Shareholder and UBO Data
Privacy Notice

The "Company" hereby means JSC "BAA Training", reg. 300618099.

The Company collects and processes certain personal data provided by you or on your behalf from third parties, (e.g., share registrars and brokers), and which relates to you as an individual shareholder of the Company or an ultimate owner (also called ultimate beneficiary, owner beneficial owner, UBO) of it or its direct shareholders. The personal data processed in this fashion could also relate to you if you are an officer or director of a corporate shareholder of the Company.

The Company processes such personal data in its capacity as a data controller for the provisions of the General Data Protection Regulation (EU) 2016/679) ("GDPR"), and determines how and why your personal data will be processed.

The purpose of this notice is to provide you with more information in relation to the processing of your personal data, and your rights in connection with that personal data.


The Company collects certain personal data of its registered individual shareholders or ultimate beneficial owners, also personal data of officers or directors of corporate shareholders of the Company, which may include the following types of data:

  • Contact information such as your name, title, home address, email address, contact details in other videoconferencing platforms (e.g. Skype, Zoom, etc.) and telephone number(s), bank account details;
  • Identity information such as identity number, date of birth, or copy of an identity document (may include your signature and image), signature;
  • Shareholder information regarding your shareholding (number of shares and any notes/information to be linked to that shareholding according to law, structure of shareholding).
  • Data from any communication between you and the Company, including data in minutes of board meetings and general meetings (including your voice and / or image captured during general meetings, organized online) and respective decisions.
  • General meetings information – in connection with general meetings the personal data is used for registration, drawing up of voting lists and, where applicable, minutes of the general meeting.


The Company collects certain personal data of its registered individual shareholders or ultimate beneficial owners, also personal data of officers or directors of corporate shareholders of the Company, which may include the following types of data:


Personal data is only processed for as long as it is necessary in order to fulfil the purpose of the processing, or as long as the Company is required to store such data by law. The data is erased when you cease to be a shareholder in the Company. However, as mentioned, certain data is stored for a longer period of time when required by law, including company, securities and tax legislation.


Your personal data may be disclosed to a third party if required by law, regulations or an official decision by a relevant authority or who work with us to help deliver our services, in order to fulfil our legal obligations or at your request, under the following circumstances:

  • other members of AVIA SOLUTIONS GROUP PLC as necessary to operate our business (for example, for internal reporting and where those companies provide services to us);
  • our service providers and agents (including their sub-contractors);
  • your advisers (such as lawyers and other professional advisers) who you have authorised to represent you, or any other person you have told us is authorised to give instructions on your behalf (such as under a power of attorney);
  • the legal authorities;
  • any third party after a restructure, sale or acquisition of any company, as long as that person uses your;
  • information for the same purposes you originally provided it for;
  • anyone we transfer or delegate our rights or obligations to, as allows under terms and conditions of any agreement you have with us (e.g. if we transfer the management of our share register to another service provider).


In some circumstances the Company may transfer your personal data to third parties or group companies in a country (including your country of residence) other than the country in which the data was collected. When we transfer your personal data to a different country, we will take steps to ensure that such data transfers comply with applicable laws. For example, if we transfer personal data from the European Economic Area (EEA) to a country outside it, we will implement an appropriate or suitable data transfer safeguards and the means or taking other measures to provide an adequate level of protection under EU law.


We guarantee the implementation of these rights and the provision of any related information at your request or in case of your query:

  • know (be informed) about the processing of your personal data;
  • to get access to your personal data which is processed by the Data Controller;
  • request correction or addition, adjustment of your inaccurate, incomplete personal data;
  • require the destruction of personal data when it is no longer necessary for the purposes for which they were collected;
  • request the destruction of personal data if it is processed illegally or when you withdraw your consent to the processing of personal data or do not give such consent, when is necessary;
  • disagree with the processing of personal data or withdraw the previously agreed consent;
  • request to provide, if technically possible, the provision of your personal data in an easily readable format according to your consent or for the purpose of performing the contract, or request the transfer of data to another data controller.

If you consider that our processing of your personal data does not comply with the Data Protection legislation, you are also entitled to lodge a complaint with the Supervisory authority (

You have legal rights under data protection laws in relation to your personal data.

We may ask you for proof of identity when making a request to exercise any of these rights. We do this to ensure we only disclose information where we know we are dealing with the right individual for ensuring the rights of data subject.

We will not ask for a fee, unless we think your request is unfounded, repetitive or excessive. Where a fee is necessary, we will inform you before proceeding with your request.

We aim to respond to all valid data subject’s requests regarding processing of it’s personal data within one month. It may however take us longer if the request is complicated or you have made several requests. To speed up our response, we may ask you to provide more detail about what you want to receive or are concerned about.

We may not always be able to do what you have asked, for example if it would impact the duty of confidentiality we owe to others, if it falls within inside dealing limitations, restrictions by law or if we are otherwise legally entitled to deal with the request in a different way.


If you have any questions about our Privacy Notice or if you would like more information on your rights, or want to exercise them, you can send an email to [email protected].

The Data Protection Officer: [email protected].

We may change this Privacy Notice from time to time.

Cookies Consent

By clicking “Allow All”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.

Cookies settings

We use cookies and other similar technologies to help provide our Services, to advertise to you and to analyse how you use our Services and whether advertisements are being viewed. We also allow third parties to use tracking technologies for similar purposes. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings.

Necessary cookies

Always on

Performance cookies

Targeting cookies