Privacy policy
Thank you for visiting the official website of the Aviation Training Centre at Vasil Levski Sofia Airport!
SOF Connect holds an Aviation Training Centre Certificate № 22/19.04.2021 issued by the General Directorate of Civil Aviation Administration under the Civil Aviation Act to provide training to aviation personnel. The centre provides qualification and training courses for personnel involved in aviation security, ground handling and airport operations. Trainings are conducted according to programmes developed by the instructors and approved by the General Directorate of Civil Aviation Administration. The training centre is located in separate building, has three training rooms as well as a room with CUTE workstations for passenger handling, a room with specialised software for computer-based training of X-ray operators and a room with a real checkpoint for screening of persons and baggage. The centre’s instructors are certified by the General Directorate of Civil Aviation Administration, maintaining a level of qualification in line with company needs and national, European and international standards. They have passed training courses for instructors in international aviation training centres – ICAO, IATA, ACI, etc. In addition, the training centre is an officially accredited partner of ACI (Airports Council International).
Processing of personal data
Personal data means any information relating to a natural person that can be identified, directly or indirectly, to one or more characteristics.
As a data controller, SOF Connect AD complies with all the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data („GDPR“) by collecting and processing only personal data to the extent necessary for the provision of the services we offer and the economic activity carried out and keeping it in a responsible and lawful manner under restricted access.
This Privacy Policy explains how we collect and use your personal data, what your rights are, and provides information on what to expect when SOF Connect AD processes personal data.
Personal data we collect
SOF Connect AD processes various types of personal data. This includes information you provide to us, information we create, or information that is provided by a third party or public authority. For more details about the personal data we process and how that data is collected or obtained, see the table below.
| Data categories | Description | Personal data source |
| Identification data | Name, position, date of employment and years of experience (for certain courses) | This information is provided by you or by the company that is your employer. |
| Contact details | Email, phone number, employer | This information is provided by you or by the company that is your employer. |
| Financial data | Payment details, bank card details and accounting/tax documents issued | This information is provided by you. |
| Video recording | Images recorded through video surveillance | We will record your image if you visit a location where CCTV is being carried out. |
| Has a thorough comprehensive check been successfully completed | If the relevant course requires this check to be completed in advance.
No personal data from the content of the check is processed; only a confirmation with an incoming number is received regarding its completion. |
Confirmation from the Civil Aviation Administration |
| Details of completed education and training courses.
Category and date of validity of driving licence. |
If the relevant course requires a certain level of education and a driving licence. | This information is provided by you or by the company that is your employer. |
| Results from training courses organized by us | Result related to the success of the completed training. | This information is provided by you. |
How do we process your personal data?
| Purpose | Legal basis for processing |
| Provision of training services | Taking steps at the request of the data subject prior to entering into a contract.
Performance of a contract to which the data subject is party. |
| For processing payments and issuing accounting/tax documents (invoices) in connection with services used | Performance of a concluded contract and legal obligation |
| Prevention and detection of crime – including the use of video surveillance | Legal obligation – airport and civil aviation security, in accordance with the National Civil Aviation Security Program. |
| For communication | Taking steps at the request of the data subject prior to entering into a contract – When we receive requests, we may collect your personal information so that we can identify you correctly and deal with your request. All personal information collected will depend on the information you provide to us. In some cases, we may request additional information to help us address your request. |
With whom do we share your personal data?
SOF Connect AD only discloses personal data to third parties if they have a legal basis to receive it. The categories of recipients are determined on a case-by-case basis according to their legal basis for receiving the data, which may be:
- State bodies in accordance with their powers.
- Banks with a view to paying amounts due.
- Providers of postal and courier services for addressing correspondence.
How long do we keep your personal data?
We retain your data for a period of 5 years, proportionate to the processing purposes specified above.
Transfer of personal data to a third country
If a transfer of personal data outside the European Union is necessary, this will take place in full compliance with the conditions set out in Chapter V of the GDPR.
What are your rights?
As a data subject, you have the following rights:
- Information right – you have the right to know what data will be processed for what purposes and on what basis.
- Right of access – You have the right to access your personal data and details of how we process it.
- Right to rectification – You have the right to correct personal data about you if it is inaccurate or incomplete.
- Right to object –You have the right to object to the use of personal data, such as direct marketing. Individuals also have the right to object to the processing of personal data on the basis of legitimate interests or for the performance of a task carried out in the public interest.
- Right to erasure –You have the right to request us to erase or remove personal data from our records where there is no legitimate reason for us to continue processing it. Where personal data is still necessary for legitimate interests, it will not be possible to delete that data, so some requests may be refused.
- Right of data portability – where personal data are processed by automated processes based on consent or contract. For this purpose, the data shall be transmitted in a structured, commonly used and machine-readable format.
- Right to restriction of processing – You have the right to “block” the processing of personal data in limited circumstances. This right may apply:
- If the accuracy of your personal data needs to be checked;
- If the legal basis for the processing of your personal data is disputed and needs to be reviewed by SOF Connect AD;
- If the processing is unlawful but you do not want the personal data to be erased;
- If the personal data is no longer needed by SOF Connect AD but you want the data to be retained for the purposes of a legal claim.
-
- Right to withdraw your consent – Where we process your personal data on the basis of your consent, you have the right to withdraw that consent. Withdrawal of consent is effective for the future.
- Right to lodge a complaint to a supervisory authority – You can lodge a complaint to the Personal Data Protection Commission, which is the supervisory authority in the Republic of Bulgaria responsible for the implementation of the Personal Data Protection Act and the General Data Protection Regulation, at. 1592 Sofia Blvd. “1595 Prof. kzld@cpdp.bg, website: www.cpdp.bg.
Is automated decision-making, including profiling, carried out?
Automated decisions are defined as decisions for individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals concerned. We do not use automated decision making.
How to contact us?
Individuals may contact us to exercise their data protection rights or make other data-related enquiries at the following contacts:
SOF Connect AD
Sofia 1540, Sofia Blvd. Christopher Columbus № 1
e-mail: dpo@sof-connect.com