Skip to main content Scroll Top

Privacy Policy

Your privacy matters to us. Find out what data we collect, why, who we share it with, and the rights you have.

Where the passion for aviation
is transformed into a career.
Onde a paixão pela aviação
é transformada numa carreira.
We are dedicated to protecting your privacy.
The website of IITA – International Institute for Technology & Aviation (iita-aviation.com) is committed to protecting the privacy of its users and to processing personal data lawfully, fairly, and transparently. This Privacy and Cookie Policy explains who we are, what personal data we collect about you, how we use it, who we share it with, your rights, and how we use cookies and similar technologies.

This policy applies to all visitors, prospective students, current students, partners, and other users of our website and services.
1. Who We Are (Data Controller)
The data controller responsible for your personal data is:

IITA – International Institute for Technology & Aviation
Av. D. João II 11, 1990-077 Lisbon, Portugal

Email: info@iita-aviation.com
Telephone: (+351) 211 453 601

For any privacy-related queries or to exercise your rights, please contact us at info@iita-aviation.com.

This policy applies to all visitors, prospective students, current students, partners, and other users of our website and services.
2. Personal Data We Collect
We collect personal data that you provide to us directly, as well as data collected automatically when you interact with our website. Information you provide to us:

- Identification data: name, surname, date of birth
- Contact details: email address, telephone number, postal address
- Academic and professional information: educational background, qualifications, CV, professional experience
- Application data: information submitted through pre-registration and enquiry forms
- Communication data: content of messages, emails, or other correspondence you send us
- Payment data, where applicable (processed by our payment service providers)

Information collected automatically:

- Technical data: IP address, browser type and version, operating system, device type
- Usage data: pages visited, time spent on pages, click patterns, referral source
- Cookie data: as detailed in Section 11 below
3. How We Use Your Personal Data (Purposes and Legal Bases)
We process your personal data only when we have a lawful basis to do so under the GDPR. The purposes and legal bases for processing are:

- To respond to your enquiries and provide requested information (Legitimate interest / Pre-contractual steps at your request)
- To process pre-registrations and applications to our programmes ( Pre-contractual steps / Performance of a contract)
- To deliver training and educational services (Performance of a contract)
- To send marketing communications about programmes and events (Consent)
- To improve our website, services, and user experience (Legitimate interest)
- To comply with legal, regulatory, and tax obligations (Legal obligation)
- To detect, prevent, and investigate fraud or misuse (Legitimate interest)
4. Sharing Your Personal Data
We do not sell your personal data. We may share your data with the following categories of recipients, under appropriate safeguards:

- Educational and industry partners, where required for the delivery of joint programmes (e.g., partner schools, APPLA, AWA), and always informed in advance of any such transfer
- Service providers, including IT, cloud hosting, email, customer relationship management, analytics, and payment processing providers, acting as processors on our behalf
- Public authorities, where required by law (e.g., Ministry of Education, ANAC, tax authorities)
- Professional advisors, such as lawyers, accountants, and auditors

All third parties are required to respect the security of your personal data and to process it in accordance with the law.
5. International Data Transfers
Some of our service providers may be located outside the European Economic Area (EEA). When personal data is transferred outside the EEA, we ensure that an adequate level of protection is in place through:

European Commission adequacy decisions, where applicable
Standard Contractual Clauses approved by the European Commission
Other safeguards permitted under Article 46 of the GDPR
6. How Long We Keep Your Personal Data
We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When personal data is no longer required, it is securely deleted or anonymised.
7. Your Rights
Under the GDPR, you have the following rights in relation to your personal data:

- Right of access — to request a copy of the personal data we hold about you
- Right to rectification — to request the correction of inaccurate or incomplete data
- Right to erasure ("right to be forgotten") — to request deletion of your data in certain circumstances
- Right to restriction of processing — to request that we limit the processing of your data
- Right to data portability — to receive your data in a structured, commonly used, machine-readable format and to transmit it to another controller
- Right to object — to object to processing based on legitimate interests, including direct marketing
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time
- Right to lodge a complaint — with the supervisory authority

You may exercise these rights by contacting us at the email address provided in Section 1. We will respond to your request within one month, in accordance with Article 12 of the GDPR.
Supervisory authority in Portugal:

Comissão Nacional de Proteção de Dados (CNPD)
Av. D. Carlos I, 134, 1.º, 1200-651 Lisboa
geral@cnpd.pt | www.cnpd.pt
8. Data Security
We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include access controls, encryption where appropriate, regular security reviews, and staff training on data protection.

In the unlikely event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the supervisory authority and, where required, affected individuals, in accordance with Articles 33 and 34 of the GDPR.
9. Children's Privacy
Some of our vocational education programmes are open to students from the age of 14. Where we collect personal data of individuals under the age of 16, we do so with the consent of a parent or legal guardian, in accordance with Article 8 of the GDPR. We process such data with particular care and only for the purposes communicated at the time of collection.
10. Links to Third-Party Websites
Our website may contain links to external websites operated by third parties (including partner organisations, social networks, and service providers). This Privacy and Cookie Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party websites you visit.
11. Cookies
What are Cookies?
Cookies are small text files stored on your device when you visit our website. These files allow the website to recognise your device and remember certain information about your preferences or previous actions.
Types of Cookies We Use

1. Strictly Necessary Cookies:
These cookies are essential for the website to function. Without them, certain features, such as access to secure areas, may not work correctly.
2. Performance Cookies:
These cookies collect information about how visitors use the website, allowing us to improve its performance. The information collected is aggregated and therefore anonymous.
3. Functionality Cookies:
These cookies allow the website to remember the choices you make (such as your username, language, or region) and provide enhanced, more personalised features.
4. Advertising/Marketing Cookies:
These cookies are used to deliver advertisements relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of an advertising campaign.
5. Third-Party Cookies:
In some cases, we use third-party cookies, which may be set by websites other than ours, to provide services such as advertising and personalised content.
Managing and Disabling Cookies
You can configure your browser to refuse cookies or to alert you when they are being sent. If you choose to disable cookies, you may not be able to use all the features of our website.
Cookies We Use
Here is a list of the specific cookies that may be stored on your device when you visit our website:

_ga (Google Analytics): Used to distinguish unique users; duration of 2 years.
_gid (Google Analytics): Used to distinguish users across sessions; duration of 24 hours.
pll_language (Polylang): Stores the user's chosen language; duration of 1 year.
12. Updates to this Policy
We may update this Privacy and Cookie Policy from time to time to reflect changes in our practices, in the cookies we use, or for other operational, legal, or regulatory reasons. The "Last updated" date at the top of this policy indicates when it was last revised. We recommend that you visit this page regularly to stay informed.

For material changes, we will notify you through our website or by other appropriate means.
13. Contact Us
If you have any questions about this Privacy and Cookie Policy, or if you wish to exercise your data protection rights, please contact us:

Email: info@iita-aviation.com
Telephone: (+351) 211 453 601
Address: Av. D. João II 11, 1990-077 Lisbon, Portugal
Last updated: June 17, 2026
Send us a message