Privacy and Cookies Policy
Air Lease Corporation (the “Company”) is committed to maintaining the integrity and security of confidential information, non-public information and private information of the Company, its employees, partners, clients, suppliers and other third parties. Information through which a person can identified directly or indirectly (the “Personal Data”) may be stored on the Company’s systems – or third-party systems the Company uses for the provision of certain business services – and may be used for the Company’s business. This Privacy and Cookies Policy (the “Policy”) describes the Company’s privacy practices regarding the processing of Personal Data.
The Company values the privacy of all individuals whose information is accessible to the Company. The Company’s seeks to adhere to the following privacy principles:
To collect only information that is necessary and relevant
To maintain Personal Data in a secure manner
To use reasonable practices and technology consistent with the industry standards to safeguard security and privacy of data
To limit access to only those persons who have legitimate business need to access the Personal Data
To disseminate information only as necessary to conduct the Company’s business and pursuant to reasonable written assurances regarding confidentiality
Processing of Personal Data
The Company will not process or transfer Personal Data or disclose or permit the disclosure of Personal Data to any third party other than (1) as necessary for the provision of business services of the Company, or (2) as required to comply with privacy and other applicable laws. The Company may be required to appoint certain third parties to provide services – such as web support or cloud storage services –and these third-party service providers are in each case subject to the terms of privacy and confidentiality.
Confidentiality and Security
The Company shall keep Personal Data confidential and will instructs its employees and third-party processors to the same. Personal Data must be treated as confidential on a personal level and secured with suitable organizational and technical measures to prevent unauthorized access, illegal processing or distribution, as well as accidental loss, modification or destruction. The Company has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk in its network systems, IT support functions, and various tools for storing and disseminating Company information, including Personal Data.
Deletion or Return of Personal Data
The Company will, at the request of the subject of the Personal Data, delete or return the Personal Data to the extent reasonably possible.
Personal Data Breach
The Company will notify the subject of the Personal Data after becoming aware of any personal data breach and will provide the subject with sufficient information to meet any obligations under applicable privacy laws.
The Company will regularly train its employees, consultants and contractors on all the Company’s policies, including this Policy, and will raise and maintain awareness about the importance of security and integrity in the management and processing of Personal Data.