The company NOLISE AERO (“AccessAir”), concerned about the rights of individuals, in particular with regard to automated processing and in a desire for transparency with its customers, has set up the present confidentiality policy covering all this processing, the purposes pursued by the latter as well as the means of action available to individuals so that they can best exercise their rights.
The Privacy Policy (hereinafter “the Policy”) is established in compliance with the following reference:
European Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, hereinafter referred to as “RGPD” ;
Law n°78-17 of January 6, 1978 on information, files and freedoms as amended, hereinafter referred to as “LIL” ;
Law n°2018-493 of 20 June 2018 relating to the protection of personal data.
Article 1 – Definitions
Chartering
means the operation by which AccessAir concludes, on behalf of a Customer, a contract of carriage with an Operator who is responsible for carrying out the Flight with the Aircraft
Customer
means the natural or legal person using the services of AccessAir to charter an Aircraft
Request for Quotation
means the Customer’s request for a Quote indicating the criteria for the desired Flight(s), sent to AccessAir under the conditions provided for in the General Terms and Conditions of Sale
Quote
means AccessAir’s proposal made in response to the Customer’s Request for Quotation, without this proposal being binding on AccessAir
Personal Data
or “Data
means any information relating to an identified or identifiable natural person (data subject); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to a name, an identification number or one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
Identifier
means the e-mail address or the user name and password chosen by the Customer at the time of registration.
Operator
means the legal entity proposing the Charter of its aircraft and being able to perform the flight(s), in accordance with the contract of carriage concluded with AccessAir according to the criteria of the Customer’s order
Passenger
means the persons benefiting from the Services provided by AccessAir.
Services
means all the services offered by AccessAir via its Internet site as defined in the General Terms and Conditions of Sale.
Article 2 – About AccessAir
2.1 NOLISEAERO is a Société par Actions Simplifiée Unipersonnelle (SASU) with a capital of 5,000 Euros, whose commercial name is AccessAir, registered in the Bobigny Trade and Companies Register under number 844 217 976, intra-community VAT: FR 42844217976, whose registered office is located 1-2 rue Henri Lossier – 93350 LE BOURGET.
It is represented by Emma Berkovits, in her capacity as President.
She can be contacted :
At the following email address: [marketing@accessairaero.com]
At the following telephone numbers: [+33 (0) 1 74 25 49 24]
2.2 AccessAir as a data controller:
The controller is defined by the GDPR, in Article 4.7, as the person who determines the purposes and means of the processing of Personal Data.
AccessAir has the status of data controller for all data processing related to the Services it offers, as well as the management of its Clients, from the first Request for Quotation.
For any request concerning the processing of Personal Data collected by AccessAir as data controller via the website https://fr.accessairaero.com/, Clients may contact the data controller via the following address [TO BE COMPLETED]
2.3 AccessAir as joint controller
The joint controller, as defined in Article 4.7 of the RGPD, is the person who determines jointly with another controller the purposes and means of processing the Personal Data collected.
AccessAir shall have the status of joint controller for all data processing relating to contracts of carriage which it enters into on behalf of the Customer with the Operator where they jointly collect Personal Data relating to the Customer for the performance of the Services under the Contract.
2.4 AccessAir as a subcontractor
A processor, as defined in Article 4.8 of the GDPR, is a person who processes Personal Data on behalf of, and under the authority and instructions of, a controller.
This Policy covers both data processing by Access Air in its capacity as controller or co- controller or as a processor.
Article 3 – Collection and origin of Data
As part of the provision of its Services, AccessAir collects Personal Data relating to its Customers. This data may come directly from the Customers, or may have been collected from Passengers.
The personal information that may be collected on the site is mainly used by AccessAir to manage relations with Customers and, where applicable, to process orders placed.
In all cases, Customers are informed of the purposes for which their data is collected by AccessAir via the various online data collection forms, in particular the Request for Quotation form, emails sent, notifications on the site, by SMS, by instant messages on the various AccessAir social networks, by telephone interviews, or via our Cookie Usage Charter.
Article 4 – Processed Data
AccessAir informs its Clients that it may process the following Data:
Data relating to your identity: title, surname, first name(s), company or personal address, telephone number, date of birth, e-mail addresses;
Data collected during the use of the Services: travel preferences, eating habits;
Data collected via cookies and other trackers on our site;
Payment data: payment methods used
Payment Data: payment methods, discounts, receipts, balances and outstanding payments, billing information
In any case, AccessAir undertakes to process all the Data collected in a manner that complies with the RGPD and the French Data Protection Act.
Article 5 – Uses/Purposes and legal basis for processing
The legal basis for the processing is the execution of the contract concluded between the Clients and AccessAir.
The purpose of the Personal Data collected from the Clients is to make the Services available on the site, to improve them and to maintain a secure environment.
The processing is necessary for the performance of the services provided for in the Charter Quotation and the contract concluded between the Customer and AccessAir on behalf of the Passenger(s).
More specifically, the uses are as follows:
The proper performance of AccessAir’s Services;
Customer management;
To carry out marketing operations;
Accounting management and related operations;
Proper access and use of the site;
Managing the operation and optimization of the site;
The implementation of a Customer assistance;
Verification, identification and authentication of the data transmitted by the Customers;
The management of the requests of rights resulting from the RGPD and the modified Data-processing law and Freedoms;
The personalization of services by displaying advertisements according to the browsing history of the Customer, according to his preferences;
The prevention and detection of fraud, malware (malicious software) and management of security incidents;
The management of possible disputes with customers;
Sending commercial and advertising information, according to the Customer’s preferences; organizing the conditions of use of the Payment Services.
Article 6 – Data retention period
AccessAir retains Customer Data only for as long as is necessary to provide the Services or support as described in Section 5, and in accordance with legal retention periods.
To the extent reasonably necessary or required to satisfy legal or regulatory obligations, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, AccessAir may also retain certain Customer Information, if necessary after the business relationship has ended.
Specifically:
For the proper operation and ongoing improvement of the site, its functionality and Services:
Data allowing the identification of Customers are kept for the duration of the commercial relationship.
Cookies and other commercial tracers according to the Charter of Use of cookies can be deposited on the terminal of the Customer with his consent, for a maximum duration of 13 months. After this period, the raw traffic data associated with an Identifier is either deleted or anonymized.
For Customer Management:
The Data used in the context of Customer relationship management are kept for the entire period necessary to execute the contract.
This Data is then archived for a period of 5 years for evidential purposes. Invoices and accounting data issued are kept for 10 years from their issue.
If no contract is concluded, the Data of a prospect is kept for a period of 3 years from the date of its collection or the last positive contact with AccessAir.
For marketing purposes:
Data used for marketing purposes are kept for a period of 3 years from the end of the commercial relationship as a Customer or from the last contact if it is a prospect.
If the Customer has not purchased Services from AccessAir or used his account for 27 months and the Customer has not subscribed to AccessAir’s newsletter, AccessAir will no longer retain the Customer’s Personal Data for marketing purposes.
For accounting management and related operations:
It is recalled that for payments by bank card, in accordance with Article L.133-24 of the Monetary and Financial Code, this data may be kept for the purpose of proof in the event of a possible dispute over the transaction or claim, in intermediate archives, for a period of 13 months following the date of debit (period extended to 15 months for deferred debit payment cards).
The accounting trace of payments is kept for a period of 10 years in intermediate archives as of the actual execution of the payment (cf. article L.123-22 of the Commercial Code).
Litigation and pre-litigation actions
As part of the management of a pre-litigation, the Data are deleted as soon as the dispute is settled amicably or, failing that, as soon as the corresponding legal action is time-barred.
The Data collected and processed in the context of a dispute must be deleted once the decision has become final.
For the management of requests for rights arising from the RGPD and the amended Data Protection Act:
The Data relating to the management of requests for rights are kept for the entire period necessary to process the request. They are then archived for the duration of the applicable prescription in intermediate archiving.
Article 7 – Clients’ rights
In accordance with the RGPD and the LIL, AccessAir’s Clients have the following rights:
Right of access and information (Article 15 RGPD): Clients may exercise their right of access and information to know the Data that concerns them;
Right of rectification (article 16 RGPD): Customers can ask for the update and the completeness of the Data which concern them if they are inaccurate;
Right to erasure of Personal Data (Article 17 RGPD): Customers may request the deletion of their Data when it is inaccurate, incomplete, equivocal, outdated, or when its collection, use, communication or storage is prohibited;
Right to limit processing (article 18): Customers may ask the site to limit the processing of Data when it is inaccurate, incomplete, equivocal, outdated, or when its collection, use, communication or storage is prohibited;
Right to object to the processing of data (Article 21 RGPD): Customers may object at any time to the processing of their data, for reasons relating to their particular situation ;
The right to portability (Article 20): Customers may request that AccessAir hand over their provided Personal Data for transmission to another company;
The right not to be subject to a decision based on exclusively automated processing (Article 22 GDPR): no such decision making is currently applied by AccessAir ;
Right to define the fate of the data after death and to choose whether the Data is communicated (or not) to a previously designated third party (Article 85 LIL). In the event of your death and in the absence of instructions from you, AccessAir undertakes to destroy the Data, unless its retention is necessary for evidential purposes or to meet a legal obligation.
Customers may exercise their rights by contacting us at the following addresses
By mail to the address: 1-2 Rue Henri Lossier, 93350 DUGNY
Or by email, at the address: Marketing@accessairaero.com
These rights may be exercised by simple request, providing proof of your identity and a legitimate reason when required by law.
AccessAir undertakes to send a reply within one month of receiving the request. This one-month period may be extended by two months if the complexity of the request and/or the number of requests so requires.
Customers may also file a complaint with the supervisory authorities, in particular the CNIL on its website: https://www.cnil.fr.
AccessAir recommends that you contact the CNIL first before filing a complaint with the CNIL, as AccessAir is at your disposal to resolve this issue.
Article 8 – Sharing of personal data with third parties and transfer outside the European Union
Within the limits of their attributions and for the purposes recalled in article 5, the main persons who will be likely to have access to the Data are the following:
The authorized personnel of our marketing, sales, administrative, logistic, legal and IT departments, in charge of improving our services, customer relations, prospecting and quality control.
The authorized personnel of our subcontractors
The authorized personnel of our co-processor
Personal data may be shared with third party companies exclusively in the European Union, in the following cases
When the Customer uses the payment services: for the implementation of these services, AccessAir is in relation with third party banking and financial companies with which it has contracts;
When AccessAir uses service providers to provide Customer support, advertising and payment services. These service providers have limited access to Customer data in the course of providing these services and are contractually obligated to use it in accordance with applicable data protection regulations;
If required by law, AccessAir may transmit data to respond to claims against the site and to comply with administrative and judicial proceedings.
Certain categories of subcontractors have access to the data collected, including:
The following financial organizations: (banks)
If necessary, the courts concerned, mediators, accountants, auditors, lawyers, bailiffs, debt collection companies;
Third parties likely to place cookies on your terminals (computers, tablets, cell phones…) when you consent to them (For more details, see our Charter for the use of cookies).
The Personal Data of the Customers are neither communicated, nor exchanged, nor sold nor rented without the prior express consent in accordance with the applicable legal and regulatory provisions.
In some cases, your personal information will be stored on servers located outside the EU.
This is particularly the case when AccessAir transfers information to certain subcontractors located in XX.
AccessAir has taken appropriate measures to assure its Customers that their Data is kept secure via the contractualization of standard clauses approved by the European Commission (art. 46 RGPD) or via the so-called “Privacy Shield” mechanism.
Customers may request access to documents ensuring appropriate contractual guarantees by sending a request by e-mail to [TO BE COMPLETED] or by post to AccessAir – 1-2 rue Henri Lossier – 93350 DUGNY
Article 9 – Minors
AccessAir’s Services and website are not intended for minors.
AccessAir does not voluntarily collect Personal Data from minors under the age of 15.
Article 10 – Social networks
While browsing the AccessAir website, Customers have the option of clicking on the icons dedicated to the social networks Twitter, Facebook, Instragram and LinkedIn on our website.
Social networks enhance the usability of the site and help promote it through sharing.
When Customers use these buttons, AccessAir may have access to personal information that Customers would have indicated as public and accessible from their Twitter, Facebook, Instagram and LinkedIn profiles. However, AccessAir does not create or use any database independent of Twitter, Facebook, Instagram and LinkedIn and does not exploit any of its Customers’ privacy data in this way.
Article 11 – Security
Access to the site and its use are reserved for strictly personal use.
Clients undertake not to use this site and the information or data contained therein for commercial political or advertising purposes or for any form of commercial solicitation, in particular the sending of unsolicited e-mails.
AccessAir complies with the RGPD and the French Data Protection Act regarding the security and confidentiality of Data.
AccessAir implements all the technical and organizational measures necessary to ensure the security of the processing of Personal Data and the confidentiality of the Data it collects.
In this respect, AccessAir takes all necessary precautions, in view of the nature of the Data and the risks presented by the processing, to preserve its security and, in particular, to prevent the Data from being deformed, damaged or accessed by unauthorized third parties (physical protection of the premises, authentication procedures for persons accessing the Data with personal and secure access via confidential identifiers and passwords, secure https protocol, logging and traceability of connections, encryption of certain data, etc.).
Article 12 – Responsibilities
For the proper management of the site, AccessAir may at any time:
Suspend, interrupt or limit access to all or part of the site, reserve access to the site, or to certain parts of the site, to a specific category of Internet users;
Delete any information that may disrupt the operation of the site or that contravenes national or international laws;
Suspend the site in order to make updates.
AccessAir cannot be held responsible for any failure, breakdown, difficulty or interruption in operation, preventing access to the site or to any of its functions.
The equipment used by Clients to connect to the site is under their sole responsibility. Clients must take all appropriate measures to protect their equipment and their own data, particularly from viral attacks via the Internet.
AccessAir will not be held responsible for any legal proceedings:
Due to the use of the site or any service accessible via the Internet;
Due to the failure of its Customers to comply with this Policy.
AccessAir is not responsible for any damage caused to its Customers, third parties and/or their equipment as a result of your connection to or use of the site.
Article 13 – Intellectual Property
All trademarks, photographs, texts, comments, illustrations, images (animated or not), video sequences, sounds, as well as all computer applications that may be used to operate this site and, more generally, all elements reproduced or used on the site are protected by the laws in force concerning intellectual property.
They are the full and complete property of AccessAir or its partners. Any reproduction, representation, use or adaptation, in any form whatsoever, of all or part of these elements, including computer applications, without the prior written consent of AccessAir, is strictly prohibited.
AccessAir’s failure to take legal action upon becoming aware of such unauthorized use does not constitute acceptance of such use and waiver of legal action.
Article 14 – Commercial offers
Customers may receive commercial offers from AccessAir. If Customers do not wish to receive such offers, they may click on the following link: marketing@accessairaero.com.
The Data may be used by AccessAir’s partners for commercial prospecting purposes. If Clients do not wish to do so, they may click on the following link: marketing@accessairaero.com.
If, when consulting the site, a Client accesses personal Data, he or she must refrain from any collection, any unauthorized use and any act that may constitute an infringement of the privacy or reputation of individuals.
AccessAir disclaims all liability in this regard.
Article 15 – Cookies
The use of cookies by AccessAir is indicated in the Charter for the Use of Cookies. It is advisable to refer to it.
Article 16 – Modification of the privacy policy
AccessAir may change its Services and change its Privacy Policy. Where applicable, Customers are notified by email of any significant changes to the Privacy Policy.
The version currently online is the only one that can be enforced during the entire period of use of the site and until a new version replaces it.
Article 17 – Applicable law
The Policy is governed by French law.
Article 18 – Contact us
For any question, information on the products presented on the site, or concerning the site itself, you can leave a message at the following address: marketing@accessairaero.com.