Welcome to IAI’s Privacy and Data Protection Notice for Representatives of Business Counterparties (the “Privacy Notice”).
This Privacy Notice applies to all individuals (“You”) who represent or represented IAI’s current or prior customers, suppliers, regulatory agencies and other business counterparties (“Business Counterparties”) as well as individuals who represent third parties with whom IAI is interacting or has interacted in an effort to enter into a contractual or other commercial relationship (also “Business Counterparties”) but it also applies to other persons whose personal data is collected by IAI due to their use of IAI’s public website at www.iai.co.il (the “Public Website”). You, as a representative of a Business Counterparty or as a visitor to our Public Website, are also referred to in this Privacy Notice as a “Data Subject“.
IAI (refers herein to Israel Aerospace Industries Ltd. and its subsidiary ELTA Systems Ltd.) (hereinunder “IAI” or “Company” or “We”) respects Your privacy and is committed to protecting Your personal data. This Privacy Notice will inform You as to how we collect and look after Your personal data. You may also wish to read our cookie policy which addresses in further detail our use of cookies on our Website. You may find a link to our cookie policy at the bottom of our home page.
1. Important information and who we are
Purpose of this Privacy Notice
This Privacy Notice is provided to give You information on how IAI collects and processes Your personal data. It is important that You read this Privacy Notice together with any other Privacy Notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about You so that You are fully aware of how and why we are using Your personal data. This Privacy Notice supplements the other notices and is not intended to override them.
Controller
For purposes of this Privacy Notice IAI is the data controller of Your data and is responsible for the processing of the data. The personal data held by IAI is stored in Israel. If, however, you choose to use, or provide contact information via, the Public Website your personal data may be held on servers in the USA, the UK, the EU or Israel.
If You have any questions about this Privacy Notice or You wish to make any request or complaint regarding Your personal data held by the IAI, please contact us https://www.iai.co.il/public-requests-and-complaints.https://www.iai.co.il/public-requests-and-complaints.
Contact details
Our registered name and address is as follows:
Full name of legal entity: Israel Aerospace Industries Ltd.
Postal address:
Israel Aerospace Industries Ltd.
Ben Gurion International Airport
Lod, Israel 70100
Changes to this Privacy Notice
As international norms and laws change, we are reviewing our policies regularly and may modify this Privacy Notice from time-to-time. In addition, and without deviating from the above, the company may update and/or change its Privacy Notice from time to time, according to need and at its sole discretion. Please pay attention to these changes or updates, which will appear in this Privacy Notice, because they will apply to You.
Third-party links
Our websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about You. We do not control these third-party websites and are not responsible for their Privacy Notices. The use of these pages, applications and websites is subject to the privacy conditions that appear in them, and not to the Company’s privacy conditions. Therefore, when You leave our website, we encourage You to read the Privacy Notice of every website You visit.
2. Who are the Data Subjects?
Natural persons who are representing, working for, acting as directors of or are direct or indirect shareholders in Business Counterparties, e.g.:
a. IAI Suppliers,
b. IAI Customers, and
c. Other Business Counterparties
Visitors to our Public Website are also considered Data Subjects.
3. How is Your personal data being collected?
We use different methods to collect data from and about You including through:
- Engagements: As part of and in connection with our business interactions and contractual agreements, we collect and securely maintain specific information deemed necessary for purposes of evaluation of business opportunities including associated risks, negotiations of contracts and the fulfillment of our obligations.
- Public Website: On the Public Website You have the option to provide us with Your identity and contact details through form submissions or by reaching out to us via the contact details available on our Public Website.
- Supplier website – Upon entering the supplier portal on the Supplier Website with a unique username and password, essential information about You is collected. Moreover, any data uploaded to Your personal area within the portal is for management of our business relationship. In order to exercise and manage the engagement through the Supplier Website, You are required to provide certain Personal data, such as identity data, contact details, and, if applicable, technical data. Once this information is provided, You can log in using a unique username and password, ensuring secure access to the website’s features and functionalities.
- Nipendo: To establish an account on NIPENDO as an IAI supplier, You are required to provide the personal data outlined above including to support your navigation on the NIPENDO platform. This includes identity data, contact details, and, if applicable, technical data. Once this information is provided, You can log in using a unique username and password, ensuring secure access to the Website’s features and functionalities. As mentioned above, and without derogating from any of the other purposes referenced in this Privacy Notice, the main purpose is the management of business relationship with our suppliers.
- Automated technologies or interactions: (Cookies). As You interact with our websites, i.e., the Public Website, the Supplier Website or NIPENDO, we may automatically collect Technical Data about Your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. You can set Your browser to refuse all or some browser cookies, or to alert You when Websites set or access cookies. If You disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly. Please see our cookie policy for further details. You may find a link to our cookie policy at the bottom of our home page www.iai.co.il .
4. Purposes for which we will use Your personal data
We have set out below, in a table format, a description of all the ways we plan to use Your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process Your personal data on more than one lawful ground depending on the specific purpose for which we are using Your data. Please contact us at https://www.iai.co.il/public-requests-and-complaints if You need details about the reason for our processing of Your personal data where more than one reason has been set out in the table below.
| Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
|---|---|---|
| To evaluate potential commercial relationships including associated risks and to support, facilitate and manage the commercial relationship between You and your employer/business and IAI. This includes – communication, user registration and login as a user, uploading relevant documents, and assistance while receiving questions. |
(a) Identity Data – full name, job and personal titles, date of birth and gender and any additional information You choose to provide us. (hereinunder “Identity Data”) (e) Risk and Evaluation data – includes any data that is necessary for the Company to evaluate the potential benefits and risks (commercial, financial, legal and reputational) in connection with entering into or staying in a business relationship with the corresponding Business Counterparty. It may contain financial and other information obtained as a result of investigations, etc. (hereinunder “Risk and Evaluation Data”) |
Necessary for the performance of a contract between us, and the Business Counterparty; Necessary for our commercial legitimate interest as part of our commercial relationship. |
|
To administer and protect our business and our websites (including troubleshooting, data analysis, testing, system maintenance, authentication, support, reporting and hosting of data). |
(a) Identity Data
|
Necessary for our legitimate interests (to ensure effective functioning of the website and protection from cyber-attacks). |
| To deliver relevant content and advertisements to You and measure or understand the effectiveness of the advertising we serve to You. |
(a) Identity Data |
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy). |
| To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences. |
(a) Technical Data |
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our websites updated and relevant, to develop our business and to inform our marketing strategy). |
|
To make suggestions and recommendations to You about goods or services that may be of interest to You or to contact You for a purpose requested by You. |
(a) Identity Data |
Necessary for our legitimate interests (to develop our products/services and grow our business). |
| To processes Personal Data to facilitate communication, nurture ongoing relationships, perform regulatory checks and evaluate whether to contract with (or to continue to contract with) the corresponding Business Counterparty. | (a) Identity Data (b) Contact Data (c) Profile (d) Risk and Evaluation Data |
Necessary for the performance of a contract between us, and; Necessary for our commercial legitimate interest as part of our commercial relationship. |
It is important that the personal data we hold about You is accurate and current. Please keep us informed if Your personal data changes.
We also collect, use and share Aggregated Data such as statistical or demographic data for multiple purposes. Aggregated Data may be derived from Your personal data but is not considered personal data as this data does not directly or indirectly reveal Your identity. For example, we may aggregate Your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with Your personal data so that it can directly or indirectly identify You, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
5. Disclosures of Your personal data
We may share Your information for the following legal reasons:
a) It is necessary to comply with a legal process or inquiry (such as a court order, subpoena, or search warrant) or any other legal requirements of any governmental authority.
b) It would potentially mitigate our liability in an actual or potential lawsuit.
c) It is necessary to enforce our privacy policy or any other agreement in place between us.
d) It is necessary to investigate and prevent unauthorized transactions or other illegal activities.
e) It is otherwise necessary or appropriate to protect our rights or property or the rights or property of any person or entity.
In addition, we use a limited number of third-party service providers, who act as our own service providers, and assist us in making our websites, services and goods available and in implementing commercial relationships or evaluating commercial relationships including associated risks.
6. Data security
We have put in place appropriate security measures to protect our databases from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. Nevertheless, we are not responsible for any damages to the personal data, or to the functionality of our websites, caused by reasons beyond our control, force majeure, cyber-attacks, pandemics, strikes, etc. We would like to clarify that it is also Your responsibility to take appropriate information security measures such as using anti-virus measures, updating software, etc.
7. Data retention
How long will You use my personal data for?
We will only retain Your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, security or reporting requirements. In some circumstances we may anonymize Your personal data (so that it can no longer be associated with You) for research or statistical purposes in which case we may use this information indefinitely without further notice to You.
8. Your Rights –
a. as an EU/UK resident
As an EU/ UK resident, You may request to review, correct, update, delete personal data, restrict the processing of Your personal data, object to the processing of Your personal data, or receive an electronic copy of Your personal data for purposes of transmitting it to another company (to the extent this right to data portability is provided to You by applicable law).
A summary and further details about Your rights under EU data protection laws, is available on the EU Commission’s website at:
https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.
If You are not an EU/UK individual but believe that You are entitled to the rights mentioned above from another legal source – You may contact us and request exercise of Your rights.
Please note that we may need to verify Your identity before we process any request relating to Your personal data. We may also contact You to ask You for further information in relation to Your request to enable us to carry-out Your request.
We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if Your request is particularly complex or You have made a number of requests. In this case, we will notify You and keep You updated.
b. Your Rights as an Israeli Resident
Under Protection of Privacy Law, 5741 – 1981 as an Israeli resident, You may request in writing to review and correct your personal data. Please note that we may need to verify Your identity before we process any request relating to Your personal data. We may also contact You to ask You for further information in relation to Your request to enable us to carry out Your request. We will try to respond to all legitimate requests within lawful time.
Data subject requests can be submitted to https://www.iai.co.il/public-requests-and-complaints.
The statements, including the rights noted, in Section 7 above and in this Section 8 may be affected by or restricted in respect of certain cases due to applicable Israeli laws, regulations and policies applicable to IAI as an Israeli defense-sector company.
9. International Data Transfers
We store and process information about You on servers and databases under appropriate safeguards according to applicable data protection laws.
If any international transfers of personal data will be conducted, it shall be exercised according to applicable data protection laws.
Last updated: MARCH, 2025