En date du 25.05.2018 une nouvelle législation européenne entre en vigueur concernant appelée General Data Protection Regulation (en abrégé GDPR). Cette législation décrit la gestion et la sécurisation des données personnelles de tous les citoyens européens.
ACE has developed a policy to demonstrate to auditors which kind of data we collect, the way we treat them and, most important, how we secure them.
1. Q: Why do you need to know my employer?
A: Because ACE is aimed to specific category of professionals in the field of aviation and international public service and this is something which is taken into account by the Board in evaluating the membership requests. Moreover, ACE is part of the EUROCONTROL AIPE aisbl, which imposes quota on non-EUROCONTROL staff
2. Q: Why do you need to know if I’m AIPE member?
A: Because the AIPE annual fee need to added to the ACE membership fee is case the applicant is not member.
3. Q: What do you do with the information such as employer and AIPE membership which are not needed by the FBVA?
A: Nothing, this is used only at the discussion of the Board deciding on the acceptance of the application and never stored, transmitted or retrieved henceforth.
4. Q: Do you store sensitive personal data on server / cloud other then the FBVA’s?
A: No, everything we have (basically the e-mail exchange) is kept offline.
5. Q: How do you ensure that your mailing list does not include all the member’s address?
A: We use a specific tool built in MS Office which create individual e-mails from the excel file we download from the FBVA db before sending it.
6. Q: Who has access to my data on the FBVA site?
A: This is dealt by the FBVA policy as far as third parts are involved (e.g. Marsh). At ACE, only selected people (i.e. the Board) have some rights of access. Security and eligibility are managed by the FBVA itself.