I-SEC offers specialized security services to clients in the aviation security industry.
In our privacy statement you will read how I-SEC handles your Personal Identifiable Information (PII). We describe what and why we have this personal identifiable data. We will explain how long we store the data and how you can request adjustments or deletion form our systems.
This privacy statement relates to I-SEC International Security B.V. which is located at the Hendrik Walaardt Sacrestraat 425-5, Schiphol and it’s subsidiaries:
- I-SEC Nederland B.V.
- Procheck International B.V.
- I-SEC Italia s.r.l.
- I-SEC Spain S.L.
- I-SEC Harsec A/S
- I-SEC Advanced Systems
- Abydos Consultores de Sistemas s.l.u.
- I-SEC Deutsche Luftsicherheit GmbH
- I-SEC Germany GmbH
- I-SEC Nord GmbH
- I-SEC Sweden
1.1 What is personal identifiable information?
I-SEC respects the privacy of its employees, customers and visitors to the website.
PII is all data that discloses your identity that is unique to you and can be traced directly or indirectly to you as a person. Examples are name, home address, phone number, your birthdate or place of birth. Your digital personal data is also considered personal data. For example a person’s social media accounts and your e-mail address.
The GDPR considers your IP-address also as personal data. There is also a category special data, this is data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership. These data are protected with extra measures by the legislator.
More information concerning the protection of your personal data can be found on the website of the authorities responsible for enforcing the GDPR, for the Netherlands this is https://autoriteitpersoonsgegevens.nl
1.2 Basic principles processing personal identifiable information
Processing PII within I-SEC happens in accordance to the GDPR requirements. It concerns any operation, which is performed on personal data, whether or not by automated means, such as collection, recording, storing, altering, erasing, destroying, etc. In most, but not all situations I-SEC is responsible for the data and how the data is used.
GDPR Basic principles explained:
- Lawfulness, fairness and transparency: Your data is processed in a way that is lawful and clear to you.
- Limitation: Your data is only used for the purpose I-SEC needs it for.
- Data Minimization: The information I-SEC collects is relevant for its purpose and limited to what is necessary.
- Accuracy: The data collected is correct, if not, it will be removed or rectified.
- Storage limitation: Your information is kept no longer than is necessary for the purposes for which the data is processed.
- Integrity and Confidentiality: I-SEC takes all required measures to ensure all the personal data is protected and is checked regularly.
1.3 Your rights
The GDPR aims to make data processing more transparent and give you greater control over how your data is handled.
Considering the basic principles your rights are:
- Right of access: You can view your PII that I-SEC has collected.
- Right to rectification: You are able to modify your personal data in case the data is not up to date or accurate.
- Right to erasure: You may request us to remove your personal data from our systems. However we cannot comply with every request as I-SEC is obligated to save and store some PII due to applicable law regulations.
- Restrict processing: You may request us to minimize the personal data we process.
- Data portability: In case you decide to move to another employer or I-SEC has to hand over her activities to a new vendor during a tender process, you may request to have your PII be transferred in a machine readable format to the new organization.
- Right to object: You have the right to ask us to stop processing your PII. However we cannot comply with every request as I-SEC is obligated to save and store some PII due to applicable law regulations.
- Right to object to automated processing: I-SEC does not use automated processing. Your work schedule is partly processed automatically. The planning department checks the schedules before distributing them.
Please note that there are exceptions to the rules causing companies to be unable to comply with your request, for example in case of law and regulations.
2 What PII do we use and what do we use it for?
2.1 What information does the website www.i-sec.com collect?
- In case you would like us to contact you, you may fill in a request through the website. Your name, company name, e-mail address, job function and telephone number are requested.
- In case you are applying for a job via our website, you are requested to provide your name, address, CV, motivational letter and applicable references.
2.2 What information is collected during the application process?
In short the process explained:
- When the application process is finished and you have been hired the screening process is put in place. You will be asked to provide more detailed PII such as address history and copy of your passport / ID.
- When working for I-SEC you will need a uniform, an airport ID and the applicable training. For this we need your clothing size and a certificate of conduct.
- During your career with I-SEC we monitor how you are doing your job. Doing so we keep track of evaluations, supervisions, development and career conversations, training results, etc. These are all stored in your digital personal file.
- I-SEC’s HR-system holds information on applicants, employees and external suppliers. This system is secured in accordance to GDPR.
- Staff planning is done through a specialized planning system which is connected to our HR system.
2.3 What about passengers going through our security process?
Passengers are the clients of our clients for which I-SEC provides its services. I-SEC is not considered the controller of your personal data when clients, for example airlines and airports, use our security services.
2.4 Reasons for processing your PII
There are a number of reasons why I-SEC justifies the collection and processing of your PII:
- To be able to enter into an employment contract with you
- To be able to contact you
- To be able to recruit new staff
- For the handling of questions, complaints and claims
- To be able to fulfill the legal obligations
- Business interest
A cookie is a piece of text that is created and given to a browser through a webhosting server. There are different kinds of cookies. The kind of cookie used by www.i-sec.com is called a “First party cookie”.
This cookies ensures that our website functions safe and optimal. Only our website can read the text from the cookie. No PII is collected and stored through this cookie or while viewing our website.
More information about deleting cookies from your computer or changing cookie settings can be found in the help function of your browser.
4 Data security
I-SEC International security B.V. and its subsidiaries are part of ICTS International N.V.
ICTS International N.V. has a Code of Conduct that applies to the employees of the group. The purpose of this code of conduct is to ensure the group’s management takes responsibility to provide knowledge, awareness and involvement in the field of, but not limited to, protecting your personal information within all layers of the company.
I-SEC employs several trained specialists who ensure that I-SEC complies with the GDPR. These professionals keep track of changes in regulation and follow technological developments. Risk analysis and audit procedures are in place to ensure that I-SEC continues to comply with GDPR.
Securing your personal data is our priority. Data stored with us is protected by technical and organizational measures to effectively prevent loss or misuse by third parties. Transmission of personal data is encrypted through SSL-Secure Socket Layer. The lock in your browser’s address bar shows you are using an encrypted connection. The technical security measures to protect your data are regularly checked and improved if necessary. These principles also apply to companies that sub-process data according to our instructions.
5 Retention period
The personal information necessary to contact you, whether it is to apply for a job, request information or submit a complaint, is only used for the purpose for which it is collected. The data is retained as long as the content is required to complete processing of your request, as long as our services are required or as long as the employment contract is valid. In situations when I-SEC has legal grounds to hold on to your PII the legal retention period is applicable.
Your PII is not shared with third parties. It may be necessary to share your PII to meet your request. Other than on legal grounds we will ask your permission to share your PII.
Some examples of third parties are the Airport authorities, Airlines, Customs and National Authorities.
After the retention period your PII is removed from our systems. Therefore the right to information, the right to erasure, the right of rectification and the right to data transfer cannot be imposed after expiry of the retention period.
6 Data breach reporting
In the unfortunate but unlikely event we where not able to protect your PII, a so-called data breach may have occurred. I-SEC will report a data breach with the regulator the Dutch Authority personal information. In case the data breach has serious impact on your privacy, I-SEC will inform you as soon as possible. We will let you know the details of the data breach and what I-SEC and you can do to minimize the damage.
7 Questions concerning private data protection
In case you have any questions concerning the protection of your PII or if you want to make use of any of the data subject rights you may get in touch with I-SEC or one of the subsidiaries.
When you think you found weaknesses in our systems we kindly ask you to contact us as soon as possible so we can constrain and solve the issue immediately.
To exercise one of your rights because you applied for a job with us, you may communicate directly with the local subsidiary: