Tallinn Airport Ltd. values its customers and employees and makes every effort to ensure that their personal data are processed in a lawful and secure manner, including protected against unauthorised access and transfer. Tallinn Airport Ltd. processes personal data based on the following principles.
- When processing personal data, Tallinn Airport Ltd. follows the legislation effective in Estonia and the concluded contracts. Data is processed within the extent which is necessary for the performance of contracts and servicing of customers.
- In its daily operations, Tallinn Airport Ltd. follows the principles of personal data protection and non-disclosure of confidential information.
- The employees of Tallinn Airport Ltd. are aware of the obligation to protect personal data and keep information confidential and are responsible for the fulfilment thereof.
- Tallinn Airport Ltd. processes personal data for the predetermined and legitimate purposes and shall not process the data in a manner incompatible with these purposes. Personal data is sufficient and relevant and is not excessive in respect to their processing purposes.
- Integrity of personal data and ensuring the same for servicing customers is of utmost importance for Tallinn Airport Ltd. Personal data which from the viewpoint of processing purpose is incorrect shall be deleted or corrected.
- Tallinn Airport Ltd. protects the personal data entrusted to the same against any unauthorised or unlawful access and processing.
- To ensure protection of personal data, Tallinn Airport Ltd. implements appropriate physical, organisational and IT security measures.
- Tallinn Airport Ltd. shall not transfer personal data (incl. recordings) to other persons, unless the obligation to transfer data arises from legislation or if the data subject has given its prior consent for data transfer or if the data transfer is necessary for the fulfilment of the purposes of processing stated in clause 11.
- Tallinn Airport Ltd. is the authorised processor in respect of personal data provided to the air carrier and undertakes to apply the data protection requirements and conditions arising from the contract entered into with the air carrier. A passenger has the right to access their personal data and obtain statements through the air carrier on the activities carried out. A passenger also has a right to view their personal data and rectify incorrect data or demand rectification of it, by contacting the air carrier for that purpose.
- If the passenger has provided their personal data to Tallinn Airport Ltd., they may send a digitally signed inquiry at the e-mail address info[at]tll.aero. General data protection matters may be referred to the e-mail address of the administration of Tallinn Airport Ltd. at administration[at]tll.aero.
- In order to ensure aviation security and safety and better customer service, Tallinn Airport Ltd. processes the calls received by important phone lines. The image of CCTV cameras is processed for the purpose of aviation security and safety and for the protection of persons and property.
- Tallinn Airport Ltd. processes and stores the recordings of phone calls and CCTV camera image in its databases.
- Tallinn Airport Ltd. stores the recorded phone calls for one year and the image of CCTV cameras for 31 days.
- As an exception, personal data related to incidents, incl. recorded phone calls and CCTV images shall be stored for five years for the required procedural acts. The data will be deleted after the expiry of the term.