Privacy notice – Keeping the Airport and Harbours open, safe and secure

Security Pass Applications

Process

We process personal data for permanent, temporary and visitor access pass applications.

Data collected

  • Name, address and contact details including phone number and email address, previous names if applicable
  • Gender
  • Place of birth
  • Nationality
  • Job title
  • Social security number
  • 5 year employment history
  • Education history
  • Valid ID (passport, Drivers license)
  • Photo
  • Criminal record check

We will collect certain special category types of personal data such as criminal record data and information contained within passports such as nationality.

Purpose for collecting data

Control the distribution of Access control to the Airport and Harbour estate.

How data is collected

  • Application forms
  • Passports or other identity documents
  • Information received from third parties, including through references supplied by former employers, character references

Lawful basis

Legal obligation – regulatory requirement from the Civil Aviation Authority and Maritime Security (Jersey) Order 2014

Retention

  • Airport – As needed + 6 years
  • Harbour – As needed + 1 year

CCTV Monitoring

Process

We carry out CCTV monitoring within certain parts of our estate.

Data collected

Footage of individuals, vessels and vehicles passing through our estate, including visual images, personal appearances and behaviour.

We do not share CCTV footage unless it is requested as evidence of a safety or security incident, or a criminal offence, which may be shared with third party law enforcement agencies or business partners when required for investigations or prosecutions.

We do not share CCTV footage for civil cases.

Purpose for collecting data

  • Maintaining the security of the airport and harbour environment and the safety of its users
  • Sea safety enforcement
  • Quality assurance for aviation security regulation requirement
  • The purposes and operations of the Jersey Coastguard and Air Traffic control
  • To support effective management of airport and harbour operations and incidents.
  • Investigation for complaint resolution and liability claims.
  • Monitoring traffic flows primarily for the purpose of traffic management
  • Learning & development
  • Ports of Jersey property and employee protection (e.g. property vandalism and abusive behaviour towards employees)
  • Where appropriate, to promote community safety.

How data is collected

Through CCTV technologies

Lawful basis

  • Public function
  • Air and Sea Ports (Incorporation) Jersey Law 2015

Retention

  • Archive period – 31 days
  • Recordings may be kept for longer as evidence of an incident

Telephone and audio recording

Process

Telephone calls to and from the Jersey Coastguard and St Helier VTS; Air Traffic Control are recorded. Audio recordings are also made in our operational control rooms, which will capture telephone calls and VHF radio transmission.

Data collected

Special category data may be collected and processed, including:

  • Information regarding criminal offences and allegations
  • Medical and other information regarding marine and aviation casualties

Purpose for collecting data

All such recordings are made for the purpose of enabling the investigation of safety or security incidents that occur in our harbours and airport.

We may pass these recordings to third party law enforcement agencies when required for investigations or prosecutions.

How data is collected

Through telephone and VHF radio transmission

Lawful basis

Public task

Retention

30 days

Recordings may be kept for longer as evidence of an incident.

Health and safety incidents

Process

Where an incident occurs in or around Ports of Jersey estate which does cause, or could have caused, injury to a person, we keep records of that incident in order to (a) to help us ensure that similar incidents do not happen in the future; and (b) to bring or defend legal claims.

Data collected

  • Name, contact details
  • Date of birth
  • Gender
  • Details of the incident that you were involved in and details of any injuries sustained including photographic evidence if required

We may pass this data onto a third party for which we have a public function requirement to remain open, safe and secure and the vital interest of the injured person.

Purpose for collecting data

  • Safety management – (SMS)
  • Trend analysis
  • Insurance purposes
  • Investigation evidence

How data is collected

  • Patient report form
  • Ports of Jersey camera for photographic evidence

Lawful basis

  • Legal obligations in relation to health and safety
  • Public Task for the purpose of bringing or defending legal claims

Retention

  • Reports of investigations – As needed + 25 years
  • Exposure to hazardous substances – As needed + 50 years
  • Asbestos Health records – As needed + 80 years
  • Asbestos exposure reports – Indefinite

Jersey Coastguard

Process

We process personal data as part of our public function acting in our capacity as the delegated Harbour Authority for the safety at sea for all users and the general public.

Jersey Coastguard TRACE application

Data collected

  • Name and contact details including address, email and telephone number
  • Gender, age and languages spoken
  • Vessel name, type and registration
  • Emergency contacts
  • Description
  • Vehicle photo
  • Vessel movements

We may pass this data to third party law enforcement agencies when required for investigations or prosecutions or in the vital interest of a person.

Purpose for collecting data

  • Operational and safety management
  • Search and Rescue purposes
  • Regulatory requirements
  • Registering a small personal watercraft (paddleboard etc)

How data is collected

  • TRACE (User submission)
  • C-SIS DATABASE (User submission)
  • Access to other PoJ databases (Pacsoft NG, etc)
  • May collect data from external agencies (Police, DVS, etc), which is used for SAR purposes but not stored

Lawful basis

  • Legal obligation and/or public task
  • Vital interest in regard to search and rescue
  • Consent for registering a small watercraft

Retention

  • Incident Log – As needed + 20 years
  • Water based events and visiting vessels, Jersey Heritage Tower visits – As needed
  • Small watercraft – indefinitely or when consent is withdrawn

Security access control

Process

We process some personal data when presenting an ID at an access point on our Airport and Harbour estate.

Data collected

  • First and last name
  • Card Number
  • Location

Purpose for collecting data

  • Security access control
  • Safety of the Airport and harbour estate
  • Monitoring of access across Ports of Jersey estate

We may pass this data to third party law enforcement agencies when required for investigations or prosecutions.

How data is collected

  • Scanned Security Pass

Lawful basis

Public task.

Retention

90 days

Boarding pass access control

Process

We process some personal data when passing through the boarding pass check point.

Data collected

  • First and last name
  • Flight number
  • Destination
  • Seat number

Purpose for collecting data

  • Security access control
  • used by ground handling agents to make sure all passengers booked are present in the terminal and final calls for passengers can be made

We may also use it as evidence for feedback by passengers.

We may pass this data to third party law enforcement agencies when required for investigations or prosecutions.

How data is collected

Scanned boarding pass

Lawful basis

Public task

Retention

10 days