Version 2.0
Last updated: January 6, 2026
the previous version (1.0) valid until 2026 01 05
AVIA SOLUTIONS GROUP PRIVACY NOTICE FOR CANDIDATES
1. TO WHOM DOES THIS PRIVACY NOTICE APPLY?
This privacy notice (hereinafter – the Privacy Notice) applies to persons applying for job vacancies (hereinafter – candidates or you) at companies of Avia Solutions Group (hereinafter – Avia Solutions Group/ASG or we).
This Privacy Notice provides information on the personal data of candidates that are processed, on the purpose and legal basis of their processing, the duration of their retention, the rights of candidates as data subjects, and contains other information mandatory under legal acts.
The purpose of candidate selection to vacant positions at Avia Solutions Group is to determine the suitability of the candidate's qualifications for a specific position and to make a decision concerning an employment contract with the candidate. This includes assessing the candidate's skills, qualifications and experience, verifying the information provided by the candidate, checking letters of references and, if applicable, the candidate's reliability, general management of the recruitment process, communication with the candidate on selection issues, improvement of the selection process, and resolution of legal disputes related to candidates.
During the selection of candidates, your personal data shall be processed. Please note that if you do not agree to provide your personal data when applying, we will not be able to properly or fully assess your application. We also ask that you do not provide excessive information about yourself or sensitive personal data (e.g., about your health, family status, etc.) that is not necessary for the selection process when applying.
2. DATA CONTROLLER AND ITS CONTACT DETAILS
Any of the companies of Avia Solutions Group, the contact details whereof are available here: https://aviasg.com/en/the-group/general-contacts, shall operate as a separate data controller when you apply for a specific job position at one of the ASG companies, and shall also operate as a joint data controller when you give a separate consent for the sharing of your personal data with the companies of Avia Solutions Group for recruitment purposes.
AVIA SOLUTIONS GROUP (ASG) PLC, legal entity code: 727348, address: Building 9, Vantage West, Central Park, Dublin, D18 FT0C, Ireland, e-mail: [email protected], is the administrator and data controller (as described above) of the website https://careers.aviasg.com (hereinafter – the Career Website).
Avia Solutions Group shall process the personal data of candidates in accordance with the General Data Protection Regulation[1] (hereinafter – the GDPR) and other legal acts.
3. WHY AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
During the selection process, the following personal data of a candidate may be processed:
|
Purpose of processing (Why do we process personal data?) |
Categories of personal data (What personal data do we process?) |
Legal basis for processing personal data (What allows the processing?) |
Retention period of personal data (How long do we process the data?) |
|---|---|---|---|
|
Employee selection when a candidate applies through special recruitment channels: Career website or professional social network LinkedIn |
Information about the candidate's identity and contact details: name, surname, age or date of birth, e-mail address, telephone number, address or place of residence/country, nationality, etc.
Information about the candidate's work experience: place of employment, period of employment, positions, responsibilities, projects implemented or other achievements.
Information about the candidate's education: educational institution, period of study, education and/or qualifications obtained.
Information about the candidate's professional development: training courses completed, certificates obtained, licenses held, hours accumulated (applies only to pilots and/or crew members), etc.
Information about the candidate's skills: knowledge of languages, computer skills, driver's license, etc.
Other information about the candidate: desired salary, link to the candidate's LinkedIn profile, other information voluntarily provided by the candidate in his/her CV or other documents. |
Your consent (Article 6(1)(a) of the GDPR) |
Until the end of the selection process. The selection process shall be considered complete when a job offer is made to the candidate. |
|
Inclusion of the candidate in the ASG candidate database in order to be invited to participate in other selections for the same or similar positions at any ASG company. |
Your consent (Article 6(1)(a) of the GDPR) |
During the selection process and for 2 years after your last application |
|
|
Candidate’s reliability check (applies only to selected candidates to certain positions and only in specific ASG companies – see Section 4 of the Privacy Notice for more information) |
Data on the candidate's criminal record/clean criminal record |
Our legitimate interest (Article 6(1)(f) of the GDPR) |
30 days from the date of receipt of the document on criminal record/clean criminal record
|
|
Conclusion of an employment contract with the candidate who has been offered the job |
Name, surname, personal ID number, date of birth, photograph, data of personal identification documents (document type, number, date of issue and expiry), residence/work permit details (permit type, number, date of issue and validity period), residential address, telephone number, e-mail address, bank account number and bank name, terms and conditions of the job offer to the candidate, medical certificate on health check (where required by law), information about children (number of children, date of birth of children), and other necessary information. |
Conclusion of an employment contract with the candidate (Article 6(1)(b) of the GDPR)
Compliance with legal obligations (Article 6(1)(c) of the GDPR) |
During the validity period of the employment contract and for 3 years after the termination/expiry of the employment contract |
|
Establishment, exercise and defence of legal claims related to the candidate's selection |
Name, surname, personal ID number/date of birth, e-mail, telephone number, address, etc., as well as all information necessary for the management of legal claims |
Our legitimate interest (Article 6(1)(f) of the GDPR) |
5 years from the completion of the investigation or the resolution or enforcement of the legal claim |
4. CANDIDATE’S RELIABILITY CHECK
In order to ensure the security of information systems and confidential information, as well as professional reputation, candidates to certain positions shall undergo a reliability check, during which data shall be collected on whether the candidate has/does not have any judgments of conviction for which the criminal record has not been expunged or annulled, in order to verify the candidate's reliability.
A candidate's reliability check shall apply only to persons applying for certain positions at Avia Solutions Group (ASG) PLC, address: Building 9, Vantage West, Central Park, Dublin, D18 FT0C, Ireland, with its permanent establishment at the address: Dariaus ir Girėno str. 21A, Vilnius, Lithuania (hereinafter – the Company). Candidates applying for positions at all other companies of Avia Solutions Group shall not subject to a reliability check.
Positions subject to a candidate’s reliability check and absence of criminal record for the following criminal offences:
|
Article[2] of the Criminal Code of the Republic of Lithuania and Criminal Act |
|
|---|---|
|
CRM Product Manager |
Article 119. Espionage Article 125. Disclosure of a State Secret Article 126. Loss of a State Secret Article 191. Misappropriation of Authorship Article 192. Unlawful Reproduction of Objects of Author’s Rights or Related Rights, Making Publicly Available via Computer Networks (Internet), Distribution, Transportation or Storage of Illegal Copies Thereof Article 193. Destruction or Alteration of Information about Management of Author’s Rights or Related Rights Article 194. Unlawful Removal of Technical Protection Means of Author’s Rights or Related Rights Article 195. Violation of Industrial Property Rights Article 196. Unlawful Influence on Electronic Data Article 197. Unlawful Influence on an Information System Article 198. Unlawful Interception and Use of Electronic Data Article 1981. Unlawful Connection to an Information System Article 1982. Unlawful Disposal of Installations, Software, Passwords, Login Codes and Other Data Article 210. Commercial Espionage Article 211. Disclosure of a Commercial Secret |
|
Data Analytics Team Lead |
|
|
Data Engineer |
|
|
Head of IT Operations and Delivery |
|
|
Head of IT Infrastructure |
|
|
IT Service Delivery Manager |
|
|
Head of IT Support |
|
|
IT Systems Administrator |
|
|
IT Systems Administrator (Microsoft) |
|
|
IT Tech Lead (Microsoft Services) |
|
|
Development Technical Lead |
|
|
IT Network Engineer |
|
|
IT Business Analyst |
|
|
ITSM Administrator |
|
|
ITSM Process Manager |
|
|
Penetration Tester |
|
|
Junior Penetration Tester |
|
|
Junior Cyber Security Analyst |
|
|
Cyber Security Analyst |
|
|
Cyber Security Engineer |
|
|
Cybersecurity Incident Response (SOC) Lead |
|
|
Head of Cyber Security Operations |
|
|
Cybersecurity Services Lead |
|
|
Head of Cyber Security Unit |
|
|
Cyber Security Governance Risk and Assurance Lead |
|
|
Linux System Administrator |
|
|
Microsoft Dynamics NAV/D365 BC System Technical Manager |
|
|
Vulnerability Management Engineer |
|
|
PHP Programmer |
|
|
Power Platform Technical Lead |
|
|
Product Manager |
|
|
Security Officer / Project Manager |
|
|
Cybersecurity Engineering Lead |
|
|
Chief Digital Technologies Officer |
|
|
Technical Cybersecurity Auditor |
|
|
Technical Product Owner |
|
|
Network Administrator |
|
|
Business Process Engineer |
|
|
Head of Enterprise Application |
|
|
Senior Cloud Engineer |
|
|
Senior Data Engineer |
|
|
Senior IT Systems Administrator |
|
|
Senior Full Stack Developer |
|
|
Chief Engineer |
|
|
Windows Cyber Security Expert |
A candidate’s reliability check shall be carried out only for the candidates who have been finally selected. Data about criminal record/clean criminal record shall be provided by the candidate himself/herself. If the candidate fails to provide data about criminal record/clean criminal record and/or provides inaccurate data, the Company shall have the right to terminate the selection process of the candidate.
5. HOW ARE YOUR PERSONAL DATA OBTAINED?
We may obtain the personal data of a candidate from:
- You, when you apply for vacant positions at Avia Solutions Group and submit your curriculum vitae (CV) and other documents;
- Recruitment agencies, entities providing personnel selection services;
- Professional social networks (e.g., LinkedIN) or job search portals (e.g., CVBankas) where you provide information about yourself. When we get information about you and/or your CV or other documents from job search portals, recruitment agencies or publicly accessible sources, such as LinkedIn and other business-related social networking sources and/or collaboration platforms, we assume that you are aware of and agree to such processing of your personal data or that you have considered the legitimate interest when you had the right to object to such processing, and that you were not surprised when we contacted you as a candidate for recruitment purposes. In such a case, we inform you about the source from which we collected your personal data when we first contact you.
- From other companies of Avia Solutions Group, if your consent has been obtained for the transfer of personal data for recruitment purposes within ASG.
- Your current/former employers in order to obtain a reference regarding your qualifications, professional skills, etc. at your current/former workplace. Please note that we will request a reference from your current employer only if we have your separate consent to do so.
6. DISCLOSURE OF DATA TO THIRD PARTIES
We may disclose your personal data to:
- service providers acting on our behalf and under our instructions (data processors) (e.g., providers of maintenance of information systems, data centres, cloud service providers, etc.);
- other ASG companies (e.g., one of the ASG companies offering a position that interests you), but only if we have obtained your consent to share your data within ASG;
- other ASG companies for the purpose of processing your application or administering the selection process (e.g., in the case of a request to work in another country, etc.);
- competent government or law enforcement authorities, but only to the extent required or permitted by legal acts.
All service providers, other third parties or ASG companies involved shall take appropriate security measures to protect your data. All the service providers (data processors) engaged by ASG may only process your personal data according to the instructions given by ASG and may not use them for their own purposes without the consent of ASG.
7. Data transfers outside the EUROPEAN ECONOMIC AREA
Your personal data may be processed both within and outside the European Economic Area (EEA). In all cases where your data are transferred outside the EEA, Avia Solutions Group will take all necessary measures to ensure that the data are transferred in accordance with the GDPR requirements.
The transfer of data to recipients located in countries outside the EEA (e.g. the UK), where an adequate level of protection is ensured, shall be treated as equivalent to the transfer of data within the EU. In all other cases (in the absence of an adequacy decision), the transfer of data will be based on the requirements of Article 46 of the GDPR, e.g. standard contractual clauses approved by the European Commission.
8. RIGHTS GUARANTEED TO YOU
In accordance with the GDPR and other legal acts, the following rights shall be guaranteed to you:
- right of access – you have the right to request us to provide copies of your personal data;
- right to rectification – you have the right to request us to rectify the personal information that you believe is inaccurate. You also have the right to request us to supplement any information that, in your view, is incomplete;
- right to erasure – in certain circumstances, you have the right to request us to erase your personal information;
- right to restrict processing – in certain circumstances, you have the right to request us to restrict the processing of your personal information;
- right to data portability – in certain circumstances, you have the right to request us to transfer the personal information you have provided to another organisation or to you;
- right to object to data processing when the processing is based on legitimate interests. You have the right to object to the processing of your personal data when the personal data are processed based on our legitimate interests, however, if we have important and legitimate reasons, we will process your data without your consent. To exercise this right, please contact us by e-mail: [email protected].
- right to withdraw your consent for the processing of your personal data at any time when the processing is based on your consent. To withdraw your consent, please contact us by e-mail: [email protected].
9. WHOM TO CONTACT CONCERNING A VIOLATION OF YOUR RIGHTS?
If you believe that Avia Solutions Group is processing your personal data in violation of statutory requirements, you have the right to submit a complaint with a supervisory authority at any time, in particular in the EU Member State of your residence or the place where the GDPR violation occurred (a list of supervisory authorities in EU Member States can be found here: https://edpb.europa.eu/about-edpb/board/members_en).
In any case it is advisable to contact us before filing a complaint with a supervisory authority so that we can resolve the situation amicably.
10. CONTACTS
If you have any questions about the Privacy Notice or wish to contact us for any reasons related to the processing of your personal data, please contact us by e-mail: [email protected].
11. AMENDMENTS TO THE PRIVACY NOTICE
Avia Solutions Group reserves the right to update this Privacy Notice after legal acts or other objective circumstances change, therefore, we recommend that you review this Privacy Notice regularly on the Careers Website.
[1] Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter – the General Data Protection Regulation).
[2] Or the corresponding criminal offenses under the criminal laws of other countries