Privacy policy

Ishka AirFinance Privacy Policy

Table of Contents

1. Introduction
2. Controller and Contact Details
3. Local Privacy Requirements
4. Definitions
5. Personal Data We Collect
6. How We Use Your Personal Data and Lawful Basis We Rely On
7. Sharing and Transferring Your Personal Data
8. How Long We Retain Your Personal Data
9. How We Protect Your Personal Data
10. Your Rights
11. Marketing Choices
12. Cookies
13. Children
14. Links to Other Websites
15. Contact and Complaints
16. Changes to This Privacy Policy
17. California Addendum
18. APAC Privacy Addendum

 

Ishka AirFinance Privacy Policy

Ishka AirFinance (“we”, “us”, “our”) respects your privacy and is committed to protecting your Personal Data. This Privacy Policy explains how we collect, use and share Personal Data when you use our website, subscribe to or use our products and services, attend our events, communicate with us, or otherwise interact with us.

This Privacy Policy applies to our website, and to the products, platforms, subscriptions, events and services provided by Ishka AirFinance.

Our Services are provided on a business to business (“B2B”) basis and are intended for business and professional users. However, business contact information, account information, website usage information, event information and other information relating to professional users may identify an individual and may therefore be Personal Data under applicable privacy laws.

 

Controller and contact details

Ishka AirFinance is the controller of the Personal Data described in this Privacy Policy, unless we state otherwise. If you have any questions about this Privacy Policy, how we use your Personal Data, or if you wish to exercise your privacy rights, please contact us at:

Ishka AirFinance
90, Great Suffolk Street, London, SE1 0BE. UK.
Email: Data@ishkaairfinance.com

Where applicable law requires us to appoint a Data Protection Officer because of the nature of our processing or the location of individuals whose Personal Data we process, we will do so and make the relevant contact details available as required.

 

Local privacy requirements

We provide Services to business customers and professional users internationally. Individuals whose Personal Data we process may be located in different jurisdictions and may have additional privacy rights or protections under local law.

Where applicable local law provides you with additional rights or requires us to provide additional information, we will comply with those requirements.

Where individuals whose Personal Data we process are located in jurisdictions that require additional information, rights or disclosures, this Privacy Policy should be read together with any applicable jurisdiction specific addendum, including our California Addendum and APAC Addendum.

 

Definitions

“Affiliate” means an entity linked or connected with, or controlled by, Ishka AirFinance.

“Applicable Data Protection Laws” means the applicable privacy and data protection legislation that applies to our processing of your Personal Data, including, where relevant, the UK GDPR, EU GDPR, Data Protection Act 2018, Privacy and Electronic Communications Regulations, California Privacy Laws and other US state privacy laws, and other applicable privacy laws in jurisdictions where individuals whose Personal Data we process are located.

“California Privacy Laws” means California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

“Personal Data” means any information relating to an identified or identifiable natural person. This includes similar terms used under applicable privacy laws, such as “Personal Information” and “Personally Identifiable Information”. In South Africa only, Personal Data also includes information of companies.

“Sensitive Data” means Personal Data that receives additional protection under applicable law. For Ishka AirFinance, this is most likely to include dietary, accessibility or health related information that you voluntarily provide when registering for or attending an event.

“Services” means the Ishka AirFinance website, data products, platforms, subscriptions, aviation finance intelligence services, reports, analytics, advisory services, conferences, webinars, briefings and other events or services.

 

Personal Data we collect

The Personal Data we collect depends on how you interact with us. We may collect the following information:

Contact and business details – such as your name, business email address, business telephone number, job title, employer, business address, country, sector, areas of professional interest, and your relationship with us.

Account and subscription details – where you or your organisation subscribe to or use our products, platforms, or online services, we may collect your username, login details, access permissions, subscription information, product usage, reports accessed, saved searches, downloads, alerts, preferences, support requests and related service records.

Enquiry, demo and trial information – where you contact us, request a demo, request a trial, complete an online form or ask for information about our services, we may collect your contact details, organisation details, enquiry information and any other information you choose to provide.

Job applicant information – where you apply for a role with us, we may collect your contact details, CV, employment history, education history, qualifications, skills, interview notes, right to work information, references and any other information you provide as part of the recruitment process. We use this information to assess your application, communicate with you, manage the recruitment process, carry out pre-employment checks where applicable, and comply with legal obligations.

Event information – where you register for or attend one of our conferences, webinars, briefings or other events, we may collect your name, job title, organisation, contact details, registration details, attendance information, dietary requirements, accessibility requirements, questions, feedback, photographs and recordings. Where you provide dietary or accessibility information, we will only use it to administer the relevant event and meet your requirements.

Photographs and recordings – where we take photographs, audio recordings or video recordings at our events, webinars or briefings, we will notify attendees where this is the case and, where required by law, ask for consent before using images or recordings for marketing or promotional purposes.

Marketing and communications information – this may include your marketing preferences, newsletter subscriptions, event preferences, email engagement, survey responses and records of our communications with you.

Payment and transaction information – where applicable, we may collect billing contact details, invoice details, payment status, order records, subscription records and transaction records. We do not usually store full payment card details, which are processed by third party payment providers.

Website and technical information – when you use our website or online services, we may collect technical information such as your Internet Protocol (IP) address, login information, browser type and version, time zone setting, operating system, platform, device information, third party social media plug ins and cookie identifiers. We may also collect information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website, including date and time; pages, content or information viewed or searched for; page response times; download errors; length of visits to certain pages; links clicked; session information; approximate location and other website analytics information. For more information about cookies, please see the “Cookies” section below.

 

How we collect your Personal Data

We may collect Personal Data:

  • directly from you when you contact us, complete a form, create an account, register for an event, request a demo, subscribe to our services or use our website;
  • from your employer or organisation where they arrange access to our products, services or events;
  • automatically when you use our website, platforms or emails, including through cookies and analytics tools;
  • from service providers who help us manage our website, platforms, events, marketing, CRM, payments and communications;
  • from public sources, such as company websites, public registers, professional directories and professional networking platforms;
  • from business partners, event partners, sponsors or advisers where relevant to our business relationship with you.

Where we receive Personal Data from your employer or organisation, we may process it to provide access to our products, platforms, subscriptions, events and services, to manage the relevant business relationship, to administer user accounts and access permissions, and to provide support, billing, security and service communications.

 

How we use your Personal Data and lawful basis we rely on

We may use your Personal Data for the purposes set out below.

Purpose

Personal Data used

Lawful basis

To provide our products, platforms, subscriptions and Services

Contact and business details; account and subscription details; login details; product usage information; support records; payment and transaction information.

Contract – where we need to process the information to provide the Services to you or your organisation.

Legitimate interests – where we need to manage access, support users and administer B2B services for our customers.

To create and manage user accounts

Name, business email address, employer, job title, username, login credentials, access permissions and account activity.

Contract – where the account is needed to provide access to the Services.

Legitimate interests – to control access to our platforms and protect our Services from unauthorised use.

To respond to enquiries, demo requests and trial requests

Contact details, organisation details, enquiry information, demo or trial request details and communications with you.

Legitimate interests – to respond to business enquiries and promote our B2B Services.

Steps before entering into a contract – where you request information before entering into a contract.

To manage customer, supplier and business relationships

Contact and business details; organisation details; correspondence; meeting notes; contract, order, renewal, billing and support information.

Contract – where processing is needed to manage a contract with you or your organisation.

Legitimate interests – to manage our B2B relationships and business administration.

Legal obligation – where we need to keep records for tax, accounting or regulatory purposes.

To administer events, webinars, briefings and conferences

Contact details, job title, organisation, registration details, attendance records, dietary requirements, accessibility requirements, questions, feedback, photographs and recordings.

Contract – where processing is needed to register you for and provide the event.

Legitimate interests – to organise, manage and improve our events.

Consent – where required for certain event photography, recordings, marketing uses, or dietary/accessibility information.

To process dietary, accessibility or health related information for events

Dietary requirements, accessibility requirements or health related information that you choose to provide.

Explicit consent – where the information is Sensitive Data and explicit consent is required.

Legitimate interests – where the information is not Sensitive Data and is needed to administer the event.

To send marketing communications

Name, business email address, employer, job title, country, sector, marketing preferences, newsletter subscriptions, event preferences and email engagement information.

Legitimate interests – to send relevant B2B marketing to business contacts, unless consent is required by law.

Consent – where required for electronic marketing or where you have opted in.

To manage marketing preferences

Contact details, unsubscribe records, consent records and communication preferences.

Legal obligation – to comply with electronic marketing and data protection laws.

Legitimate interests – to ensure we respect your marketing choices.

To operate, analyse and improve our website, platforms and Services

Website and technical information; cookie identifiers; analytics information; platform usage information; feedback; support records.

Legitimate interests – to understand how our website, platforms and Services are used and to improve them.

Consent – where required for non-essential cookies or similar technologies.

To keep our website, platforms and systems secure

Login details, account activity, IP address, device information, technical logs, usage data and security records.

Legitimate interests – to protect our systems, Services, users and business from misuse, fraud, unauthorised access or cyber security threats.

Legal obligation – where we are required to maintain appropriate security under data protection law.

To process payments, invoices and transactions

Billing contact details, invoice details, payment status, order records, subscription records and transaction records.

Contract – where processing is needed to manage payment for the Services.

Legal obligation – to comply with tax, accounting and financial record keeping obligations.

Legitimate interests – to manage billing and recover payments owed.

To comply with legal and regulatory obligations

Contact details, business records, transaction records, communications, contracts, compliance records and other relevant information.

Legal obligation – where we are required to comply with applicable law.

Legitimate interests – where we need to protect our legal position or respond to disputes, claims or investigations.

To protect our rights and prevent misuse

Account details, usage records, technical information, communications, contracts and relevant business records.

Legitimate interests – to enforce our terms, prevent misuse of our Services, manage disputes and protect our rights, property and business.

To support a merger, acquisition, investment, reorganisation or business transfer

Contact and business details, customer and supplier records, contract records, subscription records, billing records and relevant business records.

Legitimate interests – to evaluate, manage and complete a corporate transaction or business restructuring.

To manage recruitment and job applications

Contact details, CV, employment history, education history, qualifications, skills, interview notes, right to work information, references and recruitment communications.

Steps before entering into a contract – where we process your information to consider your application and communicate with you about a role.

Legitimate interests – to assess candidates, manage recruitment and keep recruitment records.

Legal obligation – where we need to verify right to work or comply with employment, equality or immigration laws.

 

Where we rely on legitimate interests, we have considered whether our interests are overridden by your rights and freedoms. Our legitimate interests include operating a B2B information, subscription and events business; managing customer, supplier and professional relationships; providing and improving our Services; protecting our platforms, systems and business; and sending relevant business to business communications where permitted by law.

Where we may rely on consent, you can withdraw it at any time, however, this will not affect the lawfulness of processing carried out before consent was withdrawn.

 

Sharing and transferring your Personal Data

We may share your Personal Data with:

  • Ishka AirFinance Affiliates where necessary to provide the Services, manage customer and business relationships, operate our platforms, administer events, manage reporting, comply with legal obligations, support internal administration, and protect our business;
  • service providers who help us operate our website, platforms, CRM, email marketing, analytics, customer support, hosting, IT, security, payment processing, invoicing, event registration and webinar services;
  • event venues, event platforms, caterers, speakers, sponsors and partners where necessary to run an event or webinar;
  • professional advisers, including lawyers, accountants, auditors, insurers and consultants;
  • payment providers and billing providers;
  • regulators, courts, government authorities or law enforcement bodies where required or permitted by law;
  • third parties involved in a merger, acquisition, investment, reorganisation or business transfer; and
  • other third parties where you have asked us to share your information or where we are otherwise permitted by law.

We require our service providers to protect Personal Data and only use it in accordance with our instructions and applicable law. Where required by applicable law, we will provide additional information about the categories of third parties, service providers, overseas recipients, entrusted processors or delegated processors that receive Personal Data. For individuals located in Mainland China or South Korea, this may include the recipient’s name, country or location, contact details where required, purposes of processing, categories of Personal Data, transfer method, retention period and rights process. Please see the APAC Addendum for further information.

 

International transfers

Ishka AirFinance has an international client and user base and may use Affiliates, service providers, technology providers and business partners located outside the country in which you are based. This means that your Personal Data may be transferred to, stored in, accessed from or otherwise processed in countries outside your home jurisdiction, including the United Kingdom, the European Economic Area, the United States and other countries where we or our service providers operate.

Where required by Applicable Data Protection Laws, we will ensure that appropriate safeguards are in place for international transfers. These safeguards may include adequacy decisions, standard contractual clauses, international data transfer agreements, data transfer impact assessments, contractual commitments with service providers, consent where required, or other transfer mechanisms recognised under applicable law.

Where required by local law, we will provide additional information about overseas transfers, overseas recipients or delegated processors. Additional information for individuals located in Mainland China and South Korea is set out in the APAC Addendum.

 

How long we retain your Personal Data

We will retain Personal Data for as long as necessary to fulfil the purposes for which it was collected, including to provide our Services, manage accounts and subscriptions, administer events, maintain business records, comply with legal, tax, accounting and regulatory obligations, resolve disputes, enforce agreements and protect our rights. The period for which we retain Personal Data will depend on the nature of the information, the purposes for which it is processed, the sensitivity of the information, applicable legal limitation periods, and whether we are subject to any legal, regulatory, contractual or litigation hold requirements.

Where Personal Data is no longer required, we will delete it, anonymise it or securely retain it in accordance with applicable law and our internal retention practices.

 

How we protect your Personal Data

Ishka AirFinance uses appropriate technical and organisational measures to protect Personal Data against unauthorised access, loss, misuse, alteration or disclosure. No website or system is completely secure. If you believe your information has been compromised, please contact us promptly.

 

Your rights

Depending on where you are located and the law that applies, you may have rights in relation to your Personal Data, including the right to:

  • access your Personal Data;
  • receive information about how we process your Personal Data;
  • correct inaccurate or incomplete Personal Data;
  • request deletion of your Personal Data;
  • restrict or object to our use of your Personal Data;
  • withdraw consent where we rely on consent;
  • opt out of certain marketing communications;
  • request information about overseas transfers or recipients, where applicable;
  • complain to us or to a privacy regulator; and
  • exercise any other rights available to you under applicable local law.

Please note that these rights are not absolute and may be subject to exemptions. To exercise your rights, please contact us at Data@ishkaairfinance.com. We may need to verify your identity before responding to your request. Where permitted by law, you may authorise another person to make a request on your behalf. If you are a California resident or a resident of another US state with applicable privacy rights, please see the California Addendum. If you are located in Australia, Mainland China, Hong Kong, India, Japan, the Philippines, Singapore, South Korea, Taiwan or Vietnam, please see the APAC Addendum.

 

Marketing choices

You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or by contacting us at Team@ishkaairfinance.com. If you opt out of marketing, we may still send you service related communications, such as account, subscription, security, event or transactional messages.

 

Cookies

We use cookies and similar technologies on our website and online services. Cookies help us operate our website, remember your preferences, understand how our website is used, improve our services and, where applicable, support marketing activity. Where required by law, we will ask for your consent before placing non-essential cookies on your device. You can manage your cookie preferences through our cookie banner or preference centre. Cookies are a standard feature of websites that allow us to store small amounts of data on your computer about your visit to and use of the Services. Cookies help us learn which areas of the Services are useful and which areas need improvement.

Strictly Necessary Cookies: These enable you to navigate our Websites. Without these absolutely necessary Cookies, our Websites will not perform as smoothly for you as we would like it to.

Functional Cookies: These collect information about your choices and preferences, and allow us to remember language or other local settings and customize for you accordingly.

Performance Cookies: These are analytics Cookies which collect information about your use of our Website and enable us to improve the way it works. They can show us which are the most frequently visited pages on our Websites.

Targeting and Social Media Cookies: These Cookies collect information about your activities on our Websites (or other Sites) to provide you with targeted advertising. Social media Cookies collect information about social media usage.

Google Analytics: Some of our Websites, may use Google Analytics services, as provided by Google, Inc. (“Google”), which uses Cookies and similar technologies to collect and analyse information and report on activities and trends. This service may also collect information regarding the use of other Websites, applications and online resources. You can learn about Google’s practices by going to google.com/technologies/partner sites, and you can opt out by downloading the Google Analytics opt out browser add on, available at tools.google.com/dlpage/gaoptout.

Your Choices About Our Use of Cookies and Similar Technologies: Depending on the applicable law of your jurisdiction (such as the EU/EEA, or the UK), we may ask for your Consent for placing Cookies on your device, with the exception of strictly necessary Cookies. You can change your settings for Cookies and similar technologies by visiting the preference/settings in the Cookie banner of the website you are viewing. Please refer to allaboutcookies.org for information on commonly used browsers.

Where required by applicable law, including California Privacy Laws, we treat certain cookies, pixels, analytics tools, advertising technologies, social media plug-ins or similar technologies as optional. You can manage optional cookies through our cookie banner or preference centre. Where required, we will also recognise opt-out preference signals, including Global Privacy Control, as a request to opt out of sale or sharing for the browser or device through which the signal is sent.

 

Children

Our website, products, services and events are intended for business and professional users. They are not directed at children, and we do not knowingly collect Personal Data from children.

 

Links to other websites

Our website and communications may contain links to third party websites or services. We are not responsible for the privacy practices of those third parties. You should read their privacy notices before providing Personal Data to them.

 

Contact and complaints

If you have any questions or concerns regarding our use of your Personal Data, or if you wish to exercise any of your rights described in this Privacy Policy, please contact us by emailing Data@ishkaairfinance.com. You also have the right to lodge any complaints you may have regarding our processing of your Personal Data to us or the privacy regulator for your country or region. For the UK, the privacy regulator is the Information Commissioner’s Office.

 

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will be posted on our website.

Last updated – June 2026

 

California Addendum

This California Addendum applies to California residents where the California Privacy Laws apply to our processing of Personal Information.

Ishka AirFinance provides its Services on a business to business basis. We generally process business contact, account, subscription, event, enquiry, website and technical information relating to professional users, customers, prospects, suppliers and business contacts.

 

Categories of Personal Information

Depending on how you interact with us, we may collect the following categories of Personal Information:

  • identifiers, such as name, business email address, business telephone number, business address, username, account identifier, IP address and online identifiers;
  • professional or employment related information, such as job title, employer, organisation, sector, country, areas of professional interest and business relationship with us;
  • commercial information, such as subscription information, billing records, products or services purchased or considered, reports accessed, saved searches, downloads, alerts and service records;
  • internet or electronic network activity information, such as website usage, platform usage, pages viewed, links clicked, URL clickstream, session information, cookie identifiers, browser type, device information and analytics information;
  • approximate location information, such as location inferred from an IP address;
  • audio, electronic, visual or similar information, such as photographs or recordings from events, webinars or briefings where applicable;
  • inferences, such as preferences, professional interests or marketing interests; and
  • sensitive information, such as dietary, accessibility or health related information voluntarily provided for event administration, where this is treated as sensitive information under applicable law.

 

Sources of Personal Information

We may collect Personal Information directly from you, from your employer or organisation, automatically when you use our website, platforms or emails, from service providers, from public sources, and from business partners, event partners, sponsors or advisers where relevant to our business relationship with you.

 

How we use Personal Information

We use Personal Information for the purposes described in the main Privacy Policy, including to provide and manage our products, platforms, subscriptions and Services; create and manage user accounts; respond to enquiries, demo requests and trial requests; manage business relationships; administer events; send marketing communications; manage preferences; process payments and invoices; operate, secure and improve our website, platforms and Services; comply with legal obligations; protect our rights; and support business transactions.

 

Disclosures of Personal Information

We may disclose Personal Information to the categories of recipients described in the main Privacy Policy, including our Affiliates, service providers, hosting and IT providers, CRM and customer support providers, marketing and analytics providers, payment and billing providers, event venues and platforms, professional advisers, regulators and authorities, transaction parties and other third parties where permitted by law.

 

Sale or sharing of Personal Information

Ishka AirFinance does not sell Personal Information for money.

We may use cookies, analytics tools or similar technologies on our website or online services. Depending on how those technologies are configured, this may involve disclosures of online identifiers, cookie identifiers, device information, IP addresses or internet activity information to third parties. Under California law, some of these disclosures may be considered a “sale” or “sharing” of Personal Information.

Where applicable, you may opt out of the sale or sharing of Personal Information through our cookie banner, preference centre, any “Do Not Sell or Share My Personal Information” link that we make available, by contacting us at Data@ishkaairfinance.com, or by using a recognised opt-out preference signal, such as Global Privacy Control, where required by law.

 

Sensitive Personal Information

We do not use or disclose Sensitive Personal Information for the purpose of inferring characteristics about you.

Where we collect dietary, accessibility or health related information for events, we use it only to administer the relevant event and meet your requirements, unless we notify you otherwise and obtain any consent required by law.

 

Retention

We retain Personal Information for as long as reasonably necessary for the purposes described in the Privacy Policy, including to provide the Services, manage business relationships, comply with legal obligations, resolve disputes, enforce agreements and protect our rights.

 

Your California privacy rights

Subject to applicable law, California residents may have the right to:

  • know what Personal Information we collect, use, disclose, sell or share;
  • request access to Personal Information we hold about you;
  • request correction of inaccurate Personal Information;
  • request deletion of Personal Information;
  • opt out of the sale or sharing of Personal Information;
  • limit certain uses and disclosures of Sensitive Personal Information;
  • authorise another person to make a request on your behalf; and
  • not be discriminated against for exercising privacy rights.

To exercise your California privacy rights, please contact us at Data@ishkaairfinance.com. We may need to verify your identity before responding to your request. If you use an authorised agent, we may ask for evidence that the agent is authorised to act on your behalf.

 

APAC Privacy Addendum

This APAC Privacy Addendum applies where we process Personal Data relating to individuals located in the following jurisdictions; Australia, Mainland China, Hong Kong, India, Japan, the Philippines, Singapore, South Korea, Taiwan and Vietnam.

 

B2B context

Our Services are provided on a B2B basis and are intended for business and professional users.

 

Risk based local law approach

Because our Services are provided on a B2B basis, this APAC Privacy Addendum focuses on jurisdictions where local law may require additional privacy notice, transfer, consent, data protection contact or overseas recipient information. For other APAC jurisdictions listed above, the main Privacy Policy explains our processing activities and rights process, and we will provide additional information where required by applicable local law.

 

Additional local rights

Depending on where you are located, and subject to applicable law, you may have additional rights in relation to your Personal Data. To exercise your rights, please contact us at Data@ishkaairfinance.com.

 

Singapore

Where Singapore’s Personal Data Protection Act applies, our Data Protection Officer or privacy contact can be contacted at Data@ishkaairfinance.com.

 

Mainland China

Where Mainland China’s Personal Information Protection Law applies, we process Personal Information for the purposes, using the methods, and for the retention periods described in the main Privacy Policy.

For individuals in Mainland China, the relevant categories of Personal Information may include contact and business details; account and subscription details; enquiry, demo and trial information; event information; photographs and recordings; marketing and communications information; payment and transaction information; and website and technical information.

We may transfer, store, access or otherwise process Personal Information outside Mainland China for the purposes described in the main Privacy Policy. Overseas recipients may include the categories listed in the “Overseas recipients for Mainland China and South Korea” table below.

Where required by Mainland China law, we will obtain separate consent before processing Sensitive Personal Information, transferring Personal Information overseas, or disclosing Personal Information to another Personal Information processor. Where required by Mainland China law, we will also conduct any required personal information protection impact assessment and adopt an appropriate transfer mechanism, which may include a security assessment, personal information protection certification, standard contract, exemption or another mechanism permitted by law.

Where required by Mainland China law, you may request further information about overseas recipients, including their name, contact details, processing purpose, processing method, categories of Personal Information processed, retention period and how you may exercise your rights.

 

South Korea

Where South Korea’s Personal Information Protection Act applies, we process Personal Data for the purposes, using the methods, and for the retention periods described in the main Privacy Policy.

For individuals in South Korea, the Personal Data transferred or processed overseas may include contact and business details; account and subscription details; enquiry, demo and trial information; event information; photographs and recordings; marketing and communications information; payment and transaction information; and website and technical information.

We may transfer, store, access or otherwise process Personal Data outside South Korea for the purposes described in the main Privacy Policy. Overseas transfers may take place when Personal Data is submitted through our website or platforms, when we use cloud hosted systems or service providers, when our personnel or service providers access systems from outside South Korea, or when we communicate with you by email or other electronic means.

The transfer method may include secure electronic transmission, remote access, cloud hosting, storage, support access, email communication or other secure business systems.

The destination countries may include the United Kingdom, countries in the European Economic Area, the United States, and other countries where Ishka AirFinance, its Affiliates, service providers or business partners operate.

The overseas recipients may include the categories listed in the “Overseas recipients for Mainland China and South Korea” table below.

Unless a longer retention period is required or permitted by law, overseas recipients retain Personal Data for as long as necessary for the purposes described in the main Privacy Policy and in accordance with our retention practices.

Where South Korean law requires consent for an overseas transfer, you may refuse the transfer. However, if the transfer is necessary to provide the relevant Services, manage an account, respond to an enquiry, administer an event or maintain a business relationship, we may be unable to provide the relevant Services or respond to the relevant request.

 

Outsourcing and delegated processing for South Korea

Where South Korea’s Personal Information Protection Act applies, we may outsource or delegate the processing of Personal Data to service providers that support our website, platforms, hosting, IT, security, CRM, sales, subscriptions, customer support, email, marketing, analytics, communications, payment, billing, invoicing, event registration, webinar services, professional advice, compliance and business operations.

We require outsourced processors and service providers to protect Personal Data, process it only for authorised purposes, implement appropriate security measures, and comply with applicable contractual and legal requirements.

When Personal Data relating to individuals in South Korea is no longer required, we will delete, destroy, anonymise or securely retain it in accordance with applicable law, our internal retention practices and the retention approach described above.

 

Overseas recipients for Mainland China and South Korea

The following table provides additional information about the categories of overseas recipients, entrusted processors, outsourced processors and service providers that may receive or process Personal Data relating to individuals in Mainland China or South Korea.

Recipient category

Location

Purpose

Personal Data involved

Ishka AirFinance Affiliates

United Kingdom, EEA, United States, and Singapore.

Internal administration, customer management, account management, finance, legal, compliance, reporting and business operations

Contact and business details; account and subscription details; enquiry, demo and trial information; event information; marketing and communications information; payment and transaction information; website and technical information

Website, hosting, cloud, platform and IT providers

United Kingdom, EEA, United States and other provider locations

Hosting, storage, maintenance, security, backups and operation of our website, platforms and online services

Contact details; account details; login details; product usage information; website and technical information; technical logs

CRM, sales, subscription and customer support providers

United Kingdom, EEA, United States and other provider locations

Managing enquiries, demos, trials, subscriptions, customer relationships and support requests

Contact and business details; enquiry information; account and subscription details; support records; communications

Email, marketing, analytics and communications providers

United Kingdom, EEA, United States and other provider locations

Sending communications, managing preferences, measuring engagement and analysing website or platform use

Contact and business details; marketing preferences; email engagement information; website and technical information; cookie identifiers

Payment, billing and invoicing providers

United Kingdom, EEA, United States and other provider locations

Processing payments, invoices, billing records, order records and subscription records

Billing contact details; invoice details; payment status; order records; subscription records; transaction records

Event registration, webinar and event providers

United Kingdom, EEA, United States and other provider locations

Registering attendees and managing conferences, webinars, briefings and other events

Contact details; job title; organisation; registration details; attendance information; questions; feedback; dietary or accessibility requirements where provided

Professional advisers, regulators and authorities

Relevant jurisdictions

Legal, accounting, audit, insurance, compliance, claims, regulatory requests, investigations and enforcement

Information relevant to the advice, request, claim, investigation or legal obligation

Transfers may take place by secure electronic transmission, remote access, cloud hosting, storage, support access, email communication or other secure business systems.

Unless a longer retention period is required or permitted by law, overseas recipients retain Personal Data for as long as necessary for the purposes described in the main Privacy Policy and in accordance with our retention practices.

 

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to us by writing to us at:

Ishka Airfinance
1st Floor, 90 Great Suffolk Street
London, SE1 0BE
UK

Ready to get started and transform your workflow?

No obligation or payment required.