Data Privacy & Protection
How we handle your data at 309 Squadron.
General Information
309 Squadron uses this portal to facilitate squadron operations, communication, and resource sharing. We are committed to protecting your personal data in accordance with RAFAC policies and GDPR regulations.
This application integrates with Microsoft 365 services (Teams, SharePoint, Exchange) to provide a seamless experience. Data is processed securely within the Squadron's Microsoft 365 tenant.
App Security & Biometrics
If you use our official Mobile or Web Applications, your login tokens are stored in your device's native Secure Storage. If you enable Biometric Unlock (Face ID or Touch ID), this is processed entirely locally by your device. We do not collect, store, or have access to your biometric data.
Analytics
App Analytics & Troubleshooting: To help us improve the portal and fix technical issues, we use PostHog for analytics and session replay. We may record your interactions within the app (such as page navigation and button clicks) and link this activity to your cadet or staff profile. Passwords and sensitive form fields are strictly masked and never recorded.
Cadet Privacy Notice
What data can I see?
- Training Programme events relevant to cadets.
- Announcements targeted at cadets.
- Key documents and uniform guides.
- Your own profile information (Name, Email).
Who can see my data?
Staff members can view your attendance, contact details, and any forms you submit through official channels. Other cadets cannot see your personal information through this portal.
Staff Data Handling Policy
Staff Responsibilities
- You have access to cadet personal data for operational purposes only.
- Do not share cadet contact information outside of official channels (SMS/BADER).
- Ensure any downloaded documents containing PII are stored securely and deleted when no longer required.
System Access
As a staff member, you have elevated privileges to create events, send notifications, and manage announcements. Access and operations may be logged for auditing purposes.