GDPR
The regulations and laws for a certified virtual airline tell us it must comply with GDPR, but technically, what is this?
IVAO takes privacy matters very seriously and has comprehensive policies.
As we certify ALAS DEL SUR as a virtual airline, we're obligated to seek and comply with rules. We know "GDPR" is crucial.
We'll focus on a few straightforward steps:
Specific rules and regulations:
In the virtual airline's rules section, there must be a point explicitly stating that all data collected from a member (name, surname, date of birth, IP address, IVAO VID, activity, and rank in IVAO) must clearly mention that every pilot, regardless of nationality, has the right to access and delete all aforementioned data.
The VA website must not publicly display pilots' last names or personal email addresses. IVAO and VA VID callsigns are acceptable for public display. The virtual company's emails may be visible (e.g., contact@alasdelsurva.com).
These restrictions apply only to public access; once a pilot logs in, these restrictions disappear.
My virtual airline isn't registered in Europe; do I still need to comply with GDPR?
IVAO, an NPO based in Belgium, must comply with GDPR. By certifying a VA, it's linked to IVAO, a virtual association where pilots worldwide could join your VA, and we must ensure a certain level of quality. That's why we request all VAs worldwide to meet the aforementioned European standards.
​
ALAS DEL SUR VIRTUAL complies with:
​
- General Data Protection Regulation GDPR https://gdpr-info.eu/
​
- Privacy data from Mexico http://www.diputados.gob.mx/LeyesBiblio/pdf/LFPDPPP.pdf
​
- IVAO GDPR https://wiki.ivao.aero/en/home/flightoperations/FAQ_VA#virtual-airlines-and-gdpr
​