General Privacy Notice

We take your right to privacy seriously and want you to feel comfortable using our website and services. In accordance with the General Data Protection Regulation (GDPR), this page explains how we use your personal information.

CAA International Limited is a wholly owned subsidiary company of the UK Civil Aviation Authority. This General Privacy Notice is to let you know how CAA International generally uses and looks after your personal information. This includes what you tell us about yourself and what we learn during our relationship with you.

It does not provide exhaustive detail of all aspects of our collection and use of personal information, but our online service portals and individual applications will. However, we are happy to provide any additional information or explanation needed.

Please email FOI.requests@caa.co.uk or write to the address below for further information.

Why we process your personal information:

• Booking and administering a training course
• Sending promotional communications about services we provide
• Booking examinations
• Providing feedback and reviews of our services
• Providing responses to enquiries
• Processing payments
• Event coordination

The type of personal data we process:

• Contact details such as name, address, email address and telephone number
• Job title (for the purposes of booking and attending training courses at CAA International)
• Payment card details
• IP Address

Who information is processed about:

• Employees
• Customers
• Survey respondents
• Job applicants

Who the information is shared with:

Our Service Providers:

• Access Planit
• Aspeq Limited
• Campaign Monitor
• Feefo
• Microsoft Dynamics
• Rackspace
• Opayo-Direct (Elavon)
• Survey Monkey
• Webex by Cisco

Transfer

It may sometimes be necessary to transfer personal information overseas. When this is needed information may be transferred to countries or territories around the world. Any transfers made will be in full compliance with all aspects of the data protection act.

Website

Our website is hosted by a third-party provider, Rackspace Ltd, a UK based hosting company.

This website uses Google Analytics (GA) to track user interaction. Google is an American based company. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. This website also uses Remarketing which facilitates the serving of advertisements on various other websites across the internet. For more information, please see our Cookies Policy.

Should you choose to contact us using the contact form this website or an email link, none of the data that you supply will be stored on this website. Instead, the data will be automatically sent to our CRM system, Microsoft Dynamics, that we use to process and administer your enquiry. The data collected will include your name, company name, email address, country, area of interest and a message/enquiry. This data will allow us to respond to your message. Your data will be stored on Microsoft Dynamics for three years.

You will not receive any unsolicited emails from us unless you have selected/ticked the relevant consent box beneath our contact form.

Email Marketing

If you subscribe to any of our email mailing lists, the email address that you submit to us will be forwarded to Campaign Monitor who provides our email marketing services. Campaign Monitor is an American based company. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems. Your email address will remain within Campaign Monitor’s database for as long as we continue to use Campaign Monitor services for email marketing or until you specifically request removal from the list. You can do this by selecting the unsubscribe link contained in any marketing related email that we send you or by requesting removal via email.

To subscribe to our mailing lists hosted by Campaign Monitor, we operate a double opt-in system. If you submit your information to one of our subscription forms, Campaign Monitor will send you a one-time confirmation email to the address entered asking the user to, in turn, confirm the email address. You are required to follow a link in the email to confirm their subscription. This is the second opt-in. Only after this confirmation is the email address added to the mailing list.

For training course customers, we will use your email address to send information and news updates in relation to identified area of interests, such new courses titles or upcoming course dates that may be of interest The processing of your personal data is necessary for the purposes of our legitimate interests and does not affect your fundamental rights and freedoms as a data subject.

Training Course-Specific Policy Guidance

Training courses can be booked by the delegate or on behalf of the delegate (i.e. Organisation). Delegate information provided by email or electronically by users of CAA’s Training Management System (TMS) will be utilised by CAA International and shared with its contracted software provider.

The system used to process your information is provided by Accessplanit, based in the UK, and they have routine access to your information for the purpose of booking, coordinating and managing delegate attendance to training courses. For more information, please click here.

The system used to process your payment is provided by Opayo-Direct (Elavon), based in the UK. Opayo-Direct only have access to your personal data for the processing of your payment. They do not have access to the TMS. For more information, please click here. Processing of payment information is required for the performance of a contract with you/or in order for us to take steps at your request prior to entering into a contract with you.

You are responsible for ensuring that all information submitted by you and contained within the TMS is accurate, complete, and up-to-date. CAA International takes all reasonable steps to ensure that information collected within the TMS by its employees and representatives is correct, however, CAA will rely upon you to contact us to update or verify your personal information and to confirm your willingness to receive communications from CAA International.

You may withdraw consent at any time, submit an enquiry or make a complaint by emailing training@caainternational.com

Customer Feedback, Feefo Questions and Answers, and Feefo Reviews

As part of our ongoing commitment to deliver the highest standards and to conform to ISO 9001:2015, all our customers will receive an email after the service delivery requesting customer feedback. Users will be directed to Survey Monkey, an American-based company. Users will be asked to complete a customer satisfaction survey. All responses remain confidential and will give us valuable information on how we can better serve and exceed our customers’ expectations. These emails are deemed a legitimate part of trading under GDPR. You may still receive these email requests, even if you have previously unsubscribed from our email marketing communications.

Website users have the opportunity to ask questions about our training courses on our website using a plugin powered by Feefo. Using this feature, questions can be submitted through the CAAi website, which are reviewed and responded to by CAAi. The answer to each question is then displayed on the corresponding course webpage for other website users to view, along with the name of the person who submitted the question and the date it was posted.

Upon completing a training course, our open-access training delegates are invited to leave a review of the course they attended. The review is then displayed on the CAAi website. To administer course reviews, we share your details (name, course details and email address) with the third-party review website, Feefo. Feefo is a UK-based company. Delegates can opt to leave a review anonymously.

Webinars

When you attend webinars hosted by CAA International, we use Webex by Cisco, an American company. Their data centres and iPOP locations are spread across North America, Europe, and Asia Pacific. By signing up for a CAAi webinar, your data will be securely stored within Webex, enabling us to manage your attendance effectively. Additionally, you’ll receive automated emails from Webex regarding the event, such as registration confirmations, agendas, meeting links, and post-event surveys. Occasionally, we may also send follow-up emails related to the webinar subject matter via our email marketing service provider, Campaign Monitor. You have the option to unsubscribe from these emails anytime by clicking on the unsubscribe link at the bottom of each email.

Applying to Work at CAAi

We display all live vacancies on the “Careers” section of our website. To apply for a position, users are redirected to the UK Civil Aviation Authority’s dedicated careers website. When individuals apply to work at the CAA, we will only use the information they supply to us to process their application and to monitor recruitment statistics. Where we want to disclose information to a third party, for example, where we want to take up a reference or obtain a ‘disclosure’ from the Disclosure and Barring Service (DBS) we will not do so without informing the applicant beforehand unless the disclosure is required by law.

Personal information about unsuccessful candidates will be held until after the recruitment exercise has been completed. It will then be destroyed or deleted. We retain de-personalised statistical information about applicants to help inform our recruitment activities or for equality and diversity purposes, but no individuals are identifiable from that data.

Once a person has taken up employment with the CAA, we will compile a file relating to their employment. The information contained in this file will be kept secure and will only be used for purposes directly relevant to that person’s employment. Once their employment with the CAA has ended, we will retain the file in accordance with the requirements of our retention policy and then delete it.

The CAA’s Data Protection Officer (DPO)

The CAA’s DPO is:

Chris Whitehurst
Civil Aviation Authority
Aviation House
Beehive Ring Road, Crawley
RH6 0YR

To contact our DPO, please email FOI.requests@caa.co.uk. This will ensure that in her absence your enquiry can be dealt with in the most efficient way.