Pilot Station Ltd GDPR Policy

Effective Date: 14/06/2023

1. Introduction

1.1 Purpose

This General Data Protection Regulation (GDPR) policy outlines the principles and procedures that Pilot Station Ltd follows to ensure compliance with the EU GDPR, which came into effect on May 25, 2018. This policy aims to protect the rights and privacy of individuals whose personal data Pilot Station Ltd processes.

1.2 Scope

This policy applies to all employees, contractors, and third-party vendors who process personal data on behalf of Pilot Station Ltd. It covers all personal data processing activities, regardless of the medium used (electronic, paper, or other formats).

2. Definitions

2.1 Personal Data: Any information relating to an identified or identifiable natural person (data subject), such as name, address, email address, phone number, or other identifiers.

2.2 Data Controller: Pilot Station Ltd, which determines the purposes and means of processing personal data.

2.3 Data Processor: Any entity or individual who processes personal data on behalf of Pilot Station Ltd.

2.4 Data Subject: The individual whose personal data is processed.

3. Principles of GDPR Compliance

3.1 Lawfulness, Fairness, and Transparency

• Personal data shall be processed lawfully, fairly, and transparently.
• Data subjects shall be informed of the purposes, lawful basis, and rights related to their data processing.

3.2 Purpose Limitation

• Personal data shall be collected for specified, explicit, and legitimate purposes.
• Data shall not be further processed in a manner incompatible with these purposes.

3.3 Data Minimization

• Pilot Station Ltd shall only collect and process data that is strictly necessary for the intended purpose.

3.4 Accuracy

• Pilot Station Ltd shall ensure that personal data is accurate and kept up to date.

3.5 Storage Limitation

• Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed.

3.6 Integrity and Confidentiality

• Pilot Station Ltd shall implement appropriate security measures to protect personal data from unauthorized access, disclosure, alteration, and destruction.

3.7 Accountability

• [Pilot Station Ltd shall demonstrate compliance with GDPR by maintaining records of processing activities and conducting data protection impact assessments where necessary.

4. Data Subject Rights

4.1 Right to Access

• Data subjects have the right to access their personal data held by Pilot Station Ltd.

4.2 Right to Rectification

• Data subjects have the right to request the correction of inaccurate or incomplete personal data.

4.3 Right to Erasure (Right to Be Forgotten)

• Data subjects have the right to request the deletion of their personal data under specific circumstances.

4.4 Right to Data Portability

• Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format.

4.5 Right to Object

• Data subjects can object to the processing of their personal data in certain situations.

5. Data Protection Officer (DPO)

• Pilot Station Ltd has appointed Data Protection Officers (Philip Bent and Stephen Chew) who are responsible for ensuring GDPR compliance, providing guidance, and serving as the point of contact for data subjects and supervisory authorities.

6. Data Breach Notification

• In the event of a data breach that poses a risk to the rights and freedoms of data subjects, Pilot Station Ltd will notify the relevant supervisory authority and affected data subjects as required by GDPR.

7. International Data Transfers

• Pilot Station Ltd will only transfer personal data outside the EU to countries or organizations that provide an adequate level of data protection, or with appropriate safeguards in place as required by GDPR.

8. Training and Awareness

• Pilot Station Ltd will provide GDPR training to employees and contractors to ensure awareness and understanding of GDPR principles and compliance requirements.

9. Review and Update

• This GDPR policy will be reviewed and updated regularly to ensure ongoing compliance with GDPR and changes in business practices.

10. Contact Information

• Data subjects may contact Pilot Station Ltd regarding any questions or concerns related to GDPR compliance using the following contact information: mpx@pilotagetools.com

11. Non-Compliance

• Non-compliance with this GDPR policy may result in disciplinary action, as well as potential legal consequences.

12. Conclusion

This GDPR policy is a fundamental part of Pilot Station Ltd’s commitment to protecting the privacy and data rights of individuals. All employees, contractors, and third-party vendors must adhere to this policy to ensure GDPR compliance.

Pilot Station Ltd.