and use our website and our Cookie Policy which sets out how we use cookies and similar technologies.
1. Information that we collect
There are instances where we invite or request individuals to provide us with their personal data, including through our website. In addition, individuals may volunteer their personal data to us by various means of communication, e.g. by telephone, email, post or via our website.
In providing our services, we may also receive personal data indirectly. Categories of such personal data include: names, addresses, contact information and other information that is relevant to the provision of our services. Where we carry out information searches and verify your identity then we may source information from external sources such as company registries, beneficial owner registries and credit registries.
We may collect and process the following categories of personal data from you, as described above:
- Names, address, telephone numbers, email addresses, employer, role, social media, photographs, video and other contact data;
- Data relating to your use of our Investor Portal;
- Personal data from the devices that you used to access our websites, as set out in our Cookie Policy;
- Identification data including passports, identification cards, visas, visa applications, driving licences, travel itineraries, signatures, shareholdings, directorships, academic background, powers of attorney and utility bills;
- Gifts and entertainments given and received from you or your company;
- Curriculum vitae, references and other data related to your application;
- Information obtained during business transactions and meetings.
2. How we use personal data we collect
We will only use your personal data for the purposes and legal bases set out in the table below.
Purpose(s) for Processing |
Legal Basis |
To register and create an account on our website and provide you with customer and/or investor services (e.g. through our Investor Portal) |
|
To manage our relationship with you and provide our services |
|
For the prevention and detection of fraud, money laundering or other crimes or for the purpose of responding to a binding request from a public or regulatory authority or court |
|
Compliance with our legal, regulatory and professional requirements |
|
Direct marketing about our services |
|
Managing and operating our website - to keep our website updated and relevant, to develop our business and to inform our marketing strategy |
|
Processing of job applications and graduate programme applications |
|
Transferring information to third parties, including to our own service providers |
|
Where personal data is required for a contractual purpose or to comply with legal and regulatory obligations then we may not be able to proceed with the service or transaction where the personal data is not provided. We will store your personal data only for as long as necessary for the purposes of providing access to our website and our services to you; as required by law; and for the exercise or defence of legal claims.
3. Disclosure of your information
We aim to limit access to personal data to only those who have a business need. We may disclose your personal data to:
- Any member within our group of related companies including subsidiaries, our parent companies and their subsidiaries;
- A third party who provides a service to us (including our Internet Service Provider who records data on our behalf and is bound by confidentiality provisions);
- A prospective seller or buyer of any of our business or assets;
- A third party where we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation, or in order to enforce or apply our Website Terms of Use and other agreements, or to protect the rights, property or safety of SMBC Aviation Capital, our customers, or others;
- A third party where it is necessary to protect the vital interests of the data subject or another natural person;
- A third party where necessary for our legitimate business interests to protect the rights, property, or safety of SMBC Aviation Capital, our customers, or others.
The transmission of information via the Internet is not completely secure and may involve the transfer of personal data to a third party outside of the European Economic Area (EEA). To the limited extent that it is necessary to transfer your personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data, including Standard Contractual Clauses under Article 46.2 of the GDPR, adequacy decision under Article 45, and the Privacy Shield mechanism. Please contact us if you wish to obtain information concerning such safeguards (see Contact Us below).
4. Links to other websites
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.
5. Your rights
You have the right to request access to, rectification, or erasure of your personal data, or restriction of processing or object to processing of your personal data, as well as the right to data portability. In each case, these rights are subject to restrictions as laid down by law. The following is a summary of your rights:
- The right of access enables you to receive a copy of your personal data;
- The right to rectification enables you to correct any inaccurate or incomplete personal data we hold about you;
- The right to erasure enables you to ask us to delete your personal data in certain circumstances;
- The right to restrict processing enables you to ask us to halt the processing of your personal data in certain circumstances;
- The right to object enables you to object to us processing your personal data on the basis of our legitimate interests (or those of a third party);
- The right to data portability enables you to request us to transmit personal data that you have provided to us, to a third party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible;
- You have the right to lodge a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR. If you are not happy with the way we are using your personal data or how we facilitate your rights or comply with our obligations under applicable data protection law, you have the right to make a complaint to the Data Protection Commission by emailing info@dataprotection.ie.
If you wish to exercise any of these rights, please contact us (see Contact Us below). We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may request proof of identification to verify your request. We have the right to refuse your request where there is a basis to do so in law, or if it is manifestly unfounded or excessive, or to the extent necessary for important objectives of public interest.
6. Security and where we store your personal data
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We have implemented strict internal guidelines to ensure that your privacy is safeguarded at every level of our organisation. We will continue to revise policies and implement additional security features as new technologies become available. Where we have given you a password which enables you to access certain parts of our website (i.e. the Investor Portal), you are responsible for keeping that password confidential. We ask you not to share your password with anyone.
Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our website. Any transmission of personal data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access or disclosure.
7. Changes to this Privacy Statement
We reserve the right to change this Privacy Statement from time to time at our sole discretion. If we make any changes, we will post those changes here and update the "Last Updated" date at the bottom of this Privacy Statement. However, if we make material changes to this Privacy Statement, we will notify you by means of a prominent notice on the website prior to the change becoming effective.Please review this Privacy Statement periodically for updates.
8. Contact Us
Questions, comments, requests and complaints regarding this Privacy Statement and the personal data we hold are welcome and should be addressed to dataprotection@smbc.aero or sent in writing to SMBC Aviation Capital, IFSC House, IFSC, Dublin 1, Ireland, D01R2P9. All requests will be dealt with promptly and efficiently.
Last Updated: 10 October 2019