Data Compliance and Protecting Passengers

Business Aviation and Data Privacy Regulations
Business aviation service providers are not immune to strict data privacy protecting laws. Whether in the air or on the ground, collecting and processing passenger information such as arrival times, locations, transportation details and even dietary requirements are governed by regulatory bodies.

SD is leading with compliance to ensure that not only aircraft and flight operations data are protected, but also that our customers’ passenger information is protected under the strict global data privacy laws.

What’s Changed for Business Aviation?
Consumer and business data privacy protection laws and regulations have gained strength within recent years, particularly with the introduction of the European Union’s General Data Protection Regulation (GDPR). Regulations apply to all industries that operate throughout most of the world, including business and general aviation.

Business obligations are now enforced to a much higher standard and are bound by strict penalty for non-compliance. These new regulations have driven a top down flow of operational and tactical change from businesses to customers. This has caused greater transparency of practices, mitigating risk for both customers and businesses. Through improved data collection, analytics and data management practices, contract negotiation and relationship management will likely become fluent and standardized.

Furthermore, the digitization of business aviation flight departments is more prevalent and necessary, therefore the need and requirements for inflight data security and data privacy regulatory compliance has increased.

Overview of Regulations
Given the inevitable evolution of the data compliance landscape, SD has invested specifically to ensure we are compliant with the key data privacy regulators, including:

European Union’s General Data Protection Regulation (GDPR)
The GDPR was designed to give individuals within the European Union control over their personal information and how it is processed. Also, to simplify and unify regulations for international businesses that operate within the European Union.

California Consumer Privacy Act (CCPA)
This new regulation comes into effect on January 1st, 2020. It is often considered the US version of the GDPR but has additional requirements and is more prescriptive than GDPR, including certain revenue and data record possession thresholds. Businesses are required to ensure reasonable security procedures and practices in protecting consumer data.

Brazilian General Data Protection Law (LGPD)
Not in effect until August 15th 2020, this data protection law in Brazil is a new legal framework for the use and protection of individual data processed in Brazil, irrelevant of where the business is located. It applies to any individual or organization, public or private that collects data, but does not apply for journalistic, artistic, literary, academic or public safety or criminal investigative purposes.

India’s Personal Data Protection Bill
The PDP Bill governs the processing of personal information by incorporated entities in India including private and government, also organizations incorporated overseas. Like the LGPD, exceptions include data processed for national security and crime prevention, investigation and prosecution, legal proceeding, personal and domestic use and journalistic purposes.

Your Flight Operations and SD
Open architecture at SD means creating freedom of choice for our customers to use their preferred products and services by:

  • Facilitating the flow of data between aircraft, flight departments and third-parties on the customers’ terms.
  • Providing a broad portfolio of connectivity solutions.

It is our goal to enable technologies that allow customers to have the freedom of using their platforms, their way, while always ensuring that their data is transported securely by SD.

Every flight department is different; with different aircraft, corporate and passenger demands. We want to drive the industry to a new standard of operating in this data driven age, via our unique range of centralized software solutions.

Data security and compliance are in our DNA! We are dedicated to leading with compliance to ensure our customers have peace of mind when working with us.