The protection of personal data collected and processed through the Victor Executive App is governed by the General Data Protection Regulation (EU) 2016/679 (GDPR), which constitutes the cornerstone legal framework of the European Union for safeguarding the rights and freedoms of natural persons with regard to the processing of personal data. The Regulation establishes the fundamental principles of lawfulness, transparency, purpose limitation, data minimization, and accountability, placing binding obligations on data controllers and processors to ensure that personal information is handled with fairness, integrity, and security.
At the national level, Greece has incorporated the GDPR into its domestic legal system through Law4624/2019, which complements and specifies the provisions of the European Regulation. This Law defines the role, powers, and responsibilities of the Hellenic Data Protection Authority (HDPA) and sets forth the procedures by which individuals may exercise their data-protection rights. It ensures that the European principles of privacy and information security are fully implemented within the Greek public and private sectors, creating a unified and consistent framework for the protection of personal data.
In addition to the GDPR and national legislation, data protection within the Victor Executive App is also subject to all relevant European and national legal instruments, including Directive 2002/58/EC on privacy and electronic communications, Greek Law 3471/2006 concerning the confidentiality and security of communications, as well as international aviation data standards established under ICAO and IATA frameworks. These provisions collectively regulate how passenger and crew data, identification protocols, and operational documentation are lawfully collected, transmitted, and stored within the aviation ecosystem.
The Victor Executive App fully complies with all of the above legal frameworks, applying the principles of necessity, proportionality, and transparency to every aspect of its data-processing operations. Its infrastructure and internal policies are designed to uphold the highest standards of confidentiality and accountability, ensuring that personal data are collected only when essential, processed lawfully and securely, and retained strictly for the duration required by regulatory or operational obligations. The App operates in full alignment with both European Union law and Greek data-protection legislation, reflecting our unwavering commitment to integrity, trust, and respect for privacy in all aviation-related activities.
The Victor Executive App is a digital service designed to handle and protect the most sensitive information within the field of general and business aviation. Its purpose is to ensure that every document, passenger manifest, crew record, and operational report is processed with full respect for privacy, confidentiality, and the principles of lawful and transparent data management. This Privacy Policy explains how personal information is collected, used, shared, and safeguarded within the Victor environment. It reflects our ongoing commitment to protect the privacy of users, operators, and associated authorities who depend on the integrity of our systems.
All information collected through the Victor App is processed in accordance with the General Data
Protection Regulation (EU 2016/679), the Data Protection Act of the United Kingdom, and international aviation data standards including ICAO Annex 9 and 17 and IATA data protection frameworks. The data controller responsible for compliance and oversight is the Victor Executive App Data Protection Office, located in Athens, Greece. All communications concerning privacy or data requests can be sent directly to support@victorexecutive.com
When you use the Victor App, we may collect personal information that allows the system to identify, authenticate, and support your participation in legitimate aviation activities. This includes your name, contact details, passport or ID information, nationality, professional role, and employment verification within authorized companies. We also collect data related to flights, aircraft registrations, schedules, permits, and other operational documents required by airport or governmental authorities. These data points are necessary to fulfill legal, regulatory, and security obligations linked to international and domestic aviation operations. Certain technical information, such as the type of device used, IP address, system logs, and connection metadata, may be automatically collected to ensure the proper functioning of the application and the protection of users from unauthorized access.
None of this information is ever used for profiling or commercial exploitation. It serves only to maintain security, ensure service reliability, and support incident investigation when necessary.
All personal data processed by Victor are handled under strict legal bases. These include the performance of contracts between Victor and the user’s organization, compliance with aviation laws and state obligations, and legitimate interests in maintaining operational safety. Where optional services rely on your consent, such as receiving notifications, uploading personal documents, or enabling biometric authentication, you have the right to withdraw that consent at any time without affecting the legality of prior processing.
The Victor App uses the information collected only for the purposes of identity verification, documentation management, communication between authorized parties, and lawful reporting to aviation or border control authorities. We do not use personal data for marketing, behavioral analysis, or unrelated activities. The information is shared only with authorized entities involved in the handling or oversight of a specific flight, and even then, solely within the limits imposed by law or the contractual framework governing the operation.
The confidentiality and security of your information are fundamental. All data are stored within secure European data centers certified to international standards, and every transfer of information between devices or systems is encrypted. Access to data is restricted to individuals with verified credentials and specific operational need. We employ layered protection mechanisms, including access controls, identity verification, and audit trails, ensuring that each action performed within the platform is traceable and accountable.
Data are retained only for as long as necessary to fulfill the purpose for which they were collected or as required by aviation and security regulations. Operational records are usually kept for three years, while user accounts and related information are preserved only for as long as the account remains active. Once the retention period expires, data are permanently deleted or anonymized using secure erasure procedures.
Users of Victor have the full set of rights provided by European data protection law.
You may request access to your data, ask for corrections of inaccurate details, request deletion where legally permissible, restrict or object to processing, and obtain a copy of your information in a structured digital format. All such requests are handled by our Data Protection Officer and responded to within the statutory timeframe of thirty days. To protect your privacy, identity verification may be required before fulfilling any request.
Victor may need to transfer data to external organizations or authorities, sometimes outside the European Economic Area, when required by international aviation cooperation or customs and immigration obligations. In all such cases, we apply strict legal safeguards including standard contractual clauses and compliance with approved adequacy decisions to ensure that your rights remain protected.
Our approach to privacy is based on the principle of “protection by design and by default.” Every process in the Victor App has been conceived with privacy as a foundational element, not an afterthought. We collect the minimum data necessary for legitimate purposes, and the architecture of the system is designed to separate sensitive elements from routine functions, minimizing exposure and risk. Where biometric data are involved, such as during document scanning or identity confirmation, these data are processed locally on your device whenever possible and deleted immediately after verification.
Victor does not knowingly collect data from minors under the age of sixteen. The application is intended solely for professional users within the aviation industry and authorized government officials. Any information inadvertently submitted by minors will be removed promptly upon detection.
From time to time, certain authorities such as airport management, customs, or border control agencies may access specific operational data through secure channels, solely for the fulfillment of their official duties. Such access is always controlled, logged, and subject to strict confidentiality agreements. Victor never provides open or unmonitored access to external entities.
When operating under the authority of a handling company, operator, or other organization, Victor acts as a data processor on behalf of that entity. The organization remains the controller of personal information, and Victor follows its lawful instructions without using data for any independent purpose. All such processing relationships are governed by data processing agreements compliant with the GDPR.
To maintain operational continuity, Victor keeps secure encrypted backups in multiple European locations. These backups are used solely for disaster recovery and are inaccessible for any other purpose. Our systems undergo continuous monitoring and independent security audits to ensure that privacy measures evolve alongside technological and regulatory developments.
If a data breach occurs that may risk your rights or freedoms, we will notify the relevant supervisory authority and affected users without undue delay, providing clear information about the nature of the incident and the measures taken to mitigate it. We also maintain a permanent register of all security incidents for accountability and future prevention.
Victor does not engage in automated decision making or profiling that produces legal or significant effects on individuals. Any automation within the system such as data validation, document crosschecking, or status updates is purely operational and serves to enhance accuracy and efficiency without interpreting personal behavior or preferences.
The website associated with the Victor App uses only minimal cookies required for functionality, such as session management and user authentication. These cookies do not collect personal data and cannot be used to track users across websites. Analytical data, where used, are anonymized and serve only to evaluate performance and system stability.
This Privacy Policy may be updated to reflect new legal requirements, operational changes, or technological advancements. Whenever substantial modifications occur, users will be informed via in-app notification, email, or official website publication at least fifteen days prior to the change taking effect. Continued use of the app after such notice constitutes acceptance of the updated policy.
If you believe that your data protection rights have been violated, you may contact our Data Protection Officer at dpo@victor.aero or file a complaint with the Hellenic Data Protection Authority located in Athens, Greece. However, we strongly encourage users to contact us directly first so that any issue can be resolved promptly and respectfully.
This Privacy Policy is governed by the laws of Greece and the European Union. Any dispute arising from its interpretation or application shall fall under the exclusive jurisdiction of the courts of Athens. Victor was built upon the belief that privacy, integrity, and reliability are the cornerstones of modern aviation. Every piece of data, every scanned document, and every exchange between operators carries a human responsibility to protect the dignity, identity, and trust of all individuals involved in a flight. The Victor Executive App exists to uphold that responsibility, turning digital transformation into a shield for confidentiality rather than a threat to it. By using Victor, you join a network that values discretion, accuracy, and security as unbreakable commitments. Our promise is simple and absolute: your data remain yours, protected by law, by technology, and by our unwavering ethical duty to guard them.
Stefanos P. kastrinakis
Founder & Head of Innovation
Victor executive application
