GDPR

We wish to be open about our work tasks.

Contact the AIB data protection advisor

If you have questions regarding the usage and processing of your data, you are always welcome to contact our data protection advisor on email: aib@aib.dk

Active information about the AIB

The AIB rules on active information

On our website we provide information about the AIB and our work which includes:

- our overall investigation principles

- the AIB performance contract with the Ministry of Transport,

- annual operating reviews and

- published safety investigation results.

Documents that contain sensitive information will not be published on our website.

Why do we inform about guidelines on active information?

The Information Act, also known as Act No. 606 of June 12, 2013, indeed became effective on January 1, 2014. This act pertains to the access to Danish public administration files. According to the act, authorities are required to specify rules regarding the active information duty as outlined in §17

EU regulation of personal data (GDPR)

EU regulation of personal data

The 25th of May 2018, EU’s data protection regulation was enforced. It is also referred to as GDPR (General Data Protection Regulation).
The regulation contains, among other things, new rules about how companies, organizations and public institutions in the EU should process personal data.

What does it mean for you?

In short, it means that you as a private individual will get a better overview and control of the personal data that The AIB holds of you.

If you have questions regarding the AIB processing of your personal data, you are welcome to contact us on aib@aib.dk, or the AIB Data Protection Officer (DPO) via e-mail: aib@aib.dk.

You can also send secure e-mails to our DPO, by choosing “Havarikommissionen for Civil Luftart” in Digital Post, and add “Databeskyttelserådgivningen” in the subject field.

Note: Mails from other authorities to the AIB’ DPO via aib@aib.dk, will be encrypted automatically if the authority is using Tunnelkryptering. Otherwise, Digital Post must be used - choose “Havarikommissionen for Civil Luftfart” as the recipient, and add “Databeskyttelsesrådgiveren” in the subject field.

Electronic mail to the AIB

When you send electronic mail to the AIB

Below you will find information regarding how we use and store your personal data when we receive electronic mail from you.

Before sending sensitive personal information, the Accident Investigation Board encourages foreign citizens to contact aib@aib.dk for further instructions, or protect your personal information with a password and send a separate email with the personal information followed by another e-mail with the password.

The purpose of and the legal basis for the processing of your personal data

Your personal data will be included in our case management system, with the purpose of answering inquiries and process complaints as a part of our assignments. Furthermore, the information will be processed to obtain effective and rational case management. Finally, the information is used to keep track of which cases we have processed and for researching our practice.

The AIB should, as a public authority, follow the ordinary administrative rules, and are obliged to keep records according to the Information Act. This means that information sent to the commission will be saved in our case management system when a case is created.

The Information Act’s § 15, paragraph 1, means that documents that have been received or sent by management authority, as part of an administrative case management according to its company, should be kept records of if the document has a significant meaning to a case or the case management.

Processing of your personal data is based on the General Data Protection Regulation’s article 6, paragraph 1, litra e.

If you have sent us sensitive information, this will be processed according to the General Data Protection Regulation’s article 9, paragraph 2, litra f.

If you have sent us information regarding criminal offences, it will be processed according to the General Data Protection Regulation’s § 8, paragraph 1 and paragraph 2, nr. 3.

Processing of information regarding CPR will be executed according to unique identification, cf. the General Data Protection Regulation’s § 11, paragraph 1.

Recipients of your personal data

It is The AIB that processes your request, and the information that we have received from you. If it is necessary for the case management, we might pass your personal data on to other public authorities, boards etc. This could for example be public authorities which contributes to the information of the case.

Storage of your personal information

We store your personal information in our journaling system. The information is continuously transferred to The Danish National Archives, according to the archive’s and the State Archives’ laws and regulations.

Your rights

You have, according to the General Data Protection Regulation, rights regarding our processing of information about you. If you wish to make use of these rights, you have to contact us and notify us about this.

Right to view information: You have to right to gain access to documents with the information about you that we process, or apply for access to documents.

Right to correction: You have the right to correct information about you that is untrue.

Right to deletion: In special cases, you have the right to have information about you deleted before we would usually delete this information. This only counts for information that isn’t required to be kept records of.

Right to restriction of processing: You have, in some cases, the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may from that point on only process the information - except for the storage - with your consent, or for legal requirements that can be determined, asserted or defended, or to protect a person or important societal interests.

Right to objection: You have, in some cases, the right to objection against our otherwise legal processing of your personal data.

You can read more about your rights in The Danish Data Protection Agency’s guide about the registrants’ rights, which can be found on the Danish Data Protection Agency.

Complaints to the Danish Data Protection Agency

You have the rights to make a complaint to The Danish Data Protection Agency if you are unsatisfied with the way we process your personal data. You can find The Danish Data Protection Agency’s contact information at the Danish Data Protection Agency.