Privacy Policy

Privacy Policy

Last updated: 22 May 2026

Effective from: 22 May 2026

This Privacy Policy explains how Virtual European Aviation Group (“vEAG”) collects, uses, stores, and protects personal data when you use our websites, services, and member platforms.

This includes:

  • the public vEAG website;
  • member services operated by vEAG;
  • authentication services using vAMSYS;
  • the vEAG Briefings operational briefing platform;
  • community submissions relating to operational information; and
  • communications relating to our services.

1. Who We Are

Virtual European Aviation Group (“vEAG”) is a virtual aviation community providing simulation-based airline operations, member services, operational resources, and related online platforms.

For the purposes of UK data protection law, vEAG acts as the data controller for personal data processed through its own services.

Privacy enquiries may be sent to:

privacy@veag.co.uk

2. Scope of This Policy

This Privacy Policy applies whenever you use:

  • https://veag.co.uk
  • https://briefings.veag.co.uk
  • any vEAG-operated WordPress services
  • member authentication features using vAMSYS
  • community submission systems
  • operational member services provided by vEAG

This policy does not govern third-party services that you access separately, including vAMSYS itself, whose own privacy policies apply to their services.

3. Personal Data We May Collect

Depending on how you use our services, we may collect:

Identity Information

  • Name
  • Email address
  • vAMSYS user ID
  • vAMSYS username / pilot identifier
  • Airline membership identifiers
  • Rank or role information

Authentication & Security Information

  • Login timestamps
  • Authentication session identifiers
  • IP addresses
  • Browser / device technical data
  • Security event logs
  • Failed authentication attempts

Community Submission Information

  • Operational submissions relating to airport parking or handling information
  • Uploaded supporting evidence
  • Screenshots
  • URLs or references submitted as evidence
  • Comments supplied during submission
  • Date observed information

Website Technical Information

  • Cookies
  • Session tokens
  • Basic analytics or server logs
  • Error diagnostics

4. How We Collect Personal Data

We collect personal data:

  • when you authenticate via vAMSYS;
  • when you access protected member services;
  • when you submit operational information;
  • when you upload supporting evidence;
  • through automated technical logging;
  • through cookies and session technologies;
  • through standard website operation.

5. Authentication via vAMSYS

vEAG uses vAMSYS authentication services to verify member identity and eligibility for access-controlled services.

When you choose to sign in using vAMSYS, we may receive personal data made available by vAMSYS, including:

  • your vAMSYS unique user ID;
  • your vAMSYS username / pilot code;
  • your airline affiliation(s);
  • rank or role information;
  • basic identity information made available via the authorised authentication scopes.

We use this information solely to authenticate users, manage access permissions, and operate member services.

vEAG does not receive or store your vAMSYS password.

6. How We Use Personal Data

We may use personal data to:

  • authenticate members;
  • verify eligibility for access-controlled services;
  • operate the vEAG Briefings platform;
  • manage operational member services;
  • review community submissions;
  • moderate uploaded content;
  • protect service security;
  • detect abuse or unauthorised access;
  • troubleshoot technical issues;
  • communicate service-related information;
  • comply with legal obligations.

7. Community Operational Submissions

Members may be permitted to submit operational information to support the realism and accuracy of vEAG services.

Such submissions are currently limited to controlled operational topics such as:

  • preferred parking stand information;
  • handling agent information.

Supporting evidence may be required.

Submitted content may be:

  • reviewed;
  • moderated;
  • edited;
  • accepted;
  • rejected;
  • removed.

Members should only submit information they are permitted to provide.

8. Cookies and Session Management

We use cookies and session technologies required for secure operation of our services.

These may include:

  • authentication cookies;
  • session identifiers;
  • security validation tokens;
  • WordPress operational cookies.

These are necessary for the functioning of protected member services.

9. Lawful Basis for Processing

Under UK GDPR, our lawful bases may include:

Legitimate Interests

For:

  • member authentication;
  • access control;
  • platform security;
  • service administration;
  • fraud prevention;
  • community moderation.

Performance of a Service

Where processing is necessary to deliver member services you request.

Legal Obligation

Where required by applicable law.

10. Sharing Personal Data

We do not sell personal data.

We may share limited personal data with service providers where necessary to operate our services.

This may include:

  • hosting providers;
  • WordPress infrastructure providers;
  • vAMSYS authentication services;
  • email providers;
  • security providers.

11. International Transfers

Some service providers may process data outside the United Kingdom.

Where this occurs, we will take reasonable steps to ensure appropriate safeguards are in place.

12. Data Retention

We retain data only for as long as reasonably necessary.

Examples:

  • authentication records for operational security purposes;
  • submission records for moderation and audit purposes;
  • technical logs for security and troubleshooting;
  • member access records where required for service operation.

Retention periods may vary depending on operational need and legal requirements.

13. Security

We take reasonable technical and organisational measures to protect personal data.

This includes:

  • access controls;
  • authentication protections;
  • server security measures;
  • restricted administrative access;
  • security monitoring.

No online system can be guaranteed to be completely secure.

14. Your Rights

Under UK GDPR, you may have rights including:

  • access to your personal data;
  • correction of inaccurate data;
  • erasure in certain circumstances;
  • restriction of processing;
  • objection to processing;
  • data portability where applicable.

Requests should be sent to:

privacy@veag.co.uk

15. Complaints

If you are unhappy with how we process your data, please contact us first so we can attempt to resolve the issue.

You also have the right to complain to the UK Information Commissioner’s Office (ICO):

https://ico.org.uk

16. Changes to This Policy

We may update this Privacy Policy from time to time.

Where changes are material, we will take reasonable steps to notify members through appropriate service channels.

Continued use of vEAG services after the effective date of an updated policy constitutes acknowledgement of the updated policy.