The data controller is Edinburgh Airport Limited, our contact details are available at the end of this policy (referred to in this policy as "we" or "us" or "our").
This Policy provides information about how we process personal data obtained in connection with our consultation regarding our Noise Action Plan 2018-2023 (the "Consultation"). The Consultation documentation (including the Consultation Questionnaire) will be available at nap.edinburghairport.com (the "Website") and/or supplied in paper format upon request to Progressive Partnership, Q Court, 3 Quality Street, Edinburgh, EH4 5BP. The Consultation FAQs will be published online and will be available in paper format on request.
Personal information that we collect via the Website or Postal Responses
When you use the Website, as is the case with most websites, certain limited information (such as your browser type, cookies, web browsing preferences and IP address) will be directly collected by us automatically.
Where you chose to respond to the Consultation, we will also directly collect and store personal data about you to enable us to process and analyse the responses. You can see the information you are asked to provide in the Consultation Questionnaire, but by way of illustration this will include:
Sensitive Personal Data - To the extent permitted by applicable laws we may also collect and process a limited amount of personal data falling into special categories, sometimes called "sensitive personal data". For the purpose of the Consultation, this includes information relating to physical or mental health (see questions C6 and C7 which are optional) and potentially information regarding sexual life (see questions C3, C4 and C5, which are optional).
The Consultation Questionnaire contains a number of free text fields. None of the related questions require you to provide any personal data, but you are free to choose to do so if you feel it is relevant information.
If you opt to be kept up to date on the Consultation process by e-mail we will also collect and process your e-mail address and if you opt to be kept up to date on the Consultation process by post we will also collect and process your postal address.
If you provide us with personal data about others, for example if you are a representative of your local council, you must ensure that those individuals are aware that you are providing us with their personal data and how we will use it, and that they do not object to that use.
How we use personal data
We use the personal data collected from the Consultation participants for a number of purposes, including to:
Why we collect and use your personal data and our legal basis
We generally process your personal data under one of the following legal bases:
Communications from us
Where you have indicated that you would like to receive updates on the Consultation process we may send communications in the form of email or postal updates to tell you about developments in the Consultation. Please notify us of any changes to your personal data which you have provided to us if you wish to continue to receive updates. You can unsubscribe from receiving updates by email by clicking the "unsubscribe" link in our e-mail communications or please notify us in writing if you receive postal updates and no longer wish to receive them.
Providing information to others
For the purpose of this Consultation, we will be working closely with and may be sharing personal data with:
The other third parties with whom we may need to share personal data to help us run the Consultation include:
We may disclose or share your personal data with such partners in order that we may operate the Website and organise and run the Consultation. We will only share information with such organisations in accordance with this Policy.
The Scottish Government is often subject to Freedom of Information requests (FOI), and any information we supply to the Scottish Government as part of this Consultation may also be provided by them in response to FOIs. However, the Scottish Government must also comply with data protection legislation and should not provide your personal data in response to FOI requests if the disclosure of information would contravene data protection legislation.
Please note that any further correspondence (if any) that you may receive from any of the recipients described above will not be governed by this Policy.
Working with other service providers and our group companies
For operational reasons, we may transfer personal data to service providers and our owner who help us manage our systems and processes. These parties may be located in the UK, other countries in the European Economic Area or elsewhere in the world. Different privacy laws may apply in these countries.
We only make these arrangements or transfers where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws we will take measures to ensure that personal data handled in other countries will receive at least the same level of protection as it is given in your home country. In particular, where required by applicable data protection laws, we have ensured that such third parties sign standard contractual clauses as approved by the European Commission or other supervisory authority. You can obtain a copy of such safeguards by contacting us (see section below). We may redact data transfer agreements or related documents (i.e. obscure certain information contained within these documents) for reasons of commercial sensitivity.
In the event your personal data is transferred to a foreign jurisdiction, it may be subject to the laws of that jurisdiction and we may be required to disclose it to the courts, law enforcement or governmental authorities in those jurisdictions but we will only do so where required by applicable laws.
Keeping information secure
We invest appropriate resources to protect your personal data from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based site can be 100% secure and we cannot be held responsible for unauthorised or unintended access that is beyond our control. Information held on our computer systems and in our paper filing systems is secure to guard against unauthorised or unlawful processing or accidental loss, destruction of, or damage to personal data. We only authorise access to employees who need it to carry out their job responsibilities.
Keeping your records
We keep records for as long as required to operate the Website and run the Consultation in accordance with legal and regulatory requirements. Where your information is no longer required, we will ensure it is disposed of in a secure manner.
Cookies are small computer files which are downloaded onto your device and collect information about the way in which you navigate and use our Website and the Internet. The information provided by cookies helps us to provide you with a more personal experience and allows us to make improvements to our Website over time. You may delete and block all cookies or decide to just block certain types of cookie via your browser setting. However, if you choose to block or delete cookies, this may affect the functionality of the Website.
To find out more about cookies, visit www.aboutcookies.org and our Cookies Policy accessible at http://www.edinburghairport.com/help/policies/privacy-notice#Privacyandcookies
We may use the information in order to conduct profiling. Profiling means using automated processes without human intervention (such as computer programmes) to analyse your personal data in order to evaluate your behaviour, such as to allow us to better evaluate how to provide our questionnaires in the future based on the information we know or infer about you, for example based on how long it took you to answer a certain question on the Website.
You may request further details on our tools and the relevant third parties from us.
Access and other rights
You have a number of rights in relation to your personal data.
You may request access to your data, correction of any mistakes in our files, erasure of records where no longer required, restriction on the processing of your data, object to the processing of your data which is carried out on a legitimate interest basis, and ask for further information in relation to profiling or the basis for international transfers. You may also exercise a right to complain to your supervisory authority.
When exercising any of the rights listed below, we will ask you to provide proof of your identity. If your request is excessive, we may levy a small fee.
More information about each of these rights is accessible below
If you have a complaint about how we have handled your personal data you may contact us using the details below and we will investigate your complaint. You may also contact the Information Commissioner's Office with any complaint if you remain unsatisfied.
Third party sites
This Policy only applies to the Website. If you land on our Website from other websites (including http://www.edinburghairport.com/) or move to other sites from our Website you should read the separate privacy policies.
This Policy was created on 8 February 2018.
From time-to-time, we may update this Policy. We will notify you about material changes by either sending an email message if you provided one to us or by prominently posting a notice on the Website. We encourage you to periodically check back and review this Policy so that you always know what information we collect, how we use it, and with whom we share it.
You can also contact us in the following ways:
Please complete and submit your response via the link below. If you have no comment to make on the Noise Action Plan, we would still like to know that you considered the information. Please tick the no comment box on the QuestionaireSubmit your response