Meet us at Ebace 28-30 May 2024, Booth F82.

Privacy policy

Privacy Notice for Private Flights

This Privacy Notice explains how Fort Aero collects and handles your personal data during providing your Personal Flights services.


The Controller of your personal data is AS Fort Aero (registry code 11396722), located in Rotermanni street 2, 10111 Tallinn, Harju county, Republic of Estonia.

Why do we collect personal data

We use your personal data to deliver your private flight services such as flight planning, handling and customs services.

When you enquire or book a private flight or additional services with us we will require some personal data, including names of passengers, contact and payment details, passport information, preferences for catering and ground transportation.

Personal data is used for

We use your personal data to provide your private flight services and fulfil international aviation and customs regulations.

Legal basis for processing personal data

Performance of a contract. We will use your personal data to provide you private flight services. We may use your personal data to complete and administer your request with the relevant third-party suppliers.

Legitimate interests and legal requirements. We have a legitimate interest and legal obligation to collect your personal data to comply with the international aviation and customs regulations. For example, customs regulations may require us to collect your passport details and other data for custom formalities.

Where the personal data is stored

Personal data that we have collected from you is stored on our secured databases. Only authorized personnel are permitted to access your personal data. We use appropriate organizational, technical and administrative measures to protect your personal data.

We retain and store your personal data within the European Economic Area (“EEA”). However, your personal data may be transferred to and stored at a destination outside the EEA, when the flight is outside of the EEA.

Sharing personal data with third parties

When you request a private flight or purchase additional services with us, it may be necessary to share your personal data with relevant third parties to complete your request. Shared data may include contact details, passport copies of passengers travelling with you, along with any preferences or special circumstances you have provided us when making your requests.

We may use service providers for accounting and financial services. Third party service providers may collect your personal data to provide such services.

We are required to disclose your personal data to aviation and customs authorities to comply with the aviation and customs regulations.


We will not retain your personal data longer than necessary for the purposes of your transactions with us. If we have no legitimate business need to process your personal data we delete the data, if this is not possible, we securely store your personal data and isolate until deletion is possible.

We will retain your personal data related to your bookings for 7 Years from the date of the relevant transaction. This is necessary to meet our accounting obligations.

Due to the international aviation and customs regulations we have several requirements to retain your personal data for the period of 10 Years.

Your rights

You have right to access, correct, update and request deletion of your personal data. You have also a right to request the transfer of your personal data. To exercise your personal rights, please contact

The supervisory authority regarding personal rights is Estonian Data Protection Inspectorate (