Full policy

Privacy Notice

1. Introduction

Lift Aviation LAA LTD, trading as LIFT Aviation Academy, is committed to protecting the privacy and personal data of its trainees, instructors, staff, contractors, and other users of the LIFT Learning Management System.

This Privacy Notice explains how we collect, use, store, protect, and share personal data through our Moodle Learning Management System and related training platforms.

This notice applies to all users of the LIFT LMS, including trainees, instructors, managers, administrators, and external users who are given access to training materials or records.

2. Data Controller

The data controller is:

Lift Aviation LAA LTD
Operating as: LIFT Aviation Academy
Approval: CY.ATO.012
Country: Cyprus

For privacy or data protection matters, users may contact the appointed Privacy Officer through the eLearning profile page using the “Contact the privacy officer” or “Data request” function.

Alternatively, users may contact LIFT Aviation Academy directly using the official contact details provided by the organisation.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

• Name and surname
• Email address
• Username and LMS account details
• Role within the LMS, such as trainee, instructor, manager, or administrator
• Course enrolment information
• Training progress and completion data
• Grades, quiz attempts, assessments, feedback, and instructor comments
• Attendance or participation records, where applicable
• Uploaded training documents or evidence, where applicable
• Communication records within the LMS
• Login records, access logs, IP address, device/browser information, and timestamps
• Certificate, completion, or training evidence generated through the LMS
• Any other information submitted by the user through the LMS for training or administrative purposes

4. Purposes of Processing

We process personal data for the following purposes:

• To create and manage LMS user accounts
• To provide aviation training and access to course material
• To monitor trainee progress and course completion
• To record assessments, grades, feedback, and training evidence
• To support instructor oversight and course administration
• To comply with aviation training, regulatory, audit, and record-keeping obligations
• To maintain the security and integrity of the LMS
• To respond to user support requests
• To manage data protection requests and privacy rights
• To protect the legitimate interests of the organisation, including audit, quality assurance, compliance monitoring, and dispute handling

5. Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

• Performance of a contract with the trainee or user
• Compliance with legal or regulatory obligations
• Legitimate interests of the organisation, including training management, safety, compliance, security, and audit purposes
• Consent, where consent is specifically requested for optional processing

Where processing is based on consent, the user may withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

6. Who Can Access Personal Data

Access to personal data is limited according to role and operational need.

Personal data may be accessed by:

• LMS administrators
• Accountable Manager or nominated management personnel, where required
• Head of Training and authorised training management personnel
• Instructors assigned to the relevant course
• Safety, compliance, or quality personnel, where required for audit or compliance purposes
• Authorised technical support providers, where necessary
• Competent aviation authorities or regulatory bodies, where legally or operationally required

Students should not have access to unnecessary personal data of other students. The LMS is configured to restrict visibility of participant lists, online users, personal profile fields, and other student information where appropriate.

7. Third-Party Services

The LMS may use or link to third-party services for training delivery, e-learning content, communication, video conferencing, document management, assessment, or technical support.

These may include, where applicable:

• Moodle hosting and technical support providers
• E-learning content providers
• Computer-based training providers
• Video conferencing services
• Email and notification services
• Assessment or training record systems
• Cloud storage or backup providers

Where third-party services process personal data on behalf of LIFT Aviation Academy, appropriate safeguards should be applied.

8. International Transfers

Personal data may be processed or stored outside Cyprus or the European Economic Area only where necessary and where appropriate safeguards are in place.

Such safeguards may include adequacy decisions, contractual safeguards, data processing agreements, or other lawful transfer mechanisms recognised under applicable data protection law.

9. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it was collected.

Training records, assessment evidence, completion records, audit records, and compliance-related information may be retained for the period required by aviation regulations, ATO requirements, audit obligations, contractual obligations, or legitimate organisational needs.

LMS technical logs and account data may be retained for security, support, and audit purposes for a defined period in accordance with the organisation’s data registry and retention settings.

Deletion requests will be reviewed. Some data may not be deleted immediately where LIFT Aviation Academy has a legal, regulatory, contractual, audit, or compliance obligation to retain it.

10. Data Subject Rights

Subject to applicable law, users may have the right to:

• Access their personal data
• Request correction of inaccurate data
• Request deletion of personal data
• Request restriction of processing
• Object to processing
• Request data portability, where applicable
• Withdraw consent, where processing is based on consent
• Lodge a complaint with the competent data protection authority

Requests can be submitted through the Moodle data request function, where enabled, or by contacting the Privacy Officer.

11. Security

LIFT Aviation Academy applies appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.

These measures may include role-based access control, user authentication, restricted permissions, backups, audit logs, and administrative oversight.

Users are responsible for keeping their login details confidential and must not share their LMS account with any other person.

12. User Responsibilities

Users must:

• Use the LMS only for authorised training and administrative purposes
• Keep their login credentials confidential
• Not attempt to access another user’s account or personal data
• Not download, copy, share, or disclose personal data without authorisation
• Report suspected data breaches or unauthorised access to LIFT Aviation Academy

13. Updates to This Notice

This Privacy Notice may be updated from time to time. Users may be asked to review and accept updated versions through the LMS policy acceptance process.

14. Complaints

Users have the right to lodge a complaint with the competent data protection authority if they believe their personal data has been processed unlawfully.

Users are encouraged to contact LIFT Aviation Academy first so that any concern can be reviewed and addressed.

Full policy

LMS Terms of Use and Acceptable Use Policy

1. Purpose

These Terms of Use apply to all users of the LIFT Aviation Academy Learning Management System.

The LMS is provided for aviation training, course administration, learning support, assessment, communication, and training record purposes.

By accessing the LMS, users agree to comply with this policy and all applicable LIFT Aviation Academy procedures.

2. Authorised Use

Users may access the LMS only for authorised purposes related to their role, course, training, instruction, administration, or compliance duties.

Users must not use the LMS for personal, unlawful, commercial, offensive, abusive, or unauthorised purposes.

3. User Accounts

Each user is responsible for their own account.

Users must:

• Keep usernames and passwords confidential
• Not share account access with anyone else
• Not allow another person to use their account
• Use accurate and truthful information
• Inform LIFT Aviation Academy if they believe their account has been compromised

LIFT Aviation Academy may suspend or restrict access where there is suspected misuse, security risk, breach of policy, or operational need.

4. Training Material and Intellectual Property

All training material, manuals, presentations, videos, documents, quizzes, assessments, and other learning resources provided through the LMS remain the property of LIFT Aviation Academy or the relevant content provider.

Users must not copy, reproduce, share, publish, distribute, sell, upload, or disclose LMS materials without written authorisation.

Access to course material is granted for training purposes only.

5. Confidentiality

Users may have access to confidential training, operational, administrative, or personal data.

Users must not disclose, share, export, screenshot, download, or distribute confidential information unless authorised.

This includes personal data of other users, training records, assessment results, internal documents, instructor comments, and compliance records.

6. Personal Data and Privacy

Users must respect the privacy of others.

Users must not attempt to view, collect, copy, share, or misuse the personal data of other users.

Student access to other student information may be restricted in accordance with privacy and data protection requirements.

The processing of personal data is explained in the LIFT Aviation Academy Privacy Notice.

7. Communication Standards

Users must communicate respectfully and professionally.

The following are not permitted:

• Harassment, bullying, abuse, threats, or discrimination
• Offensive, inappropriate, or unlawful content
• Spam or irrelevant messages
• Sharing misleading or false information
• Sharing personal data of others without authorisation
• LIFT Aviation Academy may remove inappropriate content and take action where necessary.

8. Assessments and Academic Integrity

Users must complete quizzes, assignments, examinations, declarations, and assessments honestly.

The following are prohibited:

• Cheating
• Impersonation
• Sharing answers or assessment content
• Unauthorised collaboration
• Tampering with records
• Submitting false or misleading information

Any suspected breach may be reviewed by LIFT Aviation Academy and may affect training progress, course completion, or certification.

9. System Security

Users must not:

• Attempt to bypass access controls
• Access courses or records without authorisation
• Upload malware or harmful files
• Interfere with LMS functionality
• Attempt to obtain another user’s password
• Use automated tools without permission
• Modify or delete data without authority

Security incidents must be reported immediately to LIFT Aviation Academy.

10. Monitoring and Logs

LIFT Aviation Academy may monitor LMS activity for training administration, security, compliance, audit, support, and quality assurance purposes.

This may include login records, access logs, course activity, quiz attempts, completion records, uploaded files, and communication records.

Monitoring will be carried out only for legitimate training, operational, security, compliance, or legal purposes.

11. Availability of the LMS

LIFT Aviation Academy aims to keep the LMS available, but access may be interrupted due to maintenance, updates, technical issues, external providers, security events, or operational reasons.

LIFT Aviation Academy is not responsible for user-side internet, device, browser, or access problems.

12. Breach of Terms

A breach of these Terms of Use may result in one or more of the following:

• Warning
• Temporary restriction of access
• Suspension of LMS account
• Removal from a course activity
• Referral to training management
• Disciplinary or contractual action
• Reporting to competent authorities, where required

13. Changes to These Terms

LIFT Aviation Academy may update these Terms of Use from time to time.

Users are be required to review and accept updated terms before continuing to use the LMS.

14. Acceptance

By using the LMS, the user confirms that they have read, understood, and agreed to comply with these Terms of Use.

Full policy

Cookie Notice and Third-Party Tools Notice

1. Purpose

This notice explains how LIFT Aviation Academy uses cookies and third-party services in connection with the LIFT Learning Management System.

The LMS may use cookies and external tools to provide secure login, course access, training delivery, communications, e-learning content, technical support, analytics, and compliance monitoring.

2. Cookies Used by the LMS

The LMS may use cookies that are necessary for the platform to function.

These may include cookies used to:

• Keep the user logged in
• Maintain the user session
• Remember basic user preferences
• Support secure access to Moodle
• Protect the LMS from unauthorised access
• Support course navigation and activity completion

Necessary cookies are required for the LMS to operate correctly. If these cookies are disabled, users may not be able to log in or use the LMS properly.

3. Optional or Third-Party Cookies

Some third-party tools linked or embedded in the LMS may use their own cookies or tracking technologies.

This may include services used for:

• Video conferencing
• E-learning content
• Training videos
• Online assessments
• Analytics
• Support tools
• External learning resources

Where optional cookies or third-party tracking are used, users may be asked to provide consent where required by applicable law.

4. Third-Party Services

LIFT Aviation Academy may use third-party services to support training delivery and LMS operation.

These may include, where applicable:

• Moodle hosting or technical support providers
• Computer-based training providers
• Aviation training content providers
• Video conferencing platforms
• Email and notification providers
• Cloud storage or backup providers
• Document management systems
• Assessment, quiz, or certificate tools
• Communication or support tools

Third-party services may process user data only where necessary for training, LMS operation, support, security, compliance, or administration.

5. Examples of Data Shared with Third Parties

Depending on the service, the following information may be processed:

• Name and surname
• Email address
• Username or user ID
• Course enrolment information
• Course progress or completion status
• Assessment or quiz data
• Access logs or timestamps
• Communication records
• Technical information such as IP address, browser, device, and session data

Only the data necessary for the relevant service should be shared.

6. Legal Basis

The use of necessary LMS cookies and third-party services may be based on:

• Performance of a contract
• Legal or regulatory obligation
• Legitimate interests of LIFT Aviation Academy
• Consent, where required for optional cookies or non-essential processing

7. External Websites and Platforms

The LMS may contain links to external websites or platforms.

When users leave the LMS and access an external platform, that platform may have its own privacy notice, cookie notice, terms of use, and data processing practices.

Users should review the privacy and cookie notices of any external platform they access.

8. Plugin Privacy Review

LIFT Aviation Academy may review Moodle plugins and third-party tools to check whether they properly declare the personal data they store or process.

Plugins or tools that do not provide sufficient privacy information may be updated, replaced, restricted, or removed where appropriate.

9. Managing Cookies

Users may manage cookies through their browser settings.

However, disabling necessary cookies may prevent the LMS from functioning correctly.

Users should not disable essential Moodle cookies if they need to access training material, assessments, or course records.

10. Changes to This Notice

This notice may be updated when new tools, services, plugins, or providers are added to the LMS.