This policy applies to Liege Airport, Liege Airport Business Park and Liege Airport Security.
The undertaking by Liege Airport
LIEGE AIRPORT undertakes to integrate the protection of personal data into its business strategy, in compliance with the laws and regulations in force.
LIEGE AIRPORT undertakes to adapt its processes and procedures constantly so that they remain in compliance with the regulations, that they be transparent and that the persons concerned be informed in a concise, transparent and comprehensible manner about the way in which their data will be processed, whereby this information must be readily available to them.
Liege Airport therefore complies with the Data Protection Regulations (GDPR)*.
- Personal data: data containing details about the personal or factual circumstances of a particular or identifiable natural person.
- Data processing: any operation or set of operations carried out on Personal Data or on sets of Personal Data, whether by automated means or otherwise, such as collection, recording, organisation, structuring, storage, adaptation or alteration, recovery, consultation, use, disclosure by transmission, dissemination or other ways of making them available, alignment or combination, restriction, erasure or destruction.
Responsibility for data processing
Liege Airport is responsible for processing personal data in the context of the following activities:
- Company administration and legal aspects
- Business Development and customer management
- Management of suppliers
- Human Resources management
- IT management
- Safety management
- Security management
- Management of communication and public relations
- Financial management
- Environmental management
In this context, each member of staff required to process personal data must take care to respect the strictest confidentiality in relation to the data processed.
Compliance with the requirements resulting from this policy must always be verifiable by means of written documentation concerning the measures taken and the relevant elements related to the processing of data which are recorded in a centralised register and hosted within the Management System and Environment Service.
Verification of compliance with these requirements is the responsibility of the Data Protection Officer (DPO).
The Data Protection Officer
In accordance with the regulations, Liege Airport must appoint a Data Protection Officer (DPO) who works with the support of General Management.
He can be contacted at the following address: firstname.lastname@example.org
Any request for information on the processing of personal data by Liege Airport, as well as any request to read, correct, complete or delete personal data, must be submitted to the DPO.
Personal data which must be kept by law or by agreement cannot be deleted.
Communication of data to third parties
All personal data collected shall be processed in strict confidence and may be communicated to third parties only insofar as this is necessary for the fulfilment of the purposes described in the contract between Liege Airport and the person whose data is processed and to the extent that this complies with the legal provisions in this area.
These third parties may receive only the personal data necessary for the execution of the missions entrusted to them and subject to these third parties’ signing a commitment to respect confidentiality, the rules defined by the GDPR and this policy.
Personal data storage period
All personal data collected shall be kept for the time necessary to fulfil the purpose of the data processing or the period provided for by law.
Securing personal data
All appropriate technical and operational measures shall be taken to ensure the confidentiality of personal data and prevent unauthorised access or unauthorised use of personal data.
Awareness, information and partnership
Awareness and information are long term concerns. Both LIEGE AIRPORT staff and suppliers, passengers and customers shall be made aware of the policy of Liege Airport on the protection of personal data through regular information and appropriate training.
Assessing and updating this policy
This personal data protection policy shall be regularly assessed and updated as regards:
- the progress of actions to bring Liege Airport processes and procedures into line with the new regulations;
- the regulatory watch;
- audits conducted by the DPO;
- requests from the supervisory authority.
*Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/ EC (General Data Protection Regulation)