Privacy Policy
Last updated: 16 October 2025
At Air Transportation Systems Laboratory (“we”, “us”, or “our”), we respect your privacy and
are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and store your
information when you interact with our website https://www.atslab.org (“the Website”), and how we uphold your rights under applicable
data protection laws.
This Policy should be read together with any other privacy or fair processing notices we may provide on specific
occasions when collecting or processing your personal data, so that you are fully informed about how and why we
use it.
1. Data Controller
Air Transportation Systems Laboratory (also known as ATSLab) is the data controller responsible
for your personal
data.
If you have any questions or requests regarding this Privacy Policy or the way we handle your data, please
contact
us at:
atslab@ucl.ac.uk
2. Legal Framework
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR)
and the Data Protection Act 2018, as well as relevant university and research governance
requirements.
3. When We Collect Data
We collect information about you when:
- You complete an online form to access our research data or contact us, or
- You contact us directly by email, post, or other communication channels.
Whenever you fill in a form, we collect the details you provide to us so that we can respond to your query or
process your request appropriately.
4. What Data We Collect
We may collect the following personal information:
- Name
- Email address
- Organisation or affiliation
- Comments, messages, or enquiries you submit
5. Why We Collect and Use Data
We collect personal data directly from you, when you submit information through our forms, contact pages, or correspondence.
6. Why We Collect and Use Data
We collect and process your personal data for the following purposes:
- To respond to your enquiries and maintain records of communications;
- To provide access to our open research data and manage related requests;
- For record-keeping and security, including to prevent misuse and troubleshoot technical issues;
- For internal research and development, to improve our website, data access systems, and user experience;
- For legitimate interests, such as understanding how our users engage with our services, provided these interests do not override your rights and freedoms.
We will not use your personal data for any unrelated purpose without informing you and obtaining your consent where required.
7. Third-Party Links
Our website may contain links to external websites, plug-ins, or applications operated by third parties.
Please note that we do not control these third-party sites and are not responsible for their privacy practices. We encourage you to review the privacy policy of any website you visit via links from our site.
8. Data Sharing and Disclosure
We do not share or sell your personal information to third parties.
We may only disclose your data:
- If required by law, regulation, or court order;
- In response to lawful requests from public authorities or law enforcement agencies;
- Where necessary to protect our rights, property, or safety, or that of others.
9. Data Storage, Security, and Retention
We take appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, loss, or alteration. Access to your data is restricted to personnel who need it to perform their duties, and our systems are regularly reviewed for security compliance.
We retain personal data only for as long as necessary to fulfil the purposes outlined in this Policy or to comply with legal, accounting, or reporting obligations. Once data is no longer needed, it will be securely deleted or anonymised. Backup data is stored securely and isolated until deletion is possible.
We review our retained data at least every two years to ensure accuracy and necessity.
10. Your Rights
Under data protection law, you have the following rights regarding your personal data:
- Right to be informed – to know how your data is collected and used;
- Right of access – to request a copy of your personal data;
- Right to rectification – to correct or complete any inaccurate data
- Right to erasure (“right to be forgotten”) – to request deletion of your data
- Right to restriction of processing – to limit how your data is used
- Right to data portability – to obtain your data in a structured, commonly used format and transfer it elsewhere
- Right to object – to object to data processing where we rely on legitimate interests
- Right to withdraw consent – if processing is based on your consent, you may withdraw it at any time.
To exercise any of these rights, please contact us at
atslab@ucl.ac.uk. We may need to verify your identity before responding to your request to protect your privacy.
If you believe your data protection rights have been violated, you may also lodge a complaint with the Information Commissioner’s Office (ICO) at
https://www.ico.org.uk.
11. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Any changes will be reflected by updating the “Last updated” date at the top of this page.
Minor updates will take effect immediately upon posting. Where significant changes are made, we will notify users through our website or other appropriate means.
Your continued use of the website after updates indicates your acceptance of the revised policy.
12. Contact Us
If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact:
atslab@ucl.ac.uk