Last updated: 12/06/2019
Welcome to SOARIZON, a cloud-based drone management and mission planning service to simplify and enhance your drone operations.
1. DEFINITIONS AND INTERPRETATION
In this Policy, the following terms shall have the following meanings:
“Data Protection Law” means the legislation and regulations applicable to data protection and data privacy which apply to your use of our Services, including but not limited to the UK Data Protection Act 2018 and the EU General Data Protection Regulation.
“Data Controller” means the entity which, alone or jointly with others, determines the purposes and means of the processing of personal data;
“Data Processor” means the entity which processes personal data on behalf of the Data Controller;
“personal information”or“personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
“Platform” means the SOARIZON web platform (available at https://platform.soarizon.io) through which we provide the substantial part of the Services;
“Privacy Notice” means this privacy notice and all other information, documents, materials, laws and regulations referenced within it.
“we/us/our” or “Thales” means Thales UK Limited, as further defined in Section 2.1 below.
“user account” means your individual user account required to access and use the Platform;
“Website” means the SOARIZON website (www.soarizon.io) through which we provide news, pricing, marketing material and other information about the Services we offer.
2. ABOUT US
2.1 SOARIZON is a Thales service, provided by Thales UK Limited, a company registered in England and Wales under company number 868273, whose registered address is 350 Longwater Avenue, Green Park, Reading, Berks RG2 6GF.
2.2 For all general enquiries please contact customer services at the details provided in Section 11. For data protection specific matters, please contact our Data Protection Officer:
3. WHAT DOES THIS PRIVACY NOTICE APPLY TO?
This Privacy Notice applies to your use of the SOARIZON Services, which includes the Platform and our Website. Please note that through the SOARIZON service you may share data with services provided by third-parties through links to services, integrated applications or websites (these are detailed in Section 8 and Section 9). Note that we do not control how your data is collected, stored or used by third-party services, applications or websites and we recommend that you review the privacy policies applicable to any such third-party services, applications or websites before providing any data to them. Data you share with us is held privately and securely, but in some cases we may share it with third-parties, either to make certain elements of the Services available to you or for safety purposes. Data that we share in this way is explained in more detail within Section 8 and Section 9. The only other circumstance in which we may share other data we hold about you is in the event we receive a legal court order or warrant properly served in accordance with applicable local laws which requires us to do so.
4. YOUR RIGHTS
4.1 Under Data Protection Law, you have rights which include:
Your right of access - You have the right to ask us for copies of your personal data.
Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete data you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at the details provided in Section 11 if you wish to make a request.
4.3 If you have any cause for complaint about our use of your personal data, please contact us using the details provided in Section 11 and we will aim to resolve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
4.4 For further information about your rights, please contact the UK Information Commissioner’s Office.
5. WHAT DATA DO WE COLLECT?
We currently collect some or all of the following personal and non-personal data, either directly or indirectly, depending on your use of the Services:
5.1 Your name which you provide when creating a user account;
5.2 The e-mail address you provide when creating a user account and/or when registering on our Website;
5.3 The geographical region / country you select when creating a user account;
5.4 Information related to a specific output you have requested the Services to provide you with (for example, data relating to your use of geographical mapping and search features within our Services, or text that we store when you use the chat feature in order to provide you with your chat history or the technical support query feature);
5.5 Information, data and content which you have input in to our Services to be stored against your user account, these include your user account display picture, your contact details, your current, future and historic mission planning data, information you provide us with about your drone fleet, post-flight notes and debriefs and your customer/client details (where applicable);
5.6 Payment information, billing address and financial data provided to our third-party payment service provider in accordance with Section 9, in order for us to provide you with a secure payment and checkout service for in-application purchases.
5.7 Analytical information and metadata concerning your use and interaction with our Services to help us improve our products and services. Such information will be anonymised wherever possible and may include, (for example):
(i) whether our Services are used in a commercial or recreational capacity;
(ii) the frequency with which our Services are used;
(iii) trends in the use of certain features within our Services;
(iv) user analytics provided by Cookies (see Section 10 for more information on the Cookies we use)
5.8 Other information or data that you may explicitly ask us to store from time to time.
6. HOW IS YOUR DATA USED?
6.1 All personal data we collect is stored securely and processed for no longer than is necessary for the purposes it was first collected. It is our responsibility to ensure that we observe and safeguard your rights under applicable Data Protection Law and, unless otherwise agreed, we will normally only hold data for the following periods:
(a) Your personal data will be retained only for as long as you hold a user account with us, but it may be longer depending on individual circumstances. You may update or delete your user account at any time by contacting our customer services team at the details provided in Section 11, or through the relevant settings within the Services (where applicable).
6.2 We will only use your personal data if we have a lawful basis to do so. Lawful bases are likely to include any one or combination of the following:
(a) because it is necessary for us to perform a contract with you;
(b) because you have consented to our use of your personal data (i.e. consenting for us to contact you by email or consenting for your personal data to be shared with a third-party service in order to provide you with a feature of the Services), or
(c) because we are otherwise obliged to do so by applicable law.
Specifically, we may use your data:
6.2.1 To provide you with and manage the data stored within your user account;
6.2.2 To contact you to provide you with important notifications concerning your use of the Services such as updates and changes (but not for marketing purposes, unless you have explicitly opted-in to receive marketing communications);
6.2.3 To provide you with access to and functionality within our Services (for example, to enable you to securely log-in to our Services, make secure payments and recall information which you have saved within our Services);
6.2.4 To personalise and customise your user experience within our Services;
6.2.5 To provide our Services to you (for example, we require your full name, country of residence and email address to enter in to a contract with you);
6.2.8 To respond to your technical or customer support requests;
6.2.9 To provide you with correspondence relating to other services which you may have opted in for, such as newsletters or information on product upgrades, marketing information, special offers and promotions. (You may unsubscribe or opt out of such correspondence at any time by clicking to ‘unsubscribe’ in any related communication or by clicking ‘unsubscribe’ in your account settings within the Services).
6.2.10 To conduct market or product research for our own purposes to improve our products and services (not for third-parties).
6.2.11 We may facilitate the sharing of your information with other users of the Services for the purposes of providing you with peer-to-peer networking and community features. Such features and the information shared with other users will be explained to you within the Services. You may choose to opt-in or opt-out at any time by contacting us at the details provided in Section 11, or through the relevant settings within the Services (where applicable).
6.3 With your permission and only where permitted by law, we may use your data for marketing purposes which could include contacting you by email with information, news and offers about the Services. We will not send you any unsolicited marketing, generic marketing or spam and will always take reasonable measures to ensure that we protect your rights and comply with Data Protection Laws.
6.4 You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete your personal data in accordance with your rights at Section 4, however, in some cases this may limit or prevent us from continuing to provide you with the Services.
7. WHERE IS YOUR DATA STORED?
7.1 With the exception of 7.2 below, we will only store your data within the UK or European Economic Area unless otherwise required by your local laws.
7.2 Our third-party payment service provider (Stripe) may transfer, process and store your payment data on systems located within the United States or other countries outside of the United Kingdom. Further details on how your payment data is processed by Stripe is provided in Section 9 below.
7.3 The security and protection of your data is extremely important to us. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Measures we implement to secure and protect your data include:
(a) use of secure data centres and databases;
(b) use of encryption;
(c) we limit access to your personal data to those employees who have a business need to know and whom are subject to obligations of confidentiality. Our employees may only process your personal data upon our instruction.
8. THIRD PARTY FEATURES THAT MAY REQUIRE YOUR INFORMATION
8.1 To provide you with certain features within our Services, we may need to share your personal information with third-parties from time to time. We will only share your personal information with third-parties with your express permission. In such cases:
8.1.2 If you have consented to third-party data sharing pursuant to 8.1.1 above, you may at any time withdraw your consent by contacting our customer services team at the details provided in Section 11, however, in some cases withdrawing your consent to third-party data sharing may mean that we can no longer continue to provide you with the Services (see Section 9).
8.1.3 Should you withdraw your consent in accordance with 8.1.2 above, we will no longer provide or update the information shared with the concerned third-party, however this will not explicitly delete information already held by the third-party up to that point. Without obligation, we will endeavour to pass on your data removal request to the concerned third-party, however insofar as your data is being held by that third-party in its capacity as a data controller, this will not explicitly delete the information held by them and it shall remain your responsibility to manage this directly with that third-party.
8.2 Further to Section 5.7, we may compile statistics about the use of our Services, this might include (without limitation) web traffic data, service usage patterns, sales and user statistics, diagnostic information, in-service user searches, however we will anonymise any of such data which could be used to identify you. Insofar as permitted by law, we may from time to time share such data with commercial investors, advertisers, technical support partners and other associated third-parties.
8.3 Further to Section 6.2(c), we may under certain circumstances be legally obligated to disclose information to appropriate authorities, for example, in the event of legal proceedings, a valid court order or the valid instruction of a governmental authority. Such information may include personal information, but in all cases we shall only disclose that part of the personal information which we are strictly obligated to disclose by law.
9. HOW WE SHARE YOUR INFORMATION WITH THIRD-PARTIES
9.1 Certain features of the Services require us to share your data with trusted third-party suppliers for processing on our behalf (such as the payment service provider provided by Stripe and secure log-on provided by Microsoft). These features are not optional and cannot be disabled, therefore if you do not consent to the sharing of your data with such third-parties, we cannot provide you with the Services and you must cease to use the Services immediately. Data processing activities conducted on our behalf by third-parties are detailed below:
9.2.1 Stripe uses the following information (where applicable) to conduct data processing on our behalf:
your bank account details (where applicable);
your payment card details;
your card expiration date;
your CVC code;
your cardholder name;
your e-mail address;
your unique customer ID;
your order ID;
the date/time/amount of your transaction;
origin of transaction;
your business VAT number (where applicable);
your billing address.
9.2.2 Stripe uses this information in its capacity as a Data Processor in order to provide the following functionality within the Services:
(a) Managing an e-commerce platform and facilitating payment transactions on behalf of users.
9.2.3 Stripe may also act as a Data Controller in respect of your data in circumstances where they determine the purposes and manner in which your personal data is processed. This applies where Stripe uses your data to:
(a) monitor, prevent and detect fraudulent payment transactions, and to prevent harm to us, you and third-parties;
(b) comply with legal or regulatory obligations applicable to the processing and retention of payment data to which they are subject, including applicable anti-money laundering screening and compliance with know-your-customer obligations;
(c) analyse, develop and improve their products and services; and
(d) provide their products and services to us and you.
In order to provide a secure log-on service for your user account, we use a third-party authentication service provided by the Microsoft Corporation (“Microsoft”). When you first register for the Services, we share your e-mail address with Microsoft in order to validate your e-mail address and authenticate your user account. This information is processed by Microsoft on our behalf in accordance with the Microsoft Privacy Statement (available at: https://privacy.microsoft.com/en-gb/privacystatement). You must consent to the processing of your e-mail address in accordance with the Microsoft Privacy Statement in order to register for a user account and use our Services. Please therefore ensure that you have read and acknowledged the Microsoft Privacy Statement in conjunction with our Privacy Notice before using our Services.
9.3.1 Microsoft uses the following information to conduct data processing on our behalf:
the e-mail address you provide at registration.
9.3.2 Specifically, Microsoft provides the following data processing activities on our behalf:
(a) Providing a secure user authentication and log-on process.
10. COOKIES POLICY
10.2 You may also receive selected third-party Cookies on your computer or device. Third-party Cookies are those placed by services other than our own with our permission. We use third-party Cookies to improve our Services based on user interaction.
10.3 Prior to any Cookies being placed on your computer or mobile device you will be shown a notice advising you that by continuing to use our Services you will consent to the placing and using of Cookies. By consenting to the placing and using of Cookies, you are enabling us to provide the most optimum user experience to you.
10.4 Certain features of our Services require Cookies to function, these Cookies are deemed to be strictly necessary by applicable law. Cookies which are strictly necessary for the provision of our Services are shown below. Whilst we do not require your consent to place these Cookies, it is still important that you are aware of them. You may still deny these Cookies through your device’s browser settings, but please note that our Services may not function as intended (or at all).
10.5 The following first party Cookies may be placed on your computer or device:
Name of Cookie(s)
No first party cookies at this time
and the following third-party Cookies may be placed on your computer or device:
Name of Cookie(s)
ai_user and ai_authUse
This cookie is set by Microsoft Application Insights to enable us to perform user analytics and provide technical support.
This cookie is set by Microsoft Application Insights, a tool we use for monitoring our Platform and Website for faults. This cookie helps us to determine if a specific user has faults, so we can provide a better support experience.
This cookie provides storage of details relating to user’s device and locale in order to provide payment services where applicable within the Platform.
This cookie is used on our Website to track users for the following analytics purposes:
• Determines which domain to measure (soarizon.io)
• Distinguishes unique users (anonymised user id)
• Remembers the number and time of previous visits (via anonymised user id)
• Remembers traffic source information (via channel type such as Social, Direct, organics Search, etc.)
• Determines the start and end of a session (via anonymised user id)
10.6 You may at any time delete Cookies on your computer or mobile device (where applicable) through your browser settings, however, doing so may result in a degradation or loss of the Services.
11. CONTACT US
For all customer service enquiries, please contact us:
Via the Service:
By clicking “contact us” at the bottom of any page, or by selecting the “life-raft” help symbol.
Tel: 01293 580 482 (UK normal office hours)
12. CHANGES TO OUR PRIVACY NOTICE